WO2021003980A1 - Procédé et appareil de partage de liste noire, dispositif informatique et support de stockage - Google Patents

Procédé et appareil de partage de liste noire, dispositif informatique et support de stockage Download PDF

Info

Publication number
WO2021003980A1
WO2021003980A1 PCT/CN2019/122871 CN2019122871W WO2021003980A1 WO 2021003980 A1 WO2021003980 A1 WO 2021003980A1 CN 2019122871 W CN2019122871 W CN 2019122871W WO 2021003980 A1 WO2021003980 A1 WO 2021003980A1
Authority
WO
WIPO (PCT)
Prior art keywords
blacklist
query
upload
terminal
encrypted
Prior art date
Application number
PCT/CN2019/122871
Other languages
English (en)
Chinese (zh)
Inventor
赖骏
刘恩科
王梦寒
高建欣
Original Assignee
深圳壹账通智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳壹账通智能科技有限公司 filed Critical 深圳壹账通智能科技有限公司
Publication of WO2021003980A1 publication Critical patent/WO2021003980A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • G06F16/2379Updates performed during online database operations; commit processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Definitions

  • This application relates to a blacklist sharing method, device, computer equipment and storage medium.
  • the user blacklist generated in the transaction business of financial companies is very important data, which can help companies to predict and avoid risks when processing business. Some companies will also share their user blacklist with other partners in the process of cooperation.
  • the traditional blacklist sharing method in the industry usually involves both data sending and data receiving parties.
  • the sender sends the blacklist data to the receiver, and data encryption is usually used to protect the transmitted data during the transmission process; however, When it comes to the blacklist sharing between more than two companies, the traditional blacklist sharing method cannot effectively realize the safe circulation of blacklist data among multiple companies due to the complex cooperation relationship between the companies.
  • a blacklist sharing method, device, computer equipment, and storage medium are provided.
  • a blacklist sharing method including:
  • a blacklist sharing device includes:
  • the access authority verification module is configured to obtain a blacklist acquisition request sent by a query terminal, the blacklist acquisition request carries a query identifier, and the access authority of the query terminal is verified according to the query identifier;
  • a data obtaining module configured to obtain the first encrypted blacklist corresponding to the blacklist obtaining request from the blockchain storing the blacklist when the access authority of the query terminal is verified;
  • the upload enterprise authorization module is configured to identify uploader information corresponding to the first encrypted blacklist, generate an authorization verification request based on the uploader information, and send the authorization verification request to the query terminal;
  • the data decryption module is configured to receive the authorization certificate returned by the query terminal according to the authorization verification request, and decrypt the obtained first encrypted blacklist according to the authorization certificate to obtain the query blacklist;
  • the data return module is used to send the query blacklist to the query terminal.
  • a computer device includes a memory and one or more processors.
  • the memory stores computer-readable instructions.
  • the steps of the blacklist sharing method provided in any embodiment of the present application are implemented.
  • One or more non-volatile storage media storing computer-readable instructions.
  • the computer-readable instructions are executed by one or more processors, the one or more processors realize the black provided in any of the embodiments of this application. Steps of the list sharing method.
  • Fig. 1 is an application scenario diagram of a blacklist sharing method according to one or more embodiments.
  • Fig. 2 is a schematic flowchart of a blacklist sharing method according to one or more embodiments.
  • Fig. 3 is a schematic flow chart of the steps of entering the chain of the blacklist according to one or more embodiments.
  • Fig. 4 is a schematic flowchart of step S308 according to one or more embodiments.
  • Fig. 5 is a block diagram of a blacklist sharing device according to one or more embodiments.
  • Figure 6 is a block diagram of a computer device according to one or more embodiments.
  • the blacklist sharing method provided by the embodiment of the application can be applied to the application environment as shown in FIG. 1.
  • the terminal 102 and the server 104 connected to the blockchain communicate through the network.
  • the querying party needs to query the blacklist data shared by the cooperative enterprise stored on the blockchain, it sends a blacklist acquisition request to the server 104 connected to the blockchain through the terminal 102, and the server 104 verifies the access authority of the terminal 102. After the authority verification is passed If the blacklist data to be obtained by the terminal 102 is stored on the blockchain, the uploader who obtains the blacklist data authorizes the terminal 102 to obtain the authorization certificate of the blacklist data, decrypt the blacklist data, and return to the terminal 102.
  • the terminal 102 may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices.
  • the server 104 may be implemented by an independent server or a server cluster composed of multiple servers.
  • a blacklist sharing method is provided. Taking the method applied to the server 104 in FIG. 1 as an example for description, the method includes the following steps:
  • S202 Obtain a blacklist acquisition request sent by the query terminal, where the blacklist acquisition request carries a query identifier, and verify the access authority of the query terminal according to the query identifier.
  • the query terminal refers to the terminal that can provide the function of obtaining the blacklist data on the blockchain, and is suitable for the terminal of the enterprise, that is, the terminal of the query party of the blacklist stored in the blockchain, which can be, but is not limited to, various personal computers, Laptops, smartphones, tablets and portable wearable devices.
  • the blacklist obtaining request is a request for obtaining the blacklist initiated by the query terminal to the server or the blockchain terminal connected to the blockchain.
  • the server or blockchain end can provide an application for access to the query terminal. After the query terminal installs this application, the query interface provided by this application receives the information input by the user to generate a blacklist acquisition request.
  • the application can It is a browser or application App or small program or lightweight application.
  • the query terminal can obtain the user name and password entered by the user on the login interface, and upload the entered user name and password to the server or blockchain for verification. After the verification is passed, the query terminal switches from the login interface to the query interface.
  • the user name and password are those authenticated by the blockchain or server after the user signs an agreement with the blockchain during registration.
  • the query terminal obtains the relevant information to be queried entered by the user on the query interface. If you need to query whether a company or organization is in the blacklist of its cooperative company, provide the full name and registration number of the company as relevant information; if you need to query a certain Whether the individual is in the blacklist of the partner company, provide the person's name, ID number, mobile phone number, etc. as relevant information, and instruct the query terminal to generate a blacklist acquisition request from the relevant information entered on the interface.
  • the query identifier is used to identify whether the query terminal has the authority to obtain the blacklist stored on the blockchain. After the user corresponding to the query terminal signs a cooperation agreement with the blockchain provider, the blockchain provider can assign the query identifier
