WO2022188602A1 - Data providing method, apparatus and system - Google Patents

Data providing method, apparatus and system Download PDF

Info

Publication number
WO2022188602A1
WO2022188602A1 PCT/CN2022/076467 CN2022076467W WO2022188602A1 WO 2022188602 A1 WO2022188602 A1 WO 2022188602A1 CN 2022076467 W CN2022076467 W CN 2022076467W WO 2022188602 A1 WO2022188602 A1 WO 2022188602A1
Authority
WO
WIPO (PCT)
Prior art keywords
verification
data
verified
providing
uploading
Prior art date
Application number
PCT/CN2022/076467
Other languages
French (fr)
Chinese (zh)
Inventor
张鑫
Original Assignee
北京沃东天骏信息技术有限公司
北京京东世纪贸易有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京沃东天骏信息技术有限公司, 北京京东世纪贸易有限公司 filed Critical 北京沃东天骏信息技术有限公司
Publication of WO2022188602A1 publication Critical patent/WO2022188602A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Definitions

  • the present disclosure relates to the field of computer technology, and in particular, to a method for providing data, a device for providing data, a system for providing data, and a non-volatile computer-readable storage medium.
  • the Internet of Things can collect data in real time through various information sensors. Through the network access of various sensors, the Internet of Things can realize the connection between things and things, things and people, and realize the intelligent perception of objects and processes.
  • the Internet of Things is an information carrier based on the Internet, traditional telecommunication networks, etc. It enables all common physical objects that can be independently addressed to form an interconnected network.
  • IoT systems are based on real data to understand real-world conditions, so if the authenticity, integrity, and reliability of data cannot be guaranteed, the system may cause serious problems.
  • the sensors of the Internet of Things cannot guarantee the integrity and security of the data, and the generated data is easily tampered with or deceived;
  • some malicious devices are disguised to access the Internet of Things through firmware or software.
  • the blockchain is used to store the data uploaded by each sensor to enhance the security and credibility of the data.
  • a method for providing data comprising: in response to a requesting device initiating an acquisition request for target data, determining a data uploading device uploading target data as a device to be verified, and verifying the location where the device to be verified is located.
  • Each other data uploading device in the area is determined as each verification device; according to the difference between the historical position and the current position of each verification device, it is determined whether the device to be verified has passed the verification; if the device to be verified has passed the verification, the target data is provided to the request device.
  • the verification area of the data uploading device is determined according to the location where the data uploading device is accessed, and each verification device is each data uploading device having the same verification area as the device to be verified.
  • determining whether the device to be verified has passed the verification includes: acquiring the position of each verification device when uploading data as its respective historical position; and determining that the device to be verified has passed the verification when the difference is less than a distance threshold.
  • determining whether the device to be verified has passed the verification includes: fitting the historical position of each verification device to a straight line; and determining the difference according to the distance between the current position of each verification device and the straight line.
  • determining the difference includes: determining the difference according to a weighted average of the distances from the current position of each verification device to the straight line, and the weight of any distance is positively correlated with the reputation value of the verification device corresponding to the distance.
  • determining whether the device to be verified has passed the verification according to the difference between the historical location and the current location of each device to be verified includes: determining whether the device to be verified is a malicious device according to whether the reputation value of the device to be verified is less than a reputation value threshold; In the case that the device to be verified is not a malicious device, it is determined whether the device to be verified has passed the verification according to the difference between the historical position and the current position of each verification device.
  • the reputation value of the device to be verified increases when the device to be verified passes the verification, and decreases when the device to be verified fails the verification.
  • the data uploaded by each data uploading device is stored in the blockchain through a first smart contract; determining whether the device to be verified has passed the verification includes: calling a second smart contract to determine whether the device to be verified has passed the verification; Providing the target data to the requesting device includes: obtaining the target data from the blockchain and providing it to the requesting device.
  • the target data is allowed to be uploaded if the reputation value of the device to be verified is greater than or equal to the reputation value threshold.
  • the providing method further includes: in response to each data uploading device accessing, sending a public key and a private key to each data uploading device; the target data is uploaded by the device to be verified through public key encryption and private key signature.
  • a device for providing data comprising: a determining unit configured to, in response to a requesting device initiating an acquisition request for target data, determine a data uploading device that uploads target data as a device to be verified, and Each other data uploading device in the verification area where the device to be verified is located is determined as each verification device; the verification unit is used to determine whether the device to be verified has passed the verification according to the difference between the historical position and the current position of each verification device; the providing unit is used for In the case that the device to be authenticated passes the authentication, the target data is provided to the requesting device.
  • the verification area of the data uploading device is determined according to the location where the data uploading device is accessed, and each verification device is each data uploading device having the same verification area as the device to be verified.
  • the verification unit obtains the position of each verification device when uploading data as its respective historical position, and determines that the device to be verified has passed the verification when the difference is less than the distance threshold.
  • the verification unit fits the historical position of each verification device to a straight line, and determines the difference according to the distance between the current position of each verification device and the straight line.
  • the verification unit determines the difference according to the weighted average of the distances from the current position of each verification device to the straight line, and the weight of any distance is positively correlated with the reputation value of the verification device corresponding to the distance.
  • the verification unit determines whether the device to be verified is a malicious device according to whether the reputation value of the device to be verified is less than the reputation value threshold, and in the case that the device to be verified is not a malicious device, according to the historical location and The difference of the current position determines whether the device to be verified has passed the verification.
  • the reputation value of the device to be verified increases when the device to be verified passes the verification, and decreases when the device to be verified fails the verification.
  • the data uploaded by each data uploading device is stored in the blockchain through the first smart contract; the verification unit calls the second smart contract to determine whether the device to be verified passes the verification; the providing unit obtains the target from the blockchain data, provided to the requesting device.
  • the target data is allowed to be uploaded if the reputation value of the device to be verified is greater than or equal to the reputation value threshold.
  • the providing unit sends a public key and a private key to each data uploading device in response to the access of each data uploading device, and the target data is uploaded by the device to be verified after being encrypted by the public key and signed by the private key.
  • a data providing apparatus comprising: a memory; and a processor coupled to the memory, the processor being configured to execute any one of the above embodiments based on instructions stored in the memory device The method of providing the data in .
  • a non-volatile computer-readable storage medium on which a computer program is stored, and when the program is executed by a processor, implements the data providing method in any one of the foregoing embodiments.
  • a system for providing data including: a device for providing data, configured to execute the method for providing data in any one of the above embodiments; a plurality of data uploading devices, configured to provide data to Provide system upload data.
  • the providing system further includes: a blockchain system for storing data uploaded by a plurality of data uploading devices.
  • FIG. 1 shows a flowchart of some embodiments of the data providing method of the present disclosure
  • FIG. 2 shows a schematic diagram of some embodiments of the data providing method of the present disclosure
  • FIG. 3 shows a schematic diagram of other embodiments of the data providing method of the present disclosure
  • Figure 4 shows a block diagram of some embodiments of an apparatus for providing data of the present disclosure
  • FIG. 5 shows a block diagram of other embodiments of the apparatus for providing data of the present disclosure
  • Figure 6 shows a block diagram of further embodiments of the apparatus for providing data of the present disclosure
  • FIG. 7 illustrates a block diagram of some embodiments of a system for providing data of the present disclosure.
  • the inventors of the present disclosure have found the following problems in the above-mentioned related technologies: the integrity of the registration data in the blockchain can only be guaranteed, but it is impossible to detect whether the data has been maliciously tampered with before being uploaded to the blockchain, resulting in a decrease in the reliability of IoT data .
  • the present disclosure proposes a technical solution for providing data, which can improve the reliability of IoT data.
  • the blockchain-based IoT data platform cannot distinguish whether a sensor is a benign device or a malicious device, and defaults to a benign device for all sensing devices. In this way, other devices may acquire the data of the malicious device when acquiring the data, so as to be deceived by the malicious device.
  • the present disclosure can verify the authenticity and integrity of data obtained from IoT devices (such as sensors).
  • IoT devices such as sensors
  • the blockchain's smart contracts can be used to verify that the source of data is reliable.
  • the characteristics of blockchain can also be used to ensure the reliability of data storage.
  • the IoT system based on the characteristics of the IoT system, that is, real-world data is continuously generated from IoT devices, and there are often various sensing devices near the source device, surrounding devices may be requested to collaboratively verify the source device (to be verified). the authenticity, integrity and reliability of the data provided by the device).
  • the true data trends of the source device should be nearly identical to the data trends generated by the collaborating device. Therefore, the reliability of the data uploaded by the source device can be verified by comparing the data generated by the source device and the collaborators on the blockchain (that is, the collaborating device serving as the verification device). The collaborator's data plays a key role in validation.
  • a reputation value is set for each data uploading device (such as a sensor), and whether the source device is a malicious device is assessed according to the joint verification result, so as to increase or decrease the reputation value.
  • the reputation value is the representative of the reputation in the collaboration, and the collaboration device with high reputation value occupies a higher proportion when comparing the data of the source device and the collaboration device.
  • FIG. 1 shows a flowchart of some embodiments of the method of providing data of the present disclosure.
  • step 110 in response to the requesting device initiating an acquisition request for target data, the data uploading device that uploads the target data is determined as the device to be verified; the other data uploading devices in the verification area where the device to be verified is located are determined Determined for each verification device.
  • the data uploading device is a sensing device.
  • the verification area of the data uploading device is determined according to the location where the data uploading device is accessed.
  • Each verification device is each data uploading device having the same verification area as the device to be verified.
  • a unique global identity ID can be distributed for each sensing device according to the MAC (Media Access Control Address) of the sensing device; Register the sensing device as an authentication device, and set the current area of the sensing device as the authentication area of the sensing device.
  • MAC Media Access Control Address
  • the sensing device can upload data to the data providing system through the network at regular intervals; the data providing system uses the first smart contract to store the uploaded data in the blockchain.
  • the stored data may include the global identity ID, data ID, data type, data value, time, etc. of the uploading data and the sensing device.
  • the target data is allowed to be uploaded if the reputation value of the device to be verified is greater than or equal to the reputation value threshold. For example, a sensor device below the reputation value threshold is determined to be a malicious device, and it is not allowed to upload data.
  • the reputation value of each sensing device can be set to the initial reputation value (such as 100), and each reputation value and reputation value threshold can be stored in the provisioning system; after each collaborative verification, Reputation value is updated based on whether the sensing device passes verification or not.
  • the providing system queries whether the reputation value of the data uploading device reaches the threshold of the reputation value; if it does, the signature verification is performed on the uploaded data; if the signature verification is successful, it indicates that the uploaded data is correct. Call the private key of the provided system to decrypt to obtain decrypted data; call the first smart contract to store the decrypted data in the blockchain.
  • public and private keys are also assigned to the sensing device in response to the sensing device registering with the providing system of the access data. For example, in response to the access of each data uploading device, the public key and the private key are sent to each data uploading device; the target data is uploaded by the device to be verified after being encrypted by the public key and signed by the private key.
  • the sensing device (requesting device) that needs to acquire data sends a data acquisition request to the providing system, and the verification smart contract (second smart contract) is invoked through the smart contract to verify the device to be verified.
  • the requesting device when the requesting device needs to obtain data uploaded by a certain sensing device (device to be verified) at a certain time, it can access the providing system through the global identity ID and data ID of the requesting device to request data.
  • the providing system After obtaining the global identity ID and data ID of the requesting device, the providing system determines whether it is a malicious device according to the reputation value of the device to be verified; if it is not a malicious device, the verification smart contract is invoked to verify the device to be verified.
