CN110866272A - Method for preventing data leakage in data sharing based on block chain - Google Patents

Method for preventing data leakage in data sharing based on block chain Download PDF

Info

Publication number
CN110866272A
CN110866272A CN201911088333.3A CN201911088333A CN110866272A CN 110866272 A CN110866272 A CN 110866272A CN 201911088333 A CN201911088333 A CN 201911088333A CN 110866272 A CN110866272 A CN 110866272A
Authority
CN
China
Prior art keywords
data
block chain
submodel
user
certificate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911088333.3A
Other languages
Chinese (zh)
Other versions
CN110866272B (en
Inventor
姚文豪
李伟
邱炜伟
尹可挺
李启雷
梁秀波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Qulian Technology Co Ltd
Original Assignee
Hangzhou Qulian Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Qulian Technology Co Ltd filed Critical Hangzhou Qulian Technology Co Ltd
Priority to CN201911088333.3A priority Critical patent/CN110866272B/en
Publication of CN110866272A publication Critical patent/CN110866272A/en
Application granted granted Critical
Publication of CN110866272B publication Critical patent/CN110866272B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/103Workflow collaboration or project management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • G06Q20/123Shopping for digital content
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/03Credit; Loans; Processing thereof
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Human Resources & Organizations (AREA)
  • General Business, Economics & Management (AREA)
  • Finance (AREA)
  • Software Systems (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Bioethics (AREA)
  • Operations Research (AREA)
  • Tourism & Hospitality (AREA)
  • Quality & Reliability (AREA)
  • Signal Processing (AREA)
  • Medical Informatics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Technology Law (AREA)
  • Development Economics (AREA)
  • Fuzzy Systems (AREA)
  • Mathematical Physics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Computational Linguistics (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a method for preventing data leakage in data sharing based on a block chain. The invention solves the problem that the data provider worrys about data leakage to cause data sharing difficulty among multiple parties, and finally completes the data sharing of multiple parties meeting the query condition of a data user under the condition of not leaking irrelevant data.

Description

Method for preventing data leakage in data sharing based on block chain
Technical Field
The invention relates to the field of block chains and data sharing, in particular to a method for preventing data leakage in data sharing based on block chains.
Background
The blockchain is a decentralized database essentially and is mainly used for solving the trust and safety problems of transactions, the accounting of the transactions is completed by a plurality of nodes distributed in different places, each node records a complete account, and each node can participate in monitoring the legality of the transactions. No node can record ledger data separately, thereby avoiding the possibility of accounting. By adopting the asymmetric encryption and authorization technology, the transaction stored on the blockchain is public, but the account identity information is encrypted and can be accessed only by the authorization of a data owner, so that the data security and privacy are ensured. And the consensus mechanism completes the verification and confirmation of the transaction in a short time through voting by the special nodes. The goal of the consensus mechanism is to keep all honest nodes consistent. The block chain provides different consensus algorithms, is suitable for different application scenes, and balances efficiency and safety.
The data sharing is to make more people fully use the existing data resources, utilize the data of different regions, different departments and different systems, and flow and share the data among the regions, the departments and the systems. The traditional data sharing mode is limited in regions, departments and systems, and is difficult to share among different regions, different departments and different systems, meanwhile, data sharing among regions, departments and systems is afraid of data leakage problems and is afraid of sharing, but the utilization value of the data is wasted due to the fact that the data are not shared, information intercommunication among regions, departments and systems is not facilitated, and the traditional data sharing mode is challenged.
Disclosure of Invention
The invention aims to provide a method for preventing data leakage in data sharing based on a block chain, aiming at the defects of the traditional data sharing mode. The invention solves the problem of data leakage worried by a data provider, and better utilizes data of multiple parties to play the utilization value of the data.
The purpose of the invention is realized by the following technical scheme: a method for preventing data leakage in data sharing based on a block chain comprises the following steps:
(1) the data provider issues data source information to the block chain; the data source information comprises a database type, a data field and a data operation method; the data operation method is a database query method and is used for querying data fields meeting query conditions;
(2) a data user acquires the use right of the data on the block chain in a mode of purchasing or requesting authorization to obtain a certificate generated by the block chain; obtaining a plurality of corresponding credentials if data of a plurality of parties in a data provider is used;
(3) the data user compiles a sub-model and a total model according to the data source information released to the block chain in the step (1); the submodel is a method for calling the data operation in the step (1), and data fields required by query condition query are input; the general model is used for driving a data provider to operate the submodel and returning a data field obtained by the submodel query to the data user;
(4) the data user sends the submodel compiled in the step (3) and the certificate acquired in the step (2) to a corresponding data provider, and the data provider verifies the validity of the certificate and verifies the submodel; the validity of the certificate is to inquire whether the certificate exists on a block chain, if the certificate exists, the certificate is valid, otherwise, the certificate is invalid and does not need to be audited, and a data user is informed that the audit fails; the auditing submodel passes the auditing if the executing submodel does not reveal other data to the data user, otherwise, the auditing does not pass, and the data user modifies the submodel and then sends the submodel to the data provider for auditing again;
(5) the data provider runs the general model after the verification certificate is valid and the sub model passes the verification;
(6) and after the overall model obtains the required data fields, recording the identity information of the data user, the identity information of the data provider and the database types and the data fields related in the data sharing to the block chain.
Further, the query condition is set according to the data field required to be obtained by the data user.
Further, the sub model is an executable script code.
Further, the submodel runs on a data provider, and data source information is prevented from being directly acquired by a data user.
Further, in the step (4), the other data is data in the data field that does not meet the query condition of the submodel input in the step (3).
The invention has the following beneficial effects: the invention provides a method for preventing data leakage in data sharing based on a block chain, which is characterized in that a data user writes a sub-model to operate at a data provider, the sub-model is audited by the data provider, the sub-model can operate after the audit is passed, the result is sent to the data user, and meanwhile, the whole process is recorded on the block chain; the invention solves the problem that the data provider worrys about data leakage to cause data sharing difficulty among multiple parties, and finally completes the data sharing of multiple parties meeting the query condition of a data user under the condition of not leaking irrelevant data.
Drawings
Fig. 1 is a diagram of an example of a method of preventing data leakage in block chain-based data sharing.
Detailed Description
The present invention will be described in detail below with reference to the accompanying drawings and preferred embodiments, and the objects and effects of the present invention will become more apparent, and the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The invention discloses a method for preventing data leakage in data sharing based on a block chain, which comprises the following steps:
(1) the data provider issues data source information to the block chain; the data source information comprises a database type, a data field and a data operation method; the data operation method is a database query method and is used for querying data fields meeting query conditions; the query condition is set according to the data field required to be obtained by the data user.
(2) A data user acquires the use right of the data on the block chain in a mode of purchasing or requesting authorization to obtain a certificate generated by the block chain; obtaining a plurality of corresponding credentials if data of a plurality of parties in a data provider is used;
(3) the data user compiles a sub-model and a total model according to the data source information released to the block chain in the step (1); the submodel is a method for calling the data operation in the step (1), and data fields required by query condition query are input; the general model is used for driving a data provider to operate the submodel and returning a data field obtained by the submodel query to the data user; the submodel is an executable script code and runs on a data provider to prevent data source information from being directly acquired by a data user.
(4) The data user sends the submodel compiled in the step (3) and the certificate acquired in the step (2) to a corresponding data provider, and the data provider verifies the validity of the certificate and verifies the submodel; the validity of the certificate is to inquire whether the certificate exists on a block chain, if the certificate exists, the certificate is valid, otherwise, the certificate is invalid and does not need to be audited, and a data user is informed that the audit fails; the auditing submodel passes the auditing if the executing submodel does not reveal other data to the data user, otherwise, the auditing does not pass, and the data user modifies the submodel and then sends the submodel to the data provider for auditing again; and the other data are data which do not meet the query condition of the submodel input in the step (3) in the data field.
(5) The data provider runs the general model after the verification certificate is valid and the sub model passes the verification;
(6) and after the overall model obtains the required data fields, recording the identity information of the data user, the identity information of the data provider and the database types and the data fields related in the data sharing to the block chain.
Examples
As shown in fig. 1, an example of a method for preventing data leakage in block chain-based data sharing is a scenario in which a user makes a loan through a bank a, and specifically includes the following steps:
the method comprises the following steps: the bank B and the bank C issue user data source information to the block chain; the data source information comprises a database type, a data field and a data operation method; the data operation method is a database query method, and can query fields meeting query conditions; the data field comprises a user identity card number, a user loan condition and a user credit condition; the query condition is a user identity card number;
step two: after obtaining the authorization of the user, the bank A obtains the use right of the user loan and credit conditions, namely the voucher generated by the block chain, on the block chain in a manner of requesting authorization; if the data of multiple parties is used, a plurality of certificates are obtained, so that two certificates respectively corresponding to a bank B and a bank C need to be obtained;
step three: the bank A compiles a sub model and a total model according to data source information on the block chain; the sub-model obtains the user loan and credit conditions by using the data operation method in the data source information; the general model is a submodel for driving a bank B and a bank C to operate, and the inquired user loan and credit conditions are returned to the bank A; the general model collects the returned user loan and credit conditions to obtain whether the user has the condition that the loan is not clear and the credit conditions of a bank B and a bank C, and the bank A can determine whether to loan the user according to the result;
step four: the bank A sends the sub-model compiled in the step three and the certificate obtained in the step two to a bank B and a bank C, and the bank B and the bank C verify the validity of the certificate and verify the sub-model; the validity of the certificate is that if the certificate exists, the certificate is valid, otherwise, the certificate is invalid; the auditing sub-model is that if the sub-model is executed and the data of other users cannot be revealed, the auditing is passed, otherwise, the auditing is not passed, and the bank A modifies the sub-model and then sends the sub-model to the bank B and the bank C for auditing again;
step five: the bank B and the bank C verify that the certificates are valid and after the certificates pass the verification, the bank A runs the general model;
step six: after the total model is summarized, user data source information related to the bank A, the bank B, the bank C and data sharing is recorded on a block chain, so that the work of subsequent audit is facilitated; and the user data source information related in the data sharing is user loan and credit conditions, corresponding user identity card numbers and database types, which are obtained by sub-model inquiry.
The embodiment solves the problem of data leakage worried by the bank B and the bank C, and completes multi-party data sharing, summarization and calculation meeting the query condition of the bank A under the condition of not leaking irrelevant data; the data user can conveniently calculate the multi-party model, and the whole process can be recorded on the block chain.
It will be understood by those skilled in the art that the foregoing is only a preferred embodiment of the present invention, and is not intended to limit the invention, and although the invention has been described in detail with reference to the foregoing examples, it will be apparent to those skilled in the art that various changes in the form and details of the embodiments may be made and equivalents may be substituted for elements thereof. All modifications, equivalents and the like which come within the spirit and principle of the invention are intended to be included within the scope of the invention.

Claims (5)

1. A method for preventing data leakage in data sharing based on a block chain is characterized by comprising the following steps:
(1) the data provider issues data source information to the block chain; the data source information comprises a database type, a data field, a data operation method and the like; the data operation method is a database query method and is used for querying the data fields meeting the query conditions.
(2) A data user acquires the use right of the data on the block chain in a mode of purchasing or requesting authorization to obtain a certificate generated by the block chain; if data of multiple parties in a data provider is used, multiple corresponding credentials are obtained.
(3) The data user compiles a sub-model and a total model according to the data source information released to the block chain in the step (1); the submodel is a method for calling the data operation in the step (1), and data fields required by query condition query are input; the general model is used for driving the data provider to run the submodel and returning the data fields obtained by the submodel query to the data user.
(4) The data user sends the submodel compiled in the step (3) and the certificate acquired in the step (2) to a corresponding data provider, and the data provider verifies the validity of the certificate and verifies the submodel; the validity of the certificate is to inquire whether the certificate exists on a block chain, if the certificate exists, the certificate is valid, otherwise, the certificate is invalid and does not need to be audited, and a data user is informed that the audit fails; and the auditing submodel passes if the executing submodel does not reveal other data to the data user, otherwise, the auditing does not pass, and the data user modifies the submodel and then sends the submodel to the data provider for auditing.
(5) And after the data provider verifies that the certificate is valid and the sub-model passes the verification, the data user runs the general model.
(6) And after the overall model obtains the required data fields, recording the identity information of a data user, the identity information of a data provider, the database types and the data fields involved in data sharing on the block chain.
2. The method for preventing data leakage in data sharing based on block chain as claimed in claim 1, wherein the query condition is set according to the data field that the data user needs to obtain.
3. The method for preventing data leakage in block chain based data sharing of claim 1, wherein the sub model is an executable script code.
4. The method for preventing data leakage in data sharing based on block chains as claimed in claim 1, wherein the submodel runs at a data provider and prevents data source information from being directly acquired by a data consumer.
5. The method for preventing data leakage in block chain based data sharing as claimed in claim 1, wherein in the step (4), the other data is data in a data field which does not meet the query condition of the sub model input in the step (3).
CN201911088333.3A 2019-11-08 2019-11-08 Method for preventing data leakage in data sharing based on block chain Active CN110866272B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911088333.3A CN110866272B (en) 2019-11-08 2019-11-08 Method for preventing data leakage in data sharing based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911088333.3A CN110866272B (en) 2019-11-08 2019-11-08 Method for preventing data leakage in data sharing based on block chain

Publications (2)

Publication Number Publication Date
CN110866272A true CN110866272A (en) 2020-03-06
CN110866272B CN110866272B (en) 2021-09-03

Family

ID=69654775

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911088333.3A Active CN110866272B (en) 2019-11-08 2019-11-08 Method for preventing data leakage in data sharing based on block chain

Country Status (1)

Country Link
CN (1) CN110866272B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112149080A (en) * 2020-11-24 2020-12-29 国网江苏省电力有限公司苏州供电分公司 Authorization information verification system and method
CN112559456A (en) * 2020-12-28 2021-03-26 杭州趣链科技有限公司 Data sharing method with privacy protection auditing and deleting functions

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107180350A (en) * 2017-03-31 2017-09-19 唐晓领 A kind of method of the multi-party shared transaction metadata based on block chain, apparatus and system
CN107257340A (en) * 2017-06-19 2017-10-17 阿里巴巴集团控股有限公司 A kind of authentication method, authentication data processing method and equipment based on block chain
US20180374062A1 (en) * 2017-06-22 2018-12-27 Jpmorgan Chase Bank, N.A. System and method for implementing an interbank information network
CN109447643A (en) * 2018-10-31 2019-03-08 ***股份有限公司 A kind of data-sharing systems and data sharing method based on block chain
CN110012015A (en) * 2019-04-09 2019-07-12 中国科学院沈阳计算技术研究所有限公司 A kind of internet of things data sharing method and system based on block chain

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107180350A (en) * 2017-03-31 2017-09-19 唐晓领 A kind of method of the multi-party shared transaction metadata based on block chain, apparatus and system
CN107257340A (en) * 2017-06-19 2017-10-17 阿里巴巴集团控股有限公司 A kind of authentication method, authentication data processing method and equipment based on block chain
US20180374062A1 (en) * 2017-06-22 2018-12-27 Jpmorgan Chase Bank, N.A. System and method for implementing an interbank information network
CN109447643A (en) * 2018-10-31 2019-03-08 ***股份有限公司 A kind of data-sharing systems and data sharing method based on block chain
CN110012015A (en) * 2019-04-09 2019-07-12 中国科学院沈阳计算技术研究所有限公司 A kind of internet of things data sharing method and system based on block chain

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112149080A (en) * 2020-11-24 2020-12-29 国网江苏省电力有限公司苏州供电分公司 Authorization information verification system and method
CN112559456A (en) * 2020-12-28 2021-03-26 杭州趣链科技有限公司 Data sharing method with privacy protection auditing and deleting functions
CN112559456B (en) * 2020-12-28 2022-07-05 杭州趣链科技有限公司 Data sharing method with privacy protection auditing and deleting functions

Also Published As

Publication number Publication date
CN110866272B (en) 2021-09-03

Similar Documents

Publication Publication Date Title
US11057353B2 (en) Systems, methods, and devices for implementing a smart contract on a distributed ledger technology platform
US11568437B2 (en) Systems, methods, and apparatuses for implementing commerce rewards across tenants for commerce cloud customers utilizing blockchain
US11288280B2 (en) Systems, methods, and apparatuses for implementing consumer data validation, matching, and merging across tenants with optional verification prompts utilizing blockchain
JP7320493B2 (en) Execution of smart contracts with distributed cooperation
TWI729719B (en) Block chain-based data authorization method and device, electronic equipment and computer readable storage medium
CN110135186B (en) Medical data transaction and sharing method based on block chain technology
CN106600405B (en) Block chain-based data rights and interests protection method
US10915552B2 (en) Delegating credentials with a blockchain member service
CN110288480B (en) Private transaction method and device for blockchain
CN108616539A (en) A kind of method and system that block chain transaction record accesses
CN109450638A (en) Electronic component data management system and method based on block chain
US20220021528A1 (en) Secure storage techniques utilizing consortium distributed ledgers
Zhu et al. Hybrid blockchain design for privacy preserving crowdsourcing platform
CN110275891A (en) Artificial intelligence software market
KR20220093198A (en) Execution of transactions using dedicated and open blockchains
CN113779617B (en) State channel-based federal learning task credible supervision and scheduling method and device
JP2023527811A (en) Method, apparatus, and computer readable medium for authentication and authorization of networked data transactions
CN114548989B (en) Rights management system based on NFR
CN110866272B (en) Method for preventing data leakage in data sharing based on block chain
CN111327618B (en) Precise access control method, device and system based on block chain
CN112232828A (en) Power grid data transaction method and system
CN111585946B (en) Cryptographic master profile control and transaction arbitration
Wen et al. Application of blockchain technology in data management: advantages and solutions
US20240005316A1 (en) Method, apparatus, and computer-readable medium for authentication and authorization of networked data transactions
CN114866289B (en) Privacy credit data security protection method based on alliance chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant