WO2021012814A1 - 一种数字资产认证处理系统 - Google Patents
一种数字资产认证处理系统 Download PDFInfo
- Publication number
- WO2021012814A1 WO2021012814A1 PCT/CN2020/094358 CN2020094358W WO2021012814A1 WO 2021012814 A1 WO2021012814 A1 WO 2021012814A1 CN 2020094358 W CN2020094358 W CN 2020094358W WO 2021012814 A1 WO2021012814 A1 WO 2021012814A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- thread
- authentication
- digital asset
- hash
- Prior art date
Links
- 238000012545 processing Methods 0.000 title claims abstract description 43
- 238000012552 review Methods 0.000 claims description 55
- 238000012550 audit Methods 0.000 claims description 46
- 238000004422 calculation algorithm Methods 0.000 claims description 24
- 238000007781 pre-processing Methods 0.000 claims description 6
- 238000000034 method Methods 0.000 description 23
- 230000008569 process Effects 0.000 description 14
- 238000004458 analytical method Methods 0.000 description 10
- 238000010422 painting Methods 0.000 description 8
- 230000005540 biological transmission Effects 0.000 description 6
- 238000012790 confirmation Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 238000009472 formulation Methods 0.000 description 4
- 239000000203 mixture Substances 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000004364 calculation method Methods 0.000 description 3
- 238000007689 inspection Methods 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 230000001934 delay Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000015572 biosynthetic process Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000001186 cumulative effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
- G06F16/252—Integrating or interfacing systems involving database management systems between a Database Management System and a front-end application
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/101—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management
Definitions
- This application relates to the field of information security technology, and relates to a digital asset authentication processing system.
- the digital asset authentication processing system also known as the right confirmation platform, is mainly aimed at confirming the rights of a large number of intellectual works or achievements for copyright registration. Its functions are mainly embodied in two aspects: first, to confirm the rights of the registered copyrights, trademarks or patents that have obtained patent certificates; second, to confirm the rights of a large number of unregistered intellectual works or achievements.
- the digital asset authentication platform 2 and various types of clients 1 form a point-to-point connection through the Internet, and the user uses the installed APP on the client side 1 Establish a connection, and request the digital asset authentication platform 2 to provide it with a digital asset authentication operation or digital asset transaction operation through this connection.
- the data receiving unit 21 is configured to receive a digital asset data package to be authenticated (hereinafter referred to as a data package) uploaded by the client 1 through a webpage or a dedicated APP, etc., and store it in the internal first database 25;
- the data selection unit 22 It is used to obtain the to-be-authenticated or transaction-to-be-processed data from the first database 25 and send the data to the data authentication unit 23;
- the data authentication unit 23 is used to process the obtained data according to requirements and perform the right confirmation or authentication operation, Then the result is stored in the second database 26, and the confirmation information, authentication information, etc. are fed back through the information feedback unit.
- the digital asset entity needs to be uploaded from the client 1 to the digital asset authentication platform 2, and after the authentication is completed, the authenticated digital asset data package is stored in the second database 26.
- the centralized digital asset authentication platform 2 cannot guarantee the credibility of digital asset data packages.
- the purpose of this application is to provide a digital asset authentication processing system.
- the first aspect of the embodiments of the present application shows a digital asset authentication processing system, including: a client and a digital asset authentication platform, wherein the digital asset authentication platform includes: first data connected to the output terminal of the client A receiving unit, a first database connected to the output terminal of the first data receiving unit, a data selection unit connected to the output terminal of the first database, data connected to the output terminal of the data selection unit An authentication unit and an information feedback unit connected to the output end of the data authentication unit, the digital asset authentication platform further includes: a blockchain thread, an input end of the thread and an input end of the client, the first The input end of a data receiving unit, the input end of the data selection unit, and the input end of the data authentication unit are connected, wherein: the blockchain thread is used to receive the client, the first data receiving unit, The data selection unit and the data uploaded by the data authentication unit send the data to the blockchain network.
- the blockchain network has the characteristics of decentralization, tamper-proof and non-repudiation, and passes the data uploaded by the client, the first data receiving unit, the data selection unit, and the data authentication unit
- the blockchain thread is uploaded to the blockchain network, which can ensure that the above-mentioned data is not tampered with, guarantee the credibility of the digital asset data, and also ensure that the above-mentioned data is recorded in time.
- Figure 1 is an application scenario diagram of the digital asset platform
- Figure 2 is a schematic diagram of the basic structure of the digital asset certification platform
- Fig. 3 shows a digital asset authentication processing system according to a preferred embodiment
- Figure 4 shows a digital asset authentication processing system according to a preferred embodiment
- Fig. 5 is a digital asset authentication processing system according to a preferred embodiment
- FIG. 6 is a schematic diagram of the formation of a queue to be processed in a method for processing a digital asset data packet to be authenticated in this application;
- Fig. 7 is a digital asset authentication processing system according to a preferred embodiment
- Fig. 8 shows a digital asset authentication processing system according to a preferred embodiment
- Fig. 9 is a digital asset authentication processing system according to a preferred embodiment
- Fig. 10 shows a digital asset authentication processing system according to a preferred embodiment
- Fig. 11 is a digital asset authentication processing system according to a preferred embodiment
- FIG. 12 is a schematic diagram of the process of moving the data to be inspected to a special processing queue in a processing method for a digital asset data packet to be authenticated in this application.
- an embodiment of the present application shows a digital asset authentication processing system.
- a client 1 and a digital asset authentication platform 2 wherein the digital asset authentication
- the platform includes: a first data receiving unit 21 connected to the output terminal of the client 1; a first database 25 connected to the output terminal of the first data receiving unit 21; The data selection unit 22 connected to the output end, the data authentication unit 23 connected to the output end of the data selection unit 22, and the information feedback unit 24 connected to the output end of the data authentication unit 23, the digital asset
- the authentication platform also includes: a blockchain thread 27, the input of the thread and the input of the client 1, the input of the first data receiving unit 21, the input of the data selection unit 22, the The input terminal of the data authentication unit 23 is connected, where:
- the blockchain thread 27 is configured to receive data uploaded by the client 1, the first data receiving unit 21, the data selection unit 22, and the data authentication unit 23, and send the data to the blockchain The internet.
- the client of this application is installed in a terminal, and the terminal can be a computer, a mobile phone, a tablet computer, a laptop computer, a personal digital assistant, a mobile Internet device, or a wearable device.
- the terminal can be a computer, a mobile phone, a tablet computer, a laptop computer, a personal digital assistant, a mobile Internet device, or a wearable device.
- the types include: patents, trademarks, copyrights, etc., in the embodiments of this application, they all exist in the form of digital asset data packages.
- the blockchain network has the characteristics of decentralization, tamper-proof and non-repudiation, and passes the data uploaded by the client, the first data receiving unit, the data selection unit, and the data authentication unit
- the blockchain thread is uploaded to the blockchain network, which can ensure that the above-mentioned data is not tampered with, guarantee the credibility of the digital asset data, and also ensure that the above-mentioned data is recorded in time.
- Example 1 due to the large capacity of some digital assets, which can reach hundreds of M or even more than 1G, the digital assets uploaded by the client 1 to the digital asset authentication platform 2 will occupy more transmission resources and storage. Resources.
- the authentication process of digital assets is an online operation based on the Internet. A large number of digital assets are randomly uploaded from different clients 1, which cannot match the usage status of the network transmission resources of the digital asset authentication platform 2, resulting in delays or delays in uploading digital assets. The transmission failed.
- an embodiment of the present application provides a digital asset processing system to be authenticated.
- the technical solution shown in the implementation of this application further includes a preprocessing platform 3 connected to the output terminal of the client 1 on the basis of the technical solution shown in embodiment 1.
- the preprocessing platform includes: a second data receiving unit 31 connected to the output end of the client 1, an encrypted packet generating unit 32 connected to the output end of the data receiving unit 31, and The digest generating unit 33 is connected to the output terminal of the encrypted packet generating unit 32, and the output terminal of the digest generating unit 33 is connected to the first data receiving unit 21, wherein:
- the second data receiving unit 31 is configured to receive a digital asset data packet, perform a digital signature operation on the digital asset data packet using a determined digital signature algorithm, and generate a signature string, wherein the digital asset data packet includes a digital asset entity And description items;
- the encrypted packet generating unit 32 is configured to use an asymmetric encryption algorithm to encrypt the signature string, the bibliographic item, and the link address of the digital asset entity to generate an encrypted asset data packet;
- the summary generating unit 33 is configured to generate a summary of the asset package to be authenticated according to the encrypted asset data packet and the public key, and send the summary of the asset package to be authenticated to the first data receiving unit, and at the same time, upload it to the blockchain network and digital Asset certification platform.
- the data received by the first data receiving unit is collectively referred to as the digital asset package to be authenticated.
- the data transmitted to the first data receiving unit is also referred to as A summary of the asset package to be certified.
- the digital signature algorithm can be determined through pre-negotiation between the client and the digital asset authentication platform.
- the digital signature algorithm can also be one of a set of pre-provided algorithm programs.
- the client and the digital asset authentication platform transmit digital asset data packets, the client selects one of the algorithm programs and sends it to the digital asset authentication platform. , Notify the digital asset authentication platform to use the same digital signature algorithm.
- the set of algorithm programs includes multiple digital signature algorithms.
- the digital signature algorithm may be SHA256, SHA384 or SHA512.
- the digital signature operation may be a Hash operation.
- the embodiment of the present application uses a digital signature algorithm to perform a hash operation on the digital asset data packet. Due to the nature of the hash operation, after the hash operation is performed on the digital asset data packet, the generated signature string is a unique value.
- the digital signature algorithm uses SHA256
- the digital asset data packet uses SHA256 to perform a Hash operation to obtain a 256-bit number string, which is a unique value.
- the signature strings obtained are all different. Therefore, the signature string can be used to verify the authenticity of the digital asset data package.