  • the querying party needs to query whether the blockchain contains a certain company, organization or individual in the blockchain cooperative enterprise with a record of breach of contract, and can send a blacklist acquisition request to the server, and the blacklist acquisition request contains the identification query Whether the terminal has a query identifier for the authority to access data on the blockchain, the server verifies the access authority of the query terminal according to the query identifier.
  • the first encrypted blacklist is the encrypted data of the blacklist to be obtained by the querying party this time.
  • the blockchain storing the blacklist is a way of combining data blocks in sequence in a chronological order or other set logical order.
  • the data encryption method on the chain can be to encrypt the data of each block on the chain to obtain the hash value, and the hash value of each block is managed by the Merkel tree (a binary tree conduction management method), and the blockchain data
  • the encryption method is not limited to the above hash value, and commonly used encryption algorithms can also be used.
  • the server verifies the access authority of the query terminal successfully, the query terminal is allowed to query the blacklist shared by other companies on the blockchain, and the server can query the corresponding blacklist data on the blockchain according to the blacklist acquisition request; if If the access authority verification fails, the query terminal is not allowed to access the blockchain. In addition, when the access authority verification fails, the server may return an error message to the query terminal to inform the query terminal of the reason for the failure of this access, so that the query terminal obtains the access authority and then obtains the corresponding data from the blockchain.
  • S206 Identify the uploader information corresponding to the first encrypted blacklist, generate an authorization verification request based on the uploader information, and send the authorization verification request to the query terminal.
  • the authorization verification request is used for the blacklist uploader requesting the querying party to provide the first encrypted blacklist to allow the querying terminal to obtain its shared blacklist, and may be in the form of information identified by the querying terminal interface or email.
  • the server After the server finds the first encrypted blacklist corresponding to the blacklist acquisition request on the blockchain, it also needs to verify whether the uploader of the blacklist authorizes the querying party, the server generates an authorization verification request and sends it to the query terminal , So that the query terminal provides authorization proof.
  • S208 Receive the authorization certificate returned by the query terminal according to the authorization verification request, and decrypt the obtained first encryption blacklist according to the authorization certificate to obtain the query blacklist.
  • the query terminal after receiving the authorization verification request, the query terminal returns the authorization credential of the blacklist uploader of the first encrypted blacklist to the server, and the server verifies the authorization credential, that is, allows the query terminal to obtain the information corresponding to the first encrypted blacklist.
  • the server decrypts the first encrypted blacklist using a decryption algorithm that is opposite to the encryption algorithm to obtain the query blacklist.
  • S210 Send the query blacklist to the query terminal.
  • the server sends the query blacklist to the query terminal to complete the operation of the query terminal to obtain the blacklist from the blockchain this time.
  • the risk of the corresponding enterprise or individual can be determined according to the breach records of the related users in the blacklist data. That is, the query terminal can perform a one-step analysis on the blacklist according to its own business, and set the user's risk level based on the user's default information reflected on the blacklist data (such as the repayment overdue time and overdue amount of the customer on the blacklist) , To determine the risk of users on this blacklist data. It can also be combined with the credibility of the blacklist uploader to judge the credibility of its blacklist data (if the blacklist uploader is a bank, the credibility of the blacklist data uploaded by it is considered to be high, if it is an individual financial Institutions, the credibility is lower).
  • the above blacklist sharing method is to establish a blockchain that stores the blacklists of multiple cooperative enterprises.
  • a cooperative enterprise wants to download the blacklist uploaded by other enterprises from the blockchain, it will be sent to the blockchain through the query terminal Blacklist acquisition request.
  • the cooperative enterprise that has filed the blacklist acquisition request can be the query party.
  • the server first verifies whether the query terminal has the permission to access the blockchain. If so, it queries whether the query party has the first to be obtained in the blockchain. Encrypt the blacklist, and check whether the querying party is authorized by the uploader of this blacklist. When authorized, the server obtains the first encrypted blacklist from the blockchain and decrypts it to obtain the query blacklist.
  • the blacklist will be queried Send to the query terminal to complete this blacklist acquisition operation; the above method manages the blacklists provided by multiple cooperative enterprises through the blockchain to avoid tampering with the blacklist before being acquired by other cooperative enterprises, and only allow cooperative enterprises to
  • the blacklist uploaded by the uploader can be obtained only when the authorization of the blacklist uploader is obtained, which can effectively realize the safe circulation of the blacklist among multiple enterprises.
  • the above-mentioned blacklist sharing method may further include the step of entering the blacklist into the chain, which specifically includes:
  • S302 Receive a blacklist upload request sent by the upload terminal, where the blacklist upload request carries an upload identifier.
  • the upload terminal is the terminal of a cooperative enterprise that needs to upload data to the blockchain, that is, the terminal of the uploader of the blacklist stored in the blockchain, which can be, but not limited to, various personal computers, laptops, smart phones, tablets, and portable computers. Wearable device.
  • a blacklist upload request is a request from the uploading terminal to the server or the blockchain connected to the blockchain to store the local shared blacklist on the blockchain. It can be raised by the user on the interface provided by the technical staff developed by the blockchain Request message.
  • the upload identifier is used to identify whether the upload terminal has the right to upload data to the blockchain. After the last time the partner company corresponding to the terminal signs a cooperation agreement with the blockchain provider, the blockchain provider can assign the upload identifier for This company uploads data to the blockchain; the upload identifier can be a string that occupies a fixed byte in the blacklist acquisition request, or it can be in other identifiable forms.
  • the blacklist upload request includes an upload identifier for identifying whether the uploading terminal has the authority to upload data to the blockchain.
  • the server verifies the upload authority of the upload terminal to upload data to the blockchain according to the upload identifier.
  • S306 Receive a shared blacklist sent by the upload terminal when the upload permission of the upload terminal is verified.
  • the shared blacklist is the blacklist data that the uploader wants to store in the blockchain last time and is shared by partners authorized by the uploader. It can include relevant information, transaction records, etc. of blacklisted companies and blacklisted individuals.
  • the upload terminal obtains its shared blacklist to be saved on the blockchain.
  • S308 Encrypt the shared blacklist to obtain a second encrypted blacklist, and save the second encrypted blacklist on the blockchain.
  • the second encryption blacklist is the data encrypted by the shared blacklist, and its encryption method is consistent with that of the first encryption blacklist, and both are in the format of the data stored on the blockchain.
  • the server encrypts the shared blacklist to generate the second encrypted blacklist and saves it on the blockchain before the shared blacklist is uploaded to the chain, and completes this data entry operation.
  • the blacklist data shared in the blockchain is sent by the uploader to the server through the upload terminal, and the server needs to verify the upload authority of the upload terminal before the data enters the chain.
  • the second encrypted blacklist is obtained after the shared blacklist is encrypted in step S308 in the above embodiment, and the second encrypted blacklist is stored on the blockchain, which may specifically include :,
  • S402 Identify the first user information in the shared blacklist and the breach data corresponding to the first user information.
  • the first user information is the information of the defaulting user included in the shared blacklist, where the defaulting user may be a defaulting enterprise or individual; for example, the first user information may include user account information, user identity information, user communication information, etc., user identity information It may include identity number, name, driving license information, etc., and user communication information may include mobile phone number, instant messaging number, e-mail address, etc.
  • the default data corresponding to the first user information is the default history record of the defaulting company or individual during the uploading party’s transaction process, which can be the overdue repayment record of the defaulting company or individual when purchasing credit products, or the company’s non-performing loans Records, etc., this breach information can be collected according to the uploader’s business type.
  • the shared blacklist uploaded by the uploader includes two parts: the first user information and the breach data corresponding to the first user information.
  • the extraction method may include: identifying keywords related to the first user information or default data in the shared blacklist, and then sharing the blacklist
  • the information is divided into the first user information and the default data corresponding to the first user information.
  • the shared blacklist is a spreadsheet (such as Excel)
  • the table contains the name and registration number of the defaulting company, and each defaulting company
  • the time and amount of the overdue corporate accounts are the keywords of the default data.
  • the server recognizes When these keywords are listed, the information of the shared blacklist is divided into the first user information and the breach data corresponding to the first user information.
  • the uploader can create a separate table according to the storage format of the blockchain, so that the server can identify the above two parts.
  • S404 Generate a first user mark according to the first user information.
  • the first user ID is used to query and store the default data of the first user on the blockchain. It can be a string of characters used to distinguish different users, such as the registration number of the breaching company or the name and ID of an individual. Encrypted string generated by encrypting information such as number and telephone
  • the user identification method is used to manage the user's default information stored on the blockchain.
  • the server needs to generate a unique and server-recognizable user ID from the user information to be saved before saving the data on the blockchain.
  • the shared blacklist uploaded this time includes the breach record of the first user, and then based on the first user information Generate the first user logo.
  • S406 Encrypt the breached data to generate a second encrypted blacklist, and save the second encrypted blacklist in the first block of the blockchain, where the position of the first block in the blockchain is represented by the first label .
  • the first block is a block on the blockchain used to save the shared blacklist uploaded by the uploader.
  • the technical staff of the blockchain can set data upload rules to manage the uploaded data.
  • the shared blacklist uploaded by the uploader can be stored in new blocks in sequence in chronological order, or managed according to the uploader's information.
  • the technician creates a label for each block on the blockchain, and the label of the first block can be expressed as the first label.
  • the server then encrypts the breach data corresponding to the first user information in the shared blacklist to be uploaded, and saves it in the first block obtained according to the set data upload rules, and the storage method is the general area.
  • the block chain stores data, such as generating the hash value of this block based on the hash value of the previous block and the data stored in this block.
  • S408 Obtain the established query list, and save the first user identifier and the first label in the established query list correspondingly.
  • the query list is a management list established for the convenience of querying data on the blockchain. It should contain the mapping relationship between the user ID corresponding to the user information and the label of the block corresponding to the data storage block. Specifically, when new data is entered on the blockchain, the server will mark the first user corresponding to the first user information in the newly entered chain data and the first user identification corresponding to the block storing the default data corresponding to the first user information. A label is correspondingly saved to the established query list.
  • the storage process of the blockchain when acquiring new in-chain data is described, and the query speed is improved by user identification and management of the default user information stored in the chain, and the security of the data is ensured.
  • the blacklist acquisition request carries the second user identifier
  • the first encrypted blacklist corresponding to the blacklist acquisition request is acquired from the blockchain storing the blacklist, including: acquiring the query list, Query the second label corresponding to the second user label in the list; locate the block corresponding to the second label from the blockchain, and obtain the first encrypted blacklist corresponding to the second user label stored on the block corresponding to the second label.
  • the second user ID is the user ID of the user information that the inquiring party needs to inquire this time. Its format is the same as the first user ID. It can be a string of character strings used to distinguish different users, such as the registration number of a breaching company or an individual. Encrypted string generated by encrypting information such as name, ID number, and telephone.
  • the second label is the label of the block stored on the blockchain in which the default data corresponding to the second user label is queried by the server, and its format is the same as the first label.
  • the process for the server to obtain corresponding data from the blockchain according to the blacklist obtaining request of the querying party may be to find the second-labeled block storing the data from the query list according to the second user identifier in the blacklist obtaining request. , And then locate this block in the blockchain, obtain data from this block, and perform the subsequent decryption process.
  • the query blacklist after sending the query blacklist to the query terminal in step S210, it may further include: receiving and recording the report information returned by the query terminal according to the query blacklist; and detecting the query blacklist according to the report information ; When a blacklist query error is detected, the upload authority of the uploader ID corresponding to the blacklist query is restricted.
  • the report information is the information that is sent to the server to request the server to detect the security of the blacklist uploader after the query terminal obtains the blacklist on the blockchain and finds that the blacklist contains untrue information or dangerous information such as Trojan horses. ; It can be software interaction data generated based on the information input by the user of the query terminal on the interface. After the server receives the report information feedback from the query terminal, it needs to detect the query blacklist corresponding to the report information.
