CN107832632A - Asset certification authorization query method, system, electronic device and computer readable storage medium - Google Patents

Asset certification authorization query method, system, electronic device and computer readable storage medium Download PDF

Info

Publication number
CN107832632A
CN107832632A CN201711121632.3A CN201711121632A CN107832632A CN 107832632 A CN107832632 A CN 107832632A CN 201711121632 A CN201711121632 A CN 201711121632A CN 107832632 A CN107832632 A CN 107832632A
Authority
CN
China
Prior art keywords
assets
data
prove
ownership
person
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711121632.3A
Other languages
Chinese (zh)
Other versions
CN107832632B (en
Inventor
温峰泰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
VTEAM FINANCIAL TECHNOLOGY SERVICE CORP
Original Assignee
VTEAM FINANCIAL TECHNOLOGY SERVICE CORP
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by VTEAM FINANCIAL TECHNOLOGY SERVICE CORP filed Critical VTEAM FINANCIAL TECHNOLOGY SERVICE CORP
Publication of CN107832632A publication Critical patent/CN107832632A/en
Application granted granted Critical
Publication of CN107832632B publication Critical patent/CN107832632B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides an asset certification authorization query method, an asset certification authorization query system, an electronic device and a computer readable storage medium. The asset certification authorization query method and system comprise the following steps: the system comprises a first asset proof generation module, a first authorization proof generation module, a first sending module, a first receiving module, a first authentication module, a first asset proof operation module and a first asset proof query module. Therefore, the automation of data transmission is realized, and the risk of data tampering is effectively reduced.

Description

Assets prove authority inquiry method, system, electronic installation and computer-readable storage Medium
Technical field
The present invention relates to information transmission field, more particularly to a kind of assets to prove authority inquiry method, system, electronic installation And computer-readable recording medium.
Background technology
In the prior art, ownership of assets person usually requires data needed for each bank or associated mechanisms inquiry, and And the data inquired will be supplied to data-requirements side by the ownership of assets person, so, not only ownership of assets person is carried out It is complicated the step of data collection under line, and because the data inquired is not to be supplied directly to the money by data provider Expect party in request, the risk that data will be caused to have be tampered, the data-requirements side can not be obtained desired data.
The content of the invention
In view of the foregoing, it is necessary to which providing a kind of assets proves authority inquiry method, system, electronic installation and computer Readable storage medium storing program for executing, to realize the automation of data transmission, while the risk that effectively reduction data is tampered.
A kind of assets prove authorization query system, applied to data provider, the assets prove authorization query system with Ownership of assets person and data-requirements side communicate, and the assets prove that authorization query system includes:
First assets prove generation module, for proving that application please in the assets for receiving the ownership of assets person transmission Ask, and after the identity of the ownership of assets person is by certification, entered according to the ownership of assets person in the data provider The assets of row management generate the assets comprising the data provider numerical digit voucher stamped signature and proved, and with the ownership of assets person Identification authorization prove owner public key to the assets prove be encrypted;
First assets prove generation module, are additionally operable to that the assets of encryption are proved to add querying condition;
First authorisation verification generation module, for proving application request according to the assets, generate the first authorisation verification;
First sending module, for the assets of the encryption after first authorisation verification and addition querying condition to be proved into hair Delivering to the assets of the data provider proves data bank;
First sending module, it is additionally operable to send first authorisation verification to the ownership of assets person so that institute First authorisation verification is supplied to the data-requirements side by the person that states ownership of assets;
First receiving module, for receiving the warrant of the ownership of assets person and/or data-requirements side offer Bright and querying condition;
First authentication module, for being demonstrate,proved according to the assets of the encryption after first authorisation verification and addition querying condition Bright, whether the authorisation verification and querying condition of ownership of assets person described in certification and/or data-requirements side offer are effective;
First assets prove computing module, for when the ownership of assets person and/or the data-requirements side offer When authorisation verification and effective querying condition, according to the ownership of assets person and/or the warrant of data-requirements side offer Bright, calculating the ownership of assets person and/or the assets needed for the data-requirements side proves;
First assets prove enquiry module, for from the assets of the data provider prove data bank or with the data The assets of provider prove that the association assets that data bank communicates prove that obtaining the assets calculated in data bank proves;
First sending module, be additionally operable to by the assets got prove be sent to the ownership of assets person and/or The data-requirements side so that the ownership of assets person and/or the data-requirements side with the private of the authorisation verification owner Key proves to be decrypted to the assets got.
According to the preferred embodiment of the present invention, what is be managed according to the ownership of assets person in the data provider Before assets of the assets generation comprising the data provider numerical digit voucher stamped signature prove, first receiving module is additionally operable to:
The identity for the ownership of assets person that authentication center sends is received by the authentication information of certification, is recognized according to described Card information determines that the identity of the ownership of assets person passes through certification;
The authentication center it is determined that the ownership of assets person identity by certification after, be the ownership of assets person The identity of an authorisation verification owner is generated, and one group of public key and private key are generated for the authorisation verification owner, it is described to recognize Card center includes the combination of following one or more:
The authentication center of the data provider, the authentication center communicated with the data provider.
According to the preferred embodiment of the present invention, the first authorisation verification generation module is specifically used for:
Prove that application request determines the scope of authority according to the assets, and generated in a hashed form according to the scope of authority First authorisation verification.
According to the preferred embodiment of the present invention, first authentication module is according to first authorisation verification and adds inquiry bar The assets of encryption after part prove, authorisation verification that ownership of assets person described in certification and/or the data-requirements side provide and Whether querying condition effectively includes:
The authorisation verification that the ownership of assets person and/or the data-requirements side are provided and first authorisation verification Matched, and the querying condition that the ownership of assets person and/or the data-requirements side are provided is with being previously added in institute The querying condition that stating the assets of generation proves is matched;
When the authorisation verification and first authorisation verification of the ownership of assets person and/or data-requirements side offer All match, and the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in described When the querying condition that the assets of generation prove also all matches, confirm that the ownership of assets person and/or the data-requirements side carry The authorisation verification and querying condition of confession are effective;Or
When the authorisation verification and first authorisation verification of the ownership of assets person and/or data-requirements side offer All match, but the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in described When the querying condition that the assets of generation prove not all matches, confirm that the ownership of assets person and/or the data-requirements side carry The authorisation verification and querying condition of confession are invalid;Or
When the authorisation verification and first authorisation verification of the ownership of assets person and/or data-requirements side offer Not all match, but the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in institute When the querying condition that stating the assets of generation proves all matches, confirm that the ownership of assets person and/or the data-requirements side carry The authorisation verification and querying condition of confession are invalid;Or
When the authorisation verification and first authorisation verification of the ownership of assets person and/or data-requirements side offer Not all match, and the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in institute When the querying condition that stating the assets of generation proves also not all matches, the ownership of assets person and/or the data-requirements are confirmed The authorisation verification and querying condition just provided is invalid.
According to the preferred embodiment of the present invention:
The type of the assets includes the combination of following one or more:
Cash in banks, foreign currency, stock, bond, fund;
The assets prove the combination for including following one or more:
Trade date, transaction details, total transaction amount, account balance and currency.
According to the preferred embodiment of the present invention, first authorisation verification includes the combination of following one or more:
The proof of identification of the data ownership person, the title of the data ownership person, the body of the data provider Part proof, the title of the data provider, the proof of identification of the data-requirements side, the data-requirements side title, award Weigh range of condition;
Wherein, the scope of authority condition includes following one or more kinds of combination:
Valid period, the maximum times of inquiry, inquiry section purpose time point, inquiry subject.
According to the preferred embodiment of the present invention, the querying condition includes the combination of following one or more:
Password for inquiry, proof of identification, can query time, content can be inquired about.
According to the preferred embodiment of the present invention, the corresponding assets of the data provider prove data bank, the assets institute The corresponding assets of the person of having the right prove data bank, and the corresponding assets in the data-requirements side prove data bank, and the data carries The assets of supplier prove that data bank, the assets of the ownership of assets person prove the assets card of data bank and the data-requirements side Bright data bank communicates, and the assets of the data provider prove that data bank, the assets of the ownership of assets person prove Data bank and the assets of the data-requirements side prove that data bank is the synchronous mechanism of distributing, the assets of the data provider Prove that data bank is used for the assets of encryption after storing first authorisation verification and adding querying condition and proved, and by described the The assets of encryption after one authorisation verification and addition querying condition prove synchronously to be stored in the assets card of the ownership of assets person Bright data bank and the assets of the data-requirements side prove data bank.
According to the preferred embodiment of the present invention, the assets prove that the embodiment of authorization query system also includes:
Implemented in a manner of block chain, produce a block on block chain, the owner of the block is the assets Ownership person, the block address of the block is first authorisation verification.
A kind of assets prove authorization query system, applied to data provider, the assets prove authorization query system with Data-requirements side communicates, and the data-requirements side communicates with ownership of assets person, and the assets prove authorization query system Including:
Second receiving module, application request and the second warrant are proved for receiving the assets that the data-requirements side is sent It is bright;
Second authentication module, whether it is that the ownership of assets person produces for the second authorisation verification described in certification;
Second assets prove generation module, for when second authorisation verification is that the ownership of assets person produces, The data provider numerical digit is included in the assets generation that the data provider is managed according to the ownership of assets person The assets of voucher stamped signature are proved, and the assets are proved to be encrypted with the public key of the data-requirements side;
Second assets prove generation module, are additionally operable to that the assets of encryption are proved to add querying condition;
Second authorisation verification generation module, for proving application request according to the assets, generate the 3rd authorisation verification;
Second sending module, for the assets of the encryption after the 3rd authorisation verification and addition querying condition to be proved into hair Delivering to the assets of the data provider proves data bank;
Second sending module, it is additionally operable to send the 3rd authorisation verification to the data-requirements side;
Second receiving module, it is additionally operable to receive authorisation verification and the querying condition that the data-requirements side provides;
Second authentication module, it is additionally operable to the money according to the encryption after the 3rd authorisation verification and addition querying condition Production proves whether the authorisation verification and querying condition that data-requirements side described in certification provides are effective;
Second assets proof computing module, the authorisation verification and querying condition for being provided when the data-requirements side are effective When, according to the authorisation verification of data-requirements side offer, calculating the assets needed for the data-requirements side proves;
Second assets prove enquiry module, for from the assets of the data provider prove data bank or with the data The assets of provider prove that the association assets that data bank communicates prove that obtaining the assets calculated in data bank proves;
Second sending module, it is additionally operable to prove the assets got to be sent to the data-requirements side so that described Data-requirements side proves to be decrypted with the private key of the data-requirements side to the assets got.
According to the preferred embodiment of the present invention, the second authorisation verification generation module is specifically used for:
Prove that application request determines the scope of authority according to the assets, and generated in a hashed form according to the scope of authority 3rd authorisation verification.
According to the preferred embodiment of the present invention, second authentication module is according to the 3rd authorisation verification and adds inquiry article The assets of encryption after part prove whether the authorisation verification and querying condition that data-requirements side described in certification provides effectively include:
The authorisation verification that the data-requirements side provides is matched with the 3rd authorisation verification, and by the data The querying condition that party in request provides is matched with the querying condition being previously added in the assets proof of the generation;
When the data-requirements side provide authorisation verification all matched with the 3rd authorisation verification, and the data need The querying condition that the side of asking provides is with being previously added when the querying condition of the assets proof of the generation also all matches, described in confirmation The authorisation verification and querying condition that data-requirements side provides are effective;Or
When the data-requirements side provide authorisation verification all matched with the 3rd authorisation verification, but the data need The querying condition that the side of asking provides is with being previously added when the querying condition of the assets proof of the generation not all matches, described in confirmation The authorisation verification and querying condition that data-requirements side provides are invalid;Or
When the authorisation verification that the data-requirements side provides not all matches with the 3rd authorisation verification, but the data The querying condition that party in request provides is with being previously added when the querying condition of the assets proof of the generation all matches, described in confirmation The authorisation verification and querying condition that data-requirements side provides are invalid;Or
When the authorisation verification that the data-requirements side provides not all matches with the 3rd authorisation verification, and the data The querying condition that party in request provides confirms with being previously added when the querying condition of the assets proof of the generation also not all matches The authorisation verification and querying condition that the data-requirements side provides are invalid.
According to the preferred embodiment of the present invention:
The type of the assets includes the combination of following one or more:
Cash in banks, foreign currency, stock, bond, fund;
The assets prove the combination for including following one or more:
Trade date, transaction details, total transaction amount, account balance and currency.
According to the preferred embodiment of the present invention, the 3rd authorisation verification includes the combination of following one or more:
The proof of identification of the data ownership person, the title of the data ownership person, the body of the data provider Part proof, the title of the data provider, the proof of identification of the data-requirements side, the data-requirements side title, award Weigh range of condition;
Wherein, the scope of authority condition includes following one or more kinds of combination:
Valid period, the maximum times of inquiry, inquiry section purpose time point, inquiry subject.
According to the preferred embodiment of the present invention, the querying condition includes the combination of following one or more:
Password for inquiry, proof of identification, can query time, content can be inquired about.
According to the preferred embodiment of the present invention, the corresponding assets of the data provider prove data bank, the assets institute The corresponding assets of the person of having the right prove data bank, and the corresponding assets in the data-requirements side prove data bank, and the data carries The assets of supplier prove that data bank, the assets of the ownership of assets person prove the assets card of data bank and the data-requirements side Bright data bank communicates, and the assets of the data provider prove that data bank, the assets of the ownership of assets person prove Data bank and the assets of the data-requirements side prove that data bank is the synchronous mechanism of distributing, the assets of the data provider Prove that data bank is used for the assets of encryption after storing the 3rd authorisation verification and adding querying condition and proved, and by described the The assets of encryption after three authorisation verifications and addition querying condition prove synchronously to be stored in the assets card of the ownership of assets person Bright data bank and the assets of the data-requirements side prove data bank.
According to the preferred embodiment of the present invention, the assets prove that the embodiment of authorization query system also includes:
Implemented in a manner of block chain, produce a block on block chain, the owner of the block is the data Party in request, the block address of the block is the 3rd authorisation verification.
A kind of assets prove authority inquiry method, and the assets prove that authority inquiry method includes:
First assets prove generation step, and application request is proved in the assets for receiving the ownership of assets person transmission, and After the identity of the ownership of assets person is by certification, it is managed according to the ownership of assets person in the data provider Assets generation proved comprising the assets of the data provider numerical digit voucher stamped signature, and with the identity of the ownership of assets person The public key of authorisation verification owner proves to be encrypted to the assets;
First assets prove to produce step, the assets of encryption are proved to add querying condition;
First authorisation verification produces step, proves application request according to the assets, generates the first authorisation verification;
First forwarding step, the assets of the encryption after first authorisation verification and addition querying condition are proved to send extremely The assets of the data provider prove data bank;
First forwarding step, first authorisation verification is sent to the ownership of assets person so that the assets First authorisation verification is supplied to the data-requirements side by ownership person;
First receiving step, receive authorisation verification that the ownership of assets person and/or the data-requirements side provide and Querying condition;
First authenticating step, proved, recognized according to the assets of the encryption after first authorisation verification and addition querying condition Whether authorisation verification and the querying condition for demonstrate,proving the ownership of assets person and/or data-requirements side offer are effective;
First assets prove calculation step, when the ownership of assets person and/or the mandate of data-requirements side offer When proof and querying condition are effective, according to the ownership of assets person and/or the authorisation verification of data-requirements side offer, fortune Calculating the ownership of assets person and/or the assets needed for the data-requirements side proves;
First assets prove query steps, prove data bank from the assets of the data provider or are provided with the data The assets of side prove that the association assets that data bank communicates prove that obtaining the assets calculated in data bank proves;
First forwarding step, the assets got are proved to be sent to the ownership of assets person and/or the money Expect party in request so that the ownership of assets person and/or the data-requirements side with the private key of the authorisation verification owner to institute Stating the assets got proves to be decrypted.
According to the preferred embodiment of the present invention, what is be managed according to the ownership of assets person in the data provider Before assets of the assets generation comprising the data provider numerical digit voucher stamped signature prove, first receiving step also includes:
The identity for the ownership of assets person that authentication center sends is received by the authentication information of certification, is recognized according to described Card information determines that the identity of the ownership of assets person passes through certification;
The authentication center it is determined that the ownership of assets person identity by certification after, be the ownership of assets person The identity of an authorisation verification owner is generated, and one group of public key and private key are generated for the authorisation verification owner, it is described to recognize Card center includes the combination of following one or more:
The authentication center of the data provider, the authentication center communicated with the data provider.
According to the preferred embodiment of the present invention, first authorisation verification produces step and specifically included:
Prove that application request determines the scope of authority according to the assets, and generated in a hashed form according to the scope of authority First authorisation verification.
According to the preferred embodiment of the present invention, first authenticating step is according to first authorisation verification and adds inquiry bar The assets of encryption after part prove, authorisation verification that ownership of assets person described in certification and/or the data-requirements side provide and Whether querying condition effectively includes:
The authorisation verification that the ownership of assets person and/or the data-requirements side are provided and first authorisation verification Matched, and the querying condition that the ownership of assets person and/or the data-requirements side are provided is with being previously added in institute The querying condition that stating the assets of generation proves is matched;
When the authorisation verification and first authorisation verification of the ownership of assets person and/or data-requirements side offer All match, and the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in described When the querying condition that the assets of generation prove also all matches, confirm that the ownership of assets person and/or the data-requirements side carry The authorisation verification and querying condition of confession are effective;Or
When the authorisation verification and first authorisation verification of the ownership of assets person and/or data-requirements side offer All match, but the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in described When the querying condition that the assets of generation prove not all matches, confirm that the ownership of assets person and/or the data-requirements side carry The authorisation verification and querying condition of confession are invalid;Or
When the authorisation verification and first authorisation verification of the ownership of assets person and/or data-requirements side offer Not all match, but the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in institute When the querying condition that stating the assets of generation proves all matches, confirm that the ownership of assets person and/or the data-requirements side carry The authorisation verification and querying condition of confession are invalid;Or
When the authorisation verification and first authorisation verification of the ownership of assets person and/or data-requirements side offer Not all match, and the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in institute When the querying condition that stating the assets of generation proves also not all matches, the ownership of assets person and/or the data-requirements are confirmed The authorisation verification and querying condition just provided is invalid.
According to the preferred embodiment of the present invention:
The type of the assets includes the combination of following one or more:
Cash in banks, foreign currency, stock, bond, fund;
The assets prove the combination for including following one or more:
Trade date, transaction details, total transaction amount, account balance and currency.
According to the preferred embodiment of the present invention, first authorisation verification includes the combination of following one or more:
The proof of identification of the data ownership person, the title of the data ownership person, the body of the data provider Part proof, the title of the data provider, the proof of identification of the data-requirements side, the data-requirements side title, award Weigh range of condition;
Wherein, the scope of authority condition includes following one or more kinds of combination:
Valid period, the maximum times of inquiry, inquiry section purpose time point, inquiry subject.
According to the preferred embodiment of the present invention, the querying condition includes the combination of following one or more:
Password for inquiry, proof of identification, can query time, content can be inquired about.
According to the preferred embodiment of the present invention, the corresponding assets of the data provider prove data bank, the assets institute The corresponding assets of the person of having the right prove data bank, and the corresponding assets in the data-requirements side prove data bank, and the data carries The assets of supplier prove that data bank, the assets of the ownership of assets person prove the assets card of data bank and the data-requirements side Bright data bank communicates, and the assets of the data provider prove that data bank, the assets of the ownership of assets person prove Data bank and the assets of the data-requirements side prove that data bank is the synchronous mechanism of distributing, the assets of the data provider Prove that data bank is used for the assets of encryption after storing first authorisation verification and adding querying condition and proved, and by described the The assets of encryption after one authorisation verification and addition querying condition prove synchronously to be stored in the assets card of the ownership of assets person Bright data bank and the assets of the data-requirements side prove data bank.
According to the preferred embodiment of the present invention, the assets prove that the embodiment of authority inquiry method also includes:
Implemented in a manner of block chain, produce a block on block chain, the owner of the block is the assets Ownership person, the block address of the block is first authorisation verification.
A kind of assets prove authority inquiry method, and the assets prove that authority inquiry method includes:
Second receiving step, receiving the assets that the data-requirements side is sent proves application request and the second authorisation verification;
Whether the second authenticating step, the second authorisation verification described in certification are that the ownership of assets person produces;
Second assets prove to produce step, when second authorisation verification is that the ownership of assets person produces, according to The ownership of assets person includes the data provider numerical digit voucher in the assets generation that the data provider is managed The assets of stamped signature are proved, and the assets are proved to be encrypted with the public key of the data-requirements side;
Second assets prove to produce step, the assets of encryption are proved to add querying condition;
Second authorisation verification produces step, proves application request according to the assets, generates the 3rd authorisation verification;
Second forwarding step, the assets of the encryption after the 3rd authorisation verification and addition querying condition are proved to send extremely The assets of the data provider prove data bank;
Second forwarding step, the 3rd authorisation verification is sent to the data-requirements side;
Second receiving step, receive authorisation verification and querying condition that the data-requirements side provides;
Second authenticating step, demonstrate,proved according to the assets of the encryption after the 3rd authorisation verification and addition querying condition Bright, whether the authorisation verification and querying condition that data-requirements side described in certification provides are effective;
Second assets prove calculation step, when the authorisation verification and effective querying condition of data-requirements side offer, The authorisation verification provided according to the data-requirements side, calculating the assets needed for the data-requirements side proves;
Second assets prove query steps, prove data bank from the assets of the data provider or are provided with the data The assets of side prove that the association assets that data bank communicates prove that obtaining the assets calculated in data bank proves;
Second forwarding step, the assets got are proved to be sent to the data-requirements side so that the data needs The side of asking proves to be decrypted with the private key of the data-requirements side to the assets got.
According to the preferred embodiment of the present invention, second authorisation verification produces step and specifically included:
Prove that application request determines the scope of authority according to the assets, and generated in a hashed form according to the scope of authority 3rd authorisation verification.
According to the preferred embodiment of the present invention, second authenticating step is according to the 3rd authorisation verification and adds inquiry article The assets of encryption after part prove whether the authorisation verification and querying condition that data-requirements side described in certification provides effectively include:
The authorisation verification that the data-requirements side provides is matched with the 3rd authorisation verification, and by the data The querying condition that party in request provides is matched with the querying condition being previously added in the assets proof of the generation;
When the data-requirements side provide authorisation verification all matched with the 3rd authorisation verification, and the data need The querying condition that the side of asking provides is with being previously added when the querying condition of the assets proof of the generation also all matches, described in confirmation The authorisation verification and querying condition that data-requirements side provides are effective;Or
When the data-requirements side provide authorisation verification all matched with the 3rd authorisation verification, but the data need The querying condition that the side of asking provides is with being previously added when the querying condition of the assets proof of the generation not all matches, described in confirmation The authorisation verification and querying condition that data-requirements side provides are invalid;Or
When the authorisation verification that the data-requirements side provides not all matches with the 3rd authorisation verification, but the data The querying condition that party in request provides is with being previously added when the querying condition of the assets proof of the generation all matches, described in confirmation The authorisation verification and querying condition that data-requirements side provides are invalid;Or
When the authorisation verification that the data-requirements side provides not all matches with the 3rd authorisation verification, and the data The querying condition that party in request provides confirms with being previously added when the querying condition of the assets proof of the generation also not all matches The authorisation verification and querying condition that the data-requirements side provides are invalid.
According to the preferred embodiment of the present invention:
The type of the assets includes the combination of following one or more:
Cash in banks, foreign currency, stock, bond, fund;
The assets prove the combination for including following one or more:
Trade date, transaction details, total transaction amount, account balance and currency.
According to the preferred embodiment of the present invention, the 3rd authorisation verification includes the combination of following one or more:
The proof of identification of the data ownership person, the title of the data ownership person, the body of the data provider Part proof, the title of the data provider, the proof of identification of the data-requirements side, the data-requirements side title, award Weigh range of condition;
Wherein, the scope of authority condition includes following one or more kinds of combination:
Valid period, the maximum times of inquiry, inquiry section purpose time point, inquiry subject.
According to the preferred embodiment of the present invention, the querying condition includes the combination of following one or more:
Password for inquiry, proof of identification, can query time, content can be inquired about.
According to the preferred embodiment of the present invention, the corresponding assets of the data provider prove data bank, the assets institute The corresponding assets of the person of having the right prove data bank, and the corresponding assets in the data-requirements side prove data bank, and the data carries The assets of supplier prove that data bank, the assets of the ownership of assets person prove the assets card of data bank and the data-requirements side Bright data bank communicates, and the assets of the data provider prove that data bank, the assets of the ownership of assets person prove Data bank and the assets of the data-requirements side prove that data bank is the synchronous mechanism of distributing, the assets of the data provider Prove that data bank is used for the assets of encryption after storing the 3rd authorisation verification and adding querying condition and proved, and by described the The assets of encryption after three authorisation verifications and addition querying condition prove synchronously to be stored in the assets card of the ownership of assets person Bright data bank and the assets of the data-requirements side prove data bank.
According to the preferred embodiment of the present invention, the assets prove that the embodiment of authority inquiry method also includes:
Implemented in a manner of block chain, produce a block on block chain, the owner of the block is the data Party in request, the block address of the block is the 3rd authorisation verification.