  • step 120 it is determined whether the device to be verified passes the verification according to the difference between the historical position and the current position of each verification device.
  • whether the device to be verified is a malicious device may be determined first according to whether the reputation value of the device to be verified is less than the reputation value threshold; then, if the device to be verified is not a malicious device, the historical location of each verification device may be determined The difference from the current position determines whether the device to be verified has passed the verification.
  • the location of each verification device when uploading data may be acquired as its respective historical location. In the case that the difference is less than the distance threshold, it is determined that the device to be verified has passed the verification.
  • each historical position is fitted to a straight line, and the difference is determined according to the distance from the current position of each verification device to the straight line.
  • the difference can be determined according to the weighted average of the distances from the current position of each verification device to the straight line, and the weight of the distance is positively correlated with the reputation value of the verification device corresponding to the distance.
  • the time series data is compared with all relevant data generated by the verification device within a period of time; the verification result is obtained through weight calculation; the verification result is recorded on the blockchain, and the verification is returned. Results and data to smart contracts.
  • the smart contract For example, by verifying the smart contract, find the verification area of the data generating device (device to be verified), and then find each verification device belonging to the verification area; obtain the data stored on the blockchain by each verification device, thereby confirming that each verification device uploads The historical position of these data; using the least square method, fit each historical position into a straight line; calculate the distance from the current position of each verification device to the vertical line of the straight line.
  • each verification device Obtain the reputation value of each verification device, and calculate the respective weight; use each weight to calculate the weighted average of each distance; judge whether the weighted average is less than the distance threshold; determine whether the device to be verified has passed the verification according to the judgment result; record the verification result on the blockchain, and back to the called verification smart contract.
  • the reputation value of the device to be verified increases when the device to be verified passes the verification, and decreases when the device to be verified fails the verification.
  • the reputation value can be adjusted using a third smart contract.
  • step 130 if the device to be authenticated passes the authentication, the target data is provided to the requesting device.
  • the data uploaded by each data uploading device is stored in the blockchain through the first smart contract; the second smart contract is called to determine whether the device to be verified has passed the verification; the target data is obtained from the blockchain and provided to request device.
  • the smart contract For example, if the verification is passed, use the smart contract to encrypt the target data with the public key of the device to be verified according to the verification result, and then use the private key of the improved system to sign to generate the encrypted data, and then send it to the requesting device; record the information of the requesting device and obtain it.
  • the information of the data is sent to the blockchain; after receiving the encrypted data, the requesting device verifies the signature; if the data passes the signature verification, it decrypts to obtain the required target data.
  • a plurality of verification devices in the verification area are used to jointly verify the devices to be verified that provide data. In this way, it is possible to detect whether the upload source of the data is a malicious device, thereby improving the reliability of the IoT data.
  • FIG. 2 shows a schematic diagram of some embodiments of the method of providing data of the present disclosure.
  • the sensing equipment is connected to the providing system for registration;
  • the providing system includes a blockchain system, which stores the data uploaded by the registered sensing equipment as each block.
  • Each sensing device sends its own MAC to the providing system for registration; the providing system generates a unique ID, public key, and private key according to the MAC address, and stores them on the blockchain.
  • the public key is used as the identification of the identity in the blockchain system, and the signature is used to identify the initiator of the behavior.
  • Each sensing device connected to the provisioning system is both a source data generator and a verification device; the provisioning system registers the sensing device as a verification device in a verification area, and initializes its reputation value.
  • FIG. 3 shows a schematic diagram of other embodiments of the data providing method of the present disclosure.
  • step 2 within a certain period of time, the sensing device in a verification area sends the data obtained by itself to the providing system.
  • the transmitted data may be encrypted using the public key of the provider system, ensuring that only the provider system can identify the real data.
  • the uploaded data includes identity ID, data ID, data type, data value, time, etc.
  • each sensing device can be a source device (device to be verified) or a verification device.
  • step 3 when the data-requiring device (requesting device) needs to acquire data of a certain sensing device (source device), the providing system determines whether the reputation value of the source device reaches the reputation value threshold. If the reputation value is reached, provide the system to call the smart contract to obtain data, and the smart contract records the information of the source device as a certificate; call the verification smart contract (smart contract 2, the second smart contract) to verify the source device. If the verification is passed, the data is returned to the device requiring data.
  • the reputation value If the reputation value is reached, provide the system to call the smart contract to obtain data, and the smart contract records the information of the source device as a certificate; call the verification smart contract (smart contract 2, the second smart contract) to verify the source device. If the verification is passed, the data is returned to the device requiring data.
  • step 4 the source device is verified according to whether the difference between the data uploaded by the source device and the data uploaded by each verification device is smaller than a difference threshold.
  • the verification smart contract finds the uploaded data of the source device and the uploaded data of all verification devices in its verification area through the blockchain; the weight of each verification device is calculated by the reputation value of each verification device.
  • the verification device Compare the difference between the weighted average of the data of each verification device and the data of the source device to see if the difference threshold is reached. If it is less than the difference threshold, it proves that the data source is reliable. Based on the verification result, the verification device is rewarded or deducted with a certain reputation value as an incentive by using the smart contract 3 (the third smart contract).
  • the verification smart contract can return the verification result and data to the calling smart contract; if the verification is passed, the calling smart contract encrypts with the private key of the data-demanding device, signs it with the private key of the improved system, and sends it To the demand data device; the demand data device will verify the signature and decrypt the data after obtaining the data, and finally obtain the data.
  • the verification of the data source is realized, and the reliability of the data source is improved.
  • the device that needs to obtain the data requests the data to generate the reliability of the equipment around the device through the smart contract.
  • the encryption key is used to ensure the security of the data in transmission;
  • the blockchain is used to store data, data publishers, data verifiers, data acquirers and other information to ensure the security of data storage.
  • each device has a reputation value, and the reputation value will change in the collaborative verification data. If a false data reputation value is generated, it will be deducted. If the reputation value is too low, the data will not be obtained, and it will be ignored in the system, which can motivate the whole network devices to publish real data.
  • Figure 4 shows a block diagram of some embodiments of an apparatus for providing data of the present disclosure.
  • the data providing apparatus 4 includes a determination unit 41 , a verification unit 42 and a providing unit 43 .
  • the determining unit 41 determines the data uploading device uploading the target data as the to-be-verified device in response to the requesting device initiating the target data acquisition request, and determines each other data uploading device in the verification area where the to-be-verified device is located as each verification device.
  • the verification area of the data uploading device is determined according to the location where the data uploading device is accessed, and each verification device is each data uploading device having the same verification area as the device to be verified.
  • the verification unit 42 determines whether the device to be verified has passed the verification according to the difference between the historical position and the current position of each verification device.
  • the verification unit 42 obtains the position of each verification device when uploading data as its respective historical position, and determines that the device to be verified has passed the verification when the difference is less than the distance threshold.
  • the verification unit 42 fits each historical position to a straight line, and determines the difference according to the distance from the current position of each verification device to the straight line.
  • the verification unit 42 determines the difference according to the weighted average of the distances from the current position of each verification device to the straight line, and the weight of the distance is positively correlated with the reputation value of the verification device corresponding to the distance.
  • the verification unit 42 determines whether the device to be verified is a malicious device according to whether the reputation value of the device to be verified is less than the reputation value threshold. The difference from the current position determines whether the device to be verified has passed the verification.
  • the reputation value of the device to be verified increases if the device to be verified passes the verification, and decreases if the device to be verified fails the verification.
  • the providing unit 43 provides the target data to the requesting device when the device to be authenticated passes the authentication.
  • the data uploaded by each data uploading device is stored in the blockchain through the first smart contract; the verification unit 42 calls the second smart contract to determine whether the device to be verified has passed the verification; Get the target data and provide it to the requesting device.
  • the target data is allowed to be uploaded if the reputation value of the device to be verified is greater than or equal to the reputation value threshold.
  • the providing unit 43 sends a public key and a private key to each data uploading device in response to the access of each data uploading device, and the target data is uploaded by the device to be verified through public key encryption and private key signature.
  • FIG. 5 shows a block diagram of further embodiments of the apparatus for providing data of the present disclosure.
  • the data providing apparatus 5 of this embodiment includes: a memory 51 and a processor 52 coupled to the memory 51 , and the processor 52 is configured to execute the instructions in the present disclosure based on the instructions stored in the memory 51 .
  • the memory 51 may include, for example, a system memory, a fixed non-volatile storage medium, and the like.
  • the system memory stores, for example, an operating system, an application program, a boot loader Boot Loader, a database, and other programs.
  • FIG. 6 shows a block diagram of further embodiments of the apparatus for providing data of the present disclosure.
  • the apparatus 6 for providing data in this embodiment includes: a memory 610 and a processor 620 coupled to the memory 610 , and the processor 620 is configured to execute any one of the foregoing based on the instructions stored in the memory 610 Methods of providing data in the embodiments.
  • Memory 610 may include, for example, system memory, fixed non-volatile storage media, and the like.
  • the system memory stores, for example, an operating system, an application program, a boot loader, and other programs.
  • the data providing apparatus 6 may further include an input/output interface 630, a network interface 640, a storage interface 650, and the like. These interfaces 630 , 640 , 650 and the memory 610 and the processor 620 may be connected, for example, through a bus 660 .
  • the input and output interface 630 provides a connection interface for input and output devices such as a display, a mouse, a keyboard, a touch screen, a microphone, and a speaker.
  • Network interface 640 provides a connection interface for various networked devices.
  • the storage interface 650 provides a connection interface for external storage devices such as SD cards and U disks.
  • FIG. 7 illustrates a block diagram of some embodiments of a system for providing data of the present disclosure.
  • the data providing system 7 includes: a data providing device 71 for executing the data providing method in any of the above embodiments; a plurality of data uploading devices 72 for uploading data to the data providing system .
  • the providing system 7 further includes: a blockchain system 73 for storing data uploaded by a plurality of data uploading devices.
  • embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media having computer-usable program code embodied therein, including but not limited to disk storage, CD-ROM, optical storage, and the like.
  • the methods and systems of the present disclosure may be implemented in many ways.
  • the methods and systems of the present disclosure may be implemented in software, hardware, firmware, or any combination of software, hardware, and firmware.
  • the above order of steps for the method is for illustration only, and the steps of the method of the present disclosure are not limited to the order specifically described above unless specifically stated otherwise.
  • the present disclosure can also be implemented as programs recorded in a recording medium, the programs including machine-readable instructions for implementing methods according to the present disclosure.
  • the present disclosure also covers a recording medium storing a program for executing the method according to the present disclosure.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Virology (AREA)
  • Databases & Information Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention relates to the technical field of computers, and relates to a data providing method, apparatus and system. The providing method comprises: initiating an obtaining request of target data in response to a request device, determining a data uploading device uploading the target data as a device to be verified, and determining other data uploading devices in a verification area where the device to be verified is, as verification devices; according to differences between historical positions of the verification devices and the current positions, determining whether the device to be verified passes the verification; and if the device to be verified passes the verification, providing the target data to the request device.