  • the upload of this blacklist uploader can be restricted Permission, that is, when it is detected that the uploader ID corresponding to the query blacklist accesses the blockchain, its access is not allowed, and an access error message is generated and sent to the terminal corresponding to the uploader ID, so that the user corresponding to the uploader ID can provide proof to resolve This access restriction situation.
  • the method for the server to detect the blacklist query based on the report information may be that the server records the report information fed back by all query terminals, and when the cumulative number of query terminals exceeds the preset number of query terminals, it reflects the existence of the blacklist uploaded by the same uploader. For real information or dangerous information, restrict the uploader's permission to access the blockchain.
  • the cooperating members monitor the accuracy of the data uploaded on the blockchain.
  • step S210 after sending the query blacklist to the query terminal in step S210, it may further include: receiving a blacklist update request sent by the query terminal according to the blacklist data, where the blacklist update request contains update data; The data is saved in the blockchain.
  • the blacklist update request is that after the query terminal receives the blacklist data, the company that queries the terminal finds that the blacklist data obtained is inaccurate or the company or individual in the blacklist data has a new breach of contract in the company.
  • These updated data can be uploaded to the blockchain through the blacklist update request, which can be in the form of software interaction data generated based on the information input by the user of the query terminal on the interface.
  • the query terminal downloads the blacklist data from the blockchain, it can file a blacklist update request based on the blacklist data.
  • the updated blacklist can be edited and uploaded according to the format of the downloaded blacklist data.
  • the chain receives the updated data, it saves the updated data according to the processing flow of receiving the new blacklist upload request in the above embodiment.
  • the uploader is the query terminal, and the original storage is not stored in the blockchain.
  • the blacklist on the server can be tampered with, and the server can establish a connection between the blacklist data before and after the update according to the blacklist update request to facilitate subsequent queries.
  • querying the blacklist records of the same company or individual on the blockchain may find multiple blacklist data, that is, the default information of this company or individual in different uploading companies, and the querying party can obtain it according to its own business needs.
  • the uploader corresponds to the uploader’s authorization, obtain appropriate blacklist data from the blockchain.
  • the querying party is allowed to initiate a blacklist update request based on the acquired blacklist data to update the blacklist stored in the blockchain, but this update step will not tamper with the stored blacklist data.
  • a blacklist sharing device including: an access authority verification module 100, a data acquisition module 200, an upload enterprise authorization module 300, a data decryption module 400, and a data return module 500 ,among them:
  • the access authority verification module 100 is configured to obtain a blacklist acquisition request sent by a query terminal, the blacklist acquisition request carries a query identifier, and the access authority of the query terminal is verified according to the query identifier.
  • the data obtaining module 200 is configured to obtain the first encrypted blacklist corresponding to the blacklist obtaining request from the blockchain storing the blacklist when the access permission of the query terminal is verified.
  • the upload enterprise authorization module 300 is used to identify the uploader information corresponding to the first encrypted blacklist, generate an authorization verification request based on the uploader information, and send the authorization verification request to the query terminal.
  • the data decryption module 400 is configured to receive the authorization certificate returned by the query terminal according to the authorization verification request, and decrypt the obtained first encrypted blacklist according to the authorization certificate to obtain the query blacklist.
  • the data return module 500 is used to send the query blacklist to the query terminal.
  • the aforementioned blacklist sharing device may further include:
  • the upload request receiving module is used to receive the blacklist upload request sent by the upload terminal, and the blacklist upload request carries the upload identifier.
  • the upload authority verification module is used to verify the upload authority of the upload terminal according to the upload identifier.
  • the data receiving module is used for receiving the shared blacklist sent by the uploading terminal when the uploading permission of the uploading terminal is verified.
  • the data storage module is used to encrypt the shared blacklist to obtain the second encrypted blacklist, and save the second encrypted blacklist on the blockchain.
  • the data storage module in the blacklist sharing device may include:
  • the data segmentation unit is used to identify the first user information in the shared blacklist and the breach data corresponding to the first user information.
  • the user identification generating unit is configured to generate a first user identification according to the first user information.
  • the block storage unit is used to encrypt the default data to generate a second encrypted blacklist, and save the second encrypted blacklist in the first block of the blockchain, where the position of the first block in the blockchain Denoted as the first label.
  • the list update unit is used for obtaining the established query list, and correspondingly save the first user ID and the first label in the established query list.
  • the data acquisition module 200 of the aforementioned blacklist sharing device may include:
  • the data locating unit on the chain is used to obtain the query list, and query the second label corresponding to the second user mark from the query list.
  • the data query unit is used to locate the block corresponding to the second label from the blockchain, and obtain the first encrypted blacklist corresponding to the second user label stored on the block corresponding to the second label.
  • the aforementioned blacklist sharing device may further include:
  • the report information receiving module is used to receive and record the report information returned by the query terminal according to the query blacklist.
  • the detection module is used to detect the blacklist query based on the reported information.
  • the permission restriction module is used to limit the upload permission of the uploader ID corresponding to the query blacklist when a blacklist query error is detected.
  • the aforementioned blacklist sharing device may further include:
  • the update data receiving module is used to receive the blacklist update request sent by the query terminal according to the blacklist data, and the blacklist update request contains the update data.
  • the update data saving module is used to save the update data to the blockchain.
  • Each module in the above-mentioned blacklist sharing device can be implemented in whole or in part by software, hardware, and a combination thereof.
  • the foregoing modules may be embedded in the form of hardware or independent of the processor in the computer device, or may be stored in the memory of the computer device in the form of software, so that the processor can call and execute the operations corresponding to the foregoing modules.
  • a computer device is provided.
  • the computer device may be a server, and its internal structure diagram may be as shown in FIG. 6.
  • the computer equipment includes a processor, a memory, a network interface and a database connected through a system bus. Among them, the processor of the computer device is used to provide calculation and control capabilities.
  • the memory of the computer device includes a non-volatile storage medium and an internal memory.
  • the non-volatile storage medium stores an operating system, computer readable instructions, and a database.
  • the internal memory provides an environment for the operation of the operating system and computer-readable instructions in the non-volatile storage medium.