A kind of electronic installation, the electronic installation include memory and processor, and the memory is used to store at least one Individual instruction, the processor are used to perform the computer program that stores in the memory to realize that the assets prove that mandate is looked into Inquiry method.
A kind of computer-readable recording medium, the computer-readable recording medium storage has at least one instruction, described At least one instruction realizes that the assets prove authority inquiry method when being executed by processor.
As can be seen from the above technical solutions, the automation of data transmission can be realized using the present invention, while is effectively reduced The risk that data is tampered.
Brief description of the drawings
Fig. 1 is the application environment schematic diagram for the better embodiment that assets of the present invention prove authority inquiry method.
Fig. 2 is the functional block diagram for the first better embodiment that assets of the present invention prove authorization query system.
Fig. 3 is the flow chart for the first better embodiment that assets of the present invention prove authority inquiry method.
Fig. 4 is the functional block diagram for the second better embodiment that assets of the present invention prove authorization query system.
Fig. 5 is the flow chart for the second better embodiment that assets of the present invention prove authority inquiry method.
Embodiment
As shown in fig.1, it is the application environment signal for the better embodiment that assets of the present invention prove authority inquiry method Figure.In the present embodiment, the assets prove that authorization query system 10 is applied to data provider 11, the data provider 11 Communicated respectively with ownership of assets person 2 and data-requirements side 3.
In the present embodiment, the data provider 11 is used for the assets for managing the ownership of assets person 2, and the present invention is right The identity of the data provider 11 is not limited.
In the present embodiment, the ownership of assets person 2 is the side for possessing assets, and the ownership of assets person 2 also may be used Proved with queries asset.
In the present embodiment, the data-requirements side 3 is the side for needing queries asset to prove.
In the present embodiment, the data provider 11 is used to be provided in the data according to the ownership of assets person 2 The assets generation assets that side 11 is managed prove, so that the ownership of assets person 2 and/or the data-requirements side 3 are carried out Inquiry.
In the present embodiment, the corresponding assets of the data provider 11 prove data bank 13, the ownership of assets The corresponding assets of person 2 prove data bank 23, and the corresponding assets in the data-requirements side 3 prove data bank 33, the data The assets of provider 11 prove that data bank 13, the assets of the ownership of assets person 2 prove data bank 23 and the data-requirements The assets of side 3 prove that data bank 33 communicates, and the assets of the data provider 11 prove data bank 13, assets institute The assets of the person of having the right 2 prove that the assets of data bank 23 and the data-requirements side 3 prove that data bank 33 is the synchronous machine of distributing System, the assets of the data provider 11 prove that data bank 13 is used for after storing first authorisation verification and adding querying condition The assets of encryption prove, and the assets of first authorisation verification and the encryption added after querying condition are proved into synchronous storage The assets for proving data bank 23 and the data-requirements side 3 in the assets of the ownership of assets person 2 prove data bank 33.
In the present embodiment, the assets prove that authorization query system 10 can be run in computer installation, the calculating Machine device be it is a kind of can be automatic to carry out numerical computations and/or the equipment of information processing according to the instruction for being previously set or storing, Its hardware includes but is not limited to microprocessor, application specific integrated circuit (Application Specific Integrated Circuit, ASIC), programmable gate array (Field-Programmable Gate Array, FPGA), digital processing unit (Digital Signal Processor, DSP), embedded device etc..The computer installation includes but is not limited to single net Network server, multiple webservers composition server group or based on cloud computing (Cloud Computing) by largely leading The cloud that machine or the webserver are formed.
As shown in fig.2, it is the functional module for the first better embodiment that assets of the present invention prove authorization query system Figure.In the present embodiment, the assets prove that authorization query system 10 can be divided into one or more modules.For example, The assets prove that authorization query system 10 is divided into the first assets and proves that generation module 101, the first authorisation verification produce mould Block 102, the first sending module 103, the first receiving module 104, the first authentication module 105, the first assets prove computing module 106 And first assets prove enquiry module 107.Detailed functions on each module will be described specifically in Fig. 3 later.
As shown in fig.3, it is the flow chart for the first better embodiment that assets of the present invention prove authority inquiry method.Root According to different demands, the order of step can change in the flow chart, and some steps can be omitted or merged.
Step S10, the first assets prove that generation module 101 proves in the assets for receiving the transmission of ownership of assets person 2 After application is asked, and the identity of the ownership of assets person 2 is by certification, according to the ownership of assets person 2 in the data The assets that provider 11 is managed generate the assets comprising the numerical digit voucher stamped signature of data provider 11 and proved, and with described The identification authorization of ownership of assets person 2 proves that the public key of owner proves to be encrypted to the assets.
In the present embodiment, prove generation module 101 according to the ownership of assets person 2 described in first assets Before assets of the assets generation comprising the numerical digit voucher stamped signature of data provider 11 that data provider 11 is managed prove, First receiving module 104, which receives the assets that the ownership of assets person 2 sends, proves application request.
In the present embodiment, the assets prove that application request includes, but are not limited to following one or more kinds of combination:
The proof of identification of the ownership of assets person 2, the title of the ownership of assets person 2, the data-requirements side 3 Proof of identification, the title of the data-requirements side 3, scope of authority condition etc..
In the present embodiment, prove generation module 101 according to the ownership of assets person 2 described in first assets Before assets of the assets generation comprising the numerical digit voucher stamped signature of data provider 11 that data provider 11 is managed prove, First receiving module 104 is additionally operable to:Receive the certification that the identity for the ownership of assets person 2 that authentication center sends passes through certification Information, the identity for determining the ownership of assets person 2 according to the authentication information pass through certification.
In the present embodiment, the authentication center it is determined that the ownership of assets person 2 identity by certification after, for institute Stating ownership of assets, person 2 generates the identity of an authorisation verification owner, and generates one group of public affairs for the authorisation verification owner Key and private key, for subsequently proving to be encrypted to the assets of generation and decryption oprerations.
In the present embodiment, the ownership of assets person 2 is by the public key of the authorisation verification owner and the warrant The private key of bright owner is supplied to the data-requirements side 3.
In the present embodiment, the authentication center is the machine that a kind of identity to the ownership of assets person 2 provides certification System, the authentication center include, but are not limited to the combination of following one or more:
The authentication center of the data provider 11, the authentication center communicated with the data provider 11 etc..
In the present embodiment, the type of the assets includes, but are not limited to the combination of following one or more:
Cash in banks, foreign currency, stock, bond, fund etc..
In the present embodiment, the assets prove to include, but are not limited to the combination of following one or more:
Trade date, transaction details, total transaction amount, account balance and currency etc..
In the present embodiment, the assets of the generation prove to be signed with the numerical digit voucher stamped signature of the data provider 11 Chapter, produced with proving that the assets of the generation are proved to be by the data provider 11.
Step S11, first assets prove that generation module 101 proves to add querying condition to the assets of encryption.
In the present embodiment, the querying condition includes, but are not limited to the combination of following one or more:
Password for inquiry, proof of identification, can query time, content etc. can be inquired about.
Step S12, the first authorisation verification generation module 102 prove application request according to the assets, and generation first authorizes Prove.
In the present embodiment, the first authorisation verification generation module 102 proves that application request determines according to the assets The scope of authority, and first authorisation verification is generated according to the scope of authority in a hashed form.
It should be noted that the hash mode is a kind of one-way cipher system, that is to say, that passes through the hash mode Encryption be it is a kind of from plaintext to ciphertext can not inverse mapping, only include ciphering process, without decrypting process.So, institute is passed through State hash mode and generate first authorisation verification, it will it is more safe and reliable, effectively reduce the risk being tampered.
In the present embodiment, first authorisation verification includes, but are not limited to the combination of following one or more:
The proof of identification of the data ownership person 2, the title of the data ownership person 2, the data provider 11 Proof of identification, the title of the data provider 11, the proof of identification of the data-requirements side 3, the data-requirements side 3 Title, scope of authority condition etc..
In the present embodiment, the scope of authority condition includes, but are not limited to following one or more kinds of combination:
Valid period, the maximum times of inquiry, inquiry section purpose time point, inquiry subject etc..
Step S13, the first sending module 103 by first authorisation verification and add querying condition after encryption assets Prove to send to the assets of the data provider 11 and prove data bank 13.
In the present embodiment, the assets prove that the memory mechanism of data bank 13 looks into first authorisation verification and addition The assets of encryption after inquiry condition prove that the assets for being synchronously stored in the ownership of assets person 2 prove data bank 23 and the money Expecting the assets of party in request 3 proves in data bank 33 that so, the ownership of assets person 2 or the data-requirements side 3 can arrive Any one assets communicated proves to carry out the inquiry of assets proof in data bank.
Step S14, first sending module 103 send first authorisation verification to the ownership of assets person 2 So that first authorisation verification is supplied to the data-requirements side 3 by the ownership of assets person 2.
In the present embodiment, first authorisation verification is sent to the assets institute in first sending module 103 After the person of having the right 2, first authorisation verification is supplied to the data-requirements side 3 by the ownership of assets person 2, so, described First authorisation verification can be inquired about the generation as voucher by ownership of assets person 2 and the data-requirements side 3 Assets prove.
In the present embodiment, it is supplied to the data to need first authorisation verification for the ownership of assets person 2 The mode of the side of asking 3 is not limited.Such as:The ownership of assets person 2 can use the side such as mail, social software, e-file First authorisation verification is supplied to the data-requirements side 3 by formula.
Step S15, the first receiving module 104 receives the ownership of assets person 2 and/or the data-requirements side 3 provides Authorisation verification and querying condition.
Step S16, the first authentication module 105 according to first authorisation verification and add querying condition after encryption money Production proves that whether are the authorisation verification and querying condition of ownership of assets person 2 described in certification and/or the offer of the data-requirements side 3 Effectively.
In the present embodiment, after first authentication module 105 is according to first authorisation verification and addition querying condition The assets of encryption prove, the authorisation verification and look into that ownership of assets person 2 described in certification and/or the data-requirements side 3 provide Whether inquiry condition effectively includes:First authentication module 105 is by the ownership of assets person 2 and/or the data-requirements side 3 The authorisation verification of offer is matched with first authorisation verification, and the ownership of assets person 2 and/or the data are needed The querying condition that the side of asking 3 provides is matched with the querying condition being previously added in the assets proof of the generation.
In the present embodiment, the result of certification includes:
(1) when the authorisation verification that the ownership of assets person 2 and/or the data-requirements side 3 provide is awarded with described first Warrant is bright all to be matched, and the querying condition that the ownership of assets person 2 and/or the data-requirements side 3 provide with adding in advance When the querying condition that entering the assets of the generation proves also all matches, first authentication module 105 confirms the assets institute The authorisation verification and querying condition that the person of having the right 2 and/or the data-requirements side 3 provide are effective.
(2) when the authorisation verification that the ownership of assets person 2 and/or the data-requirements side 3 provide is awarded with described first Warrant is bright all to be matched, but the querying condition that the ownership of assets person 2 and/or the data-requirements side 3 provide with adding in advance When the querying condition that entering the assets of the generation proves not all matches, first authentication module 105 confirms the assets institute The authorisation verification and querying condition that the person of having the right 2 and/or the data-requirements side 3 provide are invalid.
(3) when the authorisation verification that the ownership of assets person 2 and/or the data-requirements side 3 provide is awarded with described first Warrant is bright not all to be matched, but the querying condition that provides of the ownership of assets person 2 and/or the data-requirements side 3 with advance When the querying condition that being incorporated in the assets of the generation proves all matches, first authentication module 105 confirms the assets institute The authorisation verification and querying condition that the person of having the right 2 and/or the data-requirements side 3 provide are invalid.
(4) when the authorisation verification that the ownership of assets person 2 and/or the data-requirements side 3 provide is awarded with described first Warrant is bright not all to be matched, and the querying condition that provides of the ownership of assets person 2 and/or the data-requirements side 3 with advance When the querying condition that being incorporated in the assets of the generation proves also not all matches, first authentication module 105 confirms the money Authorisation verification and the querying condition for producing ownership person 2 and/or the offer of the data-requirements side 3 are invalid.
Step S17, when the ownership of assets person 2 and/or the authorisation verification and inquiry bar of the offer of the data-requirements side 3 When part is effective, the first assets prove that computing module 106 provides according to the ownership of assets person 2 and/or the data-requirements side 3 Authorisation verification, calculating the ownership of assets person 2 and/or the assets needed for the data-requirements side 3 proves.
In the present embodiment, the assets calculated prove that the assets for being just stored in the data provider 11 prove data Storehouse 13 or with the assets of the data provider 11 prove that data bank 13 communicates associate in assets proof data bank described in The assets of the encryption added after querying condition prove.
Step S18, the first assets prove enquiry module 107 from the assets of the data provider 11 prove data bank 13 or Prove that the assets that associate that data bank 13 communicates prove to obtain what is calculated in data bank with the assets of the data provider 11 Assets prove.
In the present embodiment, the ownership of assets person 2 and the data-requirements side 3 can be member or be non-meeting Member.
Specifically, when the ownership of assets person 2 and the data-requirements side 3 are members, the ownership of assets person 2 And the data-requirements side 3 can the data provider 11 assets prove data bank 13 or with the data provider 11 Assets prove that any association assets that communicate of data bank 13 prove that obtaining the assets calculated in data bank proves.But When the ownership of assets person 2 and the data-requirements side 3 are non-members, the ownership of assets person 2 and the data need The side of asking 3 can be by belonging to the node of member (such as:First assets of the data provider 11 prove enquiry module 107) Assets corresponding to being connected to prove that obtaining the assets calculated in data bank proves.
In the present embodiment, the association assets prove that data bank includes, but are not limited to following one or more kinds of group Close:The assets of the ownership of assets person 2 prove that data bank 23, the assets of the data-requirements side 3 prove data bank 33 etc..
Step S19, first sending module 103 prove the assets got to be sent to the ownership of assets person 2 And/or the data-requirements side 3 is so that the ownership of assets person 2 and/or the data-requirements side 3 are gathered around with the authorisation verification The private key for the person of having proves to be decrypted to the assets got.
In the present embodiment, the assets got proof is sent to the assets institute in first sending module 103 Behind the person of having the right 2 and/or the data-requirements side 3, the ownership of assets person 2 and/or the data-requirements side 3 are with the mandate Prove the private key of owner proves to be decrypted to the assets got, and with the numerical digit voucher of the data provider 11 Stamped signature verifies that the assets got described in confirmation prove whether to provide for the data to the assets proof got Produced by side 11.
In the present embodiment, the assets prove that the embodiment of authorization query system 10 also includes:With the side of block chain Formula is implemented, and the assets prove that authorization query system 10 produces a block on block chain, and the owner of the block is institute The person 2 that states ownership of assets, the block address of the block is first authorisation verification.
As shown in fig.4, it is the functional module for the second better embodiment that assets of the present invention prove authorization query system Figure.In the present embodiment, the assets prove that authorization query system 10 can be divided into one or more modules.For example, The assets prove that authorization query system 10 is divided into the second receiving module 201, the second authentication module 202, the second assets card Bright generation module 203, the second authorisation verification generation module 204, the second sending module 205, the second assets prove computing module 206 And second assets prove enquiry module 207.Detailed functions on each module will be described specifically in Fig. 5 later.
As shown in fig.5, it is the flow chart for the second better embodiment that assets of the present invention prove authority inquiry method.Root According to different demands, the order of step can change in the flow chart, and some steps can be omitted or merged.
Step S200, the second receiving module 201, which receives the assets that the data-requirements side 3 is sent, proves application request and the Two authorisation verifications.
In the present embodiment, second authorisation verification is produced by the ownership of assets person 2, second authorisation verification Numerical digit voucher stamped signature comprising the ownership of assets person 2, to prove second authorisation verification by the ownership of assets person 2 Produce.
In the present embodiment, the assets prove that application request includes, but are not limited to following one or more kinds of combination:
The proof of identification of the ownership of assets person 2, the title of the ownership of assets person 2, the data-requirements side 3 Proof of identification, the title of the data-requirements side 3, scope of authority condition etc..
Whether step S201, the second authorisation verification described in the certification of the second authentication module 202 are that the ownership of assets person 2 produces It is raw.
In the present embodiment, second authentication module 202 can pass through the numerical digit voucher label of the ownership of assets person 2 Chapter proves whether second authorisation verification is produced by the ownership of assets person 2.
Step S202, when second authorisation verification is that the ownership of assets person 2 produces, the second assets prove to produce Module 203 includes the data according to the ownership of assets person 2 in the assets generation that the data provider 11 is managed The assets of the numerical digit voucher stamped signature of provider 11 are proved, and the assets are proved to add with the public key of the data-requirements side 3 It is close.
In the present embodiment, prove to use the data-requirements different from first preferred embodiment, the assets of generation The public key of side 3 is encrypted, and subsequently will be also decrypted using the private key of the data-requirements side 3, so, the data-requirements It just 3 can directly be communicated with the data provider 11, and inquire about the assets to prove, without passing through the assets Ownership person 2, make the inquiry of the data-requirements side 3 more convenient.
In the present embodiment, the type of the assets includes, but are not limited to the combination of following one or more:
Cash in banks, foreign currency, stock, bond, fund etc..
In the present embodiment, the assets prove to include, but are not limited to the combination of following one or more:
Trade date, transaction details, total transaction amount, account balance and currency etc..
In the present embodiment, the assets of the generation prove to be signed with the numerical digit voucher stamped signature of the data provider 11 Chapter, produced with proving that the assets of the generation are proved to be by the data provider 11.
Step S203, second assets prove that generation module 203 proves to add querying condition to the assets of encryption.
In the present embodiment, the querying condition includes, but are not limited to the combination of following one or more:
Password for inquiry, proof of identification, can query time, content etc. can be inquired about.
Step S204, the second authorisation verification generation module 204 prove application request according to the assets, and generation the 3rd authorizes Prove.
In the present embodiment, the second authorisation verification generation module 204 proves that application request determines according to the assets The scope of authority, and first authorisation verification is generated according to the scope of authority in a hashed form.
In the present embodiment, the 3rd authorisation verification includes, but are not limited to the combination of following one or more:
The proof of identification of the data ownership person 2, the title of the data ownership person 2, the data provider 11 Proof of identification, the title of the data provider 11, the proof of identification of the data-requirements side 3, the data-requirements side 3 Title, scope of authority condition etc..
In the present embodiment, the scope of authority condition includes, but are not limited to following one or more kinds of combination:
Valid period, the maximum times of inquiry, inquiry section purpose time point, inquiry subject etc..
Step S205, the second sending module 205 by the 3rd authorisation verification and add querying condition after encryption money Production, which proves to send to the assets of the data provider 11, proves data bank 13.
In the present embodiment, the assets prove that the memory mechanism of data bank 13 looks into the 3rd authorisation verification and addition The assets of encryption after inquiry condition prove that the assets for being synchronously stored in the ownership of assets person 2 prove data bank 23 and the money Expecting the assets of party in request 3 proves in data bank 33 that so, the ownership of assets person 2 or the data-requirements side 3 can arrive Any one assets communicated proves to carry out the inquiry of assets proof in data bank.
Step S206, second sending module 205 send the 3rd authorisation verification to the data-requirements side 3.
Step S207, second receiving module 201 receive authorisation verification and the inquiry bar that the data-requirements side 3 provides Part.
Step S208, second authentication module 202 is according to adding after the 3rd authorisation verification and addition querying condition Close assets prove whether the authorisation verification and querying condition that data-requirements side 3 described in certification provides are effective.
In the present embodiment, after second authentication module 202 is according to the 3rd authorisation verification and addition querying condition The assets of encryption prove whether the authorisation verification and querying condition that data-requirements side 3 described in certification provides effectively include:It is described Second authentication module 202 is matched the authorisation verification that the data-requirements side 3 provides with the 3rd authorisation verification, and will The querying condition and be previously added in the querying condition progress of the assets proof of the generation that the data-requirements side 3 provides Match somebody with somebody.
In the present embodiment, the result of certification includes:
(1) when the authorisation verification that the data-requirements side 3 provides all matches with the 3rd authorisation verification, and the money The querying condition that material party in request 3 provides is with being previously added when the querying condition of the assets proof of the generation also all matches, institute State the second authentication module 202 and confirm that the authorisation verification of the offer of data-requirements side 3 and querying condition are effective.
(2) when the authorisation verification that the data-requirements side 3 provides all matches with the 3rd authorisation verification, but the money The querying condition that material party in request 3 provides is with being previously added when the querying condition of the assets proof of the generation not all matches, institute State the second authentication module 202 and confirm that the authorisation verification of the offer of data-requirements side 3 and querying condition are invalid.
(3) it is but described when the authorisation verification that the data-requirements side 3 provides not all matches with the 3rd authorisation verification The querying condition that data-requirements side 3 provides is with being previously added when the querying condition of the assets proof of the generation all matches, institute State the second authentication module 202 and confirm that the authorisation verification of the offer of data-requirements side 3 and querying condition are invalid.
(4) it is and described when the authorisation verification that the data-requirements side 3 provides not all matches with the 3rd authorisation verification The querying condition that data-requirements side 3 provides also not all matches with the querying condition being previously added in the assets proof of the generation When, second authentication module 202 confirms that the authorisation verification of the offer of data-requirements side 3 and querying condition are invalid.
Step S209, when the authorisation verification and effective querying condition of the data-requirements side 3 offer, the second assets prove The authorisation verification that computing module 206 provides according to the data-requirements side 3, calculate the assets needed for the data-requirements side 3 Prove.
In the present embodiment, the assets calculated prove that the assets for being just stored in the data provider 11 prove data Storehouse 13 or with the assets of the data provider 11 prove that data bank 13 communicates associate in assets proof data bank described in The assets of the encryption added after querying condition prove.
Step S210, the second assets prove that enquiry module 207 proves data bank 13 from the assets of the data provider 11 Or prove to obtain in data bank and calculate with the assets that associate that the assets of the data provider 11 prove that data bank 13 communicates Assets prove.
In the present embodiment, the data-requirements side 3 can be member either non-member.
Specifically, when the data-requirements side 3 is member, the data-requirements side 3 can be in the data provider 11 assets prove data bank 13 or prove that any association that data bank 13 communicates provides with the assets of the data provider 11 Production proves that obtaining the assets calculated in data bank proves.But when the data-requirements side 3 is non-member, the data Party in request 3 can be by belonging to the node of member (such as:Second assets of the data provider 11 prove enquiry module 207) assets corresponding to being connected to prove that obtaining the assets calculated in data bank proves.
In the present embodiment, the association assets prove that data bank includes, but are not limited to following one or more kinds of group Close:The assets of the ownership of assets person 2 prove that data bank 23, the assets of the data-requirements side 3 prove data bank 33 etc..
Step S211, second sending module 205 by the assets got prove be sent to the data-requirements side 3 with The data-requirements side 3 is set to prove to be decrypted to the assets got with the private key of the data-requirements side 3.
In the present embodiment, the assets got are proved that being sent to the data needs in second sending module 205 Behind the side of asking 3, the data-requirements side 3 proves to be decrypted with the private key of the data-requirements side 3 to the assets got, And the assets got are proved to verify with the numerical digit voucher stamped signature of the data provider 11, confirm the acquisition To assets prove whether as produced by the data provider 11.
In the present embodiment, the assets prove that the embodiment of authorization query system 10 also includes:With the side of block chain Formula is implemented, and the assets prove that authorization query system 10 produces a block on block chain, and the owner of the block is institute Data-requirements side 3 is stated, the block address of the block is the 3rd authorisation verification.
The above embodiments are merely illustrative of the technical solutions of the present invention and it is unrestricted, although with reference to above preferred embodiment pair The present invention is described in detail, it will be understood by those within the art that, technical scheme can be carried out Modification or equivalent substitution should not all depart from the spirit and scope of technical solution of the present invention.
In several embodiments provided by the present invention, it should be understood that disclosed system, apparatus and method can be with Realized through other modes.For example, device embodiment described above is only schematical, for example, the module Division, only a kind of division of logic function, can there is other dividing mode when actually realizing.
The module illustrated as separating component can be or may not be physically separate, show as module The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple On NE.Some or all of module therein can be selected to realize the mesh of this embodiment scheme according to the actual needs 's.
In addition, each functional module in each embodiment of the present invention can be integrated in a processing unit, can also That unit is individually physically present, can also two or more units it is integrated in a unit.Above-mentioned integrated list Member can both be realized in the form of hardware, can also be realized in the form of hardware adds software function module.
The above-mentioned integrated unit realized in the form of software function module, can be stored in a computer-readable storage Deposit in medium.Above-mentioned software function module is stored in a storage medium, including some instructions are causing a computer It is each that equipment (can be personal computer, server, or network equipment etc.) or processor (processor) perform the present invention The part steps of embodiment methods described.
Some computer product claims in subsequent application the scope of the claims all using computer program flow as foundation, with Computer program flow content in foregoing flow chart corresponds to consistent.Therefore, these computer product claims, it should be understood that The functional module framework of foregoing solutions is realized for the main computer program recorded through specification, and is not construed as The entity apparatus of the solution is mainly realized by hardware mode.
It is obvious to a person skilled in the art that the invention is not restricted to the details of above-mentioned one exemplary embodiment, Er Qie In the case of without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter From the point of view of which point, embodiment all should be regarded as exemplary, and be nonrestrictive, the scope of the present invention is by appended Shen Please the scope of the claims rather than described above limit, it is intended that implication and scope in the equivalency of claim will be fallen Interior all changes are included in the present invention.Any attached associated diagram mark in claim should not be considered as involved by limitation And claim.Furthermore, it is to be understood that the word of " comprising " one is not excluded for other units or step, odd number is not excluded for plural number.System The multiple units or device stated in claim can also pass through software or hardware Lai real by a unit or device It is existing.The word such as " first ", " second " (if present) is used for representing title, and is not offered as any specific order.
Finally it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention and it is unrestricted, although reference The present invention is described in detail for preferred embodiment, it will be understood by those within the art that, can be to the present invention's Technical scheme is modified or equivalent substitution, without departing from the spirit and scope of technical solution of the present invention.