- the digital asset data packet is obtained, and the digital signature operation is performed using the SHA256 digital signature algorithm to obtain the true
- the signature string is unique.
- Seller B claims that he owns this painting.
- the painting shown by Seller B is converted into a digital asset data packet, it uses the SHA256 digital signature algorithm to perform a digital signature operation to obtain a new signature string. At this point, it is judged whether the real signature string is the same as the new signature string.
- the signature string can verify the authenticity of the digital asset package.
- this application uses the link address of the digital asset entity with a smaller capacity as a part of the encrypted asset data package, thereby reducing the capacity of the encrypted asset data package.
- the storage location of the digital asset entity can be determined.
- the digital asset data package is stored in the client.
- the preprocessing platform may include a third-party server, and the digital asset data package is stored in a third-party server. Server.
- the digital asset data package is stored in a third-party server, which can reduce the storage resources of the client by the digital asset data package, and avoid the situation that the client runs slowly.
- the asymmetric encryption algorithm has complex algorithm strength, so the security is extremely high.
- Asymmetric encryption algorithm has two keys, including public key and private key.
- the public key and private key are two different keys.
- the signature string and the link address of the digital asset entity are encrypted by the private key to obtain encrypted asset data.
- Package In the process of decrypting the encrypted asset data package, the public key is used. The public key decrypts the encrypted asset data package to obtain the signature string in the encrypted asset data package and the link address of the digital asset entity.
- a summary of the asset package to be authenticated is generated and uploaded to the blockchain thread and the first data receiving unit.
- the blockchain thread uploads the received data to the blockchain network.
- the blockchain network has the characteristics of decentralization, tamper-proof and non-repudiation. Therefore, the encrypted asset data package and the public key are composed of the asset package to be authenticated. Uploading the abstract to the blockchain network can ensure that the digital asset entity corresponding to the link address of the digital asset entity in the encrypted asset data package is not tampered with and is recorded in time.
- This application uploads the summary of the asset package to be certified by the client to the digital asset certification platform. Since the summary of the asset package to be certified is composed of an encrypted asset package and a public key, the encrypted asset package is composed of the link address of a digital asset entity with a smaller capacity and The signature string is encrypted. Therefore, compared to the client directly uploading the digital asset entity to the digital asset certification platform, uploading the asset package summary to be certified to the digital asset certification platform greatly reduces the occupied transmission resources and storage resources.
- the data authentication unit 23 includes: a bibliographic item review thread 23a connected to the output terminal of the data selection unit 22, and the bibliographic item review thread 23a
- the entity authentication unit 23b connected to the output end of the entity authentication unit 23b and the authenticated digital asset generation unit 23c connected to the output end of the entity authentication unit 23b;
- the data selection unit 22 is configured to obtain a digest of the data packet to be authenticated that needs to be processed according to the priority obtained from the first database 25;
- the bibliographic item review thread 23a is used to review the data of the bibliographic item part in the summary of the certified data package; for the audited unqualified data items, the reference value of the virtual qualified data items and the analysis of the review results are given, Continue to review item by item until all the data in the bibliographic item part is reviewed; if there are unqualified data items in the data in the bibliographic item part after review, the review result will be fed back to the corresponding client 1 through the information feedback unit 24; otherwise, the entity The authentication unit 23b continues to operate on the entity part of the digital asset in the data packet;
- the certified digital asset generating unit 23c generates a certified digital asset based on the certified digital asset entity and bibliographic items.
- the client will have multiple data upload operations. After each upload operation, there will be two audit results: the data packet is also called the summary of the data packet to be authenticated in some embodiments or the data to be authenticated has passed the audit. Or it fails the audit; if it fails the audit, the user needs to modify the data package on the client to upload the data package again; therefore, for each independent client, each upload There are not only a huge number of problems with the data package, but also problems of different nature. Because each data package contains different data content, and it may be the first upload, or it may be uploaded twice or more than three times. It is particularly important to determine the upload sequence of the data package. Therefore, the role of the data selection unit in this application is to determine the type of the data packet, and also to determine the order of uploading the data packet.
- Determine the type of the data package specifically, it can be based on the inspection of the data package to determine the type of data contained in the data package, or it can be based on the inspection of the data package to obtain whether the data package has been uploaded and the number of times it has been uploaded
- the importance of the data packets is divided by the set rules to distinguish the priority of uploading; for example, for data packets of the same data type, if a certain data packet is found after inspection
- the data package that has been uploaded but has not passed the audit then the data package can be prioritized over other data packages of the same data type when re-uploading; for data packages that are uploaded for the first time or have been uploaded the same number of times, if a certain data
- the importance index of a package is better than other data packages, and the data package can also be uploaded prior to other data packages when re-uploading.
- All data packets to be authenticated can be sorted in order of priority; in this embodiment, the priority of the data packet to be authenticated refers to the priority processing level of the data packet to be authenticated.
- the priority level can be represented by a specific value or symbol.
- priority can be formulated based on the importance of the content of the data package to be authenticated, for example, data package object specifications, types, images, video data, etc. closely related to transactions and confirmation objects Will get a higher priority, while the data packet process number that is not highly related to the transaction and confirmation object will get a lower priority; for another example, the data packet with a large number of cumulative uploads can be regarded as the other The content is more important, and higher priority can be assigned accordingly;
- the priority can also be formulated according to the transaction period; for example, a data packet that is approaching the transaction period will receive a relatively higher priority; a data packet with the same or similar content, a data packet with a shorter transaction period Data packets with a longer transaction period will have a higher priority; the basis for the formulation of the above two priorities can be considered individually or in combination; and the embodiments of this application are not limited to the above two formulations The combination of basis can also be considered separately or combined with other feasible formulation basis.
- the data packets to be authenticated are selected in turn and stored in a first-in-first-out waiting queue; when all the data packets to be authenticated are distinguished by different priority levels, all the data packets to be authenticated can be uploaded before uploading. Select in order according to the priority. Specifically, a first-in, first-out queue for the data packets to be processed will be set up at this time, that is, the queue to be processed, and the structural unit with the data selection function will sequentially select the corresponding to be authenticated according to the priority.
- the data packet is stored in the queue to be processed; the queue to be processed can be set in the data selection unit by default, or a separate memory can be set to carry the queue to be processed, and the data selection unit is used to perform data storage operations;
- FIG 6 is a schematic diagram of the process of selecting and storing data packets to be authenticated; when selecting the data packets to be authenticated to be stored in the waiting queue, you need to determine the upload order according to the priority level of the data packets to be authenticated, for example
- the priority of the data packet B to be authenticated is the highest, and it will be the first priority
- the priority of the data packet C to be authenticated is the second, and it will be the second priority
- the priority of the data packet A to be authenticated is the lowest.
- the data packet D to be authenticated needs to be the second priority selection object ,
- the data packets C and A to be authenticated are arranged in the back in sequence.
- the data packet that is selected to enter first is ranked in the front of the queue, and in the subsequent audit, the data packet in front of the queue is also operated first, so as to realize the first-in-first-out of the queue.
- the digital asset authentication platform is equipped with a classification distributor, multiple authentication threads, and a certified digital asset generation unit.
- the classification distributor sends the digital assets to the corresponding authentication thread according to the corresponding classification of the digital assets.
- Each thread authenticates the digital asset of the corresponding category, and finally, the authenticated digital asset generation unit generates the authenticated digital asset.
- the data processing flow and efficiency of each thread will be imbalanced, thereby reducing the efficiency of overall authentication.
- the entity authentication unit 23b includes: and the output terminal of the project review thread 23a
- the authentication digital asset generating unit 23c is connected, where:
- the balanced distributor 23b1 is used to allocate digital asset entities and corresponding registration codes to the hash thread 23b2;
- the balanced distributor allocates the physical part of the digital asset to the hash thread 23b2 according to the principle of global load distribution.
- the global load distribution principle can be determined by judging the load of each hash thread 23b2, determining the availability of the hash thread 23b2, and determining which thread will provide the service next time, so as to realize the balanced operation of each hash thread 23b2.
- the load may include Data such as CPU usage and bandwidth usage.
- the balanced distributor can also implement the global load distribution principle through polling.
- the digital asset authentication processing platform includes 10 hash threads, namely, hash thread 1, hash thread 2, hash thread 3, hash thread 4...
- hash thread 10 the balanced distributor will receive 1-10 of the digital asset entity part is distributed in sequence of hash thread 1, hash thread 2, hash thread 3, hash thread 4... hash thread 10; then the received 11-20 digital asset entity part Distribute hash thread 1, hash thread 2, hash thread 3, hash thread 4... hash thread 10, and so on.
- all allocation methods that can achieve full-load use of hash threads are within the protection scope of the embodiments of the present application, and will not be introduced one by one due to limited space.
- the hash thread 23b2 is used to calculate the hash value of the digital asset entity according to a digital signature algorithm
- the technical solution shown in the embodiment of the present application calculates the hash value of each digital asset entity part through a hash thread.
- the hash queue transforms the received physical part of the digital asset into a fixed-length output hash value through a hash algorithm, and then compares the hash value with the signature string. If they are consistent, the authentication is successful, and the successfully authenticated data Time stamp by sending to the authentication queue.
- the authentication thread 23b3 is configured to use the hash value as an authentication object and give a corresponding time stamp
- the authenticated digital asset generating unit 23c is configured to generate an authenticated digital asset including an authentication code and a registration code according to the hash value and time stamp.
- the authentication operation mainly provides a corresponding time stamp for the hash value, the amount of data processing is small. Therefore, a design method in which multiple hash queues correspond to one authentication queue can be adopted.
- the certified digital asset generating unit is configured to generate a certified digital asset including an authentication code and a registration code according to the hash value and time stamp.
- the application is an embodiment showing a digital asset authentication processing platform.
- the technical solution shown in the embodiment of this application first, according to the principle of global load distribution, allocates the entity part of the digital asset to the hash thread to ensure that the entity part of the digital asset is evenly distributed To each hash thread, the hash thread is used to process the calculation of the partial hash value of the digital asset entity in full load. Then, the hash value is authenticated through the authentication thread.
- the technical solution shown in the embodiment of the present application mainly provides a corresponding time stamp for the hash value due to the authentication operation.
- the technical solution shown in the embodiment of the present application can ensure that all hash threads simultaneously calculate the hash value of the entity part of the digital asset, thereby ensuring that the data processing flow and efficiency are in a balanced state, thereby improving the efficiency of overall authentication.
- the authentication thread may be multiple, and a centralized transponder is also provided between the hash thread and the authentication thread;
- the centralized repeater 23b4 is used to store the hash value sent by the hash thread, and send the hash value to the authentication thread.
- the technical solution shown in the embodiment of the present application improves the efficiency of authentication by setting multiple authentication threads, and the number of authentication threads may be different from the number of hash threads.
- a centralized repeater is also provided between the hash thread and the authentication thread 22.
- the centralized transponder is used to store the hash value sent by the hash thread and send the hash value to the authentication thread; the use of the centralized transponder can avoid the problem of data blocking during the data transmission process from the hash thread to the authentication thread appear.
- the centralized transponder is an authentication queue; specifically, referring to FIG. 8, the authentication queue is also used to determine whether the idle capacity for authentication is less than or equal to the preset capacity, Controls the startup and shutdown of the authentication thread, and the authentication free capacity is the free capacity of the authentication queue.
- the authentication thread is mainly used to authenticate the hash value.
- the hash thread is mainly used to calculate the hash value of the entity part of the digital asset; among them, the entity part of the digital asset includes: text works, film and television works, etc. Due to the difference in content, the size and file format of digital asset data packets are also different. Therefore, the calculation rate of the hash thread for the partial hash value of the digital asset entity is also different, and the time required for the calculation of the partial hash value of each digital asset entity is relatively variable. In this case, if the number of opened hash threads and the number of opened authentication threads are solidified, it will inevitably cause a waste of resources.
- the authentication queue of the technical solution shown in the embodiment of the present application is used to control the startup and shutdown of the authentication thread according to whether the authentication idle capacity is less than or equal to the preset capacity.
- the authentication idle capacity is the idle capacity of the authentication queue. .
- the startup and shutdown of the authentication thread are controlled to maximize the utilization of the authentication thread resources.
- the digital asset authentication processing platform includes: 20 hash threads and 10 authentication threads. In a period of time, 20 hash threads are started, and 5 authentication threads are started. During this period of time, most of the digital asset entities processed by the hash thread are video files, and accordingly, the hash thread takes a long time to calculate the hash value of the video files. There are 18 hash values in the authentication queue. In this case, the authentication idle capacity of the authentication thread is always greater than the preset capacity. At this time, the 5 authentication threads are kept open. In another period of time, most of the digital asset entities processed by the hash thread are patents. Accordingly, the hash thread 23b2 takes a relatively short time to calculate the hash value of the video file.
- the authentication idle capacity of the authentication thread is less than the preset capacity. At this time, the authentication thread controls the other authentication threads to start. In another time period, the authentication idle capacity of the authentication thread is less than the preset capacity. At this time, the authentication thread can also control the closing of the authentication thread.
- the authentication queue controls the startup and shutdown of the authentication thread according to whether the idle capacity of the authentication is less than or equal to the preset capacity, so as to maximize the utilization of the authentication thread resources.
- the hash thread Since the hash thread is used to calculate the hash value of digital assets, for some digital assets of film and television works, it takes a lot of time to calculate the hash value of digital assets. In this case, such as continuous delivery of numbers to the hash queue Assets, identification will cause blockage of hash queue data.
- the technical solution shown in the embodiment of the present application is based on the technical solution shown in the sixth embodiment, and a hash queue 23b5 is further provided between the balanced distributor 23b1 and the hash thread 23b2;
- the hash queue 23b5 is used to store the digital assets and corresponding registration codes output by the balanced distributor in a FIFO manner, and the digital assets and corresponding registration codes stored for the hash thread 23b2 in a FIFO manner.
- the hash queue has a one-to-one correspondence with the hash thread.
- the hash queue is used to store the digital assets including the physical part and the corresponding registration codes output by the balanced distributor in a FIFO manner, and the digital assets and corresponding registration codes stored for the hash thread in the FIFO manner .
- the use of hash queues can avoid the problem of data blockage during data transmission from the balanced distributor to the hash thread.
- the hash queue is also used to send hash surplus capacity to the balanced distributor in real time, and the hash surplus capacity is the vacant capacity of the hash queue; the balanced distributor also It is used to allocate the physical part of the digital asset to the hash queue according to the hash spare capacity.
- the free capacity of the hash queue may be free capacity, mainly remaining memory, and the hash queue with the most remaining memory can provide more memory space and computing resources.
- the hash queue can send hash vacant capacity to the balanced distributor every preset time interval.
- the balanced distributor allocates the physical part of the digital asset to the hash queue according to the hash spare capacity.
- the hash queue can also send the free hash capacity to the balanced distributor in real time.
- the balanced distributor allocates the physical part of the digital asset to the hash queue according to the hash spare capacity.
- the hash thread can send the hash surplus capacity to the balanced distributor every preset time. Under this condition, the balanced distributor can filter out the hash queues whose hash free capacity is greater than the preset free capacity as the hash queues to be allocated.
- the balanced distributor continuously distributes the received digital asset entity part to the hash queue to be distributed. For example: for a digital asset authentication processing platform, it includes: 10 hash threads and 10 hash queues, which are: hash thread 1, hash thread 2, hash thread 3, hash thread 4...hash Thread 10; Hash queue 1, Hash queue 2, Hash queue 3, Hash queue 4...Hash queue 10.
- Hash Queue 1, Hash Queue 2, Hash Queue 3, Hash Queue 4...Hash Queue 10 sends its own hash surplus capacity to the balanced distributor every preset time interval.
- the hash spare capacity corresponding to each hash queue is shown in Table 1.
- the preset free capacity is 8G.
- the balanced distributor determines that the hash queues to be allocated are hash queue 2, hash queue 4, hash queue 5, hash queue 6 and hash queue 10.
- the balanced distributor continues to distribute the received digital asset entity part to the to-be-divided hash queue 2, hash queue 4, hash queue 5, hash queue 6 and hash queue 10.
- the physical part of the digital asset is dynamically allocated to the hash queue in turn.
- Hash queue Free capacity Hash queue 1 5.8G Hash queue 2 10.8G Hash queue 3 2.4G Hash queue 4 9.6G Hash queue 5 8.4G Hash queue 6 9.4G Hash queue 7 5.2G Hash queue 8 5.8G Hash queue 9 3.6G Hash queue 10 12.5G
- the hash thread 23b2 can send the hash spare capacity to the balanced distributor in real time.
- the balanced distributor can sort the received hash vacant capacity in real time, and screen out the Greek queue that produces the largest hash vacant capacity as the hash queue to be allocated.
- the balanced distributor distributes the received digital asset entity part to the hash queue to be distributed.
- 10 hash threads and 10 hash queues are: hash thread 1, hash thread 2, hash thread 3, hash thread 4... hash thread 10; hash queue 1, hash queue 2, hash queue 3, hash queue 4... Hash queue 10.
- Hash Queue 1, Hash Queue 2, Hash Queue 3, Hash Queue 4...Hash Queue 10 sends its own hash free capacity to the balanced distributor in real time.
- Each hash queue corresponds to The hash spare capacity of each hash queue at a certain point in time can continue to refer to the data in Table 1.
- the balanced distributor determines that the hash queue to be allocated is the hash queue 10.
- the balanced distributor distributes the received digital asset entity part to the hash queue 10 to be divided.
- the physical part of the digital asset is dynamically allocated to the hash queue in turn.
- the balanced distributor dynamically allocates the physical part of the digital asset to the hash queue according to the hash vacant capacity, so as to maximize the utilization of the resources of the hash queue and the hash thread 23b2.
- the bibliographic review thread 23a includes: a normal review thread 23a1 connected to the output terminal of the data selection unit 22 and a virtual review thread 23a3 connected to the output terminal of the normal review thread 23a1, among them:
- the normal review thread 23a1 is used to select the data of the bibliographic item part from the data package to be authenticated, and review it item by item. If there are unqualified data items, then the review operation will be transferred to the virtual review thread 23a2, otherwise by the entity verification unit 23b Continue to operate on the physical part of the digital asset;
- the virtual review thread 23a2 is used to continue reviewing item by item until the data review of all the bibliographic item parts is completed, and the review result is fed back to the corresponding client 1 through the information feedback unit 24.
- the normal review thread is used to select the data of the bibliographic item part from the data package to be authenticated and review it item by item. If there are unqualified data items, the review operation is transferred to the virtual review thread 23a2.
- the normal review thread is used to review the bibliographic items item by item.
- the data processing volume is relatively large. During the review process, some items that have not passed the review are included.
- the embodiment of this application shows The technical solution is provided with a virtual review thread. If the normal review thread finds unqualified data items, the review operation is transferred to the virtual review thread. In order to facilitate the user to quickly perform the modification operation, the virtual review thread needs to give the reference value of the corresponding qualified data item for the unqualified data item, and provide the review result analysis, where the content of the review result analysis can include the location of the unqualified item, That is, which data package is located in, the preliminary analysis of the cause of the non-conforming item, the modification suggestion, etc.
- the reference value of the virtual qualified data item and the analysis of the audit result given can be expressed as "the audit result: failed; reason for failure: there is a typo; Reason analysis: mistyped homophony; reference value for qualified items: chapter three; modification suggestion: change'Zhang San' to'Zhang Three'"; it should be noted that there are many other possibilities in the above analysis results.
- the expression method for the result analysis can be a chart, an information bar, and so on.
- the virtual review thread of the technical solution shown in the embodiment of the application after reviewing all the items injected into the project part, all the problem items included in the digital asset package pair are fed back to the client. For example, for any client, suppose it uploads five data packets to be authenticated, which are data packets AG.
- the technical solution shown in the embodiment of the present application is provided with a virtual review thread, and the virtual review thread provides the reference value of the corresponding qualified data item for the unqualified data item and the analysis of the review result.
- the reference value can facilitate users to quickly perform modification operations.
- the virtual review thread can share the data processing amount of the normal review thread.
- the data selection unit 22 includes an audit frequency judgment unit 22a connected to the output end of the first database 25 and a special processing queue 22b connected to the output end of the audit frequency judgment unit 22a;
- the audit frequency judging unit 223 is used to set a data audit frequency threshold; if the data packet to be authenticated fails to pass an audit, the total audit frequency is counted; if the total frequency is less than or equal to the data audit frequency threshold, then The selection unit 222 increases its priority when uploading again; if the total number of times is greater than the threshold of the number of data audits, the data packet to be authenticated is moved to the special processing queue 224.
- the technical solution shown in the embodiment of the present application includes a review frequency judgment unit in the data selection unit.
- the total number of audits is counted.
- the total number of times can be represented by t, where t is an integer greater than zero; if the total number of times is less than or equal to the threshold of the number of data audits, that is, t ⁇ T, Then increase the priority of uploading again and store it in the waiting queue for uploading again.
- the data packet to be authenticated is moved to the special processing queue; in this embodiment, the special processing queue is used to store data that has failed multiple uploads
- the specific processing operation process is not limited in this embodiment; it should be noted that the special processing queue and the pending queue do not affect each other, and are the same as the pending queue.
- the special processing queue can also be set in the data selection unit by default, or can be set in the memory carrying the queue to be processed, and the data selection unit is used to perform data storage operations.
- the embodiment of the present invention also provides a storage medium in which a computer program is stored, and when the computer program is executed by a processor, some or all of the steps in each embodiment of the method for controlling a display device provided by the present invention are implemented .
- the storage medium can be a magnetic disk, an optical disc, a read-only storage memory in English: Read-Only Memory, abbreviated as ROM or random storage memory in English: Random Access Memory, abbreviated as RAM, etc.
- the technology in the embodiments of the present invention can be implemented by means of software plus a necessary general hardware platform.
- the technical solutions in the embodiments of the present invention can be embodied in the form of software products, which can be stored in a storage medium, such as ROM/RAM. , Magnetic disks, optical disks, etc., including a number of instructions to enable a computer device to be a personal computer, a server, or a network device to perform the methods described in the various embodiments or some parts of the embodiments of the present invention.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- Data Mining & Analysis (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
本申请实施例第一方面示出一种数字资产认证处理系统,包括:客户端,数字资产认证平台,其中,数字资产认证平台包括:第一数据接收单元,第一数据库,数据选择单元,数据认证单元以及信息反馈单元,数字资产认证平台还包括:区块链线程,其中:区块链线程,用于接收客户端,第一数据接收单元,数据选择单元,和数据认证单元上传的数据,将数据发送到区块链网络。本申请实施例示出的将客户端,第一数据接收单元,数据选择单元,和数据认证单元上传的数据通过区块链线程上传至区块链网络,可以保证上述数据不被篡改,保障数字资产数据的可信度,同时也可以保证上述数据及时得到记录。
Description
本申请要求在2019年7月19日提交中国专利局、申请号为201910657337.2、发明名称为“一种数字资产认证处理系统”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
本申请涉及信息安全技术领域,涉及一种数字资产认证处理系统。
数字资产认证处理系统,也称确权平台,主要针对大量为进行版权登记的知识作品或成果的权利确认操作。其功能主要体现于两个方面:一、对于已经登记的版权、商标或已经取得专利证书的专利进行权利可交易确认操作;二、对于大量未登记的知识作品或成果进行权利确认操作。如图1所示的场景中,数字资产认证平台2和各种类型的客户端1(例如固定终端和移动终端等)之间通过互联网形成点对点的联系,用户在客户端1侧通过安装的APP建立联系,通过这种联系请求数字资产认证平台2为其提供数字资产认证操作或数字资产交易操作。
通常完成上述的认证过程需要的数字资产认证平台2的基本结构可由图2进行说明。其中,数据接收单元21用于接收客户端1通过网页或专用APP等上传的待认证数字资产数据包(以下简称数据包),将其存入内部的第一数据库25中;数据选择单元22,用于从第一数据库25中得到需要处理的待认证或待交易数据,并将数据送到数据认证单元23;数据认证单元23,用于按照需求处理得到的数据,执行确权或者认证操作,然后将结果存入第二数据库26,以及,通过信息反馈单元反馈确权信息、认证信息等。
因此,需要将数字资产实体从客户端1上传到数字资产认证平台2,认证结束后,将认证后的数字资产数据包存储在第二数据库26中。显然,中心化的数字资产认证平台2无法保障数字资产数据包的可信度。
发明内容
基于上述技术问题,本申请的目的在于提供一种数字资产认证处理系统。
本申请实施例第一方面示出一种数字资产认证处理系统,包括:客户端,数字资产认证平台,其中,所述数字资产认证平台包括:与所述客户端的输出端相连接的第一数据接收单元,与所述第一数据接收单元的输出端相连接的第一数据库,与所述第一数据库的输出端相连接的数据选择单元,与所述数据选择单元的输出端相连接的数据认证单元以及与所述数据认证单元的输出端相连接的信息反馈单元,所述数字资产认证平台还包括:区块链线程,所述线程的输入端与所述客户端的输入端,所述第一 数据接收单元的输入端,所述数据选择单元的输入端,所述数据认证单元的输入端连接,其中:所述区块链线程,用于接收所述客户端,第一数据接收单元,数据选择单元,和所述数据认证单元上传的数据,将所述数据发送到区块链网络。本申请实施例示出的技术方案中区块链网络具有去中心化、防篡改和抗抵赖的特性,将客户端,第一数据接收单元,数据选择单元,和所述数据认证单元上传的数据通过区块链线程上传至区块链网络,其中,可以保证上述数据不被篡改,保障数字资产数据的可信度,同时也可以保证上述数据及时得到记录。
为了更清楚地说明本申请实施例或现有技术中的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。
图1为数字资产平台的应用场景图;
图2为数字资产认证平台的基本结构示意图;
图3为根据一优选实施例示出的一种数字资产认证处理系统;
图4为根据一优选实施例示出的一种数字资产认证处理系统;
图5为根据一优选实施例示出的一种数字资产认证处理系统;
图6为本申请一种待认证数字资产数据包的处理方法中待处理队列形成原理图;
图7为根据一优选实施例示出的一种数字资产认证处理系统;
图8为根据一优选实施例示出的一种数字资产认证处理系统;
图9为根据一优选实施例示出的一种数字资产认证处理系统;
图10为根据一优选实施例示出的一种数字资产认证处理系统;
图11为根据一优选实施例示出的一种数字资产认证处理系统;
图12为本申请一种待认证数字资产数据包的处理方法中将待检验数据移至特殊处理队列过程原理图。
为使本申请示例性实施例的目的、技术方案和优点更加清楚,下面将结合本申请示例性实施例中的附图,对本申请示例性实施例中的技术方案进行清楚、完整地描述,显然,所描述的示例性实施例仅是本申请一部分实施例,而不是全部的实施例。
实施例1:
为了解决现有技术存在的技术问题,本申请实施例示出一种数字资产认证处理系统,具体的,可以参阅图3,包括:客户端1,数字资产认证平台2,其中,所述数字 资产认证平台包括:与所述客户端1的输出端相连接的第一数据接收单元21,与所述第一数据接收单元21的输出端相连接的第一数据库25,与所述第一数据库25的输出端相连接的数据选择单元22,与所述数据选择单元22的输出端相连接的数据认证单元23以及与所述数据认证单元23的输出端相连接的信息反馈单元24,所述数字资产认证平台还包括:区块链线程27,所述线程的输入端与所述客户端1的输入端,所述第一数据接收单元21的输入端,所述数据选择单元22的输入端,所述数据认证单元23的输入端连接,其中:
所述区块链线程27被配置为:接收所述客户端1,第一数据接收单元21,数据选择单元22,和所述数据认证单元23上传的数据,将所述数据发送到区块链网络。
本申请的客户端安装在终端,所述终端可以为计算机、手机、平板电脑、膝上型电脑、个人数字助理、移动上网装置或可穿戴式设备等设备。需要说明的是,数字资产无论是何种类型,所述类型包括:专利、商标或版权等,在本申请实施例中都以数字资产数据包的形式存在。
本申请实施例示出的技术方案中区块链网络具有去中心化、防篡改和抗抵赖的特性,将客户端,第一数据接收单元,数据选择单元,和所述数据认证单元上传的数据通过区块链线程上传至区块链网络,其中,可以保证上述数据不被篡改,保障数字资产数据的可信度,同时也可以保证上述数据及时得到记录。
实施例2:
实施例1示出的技术方案中,由于部分数字资产实体容量大,可达到几百M甚至超过1G,因此客户端1上传到数字资产认证平台2的数字资产会占据较多的传输资源和存储资源。另外,数字资产的认证过程是基于互联网的线上操作,大量的数字资产从不同的客户端1随机上传,无法与数字资产认证平台2的网络传输资源的使用状况匹配,导致上传数字资产延迟或者传输失败。为了解决现有技术中的问题,本申请实施例提供一种待认证数字资产处理系统。
为了解决上述问题,本申请实施示出的技术方案在实施例1示出的技术方案的基础上还包括与所述客户端1的输出端相连接的预处理平台3,具体的,可以参阅图4其中,所述预处理平台包括:与所述客户端1的输出端相连接的第二数据接收单元31,与所述数据接收单元31的输出端相连接的加密包生成单元32以及与所述加密包生成单元32的输出端相连接的摘要生成单元33,所述摘要生成单元33的输出端与所述第一数据接收单元21相连接,其中:
所述第二数据接收单元31,用于接收数字资产数据包,利用确定的数字签名算法对数字资产数据包执行数字签名操作,生成签名字符串,其中,所述数字资产数据包包括数字资产实体和著录项目;
所述加密包生成单元32,用于采用非对称加密算法加密所述签名字符串、著录项目和数字资产实体的链接地址,生成加密资产数据包;
所述摘要生成单元33,用于根据加密资产数据包和公钥,生成待认证资产包摘要, 发送所述待认证资产包摘要至第一数据接收单元,同时,上传到区块链网络和数字资产认证平台。
值得注意的是,本申请实施例示出的技术方案中,第一数据接收单元接收的数据统称为待认证数字资产包,当由预处理平台3,传输至第一数据接收单元的数据也称之为待认证资产包摘要。
其中,所述数字签名算法可以通过客户端与数字资产认证平台预先协商确定。所述数字签名算法还可以为预先提供的算法程序集合中的一个,客户端与数字资产认证平台数据传输数字资产数据包时,客户端从算法程序集合中选取其中一个,并发送数字资产认证平台,通知数字资产认证平台使用相同的数字签名算法。需要说明的是,所述算法程序集合中包括多种数字签名算法。所述数字签名算法可以为SHA256、SHA384或SHA512等。所述数字签名操作可以为Hash操作。
本申请实施例利用数字签名算法对数字资产数据包执行hash操作,由于Hash操作的性质,对数字资产数据包执行hash操作后,生成的签名字符串是唯一值。例如,数字签名算法采用SHA256,数字资产数据包利用SHA256执行Hash操作后,得到256位的数字串,该数字串是唯一值。不同的数字资产数据包利用相同的数字签名算法进行Hash操作后,得到的签名字符串均不相同。所以,签名字符串可以用于验证数字资产数据包的真伪。
举例说明,当买方A想买取一幅画,当这幅画通过技术手段转换为以电子数据形式表达的数字资产后,得到数字资产数据包,利用SHA256数字签名算法进行数字签名操作,得到真实的签名字符串,该签名字符串是唯一的。卖方B声称自己拥有此幅画,当卖方B所示的画转换为数字资产数据包后,利用SHA256数字签名算法进行数字签名操作,得到一组新的签名字符串。此时,判断真实的签名字符串与新的签名字符串是否相同,如果相同,则说明卖方B是画的真正所有者;如果不相同,则说明卖方B所出示的画是仿品,卖方B是冒充该幅画的所有者,卖方B不是该幅画的真正所有者,所以买方A不可与卖方B交易。由于签名字符串的唯一性,所以签名字符串可以验证数字资产包的真伪。
采用非对称加密算法加密所述签名字符串和数字资产实体的链接地址,生成加密资产数据包;
由于数字资产实体的容量可能特别巨大,本申请采用容量较小的数字资产实体的链接地址,作为加密资产数据包的一部分,进而减少加密资产数据包的容量。
需要说明的是,根据所述数字资产实体的链接地址,可以确定数字资产实体的存放位置。在一种可能的实施方式中,所述数字资产数据包存储在客户端中,在另一种可能的实施方式中,预处理平台可以包括第三方服务器,所述数字资产数据包存储在第三方服务器中。所述数字资产数据包存储在第三方服务器中,可以减少数字资产数据包占据客户端的存储资源,避免造成客户端运行速度慢的情况发生。
本申请实施例中,非对称加密算法算法强度复杂、所以安全性极高。非对称加密算法存在两个密钥,包括公钥和私钥,公钥和私钥为不同的两个密钥,通过私钥将签 名字符串和数字资产实体的链接地址加密,得到加密资产数据包;在对加密资产数据包解密的过程中,利用的是公钥,公钥解密加密资产数据包,可以得到加密资产数据包中的签名字符串和数字资产实体的链接地址。
根据加密资产数据包和公钥,生成待认证资产包摘要,上传到区块链线程和第一数据接收单元。其中,区块链线程将接收到的数据上传至区块链网络,区块链网络具有去中心化、防篡改和抗抵赖的特性,所以将加密资产数据包和公钥组成的待认证资产包摘要上传到区块链网络,可以保证加密资产数据包中的数字资产实体的链接地址对应的数字资产实体不被篡改,以及及时得到记录。
本申请将待认证资产包摘要由客户端上传到数字资产认证平台,由于待认证资产包摘要由加密资产包和公钥组成,而加密资产包是由容量较小的数字资产实体的链接地址与签名字符串加密得到,所以,相比客户端直接上传数字资产实体到数字资产认证平台,将待认证资产包摘要上传到数字资产认证平台大幅减少占据的传输资源和存储资源。
实施例3:
请参阅图5,实施例2示出的技术方案中,所述数据认证单元23包括:与所述数据选择单元22的输出端相连接的著录项目审查线程23a,与所述著录项目审查线程23a的输出端相连接的实体认证单元23b以及与所述实体认证单元23b的输出端相连接的认证数字资产生成单元23c;
所述数据选择单元22,用于从第一数据库25中得到的需要按照优先级处理的待认证数据包摘要;
所述,著录项目审查线程23a,用于对待认证数据包摘要中的著录项目部分的数据进行审核;对于经审核的不合格数据项,给出虚拟的合格数据项的参考值及审查结果分析,继续逐项审核,直到所有著录项目部分的数据审核完毕;如果审核后的著录项目部分的数据中存在不合格数据项,通过信息反馈单元24将审核结果反馈给对应的客户端1;否则由实体认证单元23b继续对数据包中数字资产实体部分进行操作;
所述认证数字资产生成单元23c,根据认证后的数字资产实体和著录项目,生成认证数字资产。
通常情况下,客户端会有多次数据上传操作,当每次上传操作之后,会有两种审核结果:数据包在一些实施例中也称之为待认证数据包摘要或待认证数据通过审核或者未通过审核;如果未通过审核,需要用户在客户端上对未通过审核的数据包执行修改相关操作后,再次上传数据包;因此,对于每个独立的客户端而言,每一次所要上传的数据包不仅存在着数量巨大的问题,还存在着性质不同的问题,由于每个数据包包含的数据内容不同,并且其可能是首次上传,也可能是二次、三次以上次数上传,在上传时确定数据包的上传次序显得尤为重要。因此,本申请中数据选择单元的作用要确定数据包的类型,还要同时确定数据包上传的先后顺序。
确定数据包的类型,具体的,可以是根据对数据包的查验判断该数据包中包含的 数据类型,也可以是根据对数据包进行查验获取该数据包是否被上传过以及被上传过的次数等;根据数据包类型的不同,通过设置的规则将数据包进行重要性的划分、从而分出上传的先后性;例如,对于相同数据类型的数据包,如果经查验得知某一个数据包是曾被上传过但未通过审核的数据包,那么再次上传时可将该数据包优先于其他相同数据类型的数据包;对于均为首次上传,或者被上传次数相同的数据包,如果某一个数据包的重要性指标优于其他数据包,则也可在再次上传时将该数据包优先于其它数据包上传。
可以将所有待认证数据包按照优先级从高到低排序;在本实施例中,待认证数据包的优先级指的是对该待认证数据包的优先处理级别,在实际应用中,可以将优先级以数字、字母或其它形式表示,例如设置优先级别1级、2级、3级、……、n级,数字越大,优先级越高,越早对其进行审核;进一步的,当数据包的数量极为庞大时,为了使得所有数据包的优先级能够相互间有效区分,可以将优先级别以特定的数值或符号来表示。
对于优先级的制定依据,可以有多种,可以根据待认证数据包内容的重要性为依据进行制定,例如,跟交易、确权对象紧密相关的数据包对象规格、类型、图像、影像资料等将获得较高的优先级,而与交易、确权对象相关度不高的数据包流程号等将获得较低的优先级;又如,对于累计上传次数较多的数据包,可以认为是其内容较为重要,可以相应地指定较高的优先级;
优先级除了上述制定依据,还可以根据交易期限进行制定;例如,快到交易期限的数据包,将获得相对较高的优先级;具有相同或相似内容的数据包,交易期限较短的数据包将会获得比交易期限较长的数据包具有更高的优先级;对于上述两种优先级的制定依据,可以单独考虑,也可以合并考虑;并且,本申请实施例并不仅限于上述两种制定依据的组合,还可以采用其他可行的制定依据单独考虑或加以组合。
根据排序结果依次选择待认证数据包,并将其存储到一个先进先出的待处理队列;当所有待认证数据包均以不同优先级别进行了区分,在上传前就可以将所有待认证数据包根据优先级依次选择,具体的,此时会设置一个待处理数据包的先进先出的队列—即待处理队列,再由具有数据选择功能的结构单元按照优先级的高低依次将对应的待认证数据包存储至待处理队列中;其中待处理队列可以默认设置在数据选择单元中,也可以单独设置一个存储器承载待处理队列,采用数据选择单元执行数据存储操作;
参见图6,是对待认证数据包进行选择并存入的过程示意图;在选择要存入待处理队列的待认证数据包时,需要先根据待认证数据包的优先级级别,确定上传次序,例如,图10中待认证数据包B的优先级最高,将作为第一优先选择对象,待认证数据包C的优先级次之,将作为第二优先选择对象,待认证数据包A的优先级最低,将作为第三选择对象存入;此时,如果存在待认证数据包D,且其优先级位于待认证数据包B、C之间,则需要将待认证数据包D作为第二优先选择对象,将待认证数据包C、A顺次排在后面。在待处理队列中,先被选择进入的数据包排在队列的前面,在后续进行审核时,也先对队列前面的数据包进行操作,从而实现队列的先进先出。
实施例4:
通常,数字资产认证平台内部设置分类分发器、多个认证线程和认证数字资产生成单元。分类分发器根据数字资产对应的分类,将数字资产发送至相应的认证线程。每个线程认证对应类别的数字资产,最终,认证数字资产生成单元生成认证后的数字资产。然而,无论如何对数字资产进行分类,都会导致各个线程的数据处理流量和效率处于不平衡状态,从而降低整体认证的效率。
请参阅图7为了解决上述技术问题,本申请实施例示出的技术方案在实施例3示出的技术方案的基础上,所述实体认证单元23b包括:与所述录项目审查线程23a的输出端相连接的均衡分发器23b1,与所述输出端相连接的多个哈希线程23b2,与所述哈希线程23b2的输出端相连接的认证线程23b3,所述认证线程23b3的输出端与所述认证数字资产生成单元23c相连接,其中:
所述均衡分发器23b1,用于为哈希线程23b2分配数字资产实体及对应的登记码;
具体的,均衡分发器根据全局负载分配原则,为哈希线程23b2分配数字资产实体部分。全局负载分配原则可以通过判断各个哈希线程23b2的负载,决定哈希线程23b2的可用性判断来决定由哪个下次线程来提供服务,进而实现各个哈希线程23b2的均衡运转,所述负载可以包括CPU占用、带宽占用等数据。均衡分发器也可以通过轮询的方式实现全局负载分配原则。举例说明,数字资产认证处理平台中包括10个哈希线程分别为哈希线程1,哈希线程2,哈希线程3,哈希线程4……哈希线程10;均衡分发器将接收到的1-10的数字资产实体部分依次分发哈希线程1,哈希线程2,哈希线程3,哈希线程4……哈希线程10;然后将接收到的11-20的数字资产实体部分再次依次分发哈希线程1,哈希线程2,哈希线程3,哈希线程4……哈希线程10,以此类推。在具体应用的过程中,凡是能实现哈希线程全负载地使用的分配方式均在本申请实施例的保护范围内,在此由于篇幅有限编不一一介绍。
所述哈希线程23b2,用于按照数字签名算法计算所述数字资产实体的哈希值;
本申请实施例示出的技术方案通过哈希线程计算每个数字资产实体部分的哈希值。
哈希队列将接收到的数字资产实体部分,通过哈希算法变换成固定长度的输出哈希值,然后将哈希值与签名字符串相比较,如果一致,则认证成功,将认证成功的数据通过发送至认证队列盖时间戳。
所述认证线程23b3,用于以所述哈希值为认证对象,给出对应的时间戳;
所述认证数字资产生成单元23c,用于根据所述哈希值和时间戳生成包括认证码和登记码的认证数字资产。
本申请实施例示出的技术方案由于认证操作主要是为哈希值给出对应的时间戳,数据处理量很小。因此可采用多个哈希队列对应一个认证队列的设计方式。
所述认证数字资产生成单元,用于根据所述哈希值和时间戳生成包括认证码和登记码的认证数字资产。
申请是实施例示出一种数字资产认证处理平台,本申请实施例示出的技术方案,首先,根据全局负载分配原则,为哈希线程分配数字资产实体部分,保证所述数字资产实体部分均匀地分配到各个哈希线程,从而全负载地将哈希线程用于处理数字资产实体部分哈希值的计算。然后,通过认证线程,对所述哈希值进行认证,本申请实施例示出的技术方案由于认证操作主要是为哈希值给出对应的时间戳。本申请实施例示出的技术方案可保证全部的哈希线程同时在线计算数字资产实体部分的哈希值,进而保证数据处理流量和效率处于平衡状态,从而提高整体认证的效率。
实施例5:
为了提高数据认证的效率,本申请实施例示出的技术方案中,所述认证线程可以为多个。具体的,可以参阅图8,在实施例4示出的技术方案的基础上,所述认证线程可以为多个,在所述哈希线程与认证线程之间还设置有集中转发器;所述集中转发器23b4,用于存储哈希线程发送的哈希值,发送所述哈希值至认证线程。
本申请实施例示出的技术方案,通过设置多个认证线程来提高认证的效率,所述认证线程的数量可以与所述哈希线程的数量不同。同时,在所述哈希线程与认证线程22之间还设置有集中转发器。所述集中转发器,用于存储哈希线程发送的哈希值,发送所述哈希值至认证线程;采用集中转发器,可以避免哈希线程向认证线程数据传输过程中数据阻塞的问题的出现。
实施例6:
在实施例5示出的技术方案的基础上,所述集中转发器为认证队列;具体的,可以继续参阅图8,所述认证队列,还用于根据认证空闲容量是否小于等于预置容量,控制认证线程的启动与关闭,所述认证空闲容量为认证队列的空余容量。
认证线程主要用于对所述哈希值进行认证,本申请实施例示出的技术方案由于认证操作主要是为哈希值给出对应的时间戳,数据处理量很小,因此对每个哈希值的认证所需的时间相对固定。哈希线程主要用于计算数字资产实体部分的哈希值;其中,数字资产实体部分包括:文字作品类、影视作品类等,由于内容的不同,数字资产数据包的大小和文件格式也有差异,因此,哈希线程对数字资产实体部分哈希值的计算速率也不同,对每个数字资产实体部分哈希值的计算所需的时间相对不固定。在此情况下,如果将开启的哈希线程的数量与开启的认证线程的数量固化,势必会造成资源的浪费。
为了解决上述问题,本申请实施例示出的技术方案所述认证队列,用于根据认证空闲容量是否小于等于预置容量,控制认证线程的启动与关闭,所述认证空闲容量为认证队列的空余容量。通过认证队列,控制认证线程的启动与关闭,可以达到认证线程资源的最大化利用。
举例说明:
数字资产认证处理平台包括:20个哈希线程和10个认证线程。在一时间段内,启动的哈希线程为20个,启动的认证线程为5个。在这段时间内,哈希线程处理的数 字资产实体部分多为影视文件,相应的,哈希线程计算所述影视文件的哈希值所耗费的时间较长。认证队列中有18个哈希值在排队,在此情况下,认证线程的认证空闲容量始终大于预置容量,此时,持续保持5个认证线程开启的状态。在另一时间段内,哈希线程处理的数字资产实体部分多为专利,相应的,哈希线程23b2计算所述影视文件的哈希值所耗费的时间较短。认证队列中有35-40和哈希值在排队等待认证,在此情况下,认证线程的认证空闲容量小于预置容量,此时,认证线程控制其余的认证线程开启。在另一时间段内,认证线程的认证空闲容量小于预置容量,此时,认证线程还可以控制的认证线程的关闭。
可见,本申请实施例示出的技术方案,认证队列,根据认证空闲容量是否小于等于预置容量,控制认证线程的启动与关闭,以达到认证线程资源的最大化利用。
实施例7:
由于哈希线程用于计算数字资产的哈希值,对于一些影视作品类的数字资产,计算数字资产的哈希值需要耗费大量的时间,在此情况下,如持续的向哈希队列输送数字资产,识别会造成,哈希队列数据的阻塞。为了解决上述的技术问题,本申请实施例示出的技术方案在实施例6示出的技术方案的基础上在均衡分发器23b1与所述哈希线程23b2之间还设置有哈希队列23b5;所述哈希队列23b5,用于按照FIFO方式存储均衡分发器输出的包括实体部分的数字资产及对应的登记码,以及按照FIFO方式为哈希线程23b2存储的数字资产及对应的登记码。
其中,所述哈希队列与所述哈希线程一一对应。具体的,可以参阅图9。图9中,所述哈希队列,用于按照FIFO方式存储均衡分发器输出的包括实体部分的数字资产及对应的登记码,以及按照FIFO方式为哈希线程存储的数字资产及对应的登记码。采用哈希队列,可以避免均衡分发器向哈希线程数据传输过程中数据阻塞的问题的出现。
在一可行性实施例中,所述哈希队列,还用于实时的发送哈希空余容量至均衡分发器,所述哈希空余容量为哈希队列的空余容量;所述均衡分发器,还用于根据所述哈希空余容量,为哈希队列分配数字资产实体部分。
所述哈希队列的空余容量可以是空余容量,主要是剩余内存,剩余内存最多哈希队列可以提供更多的内存空间和计算资源。哈希队列可以每间隔预置时间发送哈希空余容量至均衡分发器。均衡分发器根据所述哈希空余容量,为哈希队列分配数字资产实体部分。哈希队列也可以实时的发送哈希空余容量至均衡分发器。均衡分发器根据所述哈希空余容量,为哈希队列分配数字资产实体部分。下面结合具体的实例,对是数字资产实体部分的分配情况作以详细的说明。
哈希线程可以每间隔预置时间向均衡分发器发送哈希空余容量。在此条件下,均衡分发器可以筛选出哈希空余容量大于预置空余容量的哈希队列作为待分配哈希队列。均衡分发器持续将接收到的数字资产实体部分分发至待分配哈希队列。举例说明:对于一数字资产认证处理平台包括:10个哈希线程和10个哈希队列,分别为:哈希线程1,哈希线程2,哈希线程3,哈希线程4……哈希线程10;哈希队列1,哈希队列2,哈希队列3,哈希队列4……哈希队列10。在作业的过程中,哈希队列1,哈希队 列2,哈希队列3,哈希队列4……哈希队列10每间隔预置时间向均衡分发器发送自身的哈希空余容量每个哈希队列对应的哈希空余容量。在某一时间点各个哈希队列对应的哈希空余容量如表1所示。在本实施例中,预置空余容量为8G。均衡分发器,确定待分配哈希队列为哈希队列2,哈希队列4,哈希队列5,哈希队列6和哈希队列10。在下一个时间段内均衡分发器持续将接收到的数字资产实体部分分发至待分哈希队列2,哈希队列4,哈希队列5,哈希队列6和哈希队列10。依次动态的为哈希队列分配数字资产实体部分。
表1:
哈希队列 | 空余容量 |
哈希队列1 | 5.8G |
哈希队列2 | 10.8G |
哈希队列3 | 2.4G |
哈希队列4 | 9.6G |
哈希队列5 | 8.4G |
哈希队列6 | 9.4G |
哈希队列7 | 5.2G |
哈希队列8 | 5.8G |
哈希队列9 | 3.6G |
哈希队列10 | 12.5G |
在一可行性实施例中,哈希线程23b2可以实时的向均衡分发器发送哈希空余容量。在此情况下,均衡分发器可以实时的将接收到的哈希空余容量进行排序,筛选出产生最大哈希空余容量的希队列作为待分配哈希队列。在这个时间点均衡分发器将接收到的数字资产实体部分分发至待分配哈希队列。举例说明:对于一数字资产认证处理平台包括:10个哈希线程和10个哈希队列。分别为:哈希线程1,哈希线程2,哈希线程3,哈希线程4……哈希线程10;哈希队列1,哈希队列2,哈希队列3,哈希队列4……哈希队列10。在作业的过程中,哈希队列1,哈希队列2,哈希队列3,哈希队列4……哈希队列10实时的向均衡分发器发送自身的哈希空余容量每个哈希队列对应的哈希空余容量,在某一时间点各个哈希队列对应的哈希空余容量可以继续参阅表1中的数据。在本实施例中,均衡分发器,确定待分配哈希队列为哈希队列10。均衡分发器将接收到的数字资产实体部分分发至待分哈希队列10。依次动态的为哈希队列分配数字资产实体部分。
可见,本申请实时示出的技术方案,均衡分发器根据所述哈希空余容量,动态的为哈希队列分配数字资产实体部分,以达到哈希队列和哈希线程23b2资源的最大化利用。
实施例8:
请参阅图10,所述著录项目审查线程23a包括:与所述数据选择单元22的输出端相连接的正常审查线程23a1和与所述正常审查线程23a1的输出端相连接的虚拟审查线程23a3,其中:
所述正常审查线程23a1,用于从待认证数据包中选择著录项目部分的数据,逐项进行审核,如果存在不合格数据项,则将审查操作移交给虚拟审查线程23a2,否则由实体认证单元23b继续对数字资产实体部分进行操作;
所述虚拟审查线程23a2,用于继续逐项审核,直到所有著录项目部分的数据审核完毕,通过信息反馈单元24将审核结果反馈给对应的客户端1。
正常审查线程,用于从待认证数据包中选择著录项目部分的数据,逐项进行审核,如果存在不合格数据项,则将审查操作移交给虚拟审查线程23a2。
正常审查线程,用于对著录项目逐项进行审核,数据数据处理量较大,在审核的过程中,还包括一些审核不通过项,为了分担正常审查线程的数据处理量,本申请实施例示出的技术方案设置有虚拟审查线程。如果正常审查线程发现不合格数据项,则将审查操作移交给虚拟审查线程。为了便于用户快速执行修改操作,虚拟审查线程需要对不合格数据项给出相应的合格数据项的参考值,以及给出审查结果分析,其中,审查结果分析的内容可以包括不合格项的位置,即位于哪个数据包,产生不合格项的初步原因分析以及修改建议等等。例如,当发现某一数据包审核结果为:权利人姓名错误,则给出的虚拟的合格数据项的参考值以及审查结果分析可以表示为“审查结果:不通过;不通过原因:存在错别字;原因分析:同音误输入;合格项参考值:章三;修改建议:将‘张三’改为‘章三’”;需要说明的是,上述各项分析结果均存在多种其它可能,在本实施例中并不作限制,并且,对于结果分析的表述方式可以为图表、信息条等多种。
本申请实施例示出的技术方案虚拟审查线程,对注入项目部分的所有项审核后,数字资产包对中包含的全部问题项反馈给客户端。举例说明,对任意一个客户端,假设其上传了五个待认证数据包,分别为数据包A-G,当系统执行审核过程后,经统计得出,存在不合格项的数据包为数据包B和数据包G,并且,在反馈给客户端的审核结果中可查看具体的审核结果分析内容;而审核结果中不包括不合格数据项的数据包A/C/D则被认为通过了审核,可以继续对数据包中的数字资产实体部分进行操作;由于本申请是将审查结果按客户端为单位一次性集中反馈,从而可以避免发现一处不合格项就提示用户改正造成审核效率低的问题;
可见,本申请实施例示出的技术方案,设置有虚拟审查线程,所述虚拟审查线程,对不合格数据项给出相应的合格数据项的参考值,以及给出审查结果分析。一方面,参考值可以便于用户快速执行修改操作。另一方面,所述虚拟审查线程可以分担正常审查线程的数据处理量。
实施例9:
请参阅图11,所述数据选择单元22包括与所述第一数据库25的输出端相连接的审核次数判断单元22a与审核次数判断单元22a的输出端相连接的特殊处理队列22b;
所述审核次数判断单元223,用于设置数据审核次数阈值;如果待认证数据包经一次审核未通过,统计其经审核的总次数,若总次数小于或等于所述数据审核次数阈值,则由选择单元222上调其再次上传时的优先级;若总次数大于所述数据审核次数阈值,则将该待认证数据包移至特殊处理队列224。
在实施例8示出的技术方案中,如果数据包经过多次上传均未能通过审核,继续进行上传并不能有效提升其通过审核的概率,反而会占用系统审核数据空间,影响审核效率;
为了解决上述技术问题,本申请实施例示出的技术方案在数据选择单元中设置审核次数判断单元。其中所述审核次数判断单元呗配置为设置数据审核次数阈值;数据审核次数阈值可由T表示,T的取值可预先设定,例如取T=3,代表最大允许审核次数为三次。
如果待认证数据包经一次审核未通过,统计其经审核的总次数,总次数可由t表示,t为大于零的整数;若总次数小于或等于所述数据审核次数阈值,即t≤T,则上调其再次上传时的优先级,将其存入再次上传时的待处理队列。
若总次数大于所述数据审核次数阈值,即t>T时,则将该待认证数据包移至特殊处理队列;在本实施例中,特殊处理队列用于存储多次上传均不合格的数据包,并集中对这类数据包进行处理操作,具体的处理操作过程在本实施例中不作限制;需要说明的是,特殊处理队列与待处理队列之间相互不影响,与待处理队列相同,特殊处理队列同样可以默认设置在数据选择单元中,也可以设置在承载待处理队列的存储器内,采用数据选择单元执行数据存储操作。
上述步骤过程,可由图12具体说明,当预设数据审核次数阈值T=3时,即最大允许审核次数为三次,当数据包经过第一次审核后不通过,在第二次上传时,判断此时的t=2<T,此时上传的数据包将获得比初次审核较高的优先级;当数据包经过第二次审核后不通过,在第三次上传时,判断此时的t=3=T,同样的,上传的数据包将获得比第二次审核更高的优先级;当数据包经过第三次审核后不通过,此时若再想上传,此时t=4>T,此时上传的数据包将被存入特殊处理队列。
本发明实施例还提供一种存储介质,所述存储介质中存储有计算机程序,所述计算机程序被处理器执行时实现本发明提供的显示装置的控制方法的各实施例中的部分或全部步骤。所述的存储介质可为磁碟、光盘、只读存储记忆体英文:Read-Only Memory,简称:ROM或随机存储记忆体英文:Random Access Memory,简称:RAM等。
本领域的技术人员可以清楚地了解到本发明实施例中的技术可借助软件加必需的通用硬件平台的方式来实现。基于这样的理解,本发明实施例中的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品可以存储在存储介质中,如ROM/RAM、磁碟、光盘等,包括若干指令用以使得一台计算机设备可以是个人计算机,服务器,或者网络设备等执行本发明各个实施例或者实 施例的某些部分所述的方法。
本说明书中各个实施例之间相同相似的部分互相参见即可。尤其,对于显示器控制装置实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例中的说明即。
Claims (9)
- 一种数字资产认证处理系统,包括:客户端(1),数字资产认证平台(2),其中,所述数字资产认证平台包括:与所述客户端(1)的输出端相连接的第一数据接收单元(21),与所述第一数据接收单元(21)的输出端相连接的第一数据库(25),与所述第一数据库(25)的输出端相连接的数据选择单元(22),与所述数据选择单元(22)的输出端相连接的数据认证单元(23)以及与所述数据认证单元(23)的输出端相连接的信息反馈单元(24),其特征在于,所述数字资产认证平台还包括:区块链线程(27),所述线程的输入端与所述客户端(1)的输入端,所述第一数据接收单元(21)的输入端,所述数据选择单元(22)的输入端,所述数据认证单元(23)的输入端连接,其中:所述区块链线程(27),用于接收所述客户端(1),第一数据接收单元(21),数据选择单元(22),和所述数据认证单元(23)上传的数据,将所述数据发送到区块链网络。
- 根据权利要求1所述的系统,其特征在于,还包括与所述客户端(1)的输出端相连接的预处理平台(3),其中,所述预处理平台包括:与所述客户端(1)的输出端相连接的第二数据接收单元(31),与所述数据接收单元(31)的输出端相连接的加密包生成单元(32)以及与所述加密包生成单元(32)的输出端相连接的摘要生成单元(33),所述摘要生成单元(33)的输出端与所述第一数据接收单元(21)相连接,其中:所述第二数据接收单元(31),用于接收数字资产数据包,利用确定的数字签名算法对数字资产数据包执行数字签名操作,生成签名字符串,其中,所述数字资产数据包包括数字资产实体和著录项目;所述加密包生成单元(32),用于采用非对称加密算法加密所述签名字符串、著录项目和数字资产实体的链接地址,生成加密资产数据包;所述摘要生成单元(33),用于根据加密资产数据包和公钥,生成待认证资产包摘要,上传到区块链网络和数字资产认证平台。
- 根据权利要求2所述的系统,其特征在于,所述数据认证单元(23)包括:与所述数据选择单元(22)的输出端相连接的著录项目审查线程(23a),与所述著录项目审查线程(23a)的输出端相连接的实体认证单元(23b)以及与所述实体认证单元(23b)的输出端相连接的认证数字资产生成单元(23c);所述数据选择单元(22),用于从第一数据库(25)中得到的需要按照优先级处理的待认证数据包摘要;所述,著录项目审查线程(23a),用于对待认证数据包摘要中的著录项目部分的数据进行审核;对于经审核的不合格数据项,给出虚拟的合格数据项的参考值及审查结果分析,继续逐项审核,直到所有著录项目部分的数据审核完毕;如果审核后的著录项目部分的数据中存在不合格数据项,通过信息反馈单元(24)将审核结果反馈给对应的客户端(1);否则由实体认证单元(23b)继续对数据包中数字资产实体部分进行操作;所述认证数字资产生成单元(23c),根据认证后的数字资产实体和著录项目,生成认证数字资产。
- 根据权利要求3所述的系统,其特征在于,所述实体认证单元(23b)包括:与所述录项目审查线程(23a)的输出端相连接的均衡分发器(23b1),与所述输出端相连接的多个哈希线程(23b2),与所述哈希线程(23b2)的输出端相连接的认证线程(23b3),所述认证线程(23b3)的输出端与所述认证数字资产生成单元(23c)相连接,其中:所述均衡分发器(23b1),用于为哈希线程(23b2)分配数字资产实体及对应的登记码;所述哈希线程(23b2),用于按照数字签名算法计算所述数字资产实体的哈希值;所述认证线程(23b3),用于以所述哈希值为认证对象,给出对应的时间戳;所述认证数字资产生成单元(23),用于根据所述哈希值和时间戳生成包括认证码和登记码的认证数字资产。
- 根据权利要求4所述的系统,其特征在于,所述认证线程(23b3)为多个,在所述哈希线程(23b2)与认证线程(23b3)之间还设置有集中转发器(23b4);所述集中转发器(23b4),用于将哈希线程(23b2)输出的哈希值,均匀分配给所述认证线程(23b3)。
- 根据权利要求5所述的系统,其特征在于,所述集中转发器(23b4)为认证队列(23b41);所述认证队列(23b41),用于按照FIFO方式存储哈希线程输出的哈希值,以及将以FIFO方式输出的哈希值均匀分配给认证线程。
- 根据权利要求6所述的系统,其特征在于,在均衡分发器(23b1)与所述哈希线程(23b2)之间还设置有哈希队列(23b5);所述哈希队列(23b5),用于按照FIFO方式存储均衡分发器输出的包括实体部分的数字资产及对应的登记码,以及按照FIFO方式为哈希线程(23b2)存储的数字资产及对应的登记码。
- 根据权利要求7所述的系统,其特征在于,所述著录项目审查线程(23)包括:与所述数据选择单元(22)的输出端相连接的正常审查线程(23a1)和与所述正常审查线程(23a1)的输出端相连接的虚拟审查线程(23a3),其中:所述正常审查线程(23a1),用于从待认证数据包中选择著录项目部分的数据,逐项进行审核,如果存在不合格数据项,则将审查操作移交给虚拟审查线程(23a2),否则由实体认证单元(23b)继续对数字资产实体部分进行操作;所述虚拟审查线程(23a2),用于继续逐项审核,直到所有著录项目部分的数据审核完毕,通过信息反馈单元(24)将审核结果反馈给对应的客户端(1)。
- 根据权利要求8所述的系统,其特征在于,所述数据选择单元(22)包括与所述第一数据库(25)的输出端相连接的审核次数判断单元(22a)与审核次数判断单元(22a)的输出端相连接的特殊处理队列(22b);所述审核次数判断单元(223),用于设置数据审核次数阈值;如果待认证数据包经一次审核未通过,统计其经审核的总次数,若总次数小于或等于所述数据审核次数阈值,则由选择单元(222)上调其再次上传时的优先级;若总次数大于所述数据审核次数阈值,则将该待认证数据包移至特殊处理队列(224)。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910657337.2 | 2019-07-19 | ||
CN201910657337.2A CN112241515A (zh) | 2019-07-19 | 2019-07-19 | 一种数字资产认证处理系统 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2021012814A1 true WO2021012814A1 (zh) | 2021-01-28 |
Family
ID=74167906
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2020/094358 WO2021012814A1 (zh) | 2019-07-19 | 2020-06-04 | 一种数字资产认证处理系统 |
Country Status (3)
Country | Link |
---|---|
CN (1) | CN112241515A (zh) |
FR (1) | FR3099329A1 (zh) |
WO (1) | WO2021012814A1 (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114266576A (zh) * | 2022-02-28 | 2022-04-01 | 环球数科集团有限公司 | 一种元宇宙数字资产的交易系统 |
CN118282745A (zh) * | 2024-04-08 | 2024-07-02 | 中国人民解放军61660部队 | 一种基于网络协同机制的主机入侵指标检测方法 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107566116A (zh) * | 2017-06-15 | 2018-01-09 | 中国银联股份有限公司 | 用于数字资产确权登记的方法及装置 |
CN108154048A (zh) * | 2016-12-02 | 2018-06-12 | 北京金股链科技有限公司 | 资产信息处理方法和装置 |
CN109446259A (zh) * | 2018-10-24 | 2019-03-08 | 北京慧流科技有限公司 | 数据处理方法及装置、处理机及存储介质 |
CN109859046A (zh) * | 2019-01-30 | 2019-06-07 | 威海华智数字经济研究院有限公司 | 一种基于区块链技术大数据智慧运营管理系统 |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000222360A (ja) * | 1999-02-01 | 2000-08-11 | Matsushita Electric Ind Co Ltd | 認証方法、認証システム及び認証処理プログラム記録媒体 |
CN104166589A (zh) * | 2013-05-17 | 2014-11-26 | 阿里巴巴集团控股有限公司 | 一种心跳包的处理方法和装置 |
CN107196900B (zh) * | 2017-03-24 | 2020-04-24 | 创新先进技术有限公司 | 一种共识校验的方法及装置 |
CN107241279A (zh) * | 2017-06-22 | 2017-10-10 | 北京天德科技有限公司 | 一种基于多级缓冲队列的区块链交易限流方法 |
EP3454523B1 (en) * | 2017-09-08 | 2021-03-31 | FTR Labs Pty Ltd | Method and system for verifying a recording |
CN109523375A (zh) * | 2017-09-20 | 2019-03-26 | 成都高新信息技术研究院 | 一种去中心化资产交易方法与系统 |
US10878248B2 (en) * | 2017-10-26 | 2020-12-29 | Seagate Technology Llc | Media authentication using distributed ledger |
-
2019
- 2019-07-19 CN CN201910657337.2A patent/CN112241515A/zh active Pending
-
2020
- 2020-06-04 WO PCT/CN2020/094358 patent/WO2021012814A1/zh active Application Filing
- 2020-07-17 FR FR2007542A patent/FR3099329A1/fr not_active Withdrawn
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108154048A (zh) * | 2016-12-02 | 2018-06-12 | 北京金股链科技有限公司 | 资产信息处理方法和装置 |
CN107566116A (zh) * | 2017-06-15 | 2018-01-09 | 中国银联股份有限公司 | 用于数字资产确权登记的方法及装置 |
CN109446259A (zh) * | 2018-10-24 | 2019-03-08 | 北京慧流科技有限公司 | 数据处理方法及装置、处理机及存储介质 |
CN109859046A (zh) * | 2019-01-30 | 2019-06-07 | 威海华智数字经济研究院有限公司 | 一种基于区块链技术大数据智慧运营管理系统 |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114266576A (zh) * | 2022-02-28 | 2022-04-01 | 环球数科集团有限公司 | 一种元宇宙数字资产的交易系统 |
CN114266576B (zh) * | 2022-02-28 | 2022-05-24 | 环球数科集团有限公司 | 一种元宇宙数字资产的交易系统 |
CN118282745A (zh) * | 2024-04-08 | 2024-07-02 | 中国人民解放军61660部队 | 一种基于网络协同机制的主机入侵指标检测方法 |
Also Published As
Publication number | Publication date |
---|---|
FR3099329A1 (fr) | 2021-01-29 |
CN112241515A (zh) | 2021-01-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108683747B (zh) | 资源获取、分发、下载方法、装置、设备及存储介质 | |
US10523675B2 (en) | Remote direct memory access authorization | |
US12032558B2 (en) | Blockchain maintenance method and apparatus, server, and computer-readable storage medium | |
WO2020258912A1 (zh) | 一种区块链共识方法、装置和系统 | |
US11611636B2 (en) | Quality of service in a distributed system | |
US20180062852A1 (en) | Systems and methods for secure collaboration with precision access management | |
US20170235970A1 (en) | Scalable data verification with immutable data storage | |
US20180101848A1 (en) | System for managing a virtual private ledger and distributing workflow of authenticated transactions within a blockchain distributed network | |
US12118538B2 (en) | Method for routing to mesh network content utilizing blockchain technology | |
KR20200107769A (ko) | 트랜잭션 데이터를 처리를 위해 블록체인 시스템에 제공하기 위한 방법 및 디바이스 | |
WO2021012814A1 (zh) | 一种数字资产认证处理系统 | |
WO2021012643A1 (zh) | 用于对象分发处理的方法、装置及系统 | |
US11086701B2 (en) | Master control plane for infrastructure and application operations | |
US10326833B1 (en) | Systems and method for processing request for network resources | |
US11966460B2 (en) | Facilitating generation of credentials and verification thereof within a distributed object storage system | |
US11741249B2 (en) | High performance tokenization platform for sensitive data | |
US20220294627A1 (en) | Provisional authentication of a new device added to an existing trust group | |
CN115589298B (zh) | 区块链的信息验证方法、装置和系统、设备、介质 | |
NL2026292B1 (en) | System for processing digital asset authentication | |
US9294447B2 (en) | Access control | |
WO2021012813A1 (zh) | 一种数字资产认证处理平台及方法 | |
CN115544170B (zh) | 基于区块链的数据托管方法和装置、电子设备、介质 | |
CN114866337B (zh) | 共享数据审计方法及其装置、设备、存储介质和程序产品 | |
CN106470107A (zh) | 一种消息安全管控方法、装置和系统 | |
CN116391197A (zh) | 优化区块链网络上的数据交易和验证 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 20845075 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 20845075 Country of ref document: EP Kind code of ref document: A1 |