  • the database of the computer equipment is used to store blacklist shared data.
  • the network interface of the computer device is used to communicate with an external terminal through a network connection.
  • the computer-readable instructions are executed by the processor to realize a blacklist sharing method.
  • FIG. 6 is only a block diagram of part of the structure related to the solution of the present application, and does not constitute a limitation on the computer device to which the solution of the present application is applied.
  • the specific computer device may Including more or fewer parts than shown in the figure, or combining some parts, or having a different arrangement of parts.
  • a computer device includes a memory and one or more processors.
  • the memory stores computer-readable instructions.
  • the one or more processors execute the following steps: Blacklist acquisition request, the blacklist acquisition request carries the query identifier, and the access authority of the query terminal is verified according to the query identifier; when the access authority of the query terminal is verified, the corresponding blacklist acquisition request is obtained from the blockchain storing the blacklist Identify the uploader information corresponding to the first encrypted blacklist, generate an authorization verification request based on the uploader information, and send the authorization verification request to the query terminal; receive the authorization certificate returned by the query terminal according to the authorization verification request, And decrypt the obtained first encryption blacklist according to the authorization certificate to obtain the query blacklist; send the query blacklist to the query terminal.
  • the processor further implements the following steps when executing the computer-readable instructions: receiving a blacklist upload request sent by the upload terminal, where the blacklist upload request carries an upload identifier; verifying the upload authority of the upload terminal according to the upload identifier; When the upload permission of the upload terminal is verified, the shared blacklist sent by the upload terminal is received; the shared blacklist is encrypted to obtain the second encrypted blacklist, and the second encrypted blacklist is stored on the blockchain.
  • the shared blacklist is encrypted to obtain the second encrypted blacklist
  • the second encrypted blacklist is stored on the blockchain, including: identifying the shared blacklist The first user information and the default data corresponding to the first user information; generate the first user ID according to the first user information; encrypt the default data to generate a second encrypted blacklist, and save the second encrypted blacklist on the blockchain In the first block of, where the position of the first block in the blockchain is represented as the first label; obtain the established query list, and save the first user ID and the first label to the established query list in.
  • the blacklist acquisition request implemented when the processor executes the computer-readable instruction carries the second user identifier
  • the processor executes the computer-readable instruction to acquire from the blockchain storing the blacklist
  • the first encrypted blacklist corresponding to the blacklist obtaining request includes: obtaining the query list, querying the second label corresponding to the second user label from the query list; locating the block corresponding to the second label from the blockchain, and obtaining the second label
  • the second user identifier stored on the corresponding block corresponds to the first encrypted blacklist.
  • the method further includes: receiving and recording the report information returned by the query terminal according to the query blacklist; and querying the query according to the report information
  • the blacklist is detected; when a blacklist query error is detected, the upload authority of the uploader ID corresponding to the blacklist is restricted.
  • the processor executes the computer-readable instruction to send the query blacklist to the query terminal, it further includes: receiving a blacklist update request sent by the query terminal according to the blacklist data, and the blacklist update request includes Update data; save the updated data to the blockchain.
  • One or more non-volatile computer-readable storage media storing computer-readable instructions.
  • the one or more processors perform the following steps: The blacklist acquisition request, the blacklist acquisition request carries the query identifier, and the access authority of the query terminal is verified according to the query identifier; when the access authority of the query terminal is verified, the blacklist acquisition request is obtained from the blockchain storing the blacklist The corresponding first encrypted blacklist; identify the uploader information corresponding to the first encrypted blacklist, generate an authorization verification request based on the uploader information, and send the authorization verification request to the query terminal; receive the authorization certificate returned by the query terminal according to the authorization verification request , And decrypt the obtained first encryption blacklist according to the authorization certificate to obtain the query blacklist; send the query blacklist to the query terminal.
  • the following steps are also implemented: receiving a blacklist upload request sent by the uploading terminal, the blacklist uploading request carries an uploading identifier; verifying the uploading authority of the uploading terminal according to the uploading identifier ; When the upload authority verification of the upload terminal is passed, receive the shared blacklist sent by the upload terminal; encrypt the shared blacklist to obtain the second encrypted blacklist, and save the second encrypted blacklist on the blockchain.
  • the shared blacklist is encrypted to obtain the second encrypted blacklist
  • the second encrypted blacklist is stored on the blockchain, including: identifying the shared blacklist The first user information in the list and the default data corresponding to the first user information; generate the first user mark according to the first user information; encrypt the default data to generate a second encrypted blacklist, and save the second encrypted blacklist in the block
  • the position of the first block in the blockchain is represented as the first label; obtain the established query list, and save the first user ID and the first label to the established query List.
  • the blacklist acquisition request carries the second user identifier
  • the computer program is executed by the processor from the blockchain storing the blacklist.
  • Obtaining the first encrypted blacklist corresponding to the blacklist obtaining request includes: obtaining the query list, querying the second label corresponding to the second user label from the query list; locating the block corresponding to the second label from the blockchain, and obtaining the second label The first encrypted blacklist corresponding to the second user label stored on the block corresponding to the label.
  • the computer-readable instruction after the computer-readable instruction is executed by the processor to send the query blacklist to the query terminal, it further includes: receiving and recording the report information returned by the query terminal according to the query blacklist; Check the blacklist for detection; when a blacklist search error is detected, the upload authority of the uploader ID corresponding to the blacklist is restricted.
  • the method further includes: receiving a blacklist update request sent by the query terminal according to the blacklist data. Contains update data; save the update data to the blockchain.
  • Non-volatile memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory.
  • ROM read only memory
  • PROM programmable ROM
  • EPROM electrically programmable ROM
  • EEPROM electrically erasable programmable ROM
  • Volatile memory may include random access memory (RAM) or external cache memory.
  • RAM is available in many forms, such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous chain Channel (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computational Linguistics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