Claims (36)

1. a kind of assets prove authorization query system, applied to data provider, the assets prove authorization query system and money Production ownership person and data-requirements side communicate, it is characterised in that the assets prove that authorization query system includes:
First assets prove generation module, for proving application request in the assets for receiving the ownership of assets person transmission, and After the identity of the ownership of assets person is by certification, it is managed according to the ownership of assets person in the data provider Assets generation proved comprising the assets of the data provider numerical digit voucher stamped signature, and with the identity of the ownership of assets person The public key of authorisation verification owner proves to be encrypted to the assets;
First assets prove generation module, are additionally operable to that the assets of encryption are proved to add querying condition;
First authorisation verification generation module, for proving application request according to the assets, generate the first authorisation verification;
First sending module, for proving to send extremely by the assets of the encryption after first authorisation verification and addition querying condition The assets of the data provider prove data bank;
First sending module, it is additionally operable to send first authorisation verification to the ownership of assets person so that the money First authorisation verification is supplied to the data-requirements side by production ownership person;
First receiving module, for receive authorisation verification that the ownership of assets person and/or the data-requirements side provide and Querying condition;
First authentication module, for being proved according to the assets of the encryption after first authorisation verification and addition querying condition, recognize Whether authorisation verification and the querying condition for demonstrate,proving the ownership of assets person and/or data-requirements side offer are effective;
First assets prove computing module, for when the mandate of the ownership of assets person and/or data-requirements side offer When proof and querying condition are effective, according to the ownership of assets person and/or the authorisation verification of data-requirements side offer, fortune Calculating the ownership of assets person and/or the assets needed for the data-requirements side proves;
First assets prove enquiry module, for proving data bank from the assets of the data provider or being provided with the data The assets of side prove that the association assets that data bank communicates prove that obtaining the assets calculated in data bank proves;
First sending module, it is additionally operable to prove the assets got to be sent to the ownership of assets person and/or described Data-requirements side so that the ownership of assets person and/or the data-requirements side with the private key pair of the authorisation verification owner The assets got prove to be decrypted.
2. assets as claimed in claim 1 prove authorization query system, it is characterised in that according to the ownership of assets person It is proved in assets of the assets generation comprising the data provider numerical digit voucher stamped signature that the data provider is managed Before, first receiving module is additionally operable to:
The identity for the ownership of assets person that authentication center sends is received by the authentication information of certification, is believed according to the certification Breath determines that the identity of the ownership of assets person passes through certification;
The authentication center it is determined that the ownership of assets person identity by certification after, for the ownership of assets person generate The identity of one authorisation verification owner, and one group of public key and private key are generated for the authorisation verification owner, in the certification Pericardium includes the combination of following one or more:
The authentication center of the data provider, the authentication center communicated with the data provider.
3. assets as claimed in claim 1 prove authorization query system, it is characterised in that first authorisation verification produces mould Block is specifically used for:
Prove that application request determines the scope of authority according to the assets, and according to the scope of authority generates in a hashed form First authorisation verification.
4. assets as claimed in claim 1 prove authorization query system, it is characterised in that first authentication module is according to institute The assets of encryption stated the first authorisation verification and added after querying condition prove, ownership of assets person described in certification and/or described Whether the authorisation verification and querying condition that data-requirements side provides effectively include:
The authorisation verification that the ownership of assets person and/or the data-requirements side are provided is carried out with first authorisation verification Matching, and the querying condition that the ownership of assets person and/or the data-requirements side are provided is with being previously added in the life Into assets prove querying condition matched;
The authorisation verification and first authorisation verification provided when the ownership of assets person and/or the data-requirements side is all Match somebody with somebody, and the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in the generation The querying condition that proves of assets when also all matching, confirm the ownership of assets person and/or the data-requirements side provide Authorisation verification and querying condition are effective;Or
The authorisation verification and first authorisation verification provided when the ownership of assets person and/or the data-requirements side is all Match somebody with somebody, but the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in the generation The querying condition that proves of assets when not all matching, confirm the ownership of assets person and/or the data-requirements side provide Authorisation verification and querying condition are invalid;Or
When the authorisation verification that the ownership of assets person and/or the data-requirements side provide with first authorisation verification not all Matching, but the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in the life Into the querying condition that proves of assets all match when, confirm what the ownership of assets person and/or the data-requirements side provided Authorisation verification and querying condition are invalid;Or
When the authorisation verification that the ownership of assets person and/or the data-requirements side provide with first authorisation verification not all Matching, and the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in the life Into assets prove querying condition also not all match when, confirm that the ownership of assets person and/or the data-requirements side carry The authorisation verification and querying condition of confession are invalid.
5. the assets as any one of Claims 1-4 prove authorization query system, it is characterised in that:
The type of the assets includes the combination of following one or more:
Cash in banks, foreign currency, stock, bond, fund;
The assets prove the combination for including following one or more:
Trade date, transaction details, total transaction amount, account balance and currency.
6. the assets as any one of Claims 1-4 prove authorization query system, it is characterised in that described first awards The bright combination for including following one or more of warrant:
The proof of identification of the data ownership person, the title of the data ownership person, the identity card of the data provider The title of bright, described data provider, the proof of identification of the data-requirements side, the title of the data-requirements side, mandate model Foxing part;
Wherein, the scope of authority condition includes following one or more kinds of combination:
Valid period, the maximum times of inquiry, inquiry section purpose time point, inquiry subject.
7. the assets as any one of Claims 1-4 prove authorization query system, it is characterised in that the inquiry bar Part includes the combination of following one or more:
Password for inquiry, proof of identification, can query time, content can be inquired about.
8. the assets as any one of Claims 1-4 prove authorization query system, it is characterised in that the data carries The corresponding assets of supplier prove data bank, and the corresponding assets of the ownership of assets person prove data bank, and the data needs The corresponding assets in the side of asking prove data bank, and the assets of the data provider prove data bank, the ownership of assets person Assets prove that the assets of data bank and the data-requirements side prove that data bank communicates, and the assets of the data provider Prove that data bank, the assets of the ownership of assets person prove that the assets of data bank and the data-requirements side prove that data bank is The synchronous mechanism of distributing, the assets of the data provider prove that data bank is used to store first authorisation verification and addition The assets of encryption after querying condition are proved, and the assets of the encryption after first authorisation verification and addition querying condition are demonstrate,proved The bright assets for being synchronously stored in the ownership of assets person prove that the assets of data bank and the data-requirements side prove data bank.
9. the assets as any one of Claims 1-4 prove authorization query system, it is characterised in that the assets card The embodiment of bright authorization query system also includes:
Implemented in a manner of block chain, produce a block on block chain, the owner of the block owns for the assets Quan Zhe, the block address of the block is first authorisation verification.
10. a kind of assets prove authorization query system, applied to data provider, the assets prove authorization query system and money Material party in request communicates, and the data-requirements side communicates with ownership of assets person, it is characterised in that the assets prove to authorize Inquiry system includes:
Second receiving module, application request and the second authorisation verification are proved for receiving the assets that the data-requirements side is sent;
Second authentication module, whether it is that the ownership of assets person produces for the second authorisation verification described in certification;
Second assets prove generation module, for when second authorisation verification is that the ownership of assets person produces, according to The ownership of assets person includes the data provider numerical digit voucher in the assets generation that the data provider is managed The assets of stamped signature are proved, and the assets are proved to be encrypted with the public key of the data-requirements side;
Second assets prove generation module, are additionally operable to that the assets of encryption are proved to add querying condition;
Second authorisation verification generation module, for proving application request according to the assets, generate the 3rd authorisation verification;
Second sending module, for proving to send extremely by the assets of the encryption after the 3rd authorisation verification and addition querying condition The assets of the data provider prove data bank;
Second sending module, it is additionally operable to send the 3rd authorisation verification to the data-requirements side;
Second receiving module, it is additionally operable to receive authorisation verification and the querying condition that the data-requirements side provides;
Second authentication module, it is additionally operable to be demonstrate,proved according to the assets of the encryption after the 3rd authorisation verification and addition querying condition Bright, whether the authorisation verification and querying condition that data-requirements side described in certification provides are effective;
Second assets prove computing module, for provided when the data-requirements side authorisation verification and effective querying condition when, The authorisation verification provided according to the data-requirements side, calculating the assets needed for the data-requirements side proves;
Second assets prove enquiry module, for proving data bank from the assets of the data provider or being provided with the data The assets of side prove that the association assets that data bank communicates prove that obtaining the assets calculated in data bank proves;
Second sending module, it is additionally operable to prove the assets got to be sent to the data-requirements side so that the data Party in request proves to be decrypted with the private key of the data-requirements side to the assets got.
11. assets as claimed in claim 10 prove authorization query system, it is characterised in that second authorisation verification produces Module is specifically used for:
Prove that application request determines the scope of authority according to the assets, and according to the scope of authority generates in a hashed form 3rd authorisation verification.
12. assets as claimed in claim 10 prove authorization query system, it is characterised in that second authentication module according to 3rd authorisation verification and the assets of encryption added after querying condition prove, the mandate that data-requirements side described in certification provides Prove and whether querying condition effectively includes:
The authorisation verification that the data-requirements side provides is matched with the 3rd authorisation verification, and by the data-requirements The querying condition just provided is matched with the querying condition being previously added in the assets proof of the generation;
When the authorisation verification that the data-requirements side provides all matches with the 3rd authorisation verification, and the data-requirements side The querying condition of offer confirms the data with being previously added when the querying condition of the assets proof of the generation also all matches The authorisation verification and querying condition that party in request provides are effective;Or
When the authorisation verification that the data-requirements side provides all matches with the 3rd authorisation verification, but the data-requirements side The querying condition of offer confirms the data with being previously added when the querying condition of the assets proof of the generation not all matches The authorisation verification and querying condition that party in request provides are invalid;Or
When the authorisation verification that the data-requirements side provides not all matches with the 3rd authorisation verification, but data-requirements The querying condition just provided confirms the data with being previously added when the querying condition of the assets proof of the generation all matches The authorisation verification and querying condition that party in request provides are invalid;Or
When the authorisation verification that the data-requirements side provides not all matches with the 3rd authorisation verification, and data-requirements The querying condition just provided is with being previously added when the querying condition of the assets proof of the generation also not all matches, described in confirmation The authorisation verification and querying condition that data-requirements side provides are invalid.
13. the assets as any one of claim 10 to 12 prove authorization query system, it is characterised in that:
The type of the assets includes the combination of following one or more:
Cash in banks, foreign currency, stock, bond, fund;
The assets prove the combination for including following one or more:
Trade date, transaction details, total transaction amount, account balance and currency.
14. the assets as any one of claim 10 to 12 prove authorization query system, it is characterised in that the described 3rd Authorisation verification includes the combination of following one or more:
The proof of identification of the data ownership person, the title of the data ownership person, the identity card of the data provider The title of bright, described data provider, the proof of identification of the data-requirements side, the title of the data-requirements side, mandate model Foxing part;
Wherein, the scope of authority condition includes following one or more kinds of combination:
Valid period, the maximum times of inquiry, inquiry section purpose time point, inquiry subject.
15. the assets as any one of claim 10 to 12 prove authorization query system, it is characterised in that the inquiry Condition includes the combination of following one or more:
Password for inquiry, proof of identification, can query time, content can be inquired about.
16. the assets as any one of claim 10 to 12 prove authorization query system, it is characterised in that the data The corresponding assets of provider prove data bank, and the corresponding assets of the ownership of assets person prove data bank, the data The corresponding assets of party in request prove data bank, and the assets of the data provider prove data bank, the ownership of assets person Assets prove that the assets of data bank and the data-requirements side prove that data bank communicates, and the money of the data provider Production proves that data bank, the assets of the ownership of assets person prove that the assets of data bank and the data-requirements side prove data bank It is the synchronous mechanism of distributing, the assets of the data provider prove that data bank is used to store the 3rd authorisation verification and added Entering the assets of the encryption after querying condition proves, and by the 3rd authorisation verification and add querying condition after encryption assets Prove that the assets for being synchronously stored in the ownership of assets person prove that the assets of data bank and the data-requirements side prove data Storehouse.
17. the assets as any one of claim 10 to 12 prove authorization query system, it is characterised in that the assets Proving the embodiment of authorization query system also includes:
Implemented in a manner of block chain, produce a block on block chain, the owner of the block is the data-requirements Side, the block address of the block is the 3rd authorisation verification.
18. a kind of assets prove authority inquiry method, it is characterised in that the assets prove that authority inquiry method includes:
Application request is proved in the assets for receiving the ownership of assets person transmission, and the identity of the ownership of assets person passes through After certification, provided according to the ownership of assets person in the assets generation that the data provider is managed comprising the data The assets of number formulary position voucher stamped signature prove, and prove the public key of owner to described with the identification authorization of the ownership of assets person Assets prove to be encrypted;
The assets of encryption are proved to add querying condition;
Application request is proved according to the assets, generates the first authorisation verification;
The assets of encryption after first authorisation verification and addition querying condition are proved to send to the data provider's Assets prove data bank;
First authorisation verification is sent to the ownership of assets person so that the ownership of assets person awards described first Warrant is bright to be supplied to the data-requirements side;
The authorisation verification and querying condition of the ownership of assets person and/or data-requirements side offer are provided;
Proved according to the assets of the encryption after first authorisation verification and addition querying condition, ownership of assets person described in certification And/or whether the authorisation verification and querying condition of data-requirements side's offer are effective;
When the authorisation verification and effective querying condition of the ownership of assets person and/or data-requirements side offer, according to The authorisation verification that the ownership of assets person and/or the data-requirements side provide, calculate the ownership of assets person and/or Assets needed for the data-requirements side prove;
Data bank is proved from the assets of the data provider or proves that data bank communicates with the assets of the data provider Association assets prove to obtain the assets calculated in data bank and prove;
The assets got are proved to be sent to the ownership of assets person and/or the data-requirements side so that assets institute The person of having the right and/or the data-requirements side prove to carry out with the private key of the authorisation verification owner to the assets got Decryption.
19. assets as claimed in claim 18 prove authority inquiry method, it is characterised in that according to the ownership of assets Person proves in assets of the assets generation comprising the data provider numerical digit voucher stamped signature that the data provider is managed Before, methods described also includes:
The identity for the ownership of assets person that authentication center sends is received by the authentication information of certification, is believed according to the certification Breath determines that the identity of the ownership of assets person passes through certification;
The authentication center it is determined that the ownership of assets person identity by certification after, for the ownership of assets person generate The identity of one authorisation verification owner, and one group of public key and private key are generated for the authorisation verification owner, in the certification Pericardium includes the combination of following one or more:
The authentication center of the data provider, the authentication center communicated with the data provider.
20. assets as claimed in claim 18 prove authority inquiry method, it is characterised in that described to be proved according to the assets Application request, the first authorisation verification of generation include:
Prove that application request determines the scope of authority according to the assets, and according to the scope of authority generates in a hashed form First authorisation verification.
21. assets as claimed in claim 18 prove authority inquiry method, it is characterised in that described to be authorized according to described first The assets of encryption for proving and adding after querying condition prove, ownership of assets person described in certification and/or the data-requirements side Whether the authorisation verification and querying condition of offer effectively include:
The authorisation verification that the ownership of assets person and/or the data-requirements side are provided is carried out with first authorisation verification Matching, and the querying condition that the ownership of assets person and/or the data-requirements side are provided is with being previously added in the life Into assets prove querying condition matched;
The authorisation verification and first authorisation verification provided when the ownership of assets person and/or the data-requirements side is all Match somebody with somebody, and the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in the generation The querying condition that proves of assets when also all matching, confirm the ownership of assets person and/or the data-requirements side provide Authorisation verification and querying condition are effective;Or
The authorisation verification and first authorisation verification provided when the ownership of assets person and/or the data-requirements side is all Match somebody with somebody, but the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in the generation The querying condition that proves of assets when not all matching, confirm the ownership of assets person and/or the data-requirements side provide Authorisation verification and querying condition are invalid;Or
When the authorisation verification that the ownership of assets person and/or the data-requirements side provide with first authorisation verification not all Matching, but the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in the life Into the querying condition that proves of assets all match when, confirm what the ownership of assets person and/or the data-requirements side provided Authorisation verification and querying condition are invalid;Or
When the authorisation verification that the ownership of assets person and/or the data-requirements side provide with first authorisation verification not all Matching, and the querying condition that the ownership of assets person and/or the data-requirements side provide is with being previously added in the life Into assets prove querying condition also not all match when, confirm that the ownership of assets person and/or the data-requirements side carry The authorisation verification and querying condition of confession are invalid.
22. the assets as any one of claim 18 to 21 prove authority inquiry method, it is characterised in that:
The type of the assets includes the combination of following one or more:
Cash in banks, foreign currency, stock, bond, fund;
The assets prove the combination for including following one or more:
Trade date, transaction details, total transaction amount, account balance and currency.
23. the assets as any one of claim 18 to 21 prove authority inquiry method, it is characterised in that described first Authorisation verification includes the combination of following one or more:
The proof of identification of the data ownership person, the title of the data ownership person, the identity card of the data provider The title of bright, described data provider, the proof of identification of the data-requirements side, the title of the data-requirements side, mandate model Foxing part;
Wherein, the scope of authority condition includes following one or more kinds of combination:
Valid period, the maximum times of inquiry, inquiry section purpose time point, inquiry subject.
24. the assets as any one of claim 18 to 21 prove authority inquiry method, it is characterised in that the inquiry Condition includes the combination of following one or more:
Password for inquiry, proof of identification, can query time, content can be inquired about.
25. the assets as any one of claim 18 to 21 prove authority inquiry method, it is characterised in that the data The corresponding assets of provider prove data bank, and the corresponding assets of the ownership of assets person prove data bank, the data The corresponding assets of party in request prove data bank, and the assets of the data provider prove data bank, the ownership of assets person Assets prove that the assets of data bank and the data-requirements side prove that data bank communicates, and the money of the data provider Production proves that data bank, the assets of the ownership of assets person prove that the assets of data bank and the data-requirements side prove data bank It is the synchronous mechanism of distributing, the assets of the data provider prove that data bank is used to store first authorisation verification and added Entering the assets of the encryption after querying condition proves, and by first authorisation verification and add querying condition after encryption assets Prove that the assets for being synchronously stored in the ownership of assets person prove that the assets of data bank and the data-requirements side prove data Storehouse.
26. the assets as any one of claim 18 to 21 prove authority inquiry method, it is characterised in that the assets Proving the embodiment of authority inquiry method also includes:
Implemented in a manner of block chain, produce a block on block chain, the owner of the block owns for the assets Quan Zhe, the block address of the block is first authorisation verification.
27. a kind of assets prove authority inquiry method, it is characterised in that the assets prove that authority inquiry method includes:
Receiving the assets that the data-requirements side is sent proves application request and the second authorisation verification;
Whether the second authorisation verification described in certification is that the ownership of assets person produces;
When second authorisation verification is that the ownership of assets person produces, according to the ownership of assets person in the data The assets that provider is managed generate the assets comprising the data provider numerical digit voucher stamped signature and proved, and with the data The public key of party in request proves to be encrypted to the assets;
The assets of encryption are proved to add querying condition;
Application request is proved according to the assets, generates the 3rd authorisation verification;
The assets of encryption after 3rd authorisation verification and addition querying condition are proved to send to the data provider's Assets prove data bank;
3rd authorisation verification is sent to the data-requirements side;
Receive authorisation verification and the querying condition that the data-requirements side provides;
Prove that data-requirements side carries described in certification according to the assets of the encryption after the 3rd authorisation verification and addition querying condition Whether the authorisation verification and querying condition of confession are effective;
When the authorisation verification and effective querying condition of data-requirements side offer, awarded according to what the data-requirements side provided Warrant is bright, and calculating the assets needed for the data-requirements side proves;
Data bank is proved from the assets of the data provider or proves that data bank communicates with the assets of the data provider Association assets prove to obtain the assets calculated in data bank and prove;
The assets got are proved to be sent to the data-requirements side so that the data-requirements side is with the data-requirements side Private key the assets that get are proved to be decrypted.
28. assets as claimed in claim 27 prove authority inquiry method, it is characterised in that described to be proved according to the assets Application request, the 3rd authorisation verification of generation include:
Prove that application request determines the scope of authority according to the assets, and according to the scope of authority generates in a hashed form 3rd authorisation verification.
29. assets as claimed in claim 27 prove authority inquiry method, it is characterised in that described to be authorized according to the described 3rd The assets of encryption for proving and adding after querying condition prove, the authorisation verification and inquiry bar that data-requirements side described in certification provides Whether part effectively includes:
The authorisation verification that the data-requirements side provides is matched with the 3rd authorisation verification, and by the data-requirements The querying condition just provided is matched with the querying condition being previously added in the assets proof of the generation;
When the authorisation verification that the data-requirements side provides all matches with the 3rd authorisation verification, and the data-requirements side The querying condition of offer confirms the data with being previously added when the querying condition of the assets proof of the generation also all matches The authorisation verification and querying condition that party in request provides are effective;Or
When the authorisation verification that the data-requirements side provides all matches with the 3rd authorisation verification, but the data-requirements side The querying condition of offer confirms the data with being previously added when the querying condition of the assets proof of the generation not all matches The authorisation verification and querying condition that party in request provides are invalid;Or
When the authorisation verification that the data-requirements side provides not all matches with the 3rd authorisation verification, but data-requirements The querying condition just provided confirms the data with being previously added when the querying condition of the assets proof of the generation all matches The authorisation verification and querying condition that party in request provides are invalid;Or
When the authorisation verification that the data-requirements side provides not all matches with the 3rd authorisation verification, and data-requirements The querying condition just provided is with being previously added when the querying condition of the assets proof of the generation also not all matches, described in confirmation The authorisation verification and querying condition that data-requirements side provides are invalid.
30. the assets as any one of claim 27 to 29 prove authority inquiry method, it is characterised in that:
The type of the assets includes the combination of following one or more:
Cash in banks, foreign currency, stock, bond, fund;
The assets prove the combination for including following one or more:
Trade date, transaction details, total transaction amount, account balance and currency.
31. the assets as any one of claim 27 to 29 prove authority inquiry method, it is characterised in that the described 3rd Authorisation verification includes the combination of following one or more:
The proof of identification of the data ownership person, the title of the data ownership person, the identity card of the data provider The title of bright, described data provider, the proof of identification of the data-requirements side, the title of the data-requirements side, mandate model Foxing part;
Wherein, the scope of authority condition includes following one or more kinds of combination:
Valid period, the maximum times of inquiry, inquiry section purpose time point, inquiry subject.
32. the assets as any one of claim 27 to 29 prove authority inquiry method, it is characterised in that the inquiry Condition includes the combination of following one or more:
Password for inquiry, proof of identification, can query time, content can be inquired about.
33. the assets as any one of claim 27 to 29 prove authority inquiry method, it is characterised in that the data The corresponding assets of provider prove data bank, and the corresponding assets of the ownership of assets person prove data bank, the data The corresponding assets of party in request prove data bank, and the assets of the data provider prove data bank, the ownership of assets person Assets prove that the assets of data bank and the data-requirements side prove that data bank communicates, and the money of the data provider Production proves that data bank, the assets of the ownership of assets person prove that the assets of data bank and the data-requirements side prove data bank It is the synchronous mechanism of distributing, the assets of the data provider prove that data bank is used to store the 3rd authorisation verification and added Entering the assets of the encryption after querying condition proves, and by the 3rd authorisation verification and add querying condition after encryption assets Prove that the assets for being synchronously stored in the ownership of assets person prove that the assets of data bank and the data-requirements side prove data Storehouse.
34. the assets as any one of claim 27 to 29 prove authority inquiry method, it is characterised in that the assets Proving the embodiment of authority inquiry method also includes:
Implemented in a manner of block chain, produce a block on block chain, the owner of the block is the data-requirements Side, the block address of the block is the 3rd authorisation verification.
35. a kind of electronic installation, it is characterised in that the electronic installation includes memory and processor, and the memory is used for At least one instruction is stored, such as right will to realize for performing the computer program stored in the memory for the processor The assets any one of 18 to 26 are asked to prove authority inquiry method, and/or as any one of claim 27 to 34 Assets prove authority inquiry method.
36. a kind of computer-readable recording medium, it is characterised in that the computer-readable recording medium storage has at least one Instruction, at least one instruction realize that the assets as any one of claim 18 to 26 prove when being executed by processor Authority inquiry method, and/or the assets proof authority inquiry method as any one of claim 27 to 34.
CN201711121632.3A 2017-10-30 2017-11-14 Asset certification authorization query method, system, electronic device and computer readable storage medium Active CN107832632B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
TW106137280A TWI650723B (en) 2017-10-30 2017-10-30 Asset certificate authorization query method and system
TW106137280 2017-10-30

Publications (2)

Publication Number Publication Date
CN107832632A true CN107832632A (en) 2018-03-23
CN107832632B CN107832632B (en) 2020-07-03

Family

ID=61654321

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711121632.3A Active CN107832632B (en) 2017-10-30 2017-11-14 Asset certification authorization query method, system, electronic device and computer readable storage medium

Country Status (2)

Country Link
CN (1) CN107832632B (en)
TW (1) TWI650723B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109361688A (en) * 2018-11-16 2019-02-19 大唐高鸿信息通信研究院(义乌)有限公司 It is a kind of that card method and system are deposited based on 5G framework and block chain
CN109669955A (en) * 2018-12-20 2019-04-23 姚前 A kind of digital asset inquiry system and method based on block chain
CN110245472A (en) * 2019-01-16 2019-09-17 腾讯科技(深圳)有限公司 Identity identifying method, personal security's core nodes and medium
CN111932261A (en) * 2020-09-22 2020-11-13 支付宝(杭州)信息技术有限公司 Asset data management method and device based on verifiable statement
CN112231744A (en) * 2019-07-15 2021-01-15 天逸财金科技服务股份有限公司 Method and system for limiting reading of open files
TWI759090B (en) * 2021-01-29 2022-03-21 國立中興大學 Platform login method
CN114465734A (en) * 2022-04-11 2022-05-10 成方金融科技有限公司 Investor authentication method, authentication mechanism, authentication system, and storage medium

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3673617B1 (en) * 2019-03-27 2021-11-17 Advanced New Technologies Co., Ltd. Retrieving public data for blockchain networks using trusted execution environments
CN111066286B (en) 2019-03-27 2023-02-28 创新先进技术有限公司 Retrieving common data for blockchain networks using high availability trusted execution environments
KR102274294B1 (en) 2019-03-29 2021-07-08 어드밴스드 뉴 테크놀로지스 씨오., 엘티디. How to retrieve access data to a blockchain network using a highly available trusted execution environment

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040205011A1 (en) * 1997-10-27 2004-10-14 Bank Of America Corporation Open-architecture system for real-time consolidation of information from multiple financial systems
TW200424866A (en) * 2002-12-19 2004-11-16 Ibm Method and system for peer-to-peer authorization
CN1667630A (en) * 2005-04-08 2005-09-14 王志坚 Finance and taxation monitoring method and system based on transaction original certificate data
CN1991854A (en) * 2005-12-27 2007-07-04 台湾积体电路制造股份有限公司 Data archiving and accessing methods and systems
CN103295126A (en) * 2012-03-02 2013-09-11 刘家焜 Transaction document method capable of being trusted
CN103391196A (en) * 2013-07-04 2013-11-13 黄铁军 Asset digital authentication method and device
TW201407521A (en) * 2012-08-10 2014-02-16 Yan-Ru Zhou Transaction certificate management system and its method
CN104125063A (en) * 2013-04-28 2014-10-29 腾讯科技(深圳)有限公司 Authentication method, equipment and system
CN105095693A (en) * 2015-07-13 2015-11-25 江苏简果科技发展有限公司 Method and system for safely sharing digital asset based on Internet
CN105956923A (en) * 2016-04-20 2016-09-21 上海如鸽投资有限公司 Asset transaction platform and digital certification and transaction method for assets
US20160277412A1 (en) * 2010-11-17 2016-09-22 Invysta Technology Group Methodology for identifying local/mobile client computing devices using a network based database containing records of hashed distinctive hardware, software, and user provided biometric makers for authorization of electronic transactions and right of entry to secure locations
CN106611372A (en) * 2016-12-27 2017-05-03 深圳微众税银信息服务有限公司 Credit investigation data query method and credit investigation data query system
TWM545952U (en) * 2017-05-09 2017-07-21 兆豐國際商業銀行股份有限公司 System for account authority and verification process management

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104966194A (en) * 2015-07-21 2015-10-07 深圳市淘淘谷信息技术有限公司 Composite cash register method and intelligent cash register system therefor
TWM539666U (en) * 2016-12-15 2017-04-11 彰化商業銀行股份有限公司 Integrated account system

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040205011A1 (en) * 1997-10-27 2004-10-14 Bank Of America Corporation Open-architecture system for real-time consolidation of information from multiple financial systems
TW200424866A (en) * 2002-12-19 2004-11-16 Ibm Method and system for peer-to-peer authorization
CN1667630A (en) * 2005-04-08 2005-09-14 王志坚 Finance and taxation monitoring method and system based on transaction original certificate data
CN1991854A (en) * 2005-12-27 2007-07-04 台湾积体电路制造股份有限公司 Data archiving and accessing methods and systems
US20160277412A1 (en) * 2010-11-17 2016-09-22 Invysta Technology Group Methodology for identifying local/mobile client computing devices using a network based database containing records of hashed distinctive hardware, software, and user provided biometric makers for authorization of electronic transactions and right of entry to secure locations
CN103295126A (en) * 2012-03-02 2013-09-11 刘家焜 Transaction document method capable of being trusted
TW201407521A (en) * 2012-08-10 2014-02-16 Yan-Ru Zhou Transaction certificate management system and its method
CN104125063A (en) * 2013-04-28 2014-10-29 腾讯科技(深圳)有限公司 Authentication method, equipment and system
CN103391196A (en) * 2013-07-04 2013-11-13 黄铁军 Asset digital authentication method and device
CN105095693A (en) * 2015-07-13 2015-11-25 江苏简果科技发展有限公司 Method and system for safely sharing digital asset based on Internet
CN105956923A (en) * 2016-04-20 2016-09-21 上海如鸽投资有限公司 Asset transaction platform and digital certification and transaction method for assets
CN106611372A (en) * 2016-12-27 2017-05-03 深圳微众税银信息服务有限公司 Credit investigation data query method and credit investigation data query system
TWM545952U (en) * 2017-05-09 2017-07-21 兆豐國際商業銀行股份有限公司 System for account authority and verification process management

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
姜文广等: "面向第三方服务平台的隐私保护", 《兰州大学学报(自然科学版)》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109361688A (en) * 2018-11-16 2019-02-19 大唐高鸿信息通信研究院(义乌)有限公司 It is a kind of that card method and system are deposited based on 5G framework and block chain
CN109361688B (en) * 2018-11-16 2021-01-22 大唐高鸿信息通信(义乌)有限公司 Evidence storing method and system based on 5G architecture and block chain
CN109669955A (en) * 2018-12-20 2019-04-23 姚前 A kind of digital asset inquiry system and method based on block chain
CN110245472A (en) * 2019-01-16 2019-09-17 腾讯科技(深圳)有限公司 Identity identifying method, personal security's core nodes and medium
CN110245472B (en) * 2019-01-16 2021-05-11 腾讯科技(深圳)有限公司 Identity authentication method, personal security kernel node, and medium
CN112231744A (en) * 2019-07-15 2021-01-15 天逸财金科技服务股份有限公司 Method and system for limiting reading of open files
CN112231744B (en) * 2019-07-15 2024-02-02 天逸财金科技服务股份有限公司 Method and system for limiting and reading public file
CN111932261A (en) * 2020-09-22 2020-11-13 支付宝(杭州)信息技术有限公司 Asset data management method and device based on verifiable statement
TWI759090B (en) * 2021-01-29 2022-03-21 國立中興大學 Platform login method
CN114465734A (en) * 2022-04-11 2022-05-10 成方金融科技有限公司 Investor authentication method, authentication mechanism, authentication system, and storage medium

Also Published As

Publication number Publication date
CN107832632B (en) 2020-07-03
TWI650723B (en) 2019-02-11
TW201812673A (en) 2018-04-01

Similar Documents

Publication Publication Date Title
CN107832632A (en) Asset certification authorization query method, system, electronic device and computer readable storage medium
KR102636102B1 (en) Computer-implemented methods and systems for validating tokens for blockchain-based cryptocurrencies
CN108848063B (en) Block chain-based data processing method, system and computer-readable storage medium
CN109242675B (en) Asset publishing method and device based on block chain and electronic equipment
CN108292401B (en) Secure digital data manipulation
CN107274139B (en) Bill data management method and computer-readable medium
US20200127813A1 (en) Method and system for creating a user identity
US20190149328A1 (en) System for digital identity authentication and methods of use
US11715099B2 (en) Method and system for trust-based payments via blockchain
US20200193432A1 (en) Method and system for settling a blockchain transaction
CN110383757A (en) System and method for safe handling electronic identity
CN109118217A (en) The method and system indexed is registered to consumer using block chain
US20150356523A1 (en) Decentralized identity verification systems and methods
CN106790431A (en) Cloud manufacturing service Transaction Information record system and method based on block chain
CN109544331A (en) Supply chain financial application method, apparatus and terminal device based on block chain
JP3228339U (en) Personal authentication and verification system and method
CN111369730B (en) Voting processing method and device based on block chain
JPH09500977A (en) Restricted blind signature
EP3837828A1 (en) Secure data transfer system and method
CN107622210A (en) Authentication and the data query method and system of authorisation verification
CN110599332A (en) Block chain-based user intention determination method, device, equipment and storage medium
CN114418570A (en) Block chain-based non-homogeneous evidence-based processing method and device
WO2019191579A1 (en) System and methods for recording codes in a distributed environment
CN112259190B (en) Medical information trusted circulation method, device and system based on block chain
CN115170132B (en) Payment method suitable for high-speed post network member system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant