WO2022000134A1 - Business data protection method and system based on supply chain management - Google Patents

Business data protection method and system based on supply chain management Download PDF

Info

Publication number
WO2022000134A1
WO2022000134A1 PCT/CN2020/098563 CN2020098563W WO2022000134A1 WO 2022000134 A1 WO2022000134 A1 WO 2022000134A1 CN 2020098563 W CN2020098563 W CN 2020098563W WO 2022000134 A1 WO2022000134 A1 WO 2022000134A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
private key
request
file
supply chain
Prior art date
Application number
PCT/CN2020/098563
Other languages
French (fr)
Chinese (zh)
Inventor
李宝珠
朱浩冰
吕伟康
周英
Original Assignee
天津理工大学
深圳前海益链网络科技有限公司
天津工业大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 天津理工大学, 深圳前海益链网络科技有限公司, 天津工业大学 filed Critical 天津理工大学
Priority to PCT/CN2020/098563 priority Critical patent/WO2022000134A1/en
Publication of WO2022000134A1 publication Critical patent/WO2022000134A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Definitions

  • the invention relates to the field of supply chain management, in particular to a business data protection method and system based on supply chain management.
  • the authority involved in supply chain management is intricate.
  • the private key management and storage system of each merchant in the supply chain are basically centralized, and the private key is easy to be stolen.
  • blockchain is an Internet database. technology, which is characterized by decentralization, openness and transparency. It was originally the underlying technology of Bitcoin and is now widely used in finance and other fields.
  • the purpose of the present invention is to provide a commercial data protection method and system based on supply chain management, which can solve the problem of safe storage of user private keys and addresses, and avoid the situation that account information is threatened due to storage in a centralized system, The security of user account information is more secure.
  • the present invention provides the following scheme:
  • a supply chain management-based approach to business data protection including:
  • the method further includes:
  • the local server file includes file header information, version information, account information, address information, generation time information, and data encryption technology identification information.
  • the localized deployment of the responding business server specifically includes:
  • encrypting the request data and the operation data to generate a private key ciphertext specifically includes:
  • writing the private key ciphertext into a local server file or database specifically includes:
  • the private key ciphertext is encoded by custom rules and/or base64, it is written into a local server file or database through a program call.
  • a business data protection system based on supply chain management including:
  • the localized deployment module is used for localized deployment of the responding business server
  • the data request response module is used to respond to the business data request and obtain the request data
  • the operation data acquisition module is used to operate the data that needs to be calculated in the business request, and obtain the operation data;
  • an encryption module for encrypting the request data and the operation data to generate a private key ciphertext
  • the ciphertext writing module is used to write the ciphertext of the private key into a local server file or database.
  • the product transaction request response module is used to obtain the key file or data from the user's local server in response to the supplier's product transaction request;
  • a private key ciphertext determination module used for parsing the key file or the data in the file to determine the private key ciphertext
  • the decryption module is configured to decrypt the private key ciphertext according to the password input by the user, and obtain the private key for transaction.
  • the localized deployment module specifically includes:
  • the localization deployment unit is used to compile the background responder into a shared library of xx.so and deploy it to the client's own server.
  • the encryption module specifically includes:
  • An encryption unit configured to perform RSA asymmetric encryption on the request data and the operation data to generate a private key ciphertext.
  • the present invention discloses the following technical effects:
  • the present invention provides a business data protection method based on supply chain management.
  • a responding business server By deploying a responding business server locally, responding to a business data request, encrypting the request and the post-operation data to generate a private key ciphertext;
  • the ciphertext is written into the local server file or database, which solves the problem of safe storage of user private keys and addresses, avoids the threat of account information theft due to storage in a centralized system, and ensures the security of user account information. .
  • Fig. 1 is the flow chart of the commercial data protection method based on supply chain management of the present invention
  • FIG. 2 is a structural diagram of a commercial data protection system based on supply chain management of the present invention.
  • the purpose of the present invention is to provide a commercial data protection method and system based on supply chain management, which can solve the problem of safe storage of user private keys and addresses, and avoid the threat of account information being stolen due to being stored in a centralized system. , which is more secure for the security of user account information.
  • Fig. 1 is a flow chart of the commercial data protection method based on supply chain management of the present invention.
  • a business data protection method based on supply chain management includes:
  • Step 101 Perform localized deployment on the responding business server, specifically including:
  • Step 102 In response to the service data request, the request data is obtained.
  • Step 103 Compute the data to be calculated by the service request, and obtain the operation data.
  • Step 104 Encrypt the request data and the operation data to generate a private key ciphertext, which specifically includes:
  • the ciphertext of the private key is in the hands of the customer, and the data cannot be parsed without the ciphertext of the private key, and the risk of data theft is guaranteed on a single machine.
  • Step 105 Write the private key ciphertext into a local server file or database, specifically including:
  • the private key ciphertext is encoded by custom rules and/or base64, it is written into a local server file or database through a program call.
  • the local server file includes file header information, version information, account information, address information, generation time information, and data encryption technology identification information.
  • Step 106 In response to the supplier's product transaction request, obtain the key file or data from the user's local server;
  • Step 107 Parse the key file or the data in the file, and determine the private key ciphertext
  • Step 108 Decrypt the ciphertext of the private key according to the password input by the user, and obtain the private key for transaction.
  • FIG. 2 is a structural diagram of a commercial data protection system based on supply chain management of the present invention.
  • a business data protection system based on supply chain management includes:
  • the localized deployment module 201 is configured to perform localized deployment on the responding service server.
  • the data request response module 202 is used for responding to the service data request to obtain the request data.
  • the operation data acquisition module 203 performs operation on the data required to be calculated by the service request, and acquires operation data.
  • the encryption module 204 is configured to encrypt the request data and the operation data to generate a private key ciphertext.
  • the ciphertext writing module 205 is used for writing the ciphertext of the private key into a local server file or database.
  • the commercial data protection system based on supply chain management includes a localization deployment module 201 , a data request response module 202 , an operation data acquisition module 203 , an encryption module 204 and a ciphertext writing module 205 .
  • a localization deployment module 201 includes a data request response module 202 , a data request response module 202 , an operation data acquisition module 203 , an encryption module 204 and a ciphertext writing module 205 .
  • it also includes:
  • the product transaction request response module 206 is configured to obtain the key file or data from the user's local server in response to the supplier's product transaction request.
  • the private key ciphertext determining module 207 is configured to parse the key file or the data in the file, and determine the private key ciphertext;
  • the decryption module 208 is configured to decrypt the ciphertext of the private key according to the password input by the user, and obtain the private key for transaction.
  • the localized deployment module 201 specifically includes:
  • the localization deployment unit is used to compile the background responder into a shared library of xx.so and deploy it to the client's own server.
  • the encryption module 204 specifically includes:
  • An encryption unit configured to perform RSA asymmetric encryption on the request data and the operation data to generate a private key ciphertext.
  • the data structure stored in the file in the embodiment of the present invention includes file header information (head), address information (address), file version information (vertion), account information (id), file generation time information (time), and data encryption technology identification information (DID); detailed as follows:
  • the supply chain-based commercial data protection method and system provided by the present invention encrypts the private key through the generated private key and address, generates the private key ciphertext, and generates the private key ciphertext according to the address, file header information, private key ciphertext, version Information, account information, file generation time information, and data encryption technology identification information are written into the file, and the file is stored on the local server for use in transactions, which greatly improves the security of supplier transactions and ensures the security of user account information. ; Solve the problem of secure storage of private keys and addresses of upstream and downstream merchants in the supply chain.

Abstract

A business data protection method and system based on supply chain management. The method comprises: deploying locally a responding service server (101); acquiring requested data in response to a service data request (102); performing an operation on data required by the service request to calculate so as to obtain operation data (103); encrypting the request data and the operation data to generate a private key ciphertext (104); and writing the private key ciphertext into a local server file or a database (105). The method and system can solve the problem of secure storage of a user's private key and address, prevents the threat of account information stored in a centralized system being stolen, and improves the safety guarantee of the user's account information.

Description

一种基于供应链管理的商业数据保护方法及系统A business data protection method and system based on supply chain management 技术领域technical field
本发明涉及供应链管理领域,特别是涉及一种基于供应链管理的商业数据保护方法及系统。The invention relates to the field of supply chain management, in particular to a business data protection method and system based on supply chain management.
背景技术Background technique
供应链管理涉及到的权限错综复杂,供应链各商户的私钥管理、存储系统基本都是中心化的方式,私钥容易被盗,区块链作为分布式账本的一种,是一种互联网数据库技术,其特点是去中心化、公开透明。最早是比特币的底层技术,目前广泛应用于金融等领域。The authority involved in supply chain management is intricate. The private key management and storage system of each merchant in the supply chain are basically centralized, and the private key is easy to be stolen. As a kind of distributed ledger, blockchain is an Internet database. technology, which is characterized by decentralization, openness and transparency. It was originally the underlying technology of Bitcoin and is now widely used in finance and other fields.
2018年十大数据泄露事件盘点:脸书、A站、圆通、顺丰等数据被盗。Facebook:8700万用户数据泄露;ACFUN:900万条用户数据泄露;华住旗下多个连锁酒店:2.4亿入住记录泄露;万豪喜达屋:5亿客户的用户信息泄露;圆通:10亿条用户信息数据被出售;顺丰:3亿条用户信息数据被出售;前程无忧:195万条个人求职简历泄露;Under Armour:1.5亿用户信息泄露;MyHeritage:9200万用户信息泄露;Panera Bread:3700万用户信息泄露;之所以发生这些事件,是中心化系统内生的安全性所导致,将用户的私钥和地址都存储在一个中心化的系统中,一旦系统被攻破,则所有用户的账号安全都会受到威胁。Inventory of the top ten data leakage incidents in 2018: Facebook, A station, Yuantong, SF Express and other data were stolen. Facebook: 87 million user data leaked; ACFUN: 9 million user data leaked; Huazhu’s multiple hotel chains: 240 million check-in records leaked; Marriott Starwood: 500 million customer user information leaked; YTO: 1 billion user information data Sold; SF Express: 300 million user information data was sold; 55.5 million CVs leaked; Under Armour: 150 million user information leaked; MyHeritage: 92 million user information leaked; Panera Bread: 37 million user information Leaks; these incidents are caused by the inherent security of the centralized system. The user's private key and address are stored in a centralized system. Once the system is compromised, the account security of all users will be affected. threaten.
发明内容SUMMARY OF THE INVENTION
本发明的目的是提供一种基于供应链管理的商业数据保护方法及系统,够解决用户私钥和地址的安全存储问题,避免出现因存储于中心化的系统而造成账户信息受到威胁的情况,对用户账户信息安全更有保障。The purpose of the present invention is to provide a commercial data protection method and system based on supply chain management, which can solve the problem of safe storage of user private keys and addresses, and avoid the situation that account information is threatened due to storage in a centralized system, The security of user account information is more secure.
为实现上述目的,本发明提供了如下方案:For achieving the above object, the present invention provides the following scheme:
一种基于供应链管理的商业数据保护方法,包括:A supply chain management-based approach to business data protection, including:
对响应的业务服务器进行本地化部署;Localized deployment of the responding business server;
响应业务数据请求,得到请求数据;Respond to business data requests and obtain request data;
对业务请求需要计算的数据进行运算,获取运算数据;Perform operations on the data that needs to be calculated in the business request, and obtain the operation data;
将所述请求数据和所述运算数据进行加密,生成私钥密文;Encrypting the request data and the operation data to generate a private key ciphertext;
将所述私钥密文,写入本地服务器文件或数据库。Write the ciphertext of the private key into the local server file or database.
可选的,在所述将所述私钥密文,写入本地服务器文件或数据库之后还包括:Optionally, after writing the private key ciphertext into the local server file or database, the method further includes:
响应供应商的产品交易请求,从用户本地服务器获取所述密钥文件或数据;In response to the supplier's product transaction request, obtain the key file or data from the user's local server;
解析文件所述密钥文件或所述数据,确定私钥密文;Parse the key file or the data in the file, and determine the private key ciphertext;
根据用户输入的密码对所述私钥密文进行解密,获取私钥以进行交易。Decrypt the private key ciphertext according to the password input by the user, and obtain the private key for transaction.
可选的,所述本地服务器文件包括文件头信息、版本信息、账号信息、地址信息、生成时间信息以及数据加密技术标识信息。Optionally, the local server file includes file header information, version information, account information, address information, generation time information, and data encryption technology identification information.
可选的,所述对响应的业务服务器进行本地化部署,具体包括:Optionally, the localized deployment of the responding business server specifically includes:
将后台响应程序编译为xx.so的共享库,部署到客户自己的服务器。Compile the background responder into a shared library of xx.so and deploy it to the client's own server.
可选的,所述将所述请求数据和所述运算数据进行加密,生成私钥密文,具体包括:Optionally, encrypting the request data and the operation data to generate a private key ciphertext specifically includes:
将所述请求数据和所述运算数据进行RSA非对称加密,生成私钥密文。Perform RSA asymmetric encryption on the request data and the operation data to generate a private key ciphertext.
可选的,所述将所述私钥密文,写入本地服务器文件或数据库,具体包括:Optionally, writing the private key ciphertext into a local server file or database specifically includes:
将所述私钥密文通过自定义规则绕码/或base64编码后,通过程序调用写入本地服务器文件或数据库。After the private key ciphertext is encoded by custom rules and/or base64, it is written into a local server file or database through a program call.
一种基于供应链管理的商业数据保护系统,包括:A business data protection system based on supply chain management, including:
本地化部署模块,用于对响应的业务服务器进行本地化部署;The localized deployment module is used for localized deployment of the responding business server;
数据请求响应模块,用于响应业务数据请求,得到请求数据;The data request response module is used to respond to the business data request and obtain the request data;
运算数据获取模块,用于对业务请求需要计算的数据进行运算,获取运算数据;The operation data acquisition module is used to operate the data that needs to be calculated in the business request, and obtain the operation data;
加密模块,用于将所述请求数据和所述运算数据进行加密,生成私钥密文;an encryption module for encrypting the request data and the operation data to generate a private key ciphertext;
密文写入模块,用于将所述私钥密文,写入本地服务器文件或数据库。The ciphertext writing module is used to write the ciphertext of the private key into a local server file or database.
可选的,还包括:Optionally, also include:
产品交易请求响应模块,用于响应供应商的产品交易请求,从用户本地服务器获取所述密钥文件或数据;The product transaction request response module is used to obtain the key file or data from the user's local server in response to the supplier's product transaction request;
私钥密文确定模块,用于解析文件所述密钥文件或所述数据,确定私钥密文;A private key ciphertext determination module, used for parsing the key file or the data in the file to determine the private key ciphertext;
解密模块,用于根据用户输入的密码对所述私钥密文进行解密,获取私钥以进行交易。The decryption module is configured to decrypt the private key ciphertext according to the password input by the user, and obtain the private key for transaction.
可选的,所述本地化部署模块,具体包括:Optionally, the localized deployment module specifically includes:
本地化部署单元,用于将后台响应程序编译为xx.so的共享库,部署到客户自己的服务器。The localization deployment unit is used to compile the background responder into a shared library of xx.so and deploy it to the client's own server.
可选的,所述加密模块,具体包括:Optionally, the encryption module specifically includes:
加密单元,用于将所述请求数据和所述运算数据进行RSA非对称加密,生成私钥密文。An encryption unit, configured to perform RSA asymmetric encryption on the request data and the operation data to generate a private key ciphertext.
根据本发明提供的具体实施例,本发明公开了以下技术效果:According to the specific embodiments provided by the present invention, the present invention discloses the following technical effects:
本发明提供一种基于供应链管理的商业数据保护方法,通过对响应的业务服务器进行本地化部署,响应业务数据请求,将请求及运算后数据加密,生成私钥密文;将所述私钥密文,写入本地服务器文件或数据库,解决了用户私钥和地址的安全存储问题,避免出现因存储于中心化的系统而造成账户信息受盗威胁的情况,对用户账户信息安全更有保障。The present invention provides a business data protection method based on supply chain management. By deploying a responding business server locally, responding to a business data request, encrypting the request and the post-operation data to generate a private key ciphertext; The ciphertext is written into the local server file or database, which solves the problem of safe storage of user private keys and addresses, avoids the threat of account information theft due to storage in a centralized system, and ensures the security of user account information. .
说明书附图Instruction drawings
下面结合附图对本发明作进一步说明:The present invention will be further described below in conjunction with the accompanying drawings:
图1为本发明基于供应链管理的商业数据保护方法流程图;Fig. 1 is the flow chart of the commercial data protection method based on supply chain management of the present invention;
图2为本发明基于供应链管理的商业数据保护系统结构图。FIG. 2 is a structural diagram of a commercial data protection system based on supply chain management of the present invention.
具体实施方式detailed description
下面结合本发明实施例中的附图,对本发明实施例中技术方案进行详细的描述,显然,所描述的实施例仅是本发明一部分实施例,而不是全部的实施例;基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例都属于本发明保护的范围。The technical solutions in the embodiments of the present invention are described in detail below with reference to the drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, rather than all the embodiments; Embodiments, all other embodiments obtained by those of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.
本发明的目的是提供一种基于供应链管理的商业数据保护方法及系 统,够解决用户私钥和地址的安全存储问题,避免出现因存储于中心化的系统而造成账户信息受盗威胁的情况,对用户账户信息安全更有保障。The purpose of the present invention is to provide a commercial data protection method and system based on supply chain management, which can solve the problem of safe storage of user private keys and addresses, and avoid the threat of account information being stolen due to being stored in a centralized system. , which is more secure for the security of user account information.
为使本发明的上述目的、特征和优点能够更加明显易懂,下面结合附图和具体实施方式对本发明作进一步详细的说明。In order to make the above objects, features and advantages of the present invention more clearly understood, the present invention will be described in further detail below with reference to the accompanying drawings and specific embodiments.
图1为本发明基于供应链管理的商业数据保护方法流程图。如图1所示,一种基于供应链管理的商业数据保护方法包括:Fig. 1 is a flow chart of the commercial data protection method based on supply chain management of the present invention. As shown in Figure 1, a business data protection method based on supply chain management includes:
步骤101:对响应的业务服务器进行本地化部署,具体包括:Step 101: Perform localized deployment on the responding business server, specifically including:
将后台响应程序编译为xx.so的共享库,部署到客户自己的服务器,而非平台服务器,既保护了平台方代码,从网络层面上根本杜绝了客户商业隐私数据被第三方使用的风险。Compile the background response program into a shared library of xx.so and deploy it to the client's own server instead of the platform server, which not only protects the platform code, but also eliminates the risk of the client's commercial privacy data being used by third parties from the network level.
步骤102:响应业务数据请求,得到请求数据。Step 102: In response to the service data request, the request data is obtained.
步骤103:对业务请求需要计算的数据进行运算,获取运算数据。Step 103: Compute the data to be calculated by the service request, and obtain the operation data.
步骤104:将所述请求数据和所述运算数据进行加密,生成私钥密文,具体包括:Step 104: Encrypt the request data and the operation data to generate a private key ciphertext, which specifically includes:
将所述请求数据和所述运算数据进行RSA非对称加密,生成私钥密文。私钥密文掌握在客户自己手中,没有私钥密文无法解析数据,单机上保证数据被盗的风险。Perform RSA asymmetric encryption on the request data and the operation data to generate a private key ciphertext. The ciphertext of the private key is in the hands of the customer, and the data cannot be parsed without the ciphertext of the private key, and the risk of data theft is guaranteed on a single machine.
步骤105:将所述私钥密文,写入本地服务器文件或数据库,具体包括:Step 105: Write the private key ciphertext into a local server file or database, specifically including:
将所述私钥密文通过自定义规则绕码/或base64编码后,通过程序调用写入本地服务器文件或数据库。本地服务器文件包括文件头信息、版本信息、账号信息、地址信息、生成时间信息以及数据加密技术标识信息。After the private key ciphertext is encoded by custom rules and/or base64, it is written into a local server file or database through a program call. The local server file includes file header information, version information, account information, address information, generation time information, and data encryption technology identification information.
客户需要读取/查看数据时,先通过程序调用解析文件/读取数据库,解析之后读取数据,将数据通过已自定义规则/或base64解码,解码之后获取到私钥密文。通过私钥密文便可有权限读取到客户数据。When the customer needs to read/view data, first call the program to parse the file/read the database, read the data after parsing, decode the data through custom rules/or base64, and obtain the private key ciphertext after decoding. Through the private key ciphertext, you can have permission to read customer data.
作为一种优选的实施方式,在所述将所述私钥密文,写入本地服务器文件或数据库之后还包括:As a preferred implementation manner, after writing the private key ciphertext into the local server file or database, it further includes:
步骤106:响应供应商的产品交易请求,从用户本地服务器获取所述密钥文件或数据;Step 106: In response to the supplier's product transaction request, obtain the key file or data from the user's local server;
步骤107:解析文件所述密钥文件或所述数据,确定私钥密文;Step 107: Parse the key file or the data in the file, and determine the private key ciphertext;
步骤108:根据用户输入的密码对所述私钥密文进行解密,获取私钥以进行交易。Step 108: Decrypt the ciphertext of the private key according to the password input by the user, and obtain the private key for transaction.
图2为本发明基于供应链管理的商业数据保护系统结构图。如图2所示,一种基于供应链管理的商业数据保护系统包括:FIG. 2 is a structural diagram of a commercial data protection system based on supply chain management of the present invention. As shown in Figure 2, a business data protection system based on supply chain management includes:
本地化部署模块201,用于对响应的业务服务器进行本地化部署。The localized deployment module 201 is configured to perform localized deployment on the responding service server.
数据请求响应模块202,用于响应业务数据请求,得到请求数据。The data request response module 202 is used for responding to the service data request to obtain the request data.
运算数据获取模块203,对业务请求需要计算的数据进行运算,获取运算数据。The operation data acquisition module 203 performs operation on the data required to be calculated by the service request, and acquires operation data.
加密模块204,用于将所述请求数据和所述运算数据进行加密,生成私钥密文。The encryption module 204 is configured to encrypt the request data and the operation data to generate a private key ciphertext.
密文写入模块205,用于将所述私钥密文,写入本地服务器文件或数据库。The ciphertext writing module 205 is used for writing the ciphertext of the private key into a local server file or database.
作为一种优选的实施方式,所述基于供应链管理的商业数据保护系统除了包含本地化部署模块201、数据请求响应模块202、运算数据获取模块203、加密模块204和密文写入模块205之外,还包括:As a preferred embodiment, the commercial data protection system based on supply chain management includes a localization deployment module 201 , a data request response module 202 , an operation data acquisition module 203 , an encryption module 204 and a ciphertext writing module 205 . In addition, it also includes:
产品交易请求响应模块206,用于响应供应商的产品交易请求,从用户本地服务器获取所述密钥文件或数据。The product transaction request response module 206 is configured to obtain the key file or data from the user's local server in response to the supplier's product transaction request.
私钥密文确定模块207,用于解析文件所述密钥文件或所述数据,确定私钥密文;The private key ciphertext determining module 207 is configured to parse the key file or the data in the file, and determine the private key ciphertext;
解密模块208,用于根据用户输入的密码对所述私钥密文进行解密,获取私钥以进行交易。The decryption module 208 is configured to decrypt the ciphertext of the private key according to the password input by the user, and obtain the private key for transaction.
所述本地化部署模块201,具体包括:The localized deployment module 201 specifically includes:
本地化部署单元,用于将后台响应程序编译为xx.so的共享库,部署到客户自己的服务器。The localization deployment unit is used to compile the background responder into a shared library of xx.so and deploy it to the client's own server.
所述加密模块204,具体包括:The encryption module 204 specifically includes:
加密单元,用于将所述请求数据和所述运算数据进行RSA非对称加密,生成私钥密文。An encryption unit, configured to perform RSA asymmetric encryption on the request data and the operation data to generate a private key ciphertext.
实施例1:Example 1:
本发明实施例文件中存储的数据结构包括文件头信息(head),地址信息(address)、文件版本信息(vertion)、账号信息(id)、文件生成时间信息 (time)以及数据加密技术标识信息(DID);详述如下:The data structure stored in the file in the embodiment of the present invention includes file header information (head), address information (address), file version information (vertion), account information (id), file generation time information (time), and data encryption technology identification information (DID); detailed as follows:
(1)私钥与地址的生成:(1) Generation of private key and address:
(2)通过密码对私钥加密生成密钥(2) Generate a key by encrypting the private key with a password
(3)将对应的字符串写入文件:(3) Write the corresponding string to the file:
Figure PCTCN2020098563-appb-000001
Figure PCTCN2020098563-appb-000001
(4)将文件存储在本地服务器上。(4) Store the file on the local server.
(5)当接收到供应链商户的交易请求时,解析文件,从文件中读取出私钥密文和地址,输入密文密码对私钥密文解密后,进行交易。(5) When receiving a transaction request from a supply chain merchant, parse the file, read the private key ciphertext and address from the file, enter the ciphertext password to decrypt the private key ciphertext, and then conduct the transaction.
本发明提供的基于供应链的商业数据保护方法及系统,通过生成的私钥和地址,并对私钥进行加密,生成私钥密文,并根据地址、文件头信息、私钥密文、版本信息、账号信息、文件生成时间信息以及数据加密技术标识信息写入文件,并将文件存储于本地服务器,以供交易时使用,大大提高了供应商交易安全性,对用户账户信息安全更有保障;解决了供应链各上下游商户的私钥和地址的安全存储问题。The supply chain-based commercial data protection method and system provided by the present invention encrypts the private key through the generated private key and address, generates the private key ciphertext, and generates the private key ciphertext according to the address, file header information, private key ciphertext, version Information, account information, file generation time information, and data encryption technology identification information are written into the file, and the file is stored on the local server for use in transactions, which greatly improves the security of supplier transactions and ensures the security of user account information. ; Solve the problem of secure storage of private keys and addresses of upstream and downstream merchants in the supply chain.
上面结合附图对本发明的实施方式作了详细说明,但是本发明并不限于上述实施方式,在所属技术领域普通技术人员所具备的知识范围内,还可以在不脱离本发明宗旨的前提下做出各种变化。The embodiments of the present invention have been described in detail above in conjunction with the accompanying drawings, but the present invention is not limited to the above-mentioned embodiments, and within the scope of knowledge possessed by those of ordinary skill in the art, it can also be done without departing from the purpose of the present invention. various changes.

Claims (10)

  1. 一种基于供应链管理的商业数据保护方法,其特征在于,包括:A business data protection method based on supply chain management, characterized by comprising:
    对响应的业务服务器进行本地化部署;Localized deployment of the responding business server;
    响应业务数据请求,得到请求数据;Respond to business data requests and obtain request data;
    对业务请求需要计算的数据进行运算,获取运算数据;Perform operations on the data that needs to be calculated in the business request, and obtain the operation data;
    将所述请求数据和所述运算数据进行加密,生成私钥密文;Encrypting the request data and the operation data to generate a private key ciphertext;
    将所述私钥密文,写入本地服务器文件或数据库。Write the ciphertext of the private key into the local server file or database.
  2. 根据权利要求1所述的基于供应链管理的商业数据保护方法,其特征在于,在所述将所述私钥密文,写入本地服务器文件或数据库之后还包括:The business data protection method based on supply chain management according to claim 1, wherein after the writing the private key ciphertext into a local server file or database, the method further comprises:
    响应供应商的产品交易请求,从用户本地服务器获取所述密钥文件或数据;In response to the supplier's product transaction request, obtain the key file or data from the user's local server;
    解析文件所述密钥文件或所述数据,确定私钥密文;Parse the key file or the data in the file, and determine the private key ciphertext;
    根据用户输入的密码对所述私钥密文进行解密,获取私钥以进行交易。Decrypt the private key ciphertext according to the password input by the user, and obtain the private key for transaction.
  3. 根据权利要求1所述的基于供应链管理的商业数据保护方法,其特征在于,所述本地服务器文件包括文件头信息、版本信息、账号信息、地址信息、生成时间信息以及数据加密技术标识信息。The business data protection method based on supply chain management according to claim 1, wherein the local server file includes file header information, version information, account information, address information, generation time information and data encryption technology identification information.
  4. 根据权利要求1所述的基于供应链管理的商业数据保护方法,其特征在于,所述对响应的业务服务器进行本地化部署,具体包括:The business data protection method based on supply chain management according to claim 1, wherein the localized deployment of the responding business server specifically includes:
    将后台响应程序编译为xx.so的共享库,部署到客户自己的服务器。Compile the background responder into a shared library of xx.so and deploy it to the client's own server.
  5. 根据权利要求1所述的基于供应链管理的商业数据保护方法,其特征在于,所述将所述请求数据和所述运算数据进行加密,生成私钥密文,具体包括:The method for protecting commercial data based on supply chain management according to claim 1, wherein the encrypting the request data and the operation data to generate a private key ciphertext specifically includes:
    将所述请求数据和所述运算数据进行RSA非对称加密,生成私钥密文。Perform RSA asymmetric encryption on the request data and the operation data to generate a private key ciphertext.
  6. 根据权利要求1所述的基于供应链管理的商业数据保护方法,其特征在于,所述将所述私钥密文,写入本地服务器文件或数据库,具体包括:The business data protection method based on supply chain management according to claim 1, wherein the writing the private key ciphertext into a local server file or database specifically includes:
    将所述私钥密文通过自定义规则绕码/或base64编码后,通过程序调用写入本地服务器文件或数据库。After the private key ciphertext is encoded by custom rules and/or base64, it is written into a local server file or database through a program call.
  7. 一种基于供应链管理的商业数据保护系统,其特征在于,包括:A business data protection system based on supply chain management, characterized by comprising:
    本地化部署模块,用于对响应的业务服务器进行本地化部署;The localized deployment module is used for localized deployment of the responding business server;
    数据请求响应模块,用于响应业务数据请求,得到请求数据;The data request response module is used to respond to the business data request and obtain the request data;
    运算数据获取模块,对业务请求需要计算的数据进行运算,获取运算数据;The operation data acquisition module performs operation on the data to be calculated by the business request, and obtains the operation data;
    加密模块,用于将所述请求数据和所述运算数据进行加密,生成私钥密文;an encryption module for encrypting the request data and the operation data to generate a private key ciphertext;
    密文写入模块,用于将所述私钥密文,写入本地服务器文件或数据库。The ciphertext writing module is used to write the ciphertext of the private key into a local server file or database.
  8. 根据权利要求7所述的基于供应链管理的商业数据保护系统,其特征在于,还包括:The commercial data protection system based on supply chain management according to claim 7, further comprising:
    产品交易请求响应模块,用于响应供应商的产品交易请求,从用户本地服务器获取所述密钥文件或数据;The product transaction request response module is used to obtain the key file or data from the user's local server in response to the supplier's product transaction request;
    私钥密文确定模块,用于解析文件所述密钥文件或所述数据,确定私钥密文;A private key ciphertext determination module, used for parsing the key file or the data in the file to determine the private key ciphertext;
    解密模块,用于根据用户输入的密码对所述私钥密文进行解密,获取私钥以进行交易。The decryption module is used for decrypting the private key ciphertext according to the password input by the user, and obtaining the private key for transaction.
  9. 根据权利要求7所述的基于供应链管理的商业数据保护系统,其特征在于,所述本地化部署模块,具体包括:The commercial data protection system based on supply chain management according to claim 7, wherein the localized deployment module specifically includes:
    本地化部署单元,用于将后台响应程序编译为xx.so的共享库,部署到客户自己的服务器。The localization deployment unit is used to compile the background responder into a shared library of xx.so and deploy it to the client's own server.
  10. 根据权利要求7所述的基于供应链管理的商业数据保护系统,其特征在于,所述加密模块,具体包括:The commercial data protection system based on supply chain management according to claim 7, wherein the encryption module specifically includes:
    加密单元,用于将所述请求数据和所述运算数据进行RSA非对称加密,生成私钥密文。An encryption unit, configured to perform RSA asymmetric encryption on the request data and the operation data to generate a private key ciphertext.
PCT/CN2020/098563 2020-06-28 2020-06-28 Business data protection method and system based on supply chain management WO2022000134A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2020/098563 WO2022000134A1 (en) 2020-06-28 2020-06-28 Business data protection method and system based on supply chain management

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2020/098563 WO2022000134A1 (en) 2020-06-28 2020-06-28 Business data protection method and system based on supply chain management

Publications (1)

Publication Number Publication Date
WO2022000134A1 true WO2022000134A1 (en) 2022-01-06

Family

ID=79317801

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/098563 WO2022000134A1 (en) 2020-06-28 2020-06-28 Business data protection method and system based on supply chain management

Country Status (1)

Country Link
WO (1) WO2022000134A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108848063A (en) * 2018-05-24 2018-11-20 中链科技有限公司 Data processing method, system and computer readable storage medium based on block chain
CN108881240A (en) * 2018-06-26 2018-11-23 广州友谱网络科技有限公司 Member's private data guard method based on block chain
CN109493020A (en) * 2018-11-08 2019-03-19 众安信息技术服务有限公司 Method for secure transactions and device based on block chain
WO2019174430A1 (en) * 2018-03-14 2019-09-19 郑杰骞 Block chain data processing method, management terminal, user terminal, conversion device, and medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019174430A1 (en) * 2018-03-14 2019-09-19 郑杰骞 Block chain data processing method, management terminal, user terminal, conversion device, and medium
CN108848063A (en) * 2018-05-24 2018-11-20 中链科技有限公司 Data processing method, system and computer readable storage medium based on block chain
CN108881240A (en) * 2018-06-26 2018-11-23 广州友谱网络科技有限公司 Member's private data guard method based on block chain
CN109493020A (en) * 2018-11-08 2019-03-19 众安信息技术服务有限公司 Method for secure transactions and device based on block chain

Similar Documents

Publication Publication Date Title
US10757080B2 (en) Vaultless tokenization engine
US10949555B2 (en) Encryption and decryption system and method
US10547444B2 (en) Cloud encryption key broker apparatuses, methods and systems
US8335933B2 (en) Two-party storage of encrypted sensitive information
US20160260091A1 (en) Universal wallet for digital currency
CA3027741A1 (en) Blockchain systems and methods for user authentication
CN108389059A (en) Digital copyrighted work protection, transaction and distributing method based on ownership and system
US10599863B2 (en) Database encryption to provide write protection
US20220078009A1 (en) Key Security Management System and Method, Medium, and Computer Program
KR20030057565A (en) Anti-spoofing password protection
EP3962135B1 (en) Information sharing methods, apparatuses, and devices
CN108154038A (en) Data processing method and device
CN111160908B (en) Supply chain transaction privacy protection system, method and related equipment based on blockchain
CN109615376B (en) Transaction method and device based on zero-knowledge proof
CN108537537A (en) A kind of safe and reliable digital cash Wallet System
WO2022206453A1 (en) Method and apparatus for providing cross-chain private data
Bonner et al. Implementing the payment card industry (pci) data security standard (dss)
WO2022000134A1 (en) Business data protection method and system based on supply chain management
CN111723390B (en) Commercial data protection method and system based on supply chain management
JPWO2011058629A1 (en) Information management system
US11436351B1 (en) Homomorphic encryption of secure data
Vishwakarma et al. Designing a cryptosystem for data at rest encryption in mobile payments
Scoping et al. Information supplement: Pci dss tokenization guidelines
Dudykevych et al. Investigation of Payment Cards systems information security control
Rupa et al. Study and improved data storage in cloud computing using cryptography

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20943776

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20943776

Country of ref document: EP

Kind code of ref document: A1