L'invention concerne un procédé de partage de liste noire, comprenant les étapes consistant à : acquérir une requête d'acquisition de liste noire envoyée par un terminal demandeur, la requête d'acquisition de liste noire transportant un identifiant de demande et vérifier l'autorité d'accès du terminal demandeur selon l'identifiant de demande ; lorsque l'autorité d'accès du terminal demandeur est vérifiée, acquérir une liste noire à partir de la chaîne de blocs stockant la liste noire pour obtenir une première liste noire chiffrée correspondant à la requête ; identifier des informations de téléchargeur correspondant à la première liste noire chiffrée, générer une requête de vérification d'autorisation en fonction des informations de téléchargeur et envoyer la requête de vérification d'autorisation au terminal demandeur ; recevoir un certificat d'autorisation renvoyé par le terminal demandeur selon la requête de vérification d'autorisation et déchiffrer la première liste noire chiffrée obtenue selon le certificat d'autorisation pour obtenir la liste noire demandée ; et envoyer la liste noire demandée au terminal demandeur.
PCT/CN2019/122871 2019-07-08 2019-12-04 Procédé et appareil de partage de liste noire, dispositif informatique et support de stockage WO2021003980A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910610289.1 2019-07-08
CN201910610289.1A CN110365670B (zh) 2019-07-08 2019-07-08 黑名单共享方法、装置、计算机设备和存储介质

Publications (1)

Publication Number Publication Date
WO2021003980A1 true WO2021003980A1 (fr) 2021-01-14

Family

ID=68218376

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/122871 WO2021003980A1 (fr) 2019-07-08 2019-12-04 Procédé et appareil de partage de liste noire, dispositif informatique et support de stockage

Country Status (2)

Country Link
CN (1) CN110365670B (fr)
WO (1) WO2021003980A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113064923A (zh) * 2021-04-30 2021-07-02 中国工商银行股份有限公司 一种黑名单筛查系统的检测方法、装置、设备和存储介质
CN113553588A (zh) * 2021-07-28 2021-10-26 中国南方电网有限责任公司 终端软件管理方法
CN115643226A (zh) * 2022-09-06 2023-01-24 广州市玄武无线科技股份有限公司 一种消息发送免打扰配置方法、设备和存储介质

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110365670B (zh) * 2019-07-08 2022-07-08 深圳壹账通智能科技有限公司 黑名单共享方法、装置、计算机设备和存储介质
CN111259448A (zh) * 2020-01-17 2020-06-09 中国建设银行股份有限公司 一种数据共享方法和装置
CN111708992B (zh) * 2020-05-06 2023-07-14 咪咕文化科技有限公司 报表数据访问方法、装置、电子设备及存储介质
CN111694899A (zh) * 2020-06-12 2020-09-22 中国银行股份有限公司 一种基于区块链的黑名单共享方法及系统
CN112184426A (zh) * 2020-10-12 2021-01-05 深圳壹账通智能科技有限公司 数据共享方法、系统、服务器及计算机可读存储介质
CN112446702A (zh) * 2020-11-17 2021-03-05 深圳市元征科技股份有限公司 一种数据验证方法、装置及节点设备
CN112581011B (zh) * 2020-12-25 2024-04-02 深圳市元征科技股份有限公司 租赁管理方法、装置、终端设备及存储介质
CN112699088B (zh) * 2020-12-30 2022-03-04 中国信息通信研究院 一种涉诈数据共享方法、系统和介质
CN113743953A (zh) * 2021-01-18 2021-12-03 北京京东拓先科技有限公司 一种首营资质信息获取方法、设备及计算机可读存储介质
CN112511651B (zh) * 2021-01-28 2022-02-18 支付宝(杭州)信息技术有限公司 一种基于区块链的服务准入方法及装置
CN112905536B (zh) * 2021-02-07 2024-01-02 全链通有限公司 基于区块链的数据校验同步方法和装置
CN112989386B (zh) * 2021-03-31 2023-09-22 苏州黑云智能科技有限公司 一种基于不经意传输的黑名单共享方法及系统
CN114386086A (zh) * 2021-09-24 2022-04-22 浙江甲骨文超级码科技股份有限公司 黑名单数据共享方法及获取方法
CN113905134B (zh) * 2021-10-21 2023-06-02 中国联合网络通信集团有限公司 基于区块链的通讯录黑名单管理方法、系统、设备及介质
CN114296651B (zh) * 2021-12-28 2023-08-01 上海右云信息技术有限公司 一种用于存储自定义数据信息的方法与设备
CN115118474A (zh) * 2022-06-20 2022-09-27 广东省工业边缘智能创新中心有限公司 标识查询、存储管理方法、标识代理模块及权限管理系统
CN115134150A (zh) * 2022-06-29 2022-09-30 中国工商银行股份有限公司 基于区块链的数据获取方法、系统、存储介质及电子装置

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180293556A1 (en) * 2017-04-05 2018-10-11 Samsung Sds Co., Ltd. Method and system for processing blockchain-based real-time transaction
CN109344647A (zh) * 2018-09-12 2019-02-15 上海点融信息科技有限责任公司 用于区块链网络的访问凭证生成方法、数据访问方法、存储介质、计算设备
CN109669986A (zh) * 2018-12-12 2019-04-23 深圳乐信软件技术有限公司 基于区块链的黑名单共享方法、装置、设备和存储介质
CN109858272A (zh) * 2018-05-23 2019-06-07 深圳崀途科技有限公司 基于区块链的黑名单数据处理系统
CN110365670A (zh) * 2019-07-08 2019-10-22 深圳壹账通智能科技有限公司 黑名单共享方法、装置、计算机设备和存储介质

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102384340B1 (ko) * 2017-04-05 2022-04-07 삼성에스디에스 주식회사 블록체인 기반 실시간 거래 처리 방법 및 그 시스템
CN109327418A (zh) * 2017-07-31 2019-02-12 平安科技(深圳)有限公司 数据共享方法、装置及计算机可读存储介质

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180293556A1 (en) * 2017-04-05 2018-10-11 Samsung Sds Co., Ltd. Method and system for processing blockchain-based real-time transaction
CN109858272A (zh) * 2018-05-23 2019-06-07 深圳崀途科技有限公司 基于区块链的黑名单数据处理系统
CN109344647A (zh) * 2018-09-12 2019-02-15 上海点融信息科技有限责任公司 用于区块链网络的访问凭证生成方法、数据访问方法、存储介质、计算设备
CN109669986A (zh) * 2018-12-12 2019-04-23 深圳乐信软件技术有限公司 基于区块链的黑名单共享方法、装置、设备和存储介质
CN110365670A (zh) * 2019-07-08 2019-10-22 深圳壹账通智能科技有限公司 黑名单共享方法、装置、计算机设备和存储介质

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113064923A (zh) * 2021-04-30 2021-07-02 中国工商银行股份有限公司 一种黑名单筛查系统的检测方法、装置、设备和存储介质
CN113064923B (zh) * 2021-04-30 2024-04-16 中国工商银行股份有限公司 一种黑名单筛查系统的检测方法、装置、设备和存储介质
CN113553588A (zh) * 2021-07-28 2021-10-26 中国南方电网有限责任公司 终端软件管理方法
CN113553588B (zh) * 2021-07-28 2024-05-24 中国南方电网有限责任公司 终端软件管理方法
CN115643226A (zh) * 2022-09-06 2023-01-24 广州市玄武无线科技股份有限公司 一种消息发送免打扰配置方法、设备和存储介质
CN115643226B (zh) * 2022-09-06 2023-11-21 广州市玄武无线科技股份有限公司 一种消息发送免打扰配置方法、设备和存储介质

Also Published As

Publication number Publication date
CN110365670B (zh) 2022-07-08
CN110365670A (zh) 2019-10-22

Similar Documents

Publication Publication Date Title
WO2021003980A1 (fr) Procédé et appareil de partage de liste noire, dispositif informatique et support de stockage
CN109862041B (zh) 一种数字身份认证方法、设备、装置、系统及存储介质
WO2021003977A1 (fr) Procédé et appareil de demande d'informations par défaut, et dispositif informatique et support d'informations
CN109325342B (zh) 身份信息管理方法、装置、计算机设备和存储介质
US11290446B2 (en) Access to data stored in a cloud
CN109274652B (zh) 身份信息验证系统、方法及装置及计算机存储介质
US11196561B2 (en) Authorized data sharing using smart contracts
US11829502B2 (en) Data sharing via distributed ledgers
US20230300119A1 (en) Method, computer program product and apparatus for encrypting and decrypting data using multiple authority keys
WO2019136959A1 (fr) Dispositif et procédé de traitement de données, dispositif informatique et support d'informations
CN112825520B (zh) 用户隐私数据处理方法、装置、系统及存储介质
CN112632581A (zh) 用户数据处理方法、装置、计算机设备及存储介质
US20150143107A1 (en) Data security tools for shared data
CN106992851A (zh) 基于TrustZone的数据库文件口令加解密方法、装置及终端设备
CN110765449A (zh) 一种基于安全芯片的身份认证的方法、设备及介质
CN110442654A (zh) 违约信息查询方法、装置、计算机设备和存储介质
CN112733180A (zh) 数据查询方法、装置和电子设备
CN111917711B (zh) 数据访问方法、装置、计算机设备和存储介质
TWM591661U (zh) 數位身分管理系統
US20240048361A1 (en) Key Management for Cryptography-as-a-service and Data Governance Systems
US20240048380A1 (en) Cryptography-as-a-Service
CN113946864B (zh) 一种机密信息获取方法、装置、设备及存储介质
TWI727474B (zh) 數位身分管理系統及方法
GB2590520A (en) Data sharing via distributed ledgers
WO2024030308A1 (fr) Système de protection et de gouvernance d'échange de données

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19937248

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 160522)

122 Ep: pct application non-entry in european phase

Ref document number: 19937248

Country of ref document: EP

Kind code of ref document: A1