Description

数据的提供方法、装置和系统Data providing method, device and system
相关申请的交叉引用CROSS-REFERENCE TO RELATED APPLICATIONS
本申请是以CN申请号为202110254510.1,申请日为2021年3月9日的申请为基础,并主张其优先权,该CN申请的公开内容在此作为整体引入本申请中。This application is based on the CN application number 202110254510.1 and the filing date is March 9, 2021, and claims its priority. The disclosure content of this CN application is hereby incorporated into this application as a whole.
技术领域technical field
本公开涉及计算机技术领域,特别涉及一种数据的提供方法、数据的提供装置、数据的提供系统和非易失性计算机可读存储介质。The present disclosure relates to the field of computer technology, and in particular, to a method for providing data, a device for providing data, a system for providing data, and a non-volatile computer-readable storage medium.
背景技术Background technique
物联网能够通过各种信息传感器,实时采集数据。通过各种传感器的网络接入,物联网能够实现物与物、物与人的连接,实现对物品和过程的智能化感知。物联网是一个基于互联网、传统电信网等的信息承载体,它让所有能够被独立寻址的普通物理对象形成互联互通的网络。The Internet of Things can collect data in real time through various information sensors. Through the network access of various sensors, the Internet of Things can realize the connection between things and things, things and people, and realize the intelligent perception of objects and processes. The Internet of Things is an information carrier based on the Internet, traditional telecommunication networks, etc. It enables all common physical objects that can be independently addressed to form an interconnected network.
物联网系统基于真实的数据来了解真实世界的情况,因此如果无法保证数据的真实性、完整性、可靠性,系统可能会导致严重的问题。首先物联网的传感器无法保证数据的完整性和安全性,所产生的数据容易被篡改或欺骗;其次一些恶意设备通过固件或软件等伪装接入物联网。IoT systems are based on real data to understand real-world conditions, so if the authenticity, integrity, and reliability of data cannot be guaranteed, the system may cause serious problems. First, the sensors of the Internet of Things cannot guarantee the integrity and security of the data, and the generated data is easily tampered with or deceived; secondly, some malicious devices are disguised to access the Internet of Things through firmware or software.
因此,如何保障数据来源的安全以及数据存储的安全是物联网以及人工智能发展中需要解决的一个问题。Therefore, how to ensure the security of data sources and data storage is a problem that needs to be solved in the development of the Internet of Things and artificial intelligence.
在相关技术中,利用区块链存储各传感器上传的数据来增强数据的安全度和可信度。In the related art, the blockchain is used to store the data uploaded by each sensor to enhance the security and credibility of the data.
发明内容SUMMARY OF THE INVENTION
根据本公开的一些实施例,提供了一种数据的提供方法,包括:响应于请求设备发起目标数据的获取请求,将上传目标数据的数据上传设备确定为待验证设备,将待验证设备所在验证区域中的各其他数据上传设备确定为各验证设备;根据各验证设备的历史位置与当前位置的差异,确定待验证设备是否通过验证;在待验证设备通过验 证的情况下,将目标数据提供给请求设备。According to some embodiments of the present disclosure, a method for providing data is provided, comprising: in response to a requesting device initiating an acquisition request for target data, determining a data uploading device uploading target data as a device to be verified, and verifying the location where the device to be verified is located. Each other data uploading device in the area is determined as each verification device; according to the difference between the historical position and the current position of each verification device, it is determined whether the device to be verified has passed the verification; if the device to be verified has passed the verification, the target data is provided to the request device.
在一些实施例中,数据上传设备的验证区域根据该数据上传设备接入时所在的位置确定,各验证设备为与待验证设备具有相同验证区域的各数据上传设备。In some embodiments, the verification area of the data uploading device is determined according to the location where the data uploading device is accessed, and each verification device is each data uploading device having the same verification area as the device to be verified.
在一些实施例中,确定待验证设备是否通过验证包括:获取各验证设备在上传数据时的位置,作为其各自的历史位置;在差异小于距离阈值的情况下,确定待验证设备通过验证。In some embodiments, determining whether the device to be verified has passed the verification includes: acquiring the position of each verification device when uploading data as its respective historical position; and determining that the device to be verified has passed the verification when the difference is less than a distance threshold.
在一些实施例中,确定待验证设备是否通过验证包括:将各验证设备的历史位置拟合为一条直线;根据各验证设备的当前位置到直线的距离,确定差异。In some embodiments, determining whether the device to be verified has passed the verification includes: fitting the historical position of each verification device to a straight line; and determining the difference according to the distance between the current position of each verification device and the straight line.
在一些实施例中,确定差异包括:根据各验证设备的当前位置到直线的距离的加权平均值,确定差异,任一个距离的权值与该距离相应的验证设备的信誉值正相关。In some embodiments, determining the difference includes: determining the difference according to a weighted average of the distances from the current position of each verification device to the straight line, and the weight of any distance is positively correlated with the reputation value of the verification device corresponding to the distance.
在一些实施例中,根据各验证设备的历史位置与当前位置的差异,确定待验证设备是否通过验证包括:根据待验证设备的信誉值是否小于信誉值阈值,确定待验证设备是否为恶意设备;在待验证设备不为恶意设备的情况下,根据各验证设备的历史位置与当前位置的差异,确定待验证设备是否通过验证。In some embodiments, determining whether the device to be verified has passed the verification according to the difference between the historical location and the current location of each device to be verified includes: determining whether the device to be verified is a malicious device according to whether the reputation value of the device to be verified is less than a reputation value threshold; In the case that the device to be verified is not a malicious device, it is determined whether the device to be verified has passed the verification according to the difference between the historical position and the current position of each verification device.
在一些实施例中,待验证设备的信誉值在待验证设备通过验证的情况下增加,在待验证设备未通过验证的情况下减少。In some embodiments, the reputation value of the device to be verified increases when the device to be verified passes the verification, and decreases when the device to be verified fails the verification.
在一些实施例中,各数据上传设备上传的数据通过第一智能合约,存储在区块链中;确定待验证设备是否通过验证包括:调用第二智能合约,确定待验证设备是否通过验证;将目标数据提供给请求设备包括:从区块链获取目标数据,提供给请求设备。In some embodiments, the data uploaded by each data uploading device is stored in the blockchain through a first smart contract; determining whether the device to be verified has passed the verification includes: calling a second smart contract to determine whether the device to be verified has passed the verification; Providing the target data to the requesting device includes: obtaining the target data from the blockchain and providing it to the requesting device.
在一些实施例中,在待验证设备的信誉值大于或等于信誉值阈值的情况下,目标数据被允许上传。In some embodiments, the target data is allowed to be uploaded if the reputation value of the device to be verified is greater than or equal to the reputation value threshold.
在一些实施例中,提供方法还包括:响应于各数据上传设备接入,向各数据上传设备发送公钥和私钥;目标数据为待验证设备通过公钥加密、私钥签名后上传。In some embodiments, the providing method further includes: in response to each data uploading device accessing, sending a public key and a private key to each data uploading device; the target data is uploaded by the device to be verified through public key encryption and private key signature.
根据本公开的另一些实施例,提供一种数据的提供装置,包括:确定单元,用于响应于请求设备发起目标数据的获取请求,将上传目标数据的数据上传设备确定为待验证设备,将待验证设备所在验证区域中的各其他数据上传设备确定为各验证设备;验证单元,用于根据各验证设备的历史位置与当前位置的差异,确定待验证设备是否通过验证;提供单元,用于在待验证设备通过验证的情况下,将目标数据提供给请求设备。According to other embodiments of the present disclosure, a device for providing data is provided, comprising: a determining unit configured to, in response to a requesting device initiating an acquisition request for target data, determine a data uploading device that uploads target data as a device to be verified, and Each other data uploading device in the verification area where the device to be verified is located is determined as each verification device; the verification unit is used to determine whether the device to be verified has passed the verification according to the difference between the historical position and the current position of each verification device; the providing unit is used for In the case that the device to be authenticated passes the authentication, the target data is provided to the requesting device.
在一些实施例中,数据上传设备的验证区域根据该数据上传设备接入时所在的位 置确定,各验证设备为与待验证设备具有相同验证区域的各数据上传设备。In some embodiments, the verification area of the data uploading device is determined according to the location where the data uploading device is accessed, and each verification device is each data uploading device having the same verification area as the device to be verified.
在一些实施例中,验证单元获取各验证设备在上传数据时的位置,作为其各自的历史位置,在差异小于距离阈值的情况下,确定待验证设备通过验证。In some embodiments, the verification unit obtains the position of each verification device when uploading data as its respective historical position, and determines that the device to be verified has passed the verification when the difference is less than the distance threshold.
在一些实施例中,验证单元将各验证设备的历史位置拟合为一条直线,根据各验证设备的当前位置到直线的距离,确定差异。In some embodiments, the verification unit fits the historical position of each verification device to a straight line, and determines the difference according to the distance between the current position of each verification device and the straight line.
在一些实施例中,验证单元根据各验证设备的当前位置到直线的距离的加权平均值,确定差异,任一个距离的权值与该距离相应的验证设备的信誉值正相关。In some embodiments, the verification unit determines the difference according to the weighted average of the distances from the current position of each verification device to the straight line, and the weight of any distance is positively correlated with the reputation value of the verification device corresponding to the distance.
在一些实施例中,验证单元根据待验证设备的信誉值是否小于信誉值阈值,确定待验证设备是否为恶意设备,在待验证设备不为恶意设备的情况下,根据各验证设备的历史位置与当前位置的差异,确定待验证设备是否通过验证。In some embodiments, the verification unit determines whether the device to be verified is a malicious device according to whether the reputation value of the device to be verified is less than the reputation value threshold, and in the case that the device to be verified is not a malicious device, according to the historical location and The difference of the current position determines whether the device to be verified has passed the verification.
在一些实施例中,待验证设备的信誉值在待验证设备通过验证的情况下增加,在待验证设备未通过验证的情况下减少。In some embodiments, the reputation value of the device to be verified increases when the device to be verified passes the verification, and decreases when the device to be verified fails the verification.
在一些实施例中,各数据上传设备上传的数据通过第一智能合约,存储在区块链中;验证单元调用第二智能合约,确定待验证设备是否通过验证;提供单元从区块链获取目标数据,提供给请求设备。In some embodiments, the data uploaded by each data uploading device is stored in the blockchain through the first smart contract; the verification unit calls the second smart contract to determine whether the device to be verified passes the verification; the providing unit obtains the target from the blockchain data, provided to the requesting device.
在一些实施例中,在待验证设备的信誉值大于或等于信誉值阈值的情况下,目标数据被允许上传。In some embodiments, the target data is allowed to be uploaded if the reputation value of the device to be verified is greater than or equal to the reputation value threshold.
在一些实施例中,提供单元响应于各数据上传设备接入,向各数据上传设备发送公钥和私钥,目标数据为待验证设备通过公钥加密、私钥签名后上传。In some embodiments, the providing unit sends a public key and a private key to each data uploading device in response to the access of each data uploading device, and the target data is uploaded by the device to be verified after being encrypted by the public key and signed by the private key.
根据本公开的又一些实施例,提供一种数据的提供装置,包括:存储器;和耦接至存储器的处理器,处理器被配置为基于存储在存储器装置中的指令,执行上述任一个实施例中的数据的提供方法。According to further embodiments of the present disclosure, there is provided a data providing apparatus, comprising: a memory; and a processor coupled to the memory, the processor being configured to execute any one of the above embodiments based on instructions stored in the memory device The method of providing the data in .
根据本公开的再一些实施例,提供一种非易失性计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现上述任一个实施例中的数据的提供方法。According to further embodiments of the present disclosure, there is provided a non-volatile computer-readable storage medium on which a computer program is stored, and when the program is executed by a processor, implements the data providing method in any one of the foregoing embodiments.
根据本公开的再一些实施例,提供一种数据的提供系统,包括:数据的提供装置,用于执行上述任一个实施例中的数据的提供方法;多个数据上传设备,用于向数据的提供系统上传数据。According to further embodiments of the present disclosure, a system for providing data is provided, including: a device for providing data, configured to execute the method for providing data in any one of the above embodiments; a plurality of data uploading devices, configured to provide data to Provide system upload data.
在一些实施例中,提供系统还包括:区块链系统,用于存储多个数据上传设备上传的数据。In some embodiments, the providing system further includes: a blockchain system for storing data uploaded by a plurality of data uploading devices.
附图说明Description of drawings
此处所说明的附图用来提供对本公开的进一步理解,构成本申请的一部分,本公开的示意性实施例及其说明用于解释本公开,并不构成对本公开的不当限定。在附图中:The accompanying drawings described herein are used to provide a further understanding of the present disclosure and constitute a part of the present application. The exemplary embodiments of the present disclosure and their descriptions are used to explain the present disclosure and do not constitute an improper limitation of the present disclosure. In the attached image:
图1示出本公开的数据的提供方法的一些实施例的流程图;FIG. 1 shows a flowchart of some embodiments of the data providing method of the present disclosure;
图2示出本公开的数据的提供方法的一些实施例的示意图;FIG. 2 shows a schematic diagram of some embodiments of the data providing method of the present disclosure;
图3示出本公开的数据的提供方法的另一些实施例的示意图;FIG. 3 shows a schematic diagram of other embodiments of the data providing method of the present disclosure;
图4示出本公开的数据的提供装置的一些实施例的框图;Figure 4 shows a block diagram of some embodiments of an apparatus for providing data of the present disclosure;
图5示出本公开的数据的提供装置的另一些实施例的框图;FIG. 5 shows a block diagram of other embodiments of the apparatus for providing data of the present disclosure;
图6示出本公开的数据的提供装置的又一些实施例的框图;Figure 6 shows a block diagram of further embodiments of the apparatus for providing data of the present disclosure;
图7示出本公开的数据的提供系统的一些实施例的框图。7 illustrates a block diagram of some embodiments of a system for providing data of the present disclosure.
具体实施方式Detailed ways
现在将参照附图来详细描述本公开的各种示例性实施例。应注意到:除非另外具体说明,否则在这些实施例中阐述的部件和步骤的相对布置、数字表达式和数值不限制本公开的范围。Various exemplary embodiments of the present disclosure will now be described in detail with reference to the accompanying drawings. It should be noted that the relative arrangement of the components and steps, the numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present disclosure unless specifically stated otherwise.
同时,应当明白,为了便于描述,附图中所示出的各个部分的尺寸并不是按照实际的比例关系绘制的。Meanwhile, it should be understood that, for the convenience of description, the dimensions of various parts shown in the accompanying drawings are not drawn in an actual proportional relationship.
以下对至少一个示例性实施例的描述实际上仅仅是说明性的,决不作为对本公开及其应用或使用的任何限制。The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the disclosure, its application or uses in any way.
对于相关领域普通技术人员已知的技术、方法和设备可能不作详细讨论,但在适当情况下,技术、方法和设备应当被视为授权说明书的一部分。Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail, but where appropriate, techniques, methods, and apparatus should be considered part of the authorized description.
在这里示出和讨论的所有示例中,任何具体值应被解释为仅仅是示例性的,而不是作为限制。因此,示例性实施例的其它示例可以具有不同的值。In all examples shown and discussed herein, any specific value should be construed as illustrative only and not as limiting. Accordingly, other examples of exemplary embodiments may have different values.
应注意到:相似的标号和字母在下面的附图中表示类似项,因此,一旦某一项在一个附图中被定义,则在随后的附图中不需要对其进行进一步讨论。It should be noted that like numerals and letters refer to like items in the following figures, so once an item is defined in one figure, it does not require further discussion in subsequent figures.
本公开的发明人发现上述相关技术中存在如下问题:只能保证区块链内注册数据的完整性,但无法检测到数据上传区块链之前是否被恶意篡改,导致物联网数据的可靠性降低。The inventors of the present disclosure have found the following problems in the above-mentioned related technologies: the integrity of the registration data in the blockchain can only be guaranteed, but it is impossible to detect whether the data has been maliciously tampered with before being uploaded to the blockchain, resulting in a decrease in the reliability of IoT data .
鉴于此,本公开提出了一种数据的提供技术方案,能够提高物联网数据的可靠性。In view of this, the present disclosure proposes a technical solution for providing data, which can improve the reliability of IoT data.
如前所述,基于区块链的物联网数据平台无法分辨传感器为善意设备还是恶意设备,对于所有的传感设备默认为善意设备。这样,导致其他设备可能在获取数据时获取到恶意设备的数据,从而被恶意设备所欺骗。As mentioned earlier, the blockchain-based IoT data platform cannot distinguish whether a sensor is a benign device or a malicious device, and defaults to a benign device for all sensing devices. In this way, other devices may acquire the data of the malicious device when acquiring the data, so as to be deceived by the malicious device.
针对上述技术问题,本公开可以验证从物联网设备(如传感器)获取数据的真实性、完整性。例如,可以利用区块链的智能合约验证数据来源是否可靠。还可以利用区块链的特性保证数据存储的可靠性。In view of the above technical problems, the present disclosure can verify the authenticity and integrity of data obtained from IoT devices (such as sensors). For example, the blockchain's smart contracts can be used to verify that the source of data is reliable. The characteristics of blockchain can also be used to ensure the reliability of data storage.
在一些实施例中,基于物联网系统的特点,即真实世界的数据是从物联网设备连续生成的,在源设备附近往往存在各种传感设备,可以请求周围设备协同验证源设备(待验证设备)提供的数据的真实性、完整性、可靠性。In some embodiments, based on the characteristics of the IoT system, that is, real-world data is continuously generated from IoT devices, and there are often various sensing devices near the source device, surrounding devices may be requested to collaboratively verify the source device (to be verified). the authenticity, integrity and reliability of the data provided by the device).
在不发生数据篡改或欺骗的情况下,源设备的真实数据趋势应与协作设备生成的数据趋势几乎相同。因此,通过比较源设备和区块链上协作者(即作为验证设备的协作设备)生成的数据,即可验证源设备上传数据的可靠性。协作者的数据对于验证起着关键性作用。In the absence of data tampering or spoofing, the true data trends of the source device should be nearly identical to the data trends generated by the collaborating device. Therefore, the reliability of the data uploaded by the source device can be verified by comparing the data generated by the source device and the collaborators on the blockchain (that is, the collaborating device serving as the verification device). The collaborator's data plays a key role in validation.
在一些实施例中,为每个数据上传设备(如传感器)设定信誉值,根据联合验证结果评定源设备是否为恶意设备,从而进行信誉值的增加或减少。信誉值作为协作中信誉的代表,信誉值高的协作设备,在比较源设备和协作设备数据时占有更高的比例。In some embodiments, a reputation value is set for each data uploading device (such as a sensor), and whether the source device is a malicious device is assessed according to the joint verification result, so as to increase or decrease the reputation value. The reputation value is the representative of the reputation in the collaboration, and the collaboration device with high reputation value occupies a higher proportion when comparing the data of the source device and the collaboration device.
这样,可以保证整个物联网系统中获取、存储数据的真实性、完整性、可靠性。例如,可以通过如下的实施例实现本公开的技术方案。In this way, the authenticity, integrity and reliability of the data acquired and stored in the entire IoT system can be guaranteed. For example, the technical solutions of the present disclosure can be implemented through the following embodiments.
图1示出本公开的数据的提供方法的一些实施例的流程图。FIG. 1 shows a flowchart of some embodiments of the method of providing data of the present disclosure.
如图1所示,在步骤110中,响应于请求设备发起目标数据的获取请求,将上传目标数据的数据上传设备确定为待验证设备;将待验证设备所在验证区域中的各其他数据上传设备确定为各验证设备。例如,数据上传设备为传感设备。As shown in FIG. 1, in step 110, in response to the requesting device initiating an acquisition request for target data, the data uploading device that uploads the target data is determined as the device to be verified; the other data uploading devices in the verification area where the device to be verified is located are determined Determined for each verification device. For example, the data uploading device is a sensing device.
在一些实施例中,数据上传设备的验证区域根据该数据上传设备接入时所在的位置确定。各验证设备为与待验证设备具有相同验证区域的各数据上传设备。In some embodiments, the verification area of the data uploading device is determined according to the location where the data uploading device is accessed. Each verification device is each data uploading device having the same verification area as the device to be verified.
例如,响应于传感设备注册接入数据的提供系统,可以根据传感设备的MAC(Media Access Control Address,媒体接入控制位址),为每个传感设备分发唯一的全局身份ID;可以将传感设备注册为验证设备,并将传感设备的当前所在区域设置为该传感设备的验证区域。For example, in response to the sensing device registering and accessing the data providing system, a unique global identity ID can be distributed for each sensing device according to the MAC (Media Access Control Address) of the sensing device; Register the sensing device as an authentication device, and set the current area of the sensing device as the authentication area of the sensing device.
在一些实施例中,传感设备可以每隔一段固定的时间,通过网络将数据上传至数 据的提供系统;数据的提供系统使用第一智能合约,将上传的数据存储在区块链中。例如,存储的数据中可以包含上传数据的的和传感设备的全局身份ID、数据ID、数据类型、数据的值、时间等。In some embodiments, the sensing device can upload data to the data providing system through the network at regular intervals; the data providing system uses the first smart contract to store the uploaded data in the blockchain. For example, the stored data may include the global identity ID, data ID, data type, data value, time, etc. of the uploading data and the sensing device.
在一些实施例中,在待验证设备的信誉值大于或等于信誉值阈值的情况下,目标数据被允许上传。例如,判定低于信誉值阈值的传感设备为恶意设备,不允许其上传数据。In some embodiments, the target data is allowed to be uploaded if the reputation value of the device to be verified is greater than or equal to the reputation value threshold. For example, a sensor device below the reputation value threshold is determined to be a malicious device, and it is not allowed to upload data.
例如,可以在提供系统初始化时,将每个传感设备的信誉值设置为初始信誉值(如100),并将每个信誉值和信誉值阈值存储在提供系统中;每次协同验证之后,根据传感设备是否通过验证更新信誉值。For example, when the provisioning system is initialized, the reputation value of each sensing device can be set to the initial reputation value (such as 100), and each reputation value and reputation value threshold can be stored in the provisioning system; after each collaborative verification, Reputation value is updated based on whether the sensing device passes verification or not.
例如,提供系统在接受到数据上传设备上传的数据后,查询该数据上传设备的信誉值是否达到信誉值阈值;如果达到,则对上传数据进行签名验证;如果签名验证成功,标识上传数据正确,调用提供系统的私钥进行解密得到解密数据;调用第一智能合约,将解密数据存储在区块链中。For example, after receiving the data uploaded by the data uploading device, the providing system queries whether the reputation value of the data uploading device reaches the threshold of the reputation value; if it does, the signature verification is performed on the uploaded data; if the signature verification is successful, it indicates that the uploaded data is correct. Call the private key of the provided system to decrypt to obtain decrypted data; call the first smart contract to store the decrypted data in the blockchain.
在一些实施例中,响应于传感设备注册接入数据的提供系统,还为传感设备分配公钥和私钥。例如,响应于各数据上传设备接入,向各数据上传设备发送公钥和私钥;目标数据为待验证设备通过公钥加密、私钥签名后上传。In some embodiments, public and private keys are also assigned to the sensing device in response to the sensing device registering with the providing system of the access data. For example, in response to the access of each data uploading device, the public key and the private key are sent to each data uploading device; the target data is uploaded by the device to be verified after being encrypted by the public key and signed by the private key.
在一些实施例中,需要获取数据的传感设备(请求设备)向提供系统发送获取数据请求,通过智能合约调用验证智能合约(第二智能合约)对待验证设备进行验证。In some embodiments, the sensing device (requesting device) that needs to acquire data sends a data acquisition request to the providing system, and the verification smart contract (second smart contract) is invoked through the smart contract to verify the device to be verified.
例如,请求设备需要获取某个传感设备(待验证设备)在某个时间上传的数据时,可以通过该请求设备的全局身份ID、数据ID访问提供系统,以请求获取数据。For example, when the requesting device needs to obtain data uploaded by a certain sensing device (device to be verified) at a certain time, it can access the providing system through the global identity ID and data ID of the requesting device to request data.
提供系统在获取到请求设备的全局身份ID和数据ID后,根据待验证设备的信誉值判断其是否为恶意设备;如果不为恶意设备,调用验证智能合约,对待验证设备进行验证。After obtaining the global identity ID and data ID of the requesting device, the providing system determines whether it is a malicious device according to the reputation value of the device to be verified; if it is not a malicious device, the verification smart contract is invoked to verify the device to be verified.
在步骤120中,根据各验证设备的历史位置与当前位置的差异,确定待验证设备是否通过验证。In step 120, it is determined whether the device to be verified passes the verification according to the difference between the historical position and the current position of each verification device.
在一些实施例中,可以先根据待验证设备的信誉值是否小于信誉值阈值,确定待验证设备是否为恶意设备;然后在待验证设备不为恶意设备的情况下,根据各验证设备的历史位置与当前位置的差异,确定待验证设备是否通过验证。In some embodiments, whether the device to be verified is a malicious device may be determined first according to whether the reputation value of the device to be verified is less than the reputation value threshold; then, if the device to be verified is not a malicious device, the historical location of each verification device may be determined The difference from the current position determines whether the device to be verified has passed the verification.
在一些实施例中,可以获取各验证设备在上传数据时的位置,作为其各自的历史位置。在差异小于距离阈值的情况下,确定待验证设备通过验证。In some embodiments, the location of each verification device when uploading data may be acquired as its respective historical location. In the case that the difference is less than the distance threshold, it is determined that the device to be verified has passed the verification.
例如,将各历史位置拟合为一条直线,并根据各验证设备的当前位置到直线的距离,确定差异。可以根据各验证设备的当前位置到直线的距离的加权平均值确定差异,距离的权值与该距离相应的验证设备的信誉值正相关。For example, each historical position is fitted to a straight line, and the difference is determined according to the distance from the current position of each verification device to the straight line. The difference can be determined according to the weighted average of the distances from the current position of each verification device to the straight line, and the weight of the distance is positively correlated with the reputation value of the verification device corresponding to the distance.
在一些实施例,通过验证智能合约,将时间序列数据与验证设备的在一段时间内产生的所有相关数据进行比对;通过权重计算得到验证结果;将验证结果记录在区块链上,返回验证结果和数据给智能合约。In some embodiments, by verifying the smart contract, the time series data is compared with all relevant data generated by the verification device within a period of time; the verification result is obtained through weight calculation; the verification result is recorded on the blockchain, and the verification is returned. Results and data to smart contracts.
例如,通过验证智能合约,找到数据生成设备(待验证设备)的验证区域,进而找到属于该验证区域的各验证设备;获取各验证设备存储在区块链上的数据,从而确认各验证设备上传这些数据时的历史位置;利用最小二乘法,将各历史位置拟合为一条直线;计算各验证设备的当前位置到该直线的垂直线的距离。For example, by verifying the smart contract, find the verification area of the data generating device (device to be verified), and then find each verification device belonging to the verification area; obtain the data stored on the blockchain by each verification device, thereby confirming that each verification device uploads The historical position of these data; using the least square method, fit each historical position into a straight line; calculate the distance from the current position of each verification device to the vertical line of the straight line.
获取每个验证设备的信誉值,计算各自的权重;利用各权重计算各距离的加权平均值;判断加权平均值是否小于距离阈值;根据判断结果,确定待验证设备是否通过验证;将验证结果记录在区块链上,并返回给所调用的验证智能合约。Obtain the reputation value of each verification device, and calculate the respective weight; use each weight to calculate the weighted average of each distance; judge whether the weighted average is less than the distance threshold; determine whether the device to be verified has passed the verification according to the judgment result; record the verification result on the blockchain, and back to the called verification smart contract.
在一些实施例中,待验证设备的信誉值在待验证设备通过验证的情况下增加,在待验证设备未通过验证的情况下减少。例如,可以利用第三智能合约调整信誉值。In some embodiments, the reputation value of the device to be verified increases when the device to be verified passes the verification, and decreases when the device to be verified fails the verification. For example, the reputation value can be adjusted using a third smart contract.
在步骤130中,在待验证设备通过验证的情况下,将目标数据提供给请求设备。In step 130, if the device to be authenticated passes the authentication, the target data is provided to the requesting device.
在一些实施例中,各数据上传设备上传的数据通过第一智能合约,存储在区块链中;调用第二智能合约,确定待验证设备是否通过验证;从区块链获取目标数据,提供给请求设备。In some embodiments, the data uploaded by each data uploading device is stored in the blockchain through the first smart contract; the second smart contract is called to determine whether the device to be verified has passed the verification; the target data is obtained from the blockchain and provided to request device.
例如,如果验证通过,利用智能合约根据验证结果,利用待验证设备公钥对目标数据进行加密后利用提高系统的私钥进行签名生成加密数据,然后发送给请求设备;记录请求设备的信息以及获取数据的信息至区块链上;请求设备在接收到加密数据后,进行验证签名;如果数据通过签名验证,则进行解密,获取所需的目标数据。For example, if the verification is passed, use the smart contract to encrypt the target data with the public key of the device to be verified according to the verification result, and then use the private key of the improved system to sign to generate the encrypted data, and then send it to the requesting device; record the information of the requesting device and obtain it. The information of the data is sent to the blockchain; after receiving the encrypted data, the requesting device verifies the signature; if the data passes the signature verification, it decrypts to obtain the required target data.
在上述实施例中,基于位置信息,利用验证区域内多个验证设备对提供数据的待验证设备进行联合验证。这样,能够检测数据的上传来源是否为恶意设备,从而提高物联网数据的可靠性。In the above embodiment, based on the location information, a plurality of verification devices in the verification area are used to jointly verify the devices to be verified that provide data. In this way, it is possible to detect whether the upload source of the data is a malicious device, thereby improving the reliability of the IoT data.
图2示出本公开的数据的提供方法的一些实施例的示意图。FIG. 2 shows a schematic diagram of some embodiments of the method of providing data of the present disclosure.
如图2所示,传感设备接入提供系统进行注册;提供系统包含区块链系统,将注册的传感设备上传的数据存储为各区块。As shown in Figure 2, the sensing equipment is connected to the providing system for registration; the providing system includes a blockchain system, which stores the data uploaded by the registered sensing equipment as each block.
各传感设备发送自己的MAC给提供系统进行注册;提供系统根据MAC地址生 成唯一的身份ID、公钥、私钥,并且存储在区块链上。例如,公钥作为区块链系统中身份的标识,利用签名鉴定行为发起方。Each sensing device sends its own MAC to the providing system for registration; the providing system generates a unique ID, public key, and private key according to the MAC address, and stores them on the blockchain. For example, the public key is used as the identification of the identity in the blockchain system, and the signature is used to identify the initiator of the behavior.
每个接入提供系统的传感设备既是源数据生成者也是验证设备;提供系统通过传感设备接入时所处的位置,将传感设备注册为某个验证区域的验证设备,同时初始化其信誉值。Each sensing device connected to the provisioning system is both a source data generator and a verification device; the provisioning system registers the sensing device as a verification device in a verification area, and initializes its reputation value.
图3示出本公开的数据的提供方法的另一些实施例的示意图。FIG. 3 shows a schematic diagram of other embodiments of the data providing method of the present disclosure.
如图3所示,在通过步骤一完成各传感设备的注册后,可以通过步骤二、三、四进行验证。As shown in FIG. 3 , after completing the registration of each sensing device through step 1, verification can be performed through steps 2, 3, and 4.
在步骤二中,一定时间内,处在一个验证区域内的传感设备发送自己获取得到的数据至提供系统。In step 2, within a certain period of time, the sensing device in a verification area sends the data obtained by itself to the providing system.
在一些实施例中,发送的数据可以利用提供系统的公钥进行加密,保证只有提供系统能识别真实的数据。例如,上传的数据包括身份ID、数据ID、数据类型、数据的值、时间等。In some embodiments, the transmitted data may be encrypted using the public key of the provider system, ensuring that only the provider system can identify the real data. For example, the uploaded data includes identity ID, data ID, data type, data value, time, etc.
提供系统根据不同验证区域的传感设备,调用智能合约1(第一智能合约)存储这段时间内各验证区域内所有传感设备的数据。根据请求设备请求的数据,各传感设备可以为源设备(待验证设备)或者验证设备。According to the sensing devices in different verification areas, the providing system calls smart contract 1 (the first smart contract) to store the data of all sensing devices in each verification area during this period. According to the data requested by the requesting device, each sensing device can be a source device (device to be verified) or a verification device.
在步骤三中,需求数据设备(请求设备)需要获取某个传感设备(源设备)的数据时,提供系统判断源设备的信誉值是否达到信誉值阈值。如果达到信誉值,提供系统调用智能合约获取数据,智能合约记录源设备的信息作为凭证;调用验证智能合约(智能合约2即第二智能合约)对源设备进行验证。如果通过验证,则向需求数据设备返回数据。In step 3, when the data-requiring device (requesting device) needs to acquire data of a certain sensing device (source device), the providing system determines whether the reputation value of the source device reaches the reputation value threshold. If the reputation value is reached, provide the system to call the smart contract to obtain data, and the smart contract records the information of the source device as a certificate; call the verification smart contract (smart contract 2, the second smart contract) to verify the source device. If the verification is passed, the data is returned to the device requiring data.
在步骤四中,根据源设备上传的数据与各验证设备上传的数据的差异是否小于差异阈值,验证源设备。In step 4, the source device is verified according to whether the difference between the data uploaded by the source device and the data uploaded by each verification device is smaller than a difference threshold.
例如,验证智能合约通过区块链找到源设备的上传数据,以及其验证区域内所有验证设备的上传数据;通过各验证设备的信誉值计算各验证设备的权重。For example, the verification smart contract finds the uploaded data of the source device and the uploaded data of all verification devices in its verification area through the blockchain; the weight of each verification device is calculated by the reputation value of each verification device.
比对各验证设备的数据的加权平均值与源设备的数据的差异,是否达到差异阈值。如果小于差异阈值,证明数据来源可靠。基于验证的结果,利用智能合约3(第三智能合约)对验证设备奖励或扣除一定的信誉值作为激励。Compare the difference between the weighted average of the data of each verification device and the data of the source device to see if the difference threshold is reached. If it is less than the difference threshold, it proves that the data source is reliable. Based on the verification result, the verification device is rewarded or deducted with a certain reputation value as an incentive by using the smart contract 3 (the third smart contract).
在一些实施例中,验证智能合约可以把验证结果以及数据返回给调用的智能合约;如果验证通过,调用的智能合约使用需求数据设备的私钥进行加密,利用提高系统的 私钥进行签名后发送给需求数据设备;需求数据设备在获取到数据后进行验证签名、解密,最后得到数据。In some embodiments, the verification smart contract can return the verification result and data to the calling smart contract; if the verification is passed, the calling smart contract encrypts with the private key of the data-demanding device, signs it with the private key of the improved system, and sends it To the demand data device; the demand data device will verify the signature and decrypt the data after obtaining the data, and finally obtain the data.
上述实施例中,实现了对数据来源的验证,提高了数据来源的可靠性。需要获取数据的设备通过智能合约,请求数据产生设备周围的设备协同验证的可靠性。通过比较数据产生的源设备和协同验证设备在区块链上生成的数据,验证数据是否发生了篡改或欺骗。In the above embodiment, the verification of the data source is realized, and the reliability of the data source is improved. The device that needs to obtain the data requests the data to generate the reliability of the equipment around the device through the smart contract. By comparing the data generated by the source device and the data generated by the co-verification device on the blockchain, it is verified whether the data has been tampered with or deceived.
在数据传输中利用密钥进行加密,保证了传输中数据的安全性;使用区块链存储数据、数据发布者、数据验证者、数据获取者等信息保证数据存储的安全性。In the data transmission, the encryption key is used to ensure the security of the data in transmission; the blockchain is used to store data, data publishers, data verifiers, data acquirers and other information to ensure the security of data storage.
通过引入信誉机制,每个设备存在一个信誉值,在协作验证数据中信誉值会发生变化。如果产生虚假的数据信誉值就会被扣减,信誉值过低将无法获取数据,在系统中会被忽略,从而可以激励全网设备进行真实数据的发布。By introducing the reputation mechanism, each device has a reputation value, and the reputation value will change in the collaborative verification data. If a false data reputation value is generated, it will be deducted. If the reputation value is too low, the data will not be obtained, and it will be ignored in the system, which can motivate the whole network devices to publish real data.
图4示出本公开的数据的提供装置的一些实施例的框图。Figure 4 shows a block diagram of some embodiments of an apparatus for providing data of the present disclosure.
如图4所示,数据的提供装置4包括确定单元41、验证单元42和提供单元43。As shown in FIG. 4 , the data providing apparatus 4 includes a determination unit 41 , a verification unit 42 and a providing unit 43 .
确定单元41响应于请求设备发起目标数据的获取请求,将上传目标数据的数据上传设备确定为待验证设备,将待验证设备所在验证区域中的各其他数据上传设备确定为各验证设备。The determining unit 41 determines the data uploading device uploading the target data as the to-be-verified device in response to the requesting device initiating the target data acquisition request, and determines each other data uploading device in the verification area where the to-be-verified device is located as each verification device.
在一些实施例中,数据上传设备的验证区域根据该数据上传设备接入时所在的位置确定,各验证设备为与待验证设备具有相同验证区域的各数据上传设备。In some embodiments, the verification area of the data uploading device is determined according to the location where the data uploading device is accessed, and each verification device is each data uploading device having the same verification area as the device to be verified.
验证单元42根据各验证设备的历史位置与当前位置的差异,确定待验证设备是否通过验证。The verification unit 42 determines whether the device to be verified has passed the verification according to the difference between the historical position and the current position of each verification device.
在一些实施例中,验证单元42获取各验证设备在上传数据时的位置,作为其各自的历史位置,在差异小于距离阈值的情况下,确定待验证设备通过验证。In some embodiments, the verification unit 42 obtains the position of each verification device when uploading data as its respective historical position, and determines that the device to be verified has passed the verification when the difference is less than the distance threshold.
在一些实施例中,验证单元42将各历史位置拟合为一条直线,根据各验证设备的当前位置到直线的距离,确定差异。In some embodiments, the verification unit 42 fits each historical position to a straight line, and determines the difference according to the distance from the current position of each verification device to the straight line.
在一些实施例中,验证单元42根据各验证设备的当前位置到直线的距离的加权平均值,确定差异,距离的权值与该距离相应的验证设备的信誉值正相关。In some embodiments, the verification unit 42 determines the difference according to the weighted average of the distances from the current position of each verification device to the straight line, and the weight of the distance is positively correlated with the reputation value of the verification device corresponding to the distance.
在一些实施例中,验证单元42根据待验证设备的信誉值是否小于信誉值阈值,确定待验证设备是否为恶意设备,在待验证设备不为恶意设备的情况下,根据各验证设备的历史位置与当前位置的差异,确定待验证设备是否通过验证。In some embodiments, the verification unit 42 determines whether the device to be verified is a malicious device according to whether the reputation value of the device to be verified is less than the reputation value threshold. The difference from the current position determines whether the device to be verified has passed the verification.
在一些实施例中,待验证设备的信誉值在待验证设备通过验证的情况下增加,在 待验证设备未通过验证的情况下减少。In some embodiments, the reputation value of the device to be verified increases if the device to be verified passes the verification, and decreases if the device to be verified fails the verification.
提供单元43在待验证设备通过验证的情况下,将目标数据提供给请求设备。The providing unit 43 provides the target data to the requesting device when the device to be authenticated passes the authentication.
在一些实施例中,各数据上传设备上传的数据通过第一智能合约,存储在区块链中;验证单元42调用第二智能合约,确定待验证设备是否通过验证;提供单元43从区块链获取目标数据,提供给请求设备。In some embodiments, the data uploaded by each data uploading device is stored in the blockchain through the first smart contract; the verification unit 42 calls the second smart contract to determine whether the device to be verified has passed the verification; Get the target data and provide it to the requesting device.
在一些实施例中,在待验证设备的信誉值大于或等于信誉值阈值的情况下,目标数据被允许上传。In some embodiments, the target data is allowed to be uploaded if the reputation value of the device to be verified is greater than or equal to the reputation value threshold.
在一些实施例中,提供单元43响应于各数据上传设备接入,向各数据上传设备发送公钥和私钥,目标数据为待验证设备通过公钥加密、私钥签名后上传。In some embodiments, the providing unit 43 sends a public key and a private key to each data uploading device in response to the access of each data uploading device, and the target data is uploaded by the device to be verified through public key encryption and private key signature.
图5示出本公开的数据的提供装置的另一些实施例的框图。FIG. 5 shows a block diagram of further embodiments of the apparatus for providing data of the present disclosure.
如图5所示,该实施例的数据的提供装置5包括:存储器51以及耦接至该存储器51的处理器52,处理器52被配置为基于存储在存储器51中的指令,执行本公开中任意一个实施例中的数据的提供方法。As shown in FIG. 5 , the data providing apparatus 5 of this embodiment includes: a memory 51 and a processor 52 coupled to the memory 51 , and the processor 52 is configured to execute the instructions in the present disclosure based on the instructions stored in the memory 51 . A method for providing data in any one of the embodiments.
其中,存储器51例如可以包括系统存储器、固定非易失性存储介质等。系统存储器例如存储有操作系统、应用程序、引导装载程序Boot Loader、数据库以及其他程序等。Wherein, the memory 51 may include, for example, a system memory, a fixed non-volatile storage medium, and the like. The system memory stores, for example, an operating system, an application program, a boot loader Boot Loader, a database, and other programs.
图6示出本公开的数据的提供装置的又一些实施例的框图。FIG. 6 shows a block diagram of further embodiments of the apparatus for providing data of the present disclosure.
如图6所示,该实施例的数据的提供装置6包括:存储器610以及耦接至该存储器610的处理器620,处理器620被配置为基于存储在存储器610中的指令,执行前述任意一个实施例中的数据的提供方法。As shown in FIG. 6 , the apparatus 6 for providing data in this embodiment includes: a memory 610 and a processor 620 coupled to the memory 610 , and the processor 620 is configured to execute any one of the foregoing based on the instructions stored in the memory 610 Methods of providing data in the embodiments.
存储器610例如可以包括系统存储器、固定非易失性存储介质等。系统存储器例如存储有操作系统、应用程序、引导装载程序Boot Loader以及其他程序等。 Memory 610 may include, for example, system memory, fixed non-volatile storage media, and the like. The system memory stores, for example, an operating system, an application program, a boot loader, and other programs.
数据的提供装置6还可以包括输入输出接口630、网络接口640、存储接口650等。这些接口630、640、650以及存储器610和处理器620之间例如可以通过总线660连接。其中,输入输出接口630为显示器、鼠标、键盘、触摸屏、麦克、音箱等输入输出设备提供连接接口。网络接口640为各种联网设备提供连接接口。存储接口650为SD卡、U盘等外置存储设备提供连接接口。The data providing apparatus 6 may further include an input/output interface 630, a network interface 640, a storage interface 650, and the like. These interfaces 630 , 640 , 650 and the memory 610 and the processor 620 may be connected, for example, through a bus 660 . The input and output interface 630 provides a connection interface for input and output devices such as a display, a mouse, a keyboard, a touch screen, a microphone, and a speaker. Network interface 640 provides a connection interface for various networked devices. The storage interface 650 provides a connection interface for external storage devices such as SD cards and U disks.
图7示出本公开的数据的提供系统的一些实施例的框图。7 illustrates a block diagram of some embodiments of a system for providing data of the present disclosure.
如图7所示,数据的提供系统7包括:数据的提供装置71,用于执行上述任一个实施例中的数据的提供方法;多个数据上传设备72,用于向数据的提供系统上传数据。As shown in FIG. 7 , the data providing system 7 includes: a data providing device 71 for executing the data providing method in any of the above embodiments; a plurality of data uploading devices 72 for uploading data to the data providing system .
在一些实施例中,提供系统7还包括:区块链系统73,用于存储多个数据上传设备上传的数据。In some embodiments, the providing system 7 further includes: a blockchain system 73 for storing data uploaded by a plurality of data uploading devices.
本领域内的技术人员应当明白,本公开的实施例可提供为方法、系统、或计算机程序产品。因此,本公开可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本公开可采用在一个或多个其中包含有计算机可用程序代码的计算机可用非瞬时性存储介质包括但不限于磁盘存储器、CD-ROM、光学存储器等上实施的计算机程序产品的形式。As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media having computer-usable program code embodied therein, including but not limited to disk storage, CD-ROM, optical storage, and the like.
至此,已经详细描述了根据本公开的数据的提供方法、数据的提供装置、数据的提供系统和非易失性计算机可读存储介质。为了避免遮蔽本公开的构思,没有描述本领域所公知的一些细节。本领域技术人员根据上面的描述,完全可以明白如何实施这里公开的技术方案。So far, the data providing method, data providing apparatus, data providing system, and non-volatile computer-readable storage medium according to the present disclosure have been described in detail. Some details that are well known in the art are not described in order to avoid obscuring the concept of the present disclosure. Those skilled in the art can fully understand how to implement the technical solutions disclosed herein based on the above description.
可能以许多方式来实现本公开的方法和系统。例如,可通过软件、硬件、固件或者软件、硬件、固件的任何组合来实现本公开的方法和系统。用于方法的步骤的上述顺序仅是为了进行说明,本公开的方法的步骤不限于以上具体描述的顺序,除非以其它方式特别说明。此外,在一些实施例中,还可将本公开实施为记录在记录介质中的程序,这些程序包括用于实现根据本公开的方法的机器可读指令。因而,本公开还覆盖存储用于执行根据本公开的方法的程序的记录介质。The methods and systems of the present disclosure may be implemented in many ways. For example, the methods and systems of the present disclosure may be implemented in software, hardware, firmware, or any combination of software, hardware, and firmware. The above order of steps for the method is for illustration only, and the steps of the method of the present disclosure are not limited to the order specifically described above unless specifically stated otherwise. Furthermore, in some embodiments, the present disclosure can also be implemented as programs recorded in a recording medium, the programs including machine-readable instructions for implementing methods according to the present disclosure. Thus, the present disclosure also covers a recording medium storing a program for executing the method according to the present disclosure.
虽然已经通过示例对本公开的一些特定实施例进行了详细说明,但是本领域的技术人员应该理解,以上示例仅是为了进行说明,而不是为了限制本公开的范围。本领域的技术人员应该理解,可在不脱离本公开的范围和精神的情况下,对以上实施例进行修改。本公开的范围由所附权利要求来限定。While some specific embodiments of the present disclosure have been described in detail by way of examples, those skilled in the art will appreciate that the above examples are provided for illustration only, and are not intended to limit the scope of the present disclosure. Those skilled in the art will appreciate that modifications may be made to the above embodiments without departing from the scope and spirit of the present disclosure. The scope of the present disclosure is defined by the appended claims.

Claims (24)

  1. 一种数据的提供方法,包括:A method of providing data, including:
    响应于请求设备发起目标数据的获取请求,将上传所述目标数据的数据上传设备确定为待验证设备,将所述待验证设备所在验证区域中的各其他数据上传设备确定为各验证设备;In response to the requesting device initiating an acquisition request for target data, determine the data uploading device that uploads the target data as the device to be verified, and determine each other data uploading device in the verification area where the device to be verified is located as each verification device;
    根据所述各验证设备的历史位置与当前位置的差异,确定所述待验证设备是否通过验证;According to the difference between the historical position and the current position of each verification device, determine whether the device to be verified has passed the verification;
    在所述待验证设备通过验证的情况下,将所述目标数据提供给所述请求设备。In the case that the device to be authenticated passes the authentication, the target data is provided to the requesting device.
  2. 根据权利要求1所述的提供方法,其中,The providing method according to claim 1, wherein,
    所述各验证设备为与待验证设备具有相同验证区域的各数据上传设备,任一个数据上传设备的验证区域根据所述任一个数据上传设备接入时所在的位置确定。Each of the verification devices is each data upload device having the same verification area as the device to be verified, and the verification area of any data upload device is determined according to the location where the any data upload device is accessed.
  3. 根据权利要求1所述的提供方法,其中,所述确定所述待验证设备是否通过验证包括:The providing method according to claim 1, wherein the determining whether the device to be authenticated passes the authentication comprises:
    获取所述各验证设备在上传数据时的位置,作为其各自的历史位置;Acquire the position of each verification device when uploading data, as its respective historical position;
    在所述差异小于距离阈值的情况下,确定所述待验证设备通过验证。In the case that the difference is smaller than the distance threshold, it is determined that the device to be verified has passed the verification.
  4. 根据权利要求1所述的提供方法,其中,所述确定所述待验证设备是否通过验证包括:The providing method according to claim 1, wherein the determining whether the device to be authenticated passes the authentication comprises:
    将所述各验证设备的历史位置拟合为一条直线;Fitting the historical position of each verification device into a straight line;
    根据所述各验证设备的当前位置到所述直线的距离,确定所述差异。The difference is determined according to the distance from the current position of each verification device to the straight line.
  5. 根据权利要求4所述的提供方法,其中,所述确定所述差异包括:The providing method of claim 4, wherein the determining the difference comprises:
    根据所述各验证设备的当前位置到所述直线的距离的加权平均值,确定所述差异,任一个距离的权值与所述任一个距离相应的验证设备的信誉值正相关。The difference is determined according to the weighted average of the distances from the current positions of the verification devices to the straight line, and the weight of any distance is positively correlated with the reputation value of the verification device corresponding to the any distance.
  6. 根据权利要求1所述的提供方法,其中,所述根据所述各验证设备的历史位置与当前位置的差异,确定所述待验证设备是否通过验证包括:The providing method according to claim 1, wherein the determining whether the device to be verified passes the verification according to the difference between the historical position and the current position of each verification device comprises:
    根据所述待验证设备的信誉值是否小于信誉值阈值,确定所述待验证设备是否为恶意设备;Determine whether the device to be verified is a malicious device according to whether the reputation value of the device to be verified is less than a reputation value threshold;
    在所述待验证设备不为恶意设备的情况下,根据所述各验证设备的历史位置与当前位置的差异,确定所述待验证设备是否通过验证。In the case that the device to be verified is not a malicious device, it is determined whether the device to be verified has passed the verification according to the difference between the historical position and the current position of each device to be verified.
  7. 根据权利要求6所述的提供方法,其中,The providing method according to claim 6, wherein,
    所述待验证设备的信誉值在所述待验证设备通过验证的情况下增加,在所述待验证设备未通过验证的情况下减少。The reputation value of the to-be-verified device increases when the to-be-verified device passes the verification, and decreases when the to-be-verified device fails the verification.
  8. 根据权利要求1-7任一项所述的提供方法,其中,The providing method according to any one of claims 1-7, wherein,
    任一个数据上传设备上传的数据通过第一智能合约,存储在区块链中;The data uploaded by any data uploading device is stored in the blockchain through the first smart contract;
    所述确定所述待验证设备是否通过验证包括:The determining whether the device to be verified passes the verification includes:
    调用第二智能合约,确定所述待验证设备是否通过验证;Invoke the second smart contract to determine whether the device to be verified has passed the verification;
    所述将所述目标数据提供给所述请求设备包括:The providing the target data to the requesting device includes:
    从所述区块链获取所述目标数据,提供给所述请求设备。The target data is obtained from the blockchain and provided to the requesting device.
  9. 根据权利要求1-7任一项所述的提供方法,其中,The providing method according to any one of claims 1-7, wherein,
    在所述待验证设备的信誉值大于或等于信誉值阈值的情况下,所述目标数据被允许上传。When the reputation value of the device to be verified is greater than or equal to the reputation value threshold, the target data is allowed to be uploaded.
  10. 根据权利要求1-7任一项所述的提供方法,还包括:The providing method according to any one of claims 1-7, further comprising:
    响应于任一个数据上传设备接入,向所述任一个数据上传设备发送公钥和私钥;In response to the access of any data uploading device, sending the public key and the private key to any of the data uploading devices;
    其中,in,
    所述目标数据为所述待验证设备通过公钥加密、私钥签名后上传。The target data is uploaded by the device to be verified through public key encryption and private key signature.
  11. 一种数据的提供装置,包括:A device for providing data, comprising:
    确定单元,用于响应于请求设备发起目标数据的获取请求,将上传所述目标数据的数据上传设备确定为待验证设备,将所述待验证设备所在验证区域中的各其他数据上传设备确定为各验证设备;The determining unit is configured to, in response to the requesting device initiating an acquisition request for target data, determine the data uploading device that uploads the target data as the device to be verified, and determine each other data uploading device in the verification area where the device to be verified is located as each verification device;
    验证单元,用于根据所述各验证设备的历史位置与当前位置的差异,确定所述待验证设备是否通过验证;a verification unit, configured to determine whether the device to be verified has passed the verification according to the difference between the historical position and the current position of each verification device;
    提供单元,用于在所述待验证设备通过验证的情况下,将所述目标数据提供给所述请求设备。A providing unit is configured to provide the target data to the requesting device when the device to be authenticated passes the authentication.
  12. 根据权利要求11所述的提供装置,其中,The providing apparatus according to claim 11, wherein,
    任一个数据上传设备的验证区域根据所述任一个数据上传设备接入时所在的位置确定,The verification area of any data uploading device is determined according to the location where any data uploading device is accessed,
    所述各验证设备为与待验证设备具有相同验证区域的各数据上传设备。Each of the verification devices is each data upload device that has the same verification area as the device to be verified.
  13. 根据权利要求11所述的提供装置,其中,The providing apparatus according to claim 11, wherein,
    所述验证单元获取所述各验证设备在上传数据时的位置,作为其各自的历史位置,在所述差异小于距离阈值的情况下,确定所述待验证设备通过验证。The verification unit acquires the position of each verification device when uploading data as its respective historical position, and determines that the device to be verified has passed the verification when the difference is less than a distance threshold.
  14. 根据权利要求11所述的提供装置,其中,The providing apparatus according to claim 11, wherein,
    所述验证单元将所述各验证设备的历史位置拟合为一条直线,根据所述各验证设备的当前位置到所述直线的距离,确定所述差异。The verification unit fits the historical position of each verification device into a straight line, and determines the difference according to the distance from the current position of each verification device to the straight line.
  15. 根据权利要求14所述的提供装置,其中,The providing apparatus of claim 14, wherein:
    所述验证单元根据所述各验证设备的当前位置到所述直线的距离的加权平均值,确定所述差异,任一个距离的权值与所述任一个距离相应的验证设备的信誉值正相关。The verification unit determines the difference according to the weighted average of the distances from the current position of each verification device to the straight line, and the weight of any distance is positively correlated with the reputation value of the verification device corresponding to the any distance .
  16. 根据权利要求11所述的提供装置,其中,The providing apparatus according to claim 11, wherein,
    所述验证单元根据所述待验证设备的信誉值是否小于信誉值阈值,确定所述待验证设备是否为恶意设备,在所述待验证设备不为恶意设备的情况下,根据所述各验证设备的历史位置与当前位置的差异,确定所述待验证设备是否通过验证。The verification unit determines whether the device to be verified is a malicious device according to whether the reputation value of the device to be verified is less than the reputation value threshold, and in the case that the device to be verified is not a malicious device, according to each verification device The difference between the historical location and the current location of the device determines whether the device to be verified has passed the verification.
  17. 根据权利要求16所述的提供装置,其中,The providing apparatus of claim 16, wherein:
    所述待验证设备的信誉值在所述待验证设备通过验证的情况下增加,在所述待验证设备未通过验证的情况下减少。The reputation value of the to-be-verified device increases when the to-be-verified device passes the verification, and decreases when the to-be-verified device fails the verification.
  18. 根据权利要求11-17任一项所述的提供装置,其中,The providing device according to any one of claims 11-17, wherein,
    任一个数据上传设备上传的数据通过第一智能合约,存储在区块链中;The data uploaded by any data uploading device is stored in the blockchain through the first smart contract;
    所述验证单元调用第二智能合约,确定所述待验证设备是否通过验证;The verification unit invokes the second smart contract to determine whether the device to be verified has passed the verification;
    所述提供单元从所述区块链获取所述目标数据,提供给所述请求设备。The providing unit acquires the target data from the blockchain and provides the target data to the requesting device.
  19. 根据权利要求11-17任一项所述的提供装置,其中,The providing device according to any one of claims 11-17, wherein,
    在所述待验证设备的信誉值大于或等于信誉值阈值的情况下,所述目标数据被允许上传。When the reputation value of the device to be verified is greater than or equal to the reputation value threshold, the target data is allowed to be uploaded.
  20. 根据权利要求11-17任一项所述的提供装置,其中,The providing device according to any one of claims 11-17, wherein,
    所述提供单元响应于任一个数据上传设备接入,向所述任一个数据上传设备发送公钥和私钥,所述目标数据为所述待验证设备通过公钥加密、私钥签名后上传。The providing unit sends a public key and a private key to any data uploading device in response to the access of any data uploading device, and the target data is uploaded by the device to be verified after being encrypted by the public key and signed by the private key.
  21. 一种数据的提供装置,包括:A device for providing data, comprising:
    存储器;和memory; and
    耦接至所述存储器的处理器,所述处理器被配置为基于存储在所述存储器中的指令,执行权利要求1-10任一项所述的数据的提供方法。A processor coupled to the memory, the processor configured to perform the method of providing data of any one of claims 1-10 based on instructions stored in the memory.
  22. 一种非易失性计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现权利要求1-10任一项所述的数据的提供方法。A non-volatile computer-readable storage medium on which a computer program is stored, and when the program is executed by a processor, implements the data providing method according to any one of claims 1-10.
  23. 一种数据的提供系统,包括:A system for providing data, including:
    数据的提供装置,用于,执行权利要求1-10任一项所述的数据的提供方法;A device for providing data, configured to execute the method for providing data according to any one of claims 1-10;
    多个数据上传设备,用于向数据的提供系统上传数据。Multiple data uploading devices are used to upload data to the data providing system.
  24. 根据权利要求23所述的提供系统,还包括:The providing system of claim 23, further comprising:
    区块链系统,用于存储所述多个数据上传设备上传的数据。The blockchain system is used to store the data uploaded by the plurality of data uploading devices.
PCT/CN2022/076467 2021-03-09 2022-02-16 Data providing method, apparatus and system WO2022188602A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110254510.1 2021-03-09
CN202110254510.1A CN113761530A (en) 2021-03-09 2021-03-09 Data providing method, device and system

Publications (1)

Publication Number Publication Date
WO2022188602A1 true WO2022188602A1 (en) 2022-09-15

Family

ID=78786716

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/076467 WO2022188602A1 (en) 2021-03-09 2022-02-16 Data providing method, apparatus and system

Country Status (2)

Country Link
CN (1) CN113761530A (en)
WO (1) WO2022188602A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113761530A (en) * 2021-03-09 2021-12-07 北京沃东天骏信息技术有限公司 Data providing method, device and system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108369620A (en) * 2015-08-20 2018-08-03 艾佛伦美国公司 Method and apparatus for the electronic security(ELSEC) management based on geographical location
CN110555296A (en) * 2019-08-01 2019-12-10 阿里巴巴集团控股有限公司 identity verification method, device and equipment based on block chain
CN111031124A (en) * 2019-12-10 2020-04-17 杭州涂鸦信息技术有限公司 Home equipment networking deployment method and device, electronic equipment and storage medium
CN112261427A (en) * 2020-10-20 2021-01-22 中国联合网络通信集团有限公司 Malicious node identification method and device and electronic equipment
CN113761530A (en) * 2021-03-09 2021-12-07 北京沃东天骏信息技术有限公司 Data providing method, device and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108369620A (en) * 2015-08-20 2018-08-03 艾佛伦美国公司 Method and apparatus for the electronic security(ELSEC) management based on geographical location
CN110555296A (en) * 2019-08-01 2019-12-10 阿里巴巴集团控股有限公司 identity verification method, device and equipment based on block chain
CN111031124A (en) * 2019-12-10 2020-04-17 杭州涂鸦信息技术有限公司 Home equipment networking deployment method and device, electronic equipment and storage medium
CN112261427A (en) * 2020-10-20 2021-01-22 中国联合网络通信集团有限公司 Malicious node identification method and device and electronic equipment
CN113761530A (en) * 2021-03-09 2021-12-07 北京沃东天骏信息技术有限公司 Data providing method, device and system

Also Published As

Publication number Publication date
CN113761530A (en) 2021-12-07

Similar Documents

Publication Publication Date Title
US10685099B2 (en) System and method for mapping decentralized identifiers to real-world entities
US11418348B1 (en) Distributed ledger system for identity data storage and access control
KR101883156B1 (en) System and method for authentication, user terminal, authentication server and service server for executing the same
CN108259438B (en) Authentication method and device based on block chain technology
CN113056741B (en) Profile verification based on distributed ledgers
US10686768B2 (en) Apparatus and method for controlling profile data delivery
US20200186517A1 (en) Secure token passing via hash chains
JP2018501567A (en) Device verification method and equipment
US11556617B2 (en) Authentication translation
JP6543743B1 (en) Management program
EP3206329B1 (en) Security check method, device, terminal and server
CN109242404B (en) Resume information management method, resume information management device, computer equipment and readable storage medium
CN111541542B (en) Request sending and verifying method, device and equipment
US10439809B2 (en) Method and apparatus for managing application identifier
US20220329446A1 (en) Enhanced asset management using an electronic ledger
CN113472521A (en) Block chain-based real-name digital identity management method, signature device and verification device
CN114444134A (en) Data use authorization method, system and device
WO2022188602A1 (en) Data providing method, apparatus and system
CN114048453A (en) User feature generation method and device, computer equipment and storage medium
GB2567715A (en) Authentication system, method and program
EP3158445B1 (en) Data verification in a distributed data processing system
US20200028689A1 (en) Location-based and time-based photo authentication
US11968305B2 (en) Four-factor authentication
CN115001714A (en) Resource access method and device, electronic equipment and storage medium
US11977646B2 (en) Secure sensor arrangement

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22766128

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 15/01/2024)