CN112667748A - Block chain all-in-one machine facing audit service, data processing method and device - Google Patents
Block chain all-in-one machine facing audit service, data processing method and device Download PDFInfo
- Publication number
- CN112667748A CN112667748A CN202110279909.5A CN202110279909A CN112667748A CN 112667748 A CN112667748 A CN 112667748A CN 202110279909 A CN202110279909 A CN 202110279909A CN 112667748 A CN112667748 A CN 112667748A
- Authority
- CN
- China
- Prior art keywords
- data
- audit
- block chain
- audited
- database
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application relates to a block chain all-in-one machine, a data processing method and a device for auditing services, wherein the data processing method is applied to the block chain all-in-one machine, and the method comprises the following steps: configuring an audit service model; when private calculation is carried out on two sides of audit data, a trusted sandbox component is called to execute an audit business model, and data to be audited are obtained; when more than two parties of audit data are subjected to privacy calculation, a multi-party calculation component is called to execute an audit service model to obtain data to be audited; and acquiring an operation instruction of the data to be audited in the database to be audited through the built-in database, broadcasting the audit data operation acquired according to the operation instruction to other block chain nodes for consensus through the data forwarding network card, and then persisting the audit data to the block chain. By the method and the device, the problems of low credibility and low accuracy of audit data processing are solved, and the data processing method facing the audit service by utilizing the special block chain all-in-one machine is realized.
Description
Technical Field
The application relates to the technical field of block chain all-in-one machines, in particular to a block chain all-in-one machine, a data processing method and a data processing device facing an audit service.
Background
The audit refers to independent economic supervision activities of carrying out pre-and post-examination on major projects and financial income and expenditure of various governments, financial institutions and enterprise service organizations of China by special authorities according to laws; the auditing department of the special institution needs to analyze and audit the use condition of the project fund according to the project related information of each department unit.
In the related art, data analysis and audit are mainly carried out through an on-site audit implementation system (AO for short) and database query software, whether the collected audit data is modified or not cannot be known by an audit department, and therefore the risk of inaccurate and even wrong audit results exists. Some audit data have privacy, and the willingness of departments or units to provide the data is low, so that the audit data with privacy requirements are difficult to obtain, and the audit data processing reliability and accuracy are low.
At present, no effective solution is provided aiming at the problems of low credibility and low accuracy of audit data processed by audit data in the related technology.
Disclosure of Invention
The embodiment of the application provides an audit service-oriented block chain all-in-one machine, a data processing method and a device, and aims to at least solve the problem of low accuracy of audit data processing in the related technology.
In a first aspect, an embodiment of the present application provides a data processing method for audit services, where the method is applied to a block chain all-in-one machine, where the block chain all-in-one machine includes a block chain service component, an intelligent contract chip, a trusted sandbox component, a multi-party computing component, a data forwarding network card, and a built-in database, and the method includes:
configuring the blockchain service component; the block chain service component is used for enabling the current block chain all-in-one machine and at least three other block chain all-in-one machines to form a block chain network;
configuring an audit business model, and judging whether the audit business model is executed by the intelligent contract chip or not according to the parameter number and the model calculation complexity of the audit business model;
when the judgment result is that the intelligent contract chip executes the audit service model, calling the trusted sandbox component to execute the audit service model when performing privacy calculation on the audit data of two parties to obtain the data to be audited; when more than two parties of audit data are subjected to privacy calculation, calling the multi-party calculation component to execute the audit service model to obtain the data to be audited;
and acquiring an operation instruction aiming at the data to be audited in the database to be audited through the built-in database, broadcasting the audit data operation acquired according to the operation instruction to other block chain nodes for consensus through the data forwarding network card, and then persisting the audit data operation to the block chain.
In an embodiment, the obtaining, by the built-in database, an operation instruction for the data to be audited in the database to be audited includes:
configuring the database to be audited and the built-in database as a master-slave database; in the master database and the slave database, a first initial state of the database to be audited is consistent with a second initial state of the built-in database; the first initial state indicates data operation aiming at the data to be audited in the database to be audited, and the second initial state indicates data operation aiming at the data to be audited in the built-in database;
under the condition that the first initial state is updated to a first state, synchronously updating the second initial state to a second state through a trigger deployed in the built-in database, and acquiring an operation instruction corresponding to the second state; the first state indicates the updated data operation in the database to be audited, and the second state indicates the updated data operation in the built-in database.
In one embodiment, after the configuring the database to be audited and the built-in database as a master-slave database, the method further comprises:
and under the condition that communication interruption between the database to be audited and the built-in database is detected, taking the obtained communication interruption alarm information as block chain transaction data uplink.
In an embodiment, when the multi-party computing component performs privacy computation on more than two parties of audit data according to the audit service model, the multi-party computing component is called to execute the audit service model to obtain the data to be audited, and the method further includes:
accessing privacy data among multiple related departments by applying the multi-party computing components through the auditing service model, and acquiring the data to be audited according to the privacy data; wherein the multi-party affiliation department comprises: one or more departments of industry and commerce, tax department, credit department, public deposit department, social security department, enterprise, public institution, bank.
In one embodiment, the method further comprises:
acquiring a request transaction and request parameters on a chain;
and issuing a data reply response parameter corresponding to the audit data to the block chain according to the on-chain request transaction and the request parameter, and scheduling the audit data based on the issued data reply response parameter to obtain a scheduling result.
In one embodiment, the blockchain kiosk further includes an off-chain computing device, the method further comprising:
based on the audit service model, the off-link audit data corresponding to the audit service model is obtained through the cooperative execution of the off-link computing equipment;
deploying a downlink smart contract in the downlink computing device; the intelligent contract comprises an off-link data calling interface;
and under the condition of operating the audit service model, calling the intelligent contract under the chain, executing the data calling interface outside the chain, acquiring the audit data outside the chain, and calculating by using the audit service model.
In one embodiment, the blockchain all-in-one machine further comprises an encryption chip and a hardware trust root key, and after the configuration of the blockchain service component and before the configuration of the audit business model, the method further comprises:
generating a unique digital identity aiming at the block chain all-in-one machine through the encryption chip, and broadcasting an identity public key of the unique digital identity to the hardware trust root key;
acquiring a hardware private key of the hardware trust root key, and issuing a digital certificate to the identity public key based on the hardware private key;
and under the condition that the identity public key is verified based on the data certificate, sending the same secret key to each node of the block chain.
In a second aspect, an embodiment of the present application provides an audit service-oriented data processing apparatus, where the apparatus includes: the device comprises a judging module, an executing module and a chaining module;
the judging module is used for configuring an audit business model and judging whether the audit business model is executed by the intelligent contract chip or not according to the parameter number and the model calculation complexity of the audit business model;
the execution module is used for calling a preset trusted sandbox component to execute the audit business model to obtain data to be audited when the judgment result is that the audit business model is executed by the intelligent contract chip and privacy calculation is carried out on audit data of two parties; when more than two parties of audit data are subjected to privacy calculation, calling a preset multi-party calculation component to execute the audit service model to obtain the data to be audited;
and the uplink module is used for acquiring an operation instruction aiming at the data to be audited in the database to be audited through a preset built-in database, broadcasting the audit data operation acquired according to the operation instruction to other block chain link points for common identification by using a data forwarding network card, and then persisting the audit data operation to the block chain.
In a third aspect, an embodiment of the present application provides a data processing system for audit services, where the system is applied to a block chain all-in-one machine, where the block chain all-in-one machine includes a block chain service component, an intelligent contract chip, a trusted sandbox component, a multi-party computing component, a data forwarding network card, and a built-in database, the system includes a data trusted switching subsystem, and the data trusted switching subsystem includes: the system comprises a data execution module, a multi-party calculation module, a data trusted sandbox module and a data trusted tracing module;
the data execution module is also used for configuring an audit business model and judging whether the audit business model is executed by the intelligent contract chip or not according to the parameter number and the model calculation complexity of the audit business model;
the data credible sandbox module is used for calling the credible sandbox component to execute the audit business model to obtain data to be audited when the judgment result is that the audit business model is executed by the intelligent contract chip and privacy calculation is carried out on audit data of two parties;
the multi-party calculation module is used for calling the multi-party calculation component to execute the audit service model to obtain the data to be audited when the judgment result is that the intelligent contract chip executes the audit service model and privacy calculation is carried out on more than two parties of audit data;
the data credibility tracing module is used for acquiring an operation instruction aiming at the data to be audited in the database to be audited through the built-in database, broadcasting the audit data operation acquired according to the operation instruction to other block chain link points for consensus through the data forwarding network card, and then persisting the audit data operation to the block chain.
In one embodiment, the system further comprises a data wind control subsystem;
and the data wind control subsystem is used for verifying the data to be audited according to a wind control rule preset in the data processing system to obtain a verification result.
In one embodiment, the system further comprises an operation and maintenance subsystem, wherein the operation and maintenance subsystem comprises a data configuration module, a data display module, a service statistical module and a system compatible module;
the data configuration module is used for configuring the block chain service component; the block chain service component is used for enabling the block chain all-in-one machine and at least three other block chain all-in-one machines to form a block chain network;
the data display module is used for sending the linked data to the user terminal for display;
the service statistical module is used for acquiring an audit service type according to the data on the link;
and the system compatible module is used for connecting an external system to be audited and carrying out audit data interaction with the system to be audited.
In a fourth aspect, an embodiment of the present application provides an audit service-oriented blockchain all-in-one machine, where the blockchain all-in-one machine includes: the system comprises a block chain service component, an intelligent contract chip, a trusted sandbox component, a multi-party computing component, a data forwarding network card and a built-in database;
the block chain service component is used for forming a block chain network by the current block chain all-in-one machine and at least three other block chain all-in-one machines;
the intelligent contract chip is used for executing the audit business model according to the parameter number and the model calculation complexity of the pre-configured audit business model;
the credible sandbox component is used for calling the credible sandbox component to execute the audit business model to obtain data to be audited when the intelligent contract chip executes the audit business model and carries out privacy calculation on audit data of two parties;
the multi-party computing component is used for calling the multi-party computing component to execute the audit business model to obtain the data to be audited when the intelligent contract chip executes the audit business model and carries out privacy computation on more than two parties of audit data;
and the data forwarding network card is used for acquiring an operation instruction aiming at the data to be audited in the database to be audited through the built-in database, broadcasting the audit data operation acquired according to the operation instruction to other block chain nodes for consensus and then persisting the audit data operation to the block chain.
In a fifth aspect, an embodiment of the present application provides an electronic apparatus, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and when the processor executes the computer program, the data processing method for auditing services according to the first aspect is implemented.
In a sixth aspect, an embodiment of the present application provides a storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the data processing method for auditing services according to the first aspect.
Compared with the related art, the block chain all-in-one machine, the data processing method and the device for auditing service are provided by the embodiment of the application, the data processing method is applied to the block chain all-in-one machine, and the method comprises the following steps: configuring an audit service model; when private calculation is carried out on two sides of audit data, a trusted sandbox component is called to execute an audit business model, and data to be audited are obtained; when more than two parties of audit data are subjected to privacy calculation, a multi-party calculation component is called to execute an audit service model to obtain data to be audited; the method comprises the steps of obtaining an operation instruction of data to be audited in a database to be audited through a built-in database, broadcasting the audit data obtained according to the operation instruction to other block chain nodes for consensus through a data forwarding network card, and then persisting the audit data to a block chain, so that the problems of low reliability and low accuracy of audit data processed by audit data are solved, and the data processing method facing audit service by using a special block chain all-in-one machine is realized.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1 is an application scenario diagram of a data processing method according to an embodiment of the present application;
FIG. 2 is a flowchart of a data processing method for audit service according to an embodiment of the present application;
FIG. 3 is a block diagram of an audit service oriented data processing apparatus according to an embodiment of the present application;
FIG. 4 is a block diagram of an audit service oriented data processing system according to an embodiment of the present application;
FIG. 5 is a block diagram of an audit service oriented blockchain all-in-one machine according to an embodiment of the application;
FIG. 6 is a block diagram of an audit service oriented blockchain kiosk in accordance with a preferred embodiment of the present application;
FIG. 7 is a schematic diagram of an audit service oriented data processing system in accordance with a preferred embodiment of the present application;
FIG. 8 is a schematic diagram of an audit service oriented blockchain kiosk network architecture in accordance with a preferred embodiment of the present application;
fig. 9 is a block diagram of the inside of a computer device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be described and illustrated below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments provided in the present application without any inventive step are within the scope of protection of the present application. Moreover, it should be appreciated that in the development of any such actual implementation, as in any engineering or design project, numerous implementation-specific decisions must be made to achieve the developers' specific goals, such as compliance with system-related and business-related constraints, which may vary from one implementation to another.
Reference in the specification to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the specification. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Those of ordinary skill in the art will explicitly and implicitly appreciate that the embodiments described herein may be combined with other embodiments without conflict.
Unless defined otherwise, technical or scientific terms referred to herein shall have the ordinary meaning as understood by those of ordinary skill in the art to which this application belongs. Reference to "a," "an," "the," and similar words throughout this application are not to be construed as limiting in number, and may refer to the singular or the plural. The present application is directed to the use of the terms "including," "comprising," "having," and any variations thereof, which are intended to cover non-exclusive inclusions; for example, a process, method, system, article, or apparatus that comprises a list of steps or modules (elements) is not limited to the listed steps or elements, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus. Reference to "connected," "coupled," and the like in this application is not intended to be limited to physical or mechanical connections, but may include electrical connections, whether direct or indirect. Reference herein to "a plurality" means greater than or equal to two. "and/or" describes an association relationship of associated objects, meaning that three relationships may exist, for example, "A and/or B" may mean: a exists alone, A and B exist simultaneously, and B exists alone. Reference herein to the terms "first," "second," "third," and the like, are merely to distinguish similar objects and do not denote a particular ordering for the objects.
In this embodiment, an application scenario of a data processing method for an audit service is provided, and fig. 1 is an application scenario diagram of a data processing method according to an embodiment of the present application, and as shown in fig. 1, a blockchain Network 102 and a server 104 communicate with each other through a Network, where the Network may include a Local Area Network (LAN), a Wide Area Network (WAN), the internet, or a combination thereof, and is connected to a website, a user equipment (e.g., a computing device), and a backend system. The server 104 stores the to-be-audited count data obtained by executing the audit service model to the to-be-audited count database, obtains an operation instruction for the to-be-audited data in the to-be-audited database, and transmits the audit data obtained according to the operation instruction to the block chain network 102. Wherein, a data processing system facing the audit service is deployed on the server 104. Alternatively, the servers 104 may be nodes of a cloud computing system (not shown), or each server 104 may be a separate cloud computing system comprising multiple computers interconnected by a network and operating as a distributed processing system. Server 104 may run any suitable computing system that enables it to act as a node in blockchain network 102.
The embodiment also provides a data processing method for audit service, where the data processing method is applied to a blockchain all-in-one machine, where the blockchain all-in-one machine includes a blockchain service component, an intelligent contract chip, a trusted sandbox component, a multi-party computing component, a data forwarding network card, and a built-in database, and fig. 2 is a flowchart of the data processing method for audit service according to the embodiment of the present application, and as shown in fig. 2, the flowchart includes the following steps:
step S210, configuring a block chain service component; the block chain service component is used for enabling the current block chain all-in-one machine and at least three other block chain all-in-one machines to form a block chain network.
It should be noted that, through the block chain service component, at least four block chain all-in-one machines are constructed to form an audit department-oriented alliance chain network system. Specifically, the processor allocates a root of trust key through an operation and maintenance subsystem in the deployed data processing system, starts up by one key, and performs network configuration and node configuration, thereby realizing the configuration of the block chain service component.
Step S220, an audit business model is configured, and whether the audit business model is executed by the intelligent contract chip is judged according to the parameter number and the model calculation complexity of the audit business model.
The audit business model is used for obtaining audit data; for example, when auditing the internal use condition of capital of a large-scale project of a national enterprise, the to-be-audited data comprises scientific research expenditure, project construction cost, capital balance and the like, and under the condition that relevant enterprise data is not required to be called, an auditing result can be obtained by applying a credible sandbox to operate an auditing business model. A user can check a configuration interface on a user terminal connected with the data processing system facing the audit service, and select a table field, an audit period and an audit formula required by the audit model on the configuration interface, thereby realizing the configuration of the audit service model.
A dedicated intelligent contract chip may be deployed on the block chain all-in-one machine, for example, the intelligent contract chip may be an FPGA (Field Programmable Gate Array) chip or other types of chips, so as to improve processing efficiency for an intelligent contract. The intelligent contract chip capable of executing the audit service model realizes the customized block chain all-in-one machine specially adapted to the audit service, and the intelligent contract chip continuously operates the audit service model at high frequency, so that the CPU load of the block chain all-in-one machine is effectively reduced, the operation speed is increased, and the efficiency of audit data processing is improved. Specifically, when the number of parameters input into the audit service model is detected to be greater than a first threshold value, or the model calculation complexity of the audit service model is detected to be greater than a second threshold value, which indicates that the efficiency of the processor executing the audit service model is low at this time, the intelligent contract chip may be invoked to run the audit service model at this time. Wherein the first threshold and the second threshold can be determined by the userSetting the actual situation in advance; for example, the first threshold may be set to 3, and the second threshold may be set to O (log)2n), then the number of the above parameters is more than 3, or the model calculation complexity is more than O (log)2n), judging that the intelligent contract chip executes the audit business model.
Step S230, under the condition that the intelligent contract chip executes the audit business model, when the privacy calculation is carried out on the audit data of two parties, the credible sandbox component is called to execute the audit business model, and the data to be audited are obtained; when the privacy calculation is carried out on more than two parties of audit data, the multi-party calculation component is called to execute an audit service model, and the to-be-audited data is obtained.
In one embodiment, when the judgment result is that the intelligent contract chip executes the audit service model and private calculation is performed on audit data of two parties, virtual machine resources are created, trusted sandbox hardware resources are obtained through the trusted sandbox component, and the audit service model is configured according to the virtual machine resources and the trusted sandbox hardware resources; and calling the audit service model, and carrying out privacy calculation on the obtained interactive audit data based on the audit service model to obtain the to-be-audited data.
It should be noted that the trusted sandbox component includes a closed security configuration such as OS, MEM, NET, etc. The application scenario for running the trusted sandbox component may be: and running the audit service model based on an auditor and an audit data source party, wherein the audit data source party provides batch audit data, and the audit data has privacy requirements. The auditing party refers to the party performing auditing, and the auditing data source party refers to the party to be audited and counted for providing the auditing data source. In addition, management-controlled virtual machine resources and trusted sandbox hardware resources can be allocated for the corresponding audit business model.
Specifically, the operation flow may be: an auditor creates a virtual machine running instance in the sandbox running environment; an auditor configures a sandbox system environment and an audit service model and then creates a sandbox example; the auditor is in the sandbox example, and controls the sandbox by the auditor; generating an auditor private key and an auditor public key of an auditor, and publishing the auditor public key; the auditing party encrypts the symmetric key by using the private key of the auditing party and sends the symmetric key to the auditing data source party; the auditing party requests to send the sandbox example to the auditing data source party, namely, the auditing service model is carried by the example environment; the system seals the sandbox to forbid all the access rights of the input and output equipment, and images the sandbox to an audit data source side after encrypting the sandbox example based on the symmetric key; the audit data source side decrypts the symmetric key by using the public key of the audit side, so as to realize decryption of the mapped sandbox example; starting a sandbox by an audit data source side; and the two parties carry out audit data interaction through the sandbox in the special shared folder channel, so that interactive transfer of the sandbox instance established based on the audit business model is realized in the data interaction process, privacy calculation results of the audit business models of the two parties relating to the auditor and the audit data source party are calculated through the audit business model, and finally the auditor obtains the to-be-audited counting data of the audit data source party. It should be noted that the obtained data to be audited may be stored in the database to be audited.
Or, under the condition that the judgment result is that the intelligent contract chip executes the audit service model and performs privacy calculation on more than two sides of audit data, the audit service model can be operated through a multi-side calculation component to finally obtain the data to be audited.
It can be understood that the two-party audit data refers to audit data of both a single auditor and a single audit data source party, and the audit data of more than two parties refers to respective audit data of a single auditor and a plurality of audit data source parties.
And step S240, acquiring an operation instruction aiming at the to-be-audited data in the to-be-audited database through the built-in database, broadcasting the audit data operation acquired according to the operation instruction to other block chain link points for consensus by using the data forwarding network card, and then persisting the audit data operation to the block chain.
The processor tracks and chains any operation of adding, deleting and changing the data to be audited in the database to be audited as block chain transaction data, so that the change of the original audit data can be traced, and the auditing business models such as a running trend type and a comparison method are supported.
It should be noted that the to-be-audited database is used for storing the to-be-audited data acquired in the step S230; the database to be audited can be deployed in a data processing system facing audit service. The data forwarding network card can realize the function of the traditional network card, and can also replace or assist a central processing unit (CPU for short) of the block chain all-in-one machine to complete partial functions. For example, the data forwarding network card may perform a transaction consensus with other nodes in the blockchain network to which the blockchain link point device belongs, and upload the transaction passing through the consensus to the blockchain all-in-one CPU, that is, the data forwarding network card may unload the transaction consensus function in the blockchain all-in-one CPU. It should be noted that the other block link points refer to block link points of other block chain integrated machines in the block chain network.
In the related technology, the problem that data acquired by AO cannot be matched due to different types of background databases of information systems of audited units is solved, so that the auditing efficiency is greatly reduced during joint auditing or cross-regional auditing. Under the informatization condition, although auditors can perform detailed investigation on huge electronic data, the risk of auditing is not reduced due to the detailed investigation, mainly because the fraud behaviors of some audited units are more concealed. Audit forensics is a well-recognized problem. The main reason is that the auditing personnel cannot see and feel the analysis process of the electronic data, and the screened problems are often difficult to understand by the auditing units.
In the embodiment of the application, through the steps S210 to S230, the data to be audited is obtained according to the audit service model, the data operation is used as the block chain transaction data, and the block chain transaction data which is commonly identified is persisted to the block chain through the block chain all-in-one machine special for auditing, so that the audit data is not falsified and traceable, the source credibility of the audit data is ensured, and the audit quality is improved; the block chain and the credible sandbox technology realized based on the credible controlled virtual machine system are combined, a privacy calculation mode of 'model movement and audit data immobility' is realized, auditing of confidential departments or units is supported, auditing capacity and auditing efficiency are improved, meanwhile, safety and privacy of audit data processing are improved, the problem of low credibility and accuracy of audit data processing is solved, and abundant audit data sources are realized.
In an embodiment, the block chain all-in-one machine further includes a built-in database, and the obtaining, through the built-in database, an operation instruction for data to be audited in the count database to be audited further includes the following steps:
step S221, configuring the to-be-examined database and the built-in database as a master-slave database; in the master database and the slave database, the first initial state of the to-be-audited counting database is consistent with the second initial state of the built-in database; the first initial state indicates data operation aiming at the data to be audited in the to-be-audited counting database, and the second initial state indicates data operation aiming at the data to be audited in the built-in database.
In one embodiment, after the pending count database and the built-in database are configured as a master-slave database, in the case that communication interruption between the pending count database and the built-in database is detected, the acquired communication interruption alarm information is used as uplink block chain transaction data. And once the communication between the master database and the slave database is interrupted or abnormal, corresponding alarm information is recorded in the built-in database.
Step S222, under the condition that the first initial state is updated to the first state, the second initial state is synchronously updated to the second state through a trigger deployed in a built-in database, and an operation instruction corresponding to the second state is obtained; the first state indicates the updated data operation in the pending counting database, and the second state indicates the updated data operation in the built-in database.
In the above steps S221 to S222, first, the database to be audited and the built-in database are configured as a corresponding relationship between the master database and the slave database, and the initial states of the databases at both ends are kept consistent. And then, the trigger is arranged in an internal database in the equipment side of the block chain all-in-one machine, and when data operations such as audit data updating and the like occur at the position of the to-be-audited counting database, the trigger can synchronously record the data operations of updating the audit data in the internal database of the block chain all-in-one machine.
It should be noted that, the application mode of the master-slave database may also include a log increment synchronization mode in addition to the master-slave database mode. The log increment synchronization mode may be: incrementally reading a log which is operated aiming at the source audit data in a database to be audited, and storing the log locally; and then, in the built-in database, starting from the update position of the last update saving, executing a Structured Query Language (SQL) statement based on the log so as to realize synchronization with the source audit data.
Through the steps S221 to S222, the to-be-audited counting database and the built-in database are configured into the master database and the slave database, so that a database image is formed between information systems of audited departments of the special block chain all-in-one machine, a database trigger acquires transaction operations of all data updates of the to-be-audited database so as to realize synchronous update between the master database and the slave database, and links the transaction operations in real time, so that original audit data are effectively prevented from being tampered; meanwhile, if the audited database and the block chain all-in-one machine database are interrupted, the related information can be recorded and linked up so as to facilitate follow-up tracing investigation, and therefore the accuracy of audit data processing is further effectively improved.
In an embodiment, after the audit data operation obtained according to the operation instruction is broadcast to other block link points for consensus and is persisted to a block chain, the data processing method further includes the following steps: screening the data on the chain based on the block access frequency of the block chain to obtain redundant data in the data on the chain; and extracting the redundant data from the built-in database and storing the redundant data into an archival database deployed in the blockchain all-in-one machine.
It should be noted that the above-mentioned on-chain data refers to an operation of storing audit data recorded onto the blockchain. Wherein the processor periodically performs audit intelligence contracts and manual audits. Over time, oplogs for audit data are increasing cumulatively, taking up on-chain storage space. Therefore, the on-chain data can be screened, for example, when it is detected that the access frequency of the block is less than a certain threshold, it is indicated that the access frequency of the block is too low, the on-chain data of the block can be used as redundant data, and the redundant data is transferred and stored in the archiving database by using technologies such as snapshot, so that the on-chain data can be dynamically archived without stopping the whole platform at a block chain node, thereby not only ensuring that the operating efficiency of the system is not reduced due to excessive data accumulation, but also ensuring that the historical data is safely archived and can be referred at any time, and greatly improving the operating efficiency of the CPU in the block chain all-in-one machine.
In an embodiment, when performing privacy computation on more than two parties of audit data, invoking the multi-party computation component to execute an audit service model to obtain the to-be-audited data includes the following steps: accessing private data of a multi-party association department by applying the multi-party computing component through the audit service model, and acquiring the to-be-audited data according to the private data; wherein, the multi-party association department comprises: one or more departments of industry and commerce, tax department, credit department, public deposit department, social security department, enterprise, public institution, bank.
The auditing service model refers to a model for processing a plurality of data sources needing privacy protection to be accessed to obtain auditing data; the auditing business model can comprise a privacy calculation algorithm for multi-party calculation, such as homomorphic encryption, secret sharing or zero-knowledge proof. The intersection data refers to audit data which is common among all multi-party association departments and needs privacy protection. The multi-party association department refers to a department related to the auditing business, such as an industrial and commercial department or a tax department. Specifically, taking the second audit service model as an example of using an accidental random Function (OPRF) technology, a security length is defined between each two parties, a pseudo-random number generating Function is defined, intersection data between each two parties is obtained by searching based on the security length and the pseudo-random number generating Function, and each party does not obtain any additional information about other parties.
By the embodiment, the audit data with privacy among all multi-party related departments is extracted based on the audit type, so that multi-party calculation for the audit business is realized, various audit business model calculations can be met on the premise of ensuring the privacy of the audit data, data leakage of relevant audit departments such as industry and commerce and tax is avoided, and the safety of audit data processing is further improved; meanwhile, the data to be audited is obtained through two different modes, namely a multi-party safety calculation technology and a feasible sandbox technology, so that the sources of the audit data are enriched, and the reliability of audit data processing is further improved.
In one embodiment, the above-mentioned determining whether the intelligent contract chip executes the audit service model further includes the following steps: obtaining audit data parameters corresponding to each multi-party association department; and under the condition that the number of the audit data parameters is greater than a preset threshold value, executing the audit business model through the intelligent contract chip, and inputting the audit data parameters into the audit business model to obtain the intersection data output by the audit business model.
It should be noted that the preset threshold may be preset by a user according to actual conditions, for example, the preset threshold may be set to 6. Specifically, an audit business model is issued to a multi-party association department, and a processor detects and judges the number of audit data parameters; for example, if the number of the audit data parameters is greater than 6, it indicates that the number of the audit data parameters is too large at this time, and therefore, the calculation complexity of the audit service model is too large, at this time, an intelligent contract chip may be called to execute the audit service model, and the plurality of audit data parameters are used as input parameters of the audit service model, so that an intersection data result of a multi-party association department can be obtained based on the audit service model, and invisible privacy data is realized.
Through the embodiment, the number of the audit data parameters is judged based on the preset threshold, and the audit service model is executed by calling the intelligent contract chip under the condition that the audit data parameters are too much, so that the problem that the data processing speed is low due to the fact that the audit service model is too high in calculation complexity is avoided, and the data processing efficiency facing the audit service is effectively improved.
In an embodiment, in the case that the intelligent contract chip executes the audit service model as a result of the determination, the data processing method further includes the following steps: and extracting the data to be audited according to the field set indicated by the audit service model.
It should be noted that the audit service model includes a data collection template. The data collection template is used for setting audit data to be collected, for example, the data collection template may set data source parameters, that is, addresses, names, connection parameters, and the like of a pending count database, and further includes a data table set, a data field set, and the like. Specifically, the way of acquiring the audit data through the preset audit service model may be as follows: running the preset audit business model and connecting to a database to be audited; extracting all data in the to-be-examined database according to the data field set; according to each piece of data, data creation, modification and deletion records on the chain are extracted one by one, the data trace risk is recorded, and an audit result is obtained through calculation according to an audit business model algorithm, so that the operation efficiency is improved, and meanwhile, the CPU load of the block chain all-in-one machine node is reduced.
In one embodiment, the data processing method further comprises: acquiring a request transaction and request parameters on a chain; and issuing a data reply response parameter corresponding to the audit data to the block chain according to the request transaction and the request parameter on the chain, and scheduling the audit data based on the issued data reply response parameter to obtain a scheduling result.
The data scheduling module is responsible for scheduling and coordinating audit data. In particular, the auditor issues on-chain request transactions for audit data on the chain, and issues request parameters, which may include: data description parameters and network parameters; the auditing data source side verifies the authority of the auditing party according to the request transaction on the chain, and the auditing data source side verifies the auditing data according to the request parameters under the condition that the authority verification is passed; preparing audit data by an audit data source side under the condition that audit data passes verification; the auditing data source side issues data reply response parameters on the chain, wherein the data reply response parameters can comprise data size, signature and a sender network address; the data auditor issues a data receiving address corresponding to the sender network address; the auditing data source side verifies and sends auditing data to the auditing side point to point; and the auditor finishes receiving the audit data and publishes the data size and the signature on the chain. Through the embodiment, the data scheduling module is used for scheduling the audit data between the audit party and the audit data source party, so that the efficiency of the audit data processing system is improved.
In one embodiment, the blockchain all-in-one machine further includes an off-chain computing device, and the data processing method further includes the steps of: based on the audit service model, the off-link audit data corresponding to the audit service model is obtained through the cooperative execution of the off-link computing equipment; deploying a down-link intelligent contract in the down-link computing device; wherein, the intelligent contract comprises an out-of-link data calling interface; and under the condition of operating the audit service model, calling the intelligent contract under the chain, executing the data calling interface outside the chain, acquiring the audit data outside the chain and calculating by using the audit service model.
It should be noted that the off-chain audit data refers to original audit data stored in an on-chain database of the blockchain or stored in an audit-pending database outside the blockchain. The method comprises the following steps that for the condition of accessing data under a chain in an audit business model, intelligent contracts under the chain are deployed in computing equipment under the chain to be matched and realized; specifically, the processor receives a contract-under-chain call request initiated by a certain blockchain node for calculating under-chain in the blockchain all-in-one machine, executes a contract under-chain in the calculating equipment under-chain according to the contract-under-chain call request, and returns a calculation result for executing the contract under-chain for the data under-chain to the blockchain node for storage, so that accurate and rapid calculation for audit data under-chain is realized, the calculation result is recorded, and the comprehensiveness and safety of audit data processing are effectively improved.
In one embodiment, the blockchain integrator is applied to an audit data processing system, the blockchain integrator further includes an encryption chip and a hardware root of trust key, and after the step S210 and before the step S220, the data processing method further includes the following steps: generating a unique digital identity aiming at the block chain all-in-one machine through the encryption chip, and broadcasting an identity public key of the unique digital identity to the hardware trust root key; acquiring a hardware private key of the hardware trust root key, and issuing a digital certificate to the identity public key based on the hardware private key; and under the condition that the authentication verification of the identity public key based on the data certificate is passed, the same key is sent to each node of the block chain.
It should be noted that the unique digital identity includes an identity public key and an identity private key; the encryption chip can be a TCM encryption chip or a TPM2.0 encryption chip to prevent an illegal user from accessing the blockchain all-in-one machine; in addition, an anti-attack security interaction mechanism for connection of the master database and the slave database can be realized based on the encryption chip. The hardware trust root key can be pre-deployed into the intelligent contract processing chip by an auditing party, and a public and private key pair of the hardware trust root key is signed and issued by the auditing party on line; and the public and private key pair resides in hardware equipment of the blockchain all-in-one machine. Therefore, the identity public key generated by the encryption chip in the blockchain all-in-one machine is signed and issued by a digital certificate based on the private key in the hardware trust root key, so that the identity trust of any node in the blockchain all-in-one machine is realized.
In addition, the blockchain kiosk may further include a Certificate Authority (CA). The identity private key and the identity public key are generated by the encryption chip through a built-in security encryption chip based on TCM/TPM2.0 specification during initial configuration, and the legal identity of the block chain all-in-one machine can be obtained under the condition that a trusted digital certificate is obtained through a built-in CA authentication center based on the identity private key and the identity public key, so that the block chain all-in-one machine of a department can be accessed to the audit data processing system, the identity of the block chain all-in-one machine is legally verified based on the encryption chip and CA authentication center equipment deployed in the block chain all-in-one machine, and the block chain all-in-one machine is allowed to be accessed to the audit data processing system under the condition that the identity of the block chain all-in-one machine is legal, and the security of audit data processing.
Through the steps, the key negotiation information is signed through the hardware trust root key deployed in the special blockchain all-in-one machine for the audit service, so that the dynamic message interaction of the audit node based on the key negotiation is realized, and the safety and the efficiency of audit data processing are improved.
It should be noted that the steps illustrated in the above-described flow diagrams or in the flow diagrams of the figures may be performed in a computer system, such as a set of computer-executable instructions, and that, although a logical order is illustrated in the flow diagrams, in some cases, the steps illustrated or described may be performed in an order different than here.
The present embodiment further provides an audit service-oriented data processing apparatus, which is used to implement the foregoing embodiments and preferred embodiments, and the details of which have been already described are not repeated. As used hereinafter, the terms "module," "unit," "subunit," and the like may implement a combination of software and/or hardware for a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 3 is a block diagram of a data processing apparatus facing an audit service according to an embodiment of the present application, and as shown in fig. 3, the apparatus includes: a determination module 32, an execution module 34, and a chaining module 36;
the judging module 32 is used for configuring an auditing service model and judging whether the auditing service model is executed by the intelligent contract chip or not according to the parameter number and the model calculation complexity of the auditing service model; the execution module 34 is configured to, when the determination result is that the intelligent contract chip executes the audit service model and privacy calculation is performed on audit data of two parties, invoke the trusted sandbox component to execute the audit service model, and obtain data to be audited; when the privacy calculation is carried out on more than two parties of audit data, the multi-party calculation component is called to execute an audit service model to obtain the to-be-audited data; the uplink module 36 is configured to obtain an operation instruction for the to-be-audited data in the to-be-audited database through the built-in database, broadcast the audit data operation obtained according to the operation instruction to other block link points by using the data forwarding network card for common identification, and then persist the audit data operation on the block link.
Through the embodiment, the execution module 34 executes the audit service model and acquires the data to be audited, and the uplink module 36 persists the operation of the audited data passing through the consensus on the block chain through the block chain all-in-one machine special for auditing, so that the audited data is not falsified and traceable, the source credibility of the audited data is ensured, the audit quality is improved, and the problem of low accuracy of audit data processing is solved.
The above modules may be functional modules or program modules, and may be implemented by software or hardware. For a module implemented by hardware, the modules may be located in the same processor; or the modules can be respectively positioned in different processors in any combination.
The embodiment also provides a data processing system facing the audit service, which is applied to a block chain all-in-one machine, wherein the block chain all-in-one machine comprises a block chain service component, an intelligent contract chip, a trusted sandbox component, a multi-party computing component, a data forwarding network card and a built-in database; fig. 4 is a block diagram of a data processing system for auditing services according to an embodiment of the present application, where, as shown in fig. 4, the system includes a data trusted switching subsystem 40, and the data trusted switching subsystem 40 includes: a data execution module 42, a multi-party computation module 44, a data trusted sandbox module 46 and a data trusted traceability module 48.
The data execution module 42 is further configured to configure an audit service model, and determine whether the audit service model is executed by the intelligent contract chip according to the number of parameters of the audit service model and the model calculation complexity; the data trusted sandbox module 46 is configured to, when the determination result is that the intelligent contract chip executes the audit business model, invoke the trusted sandbox component to execute the audit business model according to the audit business model through the trusted sandbox component, so as to obtain data to be audited; the multi-party calculation module 44 is configured to, when the determination result is that the intelligent contract chip executes the audit service model, perform privacy calculation on more than two parties of audit data, invoke the multi-party calculation component to execute the audit service model to obtain the to-be-audited count data; the data trusted tracing module 48 is configured to obtain an operation instruction for the to-be-inspected data in the to-be-inspected database through the built-in database, broadcast an audit data operation obtained according to the operation instruction to other block link points by using the data forwarding network card, perform consensus, and then persist the audit data operation on the block chain.
Through the embodiment, the data credible sandbox module 46 or the multi-party calculation module 44 executes the audit business model and obtains the data to be audited, the data credible tracing module 48 takes data operation as block chain transaction data, and the block chain transaction data passing through the common identification is durably arranged on the block chain through the block chain all-in-one machine special for auditing, so that the audit data can not be tampered and traced, the source credibility of the audit data is ensured, the audit quality is improved, and the problem of low accuracy of audit data processing is solved.
In one embodiment, the audit data processing system further includes a data wind control subsystem; and the data wind control subsystem is used for verifying the audit data according to a wind control rule preset in the data processing system to obtain a verification result.
It should be noted that, the above-mentioned wind control rule may be preset by a user and stored in the above-mentioned data processing system; for example, the wind control rule may be set to: a digital digest is generated based on the audit data and compared to the digital digest retrieved from the blockchain to validate the audit data. The data deception risk and control function module in the data wind control subsystem is responsible for monitoring the quality of audit source data; the function is used as a service to reside in the block chain all-in-one machine, and the authenticity of the audit data before collection is verified according to the preset wind control rule. The data management risk and control function module of the data wind control subsystem is responsible for managing the integrity, authenticity and normalization of the collected audit data; the function is used as a service to reside in the block chain all-in-one machine, and the collected data are verified according to a preset wind control rule. The data auditing compliance risk and control function module of the data wind control subsystem is responsible for carrying out compliance monitoring on key points in the data auditing process; the function is used as a service to reside in a block chain all-in-one machine, and compliance check is carried out on the data snapshot of the key points in the acquisition process according to a compliance wind control rule configured in advance.
Through the embodiment, the risk assessment and control are carried out on the audit data in the audit data processing process through the data wind control subsystem, so that the processing accuracy of the audit data processing system is further improved.
In one embodiment, the audit data processing system further comprises an operation and maintenance subsystem, wherein the operation and maintenance subsystem comprises a data configuration module, a data display module, a service statistical module and a system compatible module; the data allocation module is used for allocating the block chain service components; the block chain service component is used for enabling the block chain all-in-one machine and at least three other block chain all-in-one machines to form a block chain network; the data display module is used for sending the data on the link to a user terminal for displaying; the service statistical module is used for acquiring an audit service type according to the data on the chain; the system compatible module is used for connecting an external system to be audited and carrying out audit data interaction with the system to be audited.
Specifically, the data display module in the operation and maintenance subsystem is responsible for operation and maintenance display and operation management of the audit data processing system; the distributed storage operation module of the operation and maintenance subsystem is responsible for the configuration and management of data of each audit node; the operation and maintenance subsystem is used for managing and maintaining audit service; and the system compatible module of the operation and maintenance subsystem is responsible for butt joint with auditing systems such as a gold audit system and the like.
Through the embodiment, the functions of operation and maintenance data display, data management, service maintenance, butt joint with other systems and the like are realized through the operation and maintenance subsystem, so that the convenience of the audit data processing system is effectively improved, and the user experience of auditors is improved.
In one embodiment, the blockchain integrator further comprises: the data credibility tracing module 48 is further configured to configure the to-be-examined counting database and the built-in database as a master-slave database; in the master database and the slave database, the first initial state of the to-be-audited counting database is consistent with the second initial state of the built-in database; the first initial state indicates data operation aiming at the audit data in the to-be-audited counting database, and the second initial state indicates data operation aiming at the audit data in the built-in database; when the first initial state is updated to the first state, the data trusted trace back module 48 synchronously updates the second initial state to the second state through the database trigger, and takes the data operation indicated by the second state as the block chain transaction data; the first state indicates the updated data operation state in the pending counting database, and the second state indicates the updated data operation in the built-in database.
In one embodiment, the blockchain all-in-one machine further comprises a trusted sandbox component, and the data trusted switching subsystem 40 further comprises a data algorithm trusted sandbox module; the data algorithm trusted sandbox module is used for creating virtual machine resources and acquiring trusted sandbox hardware resources through the trusted sandbox component; the data algorithm trusted sandbox module establishes an audit business model according to the virtual machine resources and the trusted sandbox hardware resources, and performs privacy calculation on the obtained interactive audit data based on the audit business model to obtain the to-be-audited count data.
In one embodiment, the trusted exchange subsystem of data 40 further comprises a multi-party computing module; the multi-party computing module is used for accessing the privacy data of a multi-party association department by applying the multi-party computing module through the auditing service model and acquiring the to-be-audited data according to the privacy data; wherein, the multi-party association department comprises: business sector, tax sector, credit department, enterprise, institution, bank.
In one embodiment, the trusted data exchange subsystem 40 further includes a data scheduling module; the data scheduling module is used for acquiring request transaction and request parameters on a chain; the data scheduling module is further configured to issue a data reply response parameter corresponding to the audit data to the blockchain according to the request transaction and the request parameter on the chain, and schedule the audit data based on the issued data reply response parameter to obtain a scheduling result.
In one embodiment, the trusted data exchange subsystem 40 further includes a data governance module; the data management module is used for extracting the to-be-audited data according to the field set indicated by the audit service model.
The embodiment also provides an audit service-oriented blockchain all-in-one machine, and fig. 5 is a block diagram of a structure of an audit service-oriented blockchain all-in-one machine according to an embodiment of the present application, and as shown in fig. 5, the blockchain all-in-one machine includes: a block chain service component 51, an intelligent contract chip 52, a trusted sandbox component 53, a multi-party computing component 54, a data forwarding network card 55 and a built-in database 56; the blockchain service component 51 is configured to combine the current blockchain all-in-one machine and at least three other blockchain all-in-one machines into a blockchain network; the intelligent contract chip 52 is used for executing the auditing service model according to the parameter number and the model calculation complexity of the auditing service model; the trusted sandbox component 53 is configured to, when the intelligent contract chip executes the audit service model and performs privacy calculation on audit data of two parties, invoke the trusted sandbox component to execute the audit service model to obtain data to be audited; the multi-party computing component 54 is configured to, when the intelligent contract chip executes the audit service model and performs privacy computation on audit data of more than two parties, invoke the multi-party computing component to execute the audit service model to obtain the to-be-audited data; the data forwarding network card 55 is configured to obtain an operation instruction for the to-be-audited data in the to-be-audited data base through the built-in database, broadcast an audit data operation obtained according to the operation instruction to other block link points for consensus by using the data forwarding network card, and then persist the audit data operation on the block chain.
Through the embodiment, the trusted sandbox component 53 or the multi-party computing component 54 executes the audit service model I to acquire the data to be audited, and the data forwarding network card 55 persists the operation of the audited data passing through the consensus to the block chain through the block chain all-in-one machine special for auditing, so that the audited data cannot be tampered and traceable, the source confidence of the audited data is ensured, the auditing quality is improved, and the problem of low accuracy of audit data processing is solved.
The following describes an embodiment of the present invention in detail with reference to an actual application scenario, fig. 6 is a block diagram of a blockchain all-in-one machine for audit service according to a preferred embodiment of the present application, and as shown in fig. 6, the blockchain all-in-one machine has basic capabilities of blockchain nodes, including functions of node automatic configuration, chain building, node verification, a consensus mechanism, on-chain data storage, and off-chain data storage coordination, and the main components of the blockchain all-in-one machine include a blockchain service component 51, an intelligent contract chip 52, a trusted sandbox component 53, a TCM/TPM2.0 encryption chip 61, a multi-party computing component 54, a data forwarding network card 55, a built-in database device 56, and an off-chain computing device 62. An audit alliance chain network is built based on the block chain all-in-one machine, so that the irreparable and traceable audit data are realized, the credibility of the source of the audit data is ensured, the audit quality is improved, the special block chain all-in-one machine for audit based on the customized technology is designed, the rapid deployment capability of block chain integration is improved, the capability of an audit department for rapidly building the alliance block chain network is improved, and the maintenance difficulty and cost are reduced; and moreover, by deploying the block chain all-in-one machine, the information systems of all auditing departments can be accessed quickly, an auditing alliance chain network is formed, and penetrating auditing supervision is realized.
Fig. 7 is a schematic diagram of a data processing system for audit service according to a preferred embodiment of the present application, and as shown in fig. 7, the system for audit data service is built based on a dedicated block chain all-in-one machine, and includes a data trusted switching subsystem, a data wind control subsystem, an operation and maintenance subsystem, a block chain service layer, and a network layer. The data credible exchange subsystem comprises a data management module, a data credible tracing module, a data scheduling module, a multi-party computing module and a data algorithm credible sandbox module; the data wind control subsystem comprises a data management risk and control function module, a data deception risk and control function module and a data audit compliance risk and control function module; the operation and maintenance subsystem comprises a data configuration module, a data display module, a service statistics module, a distributed storage operation module and a system compatibility module. The block chain service layer is used for supporting the network system of the plurality of block chain all-in-one machines, and the network layer is used for carrying out data communication with the block chain all-in-one machines through a network.
Fig. 8 is a schematic diagram of a block chain all-in-one machine network architecture for audit services according to a preferred embodiment of the present application, and as shown in fig. 8, in an alliance chain network system for audit services built on the basis of a plurality of dedicated block chain all-in-one machines, each audit unit and a corresponding block chain all-in-one machine constitute a master-slave server, and any change of audit data of each audit unit is synchronized to a corresponding alliance chain network system side for storage through a trigger deployed in a built-in database, and uplink storage is performed on data operation of the audit data at the same time. If the communication between the master database system and the slave database system is abnormal, corresponding information can be stored in the chain; on the other hand, the system can periodically execute audit contracts and manual audits; wherein, the manual audit refers to one-time manual execution of each audit business model by an auditor. Along with the time, the operation logs are gradually accumulated and increased to occupy the storage space on the chain, and the block chain node system can realize dynamic on-chain data archiving under the condition that the whole platform does not stop, so that the system is not reduced in operation efficiency due to excessive data accumulation, the safe archiving and the random lookup of historical data are ensured, and the operation efficiency of the system is improved.
The embodiment further provides a computer device, where the computer device may be a server, and fig. 9 is a structural diagram of an inside of the computer device according to the embodiment of the present application, as shown in fig. 9. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing an audit business model. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to realize the data processing method facing the auditing service.
Those skilled in the art will appreciate that the architecture shown in fig. 9 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
The present embodiment also provides an electronic device comprising a memory having a computer program stored therein and a processor configured to execute the computer program to perform the steps of any of the above method embodiments.
Optionally, the electronic apparatus may further include a transmission device and an input/output device, wherein the transmission device is connected to the processor, and the input/output device is connected to the processor.
Optionally, in this embodiment, the processor may be configured to execute the following steps by a computer program:
s1, configuring a block chain service component; the block chain service component is used for enabling the current block chain all-in-one machine and at least three other block chain all-in-one machines to form a block chain network.
S2, configuring auditing service model, and judging whether the intelligent contract chip executes the auditing service model according to the parameter number and model calculation complexity of the auditing service model.
S3, when the judgment result is that the intelligent contract chip executes the audit service model, when the privacy calculation is carried out on the audit data of two parties, the credible sandbox component is called to execute the audit service model, and the data to be audited are obtained; when the privacy calculation is carried out on more than two parties of audit data, the multi-party calculation component is called to execute an audit service model, and the to-be-audited data is obtained.
And S4, acquiring an operation instruction for the to-be-audited data in the to-be-audited database through the built-in database, broadcasting the audit data operation acquired according to the operation instruction to other block chain link points for common identification by using the data forwarding network card, and then persisting the audit data operation to the block chain.
It should be noted that, for specific examples in this embodiment, reference may be made to examples described in the foregoing embodiments and optional implementations, and details of this embodiment are not described herein again.
In addition, in combination with the data processing method facing the audit service in the foregoing embodiment, the embodiment of the present application may provide a storage medium to implement. The storage medium having stored thereon a computer program; the computer program, when executed by a processor, implements any one of the auditing service oriented data processing methods in the above embodiments.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
It should be understood by those skilled in the art that various features of the above-described embodiments can be combined in any combination, and for the sake of brevity, all possible combinations of features in the above-described embodiments are not described in detail, but rather, all combinations of features which are not inconsistent with each other should be construed as being within the scope of the present disclosure.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (14)
1. A data processing method facing audit service is characterized in that the method is applied to a block chain all-in-one machine, the block chain all-in-one machine comprises a block chain service component, an intelligent contract chip, a trusted sandbox component, a multi-party computing component, a data forwarding network card and a built-in database, and the method comprises the following steps:
configuring the blockchain service component; the block chain service component is used for enabling the current block chain all-in-one machine and at least three other block chain all-in-one machines to form a block chain network;
configuring an audit business model, and judging whether the audit business model is executed by the intelligent contract chip or not according to the parameter number and the model calculation complexity of the audit business model;
when the judgment result is that the intelligent contract chip executes the audit service model, calling the trusted sandbox component to execute the audit service model when performing privacy calculation on the audit data of two parties to obtain the data to be audited; when more than two parties of audit data are subjected to privacy calculation, calling the multi-party calculation component to execute the audit service model to obtain the data to be audited;
and acquiring an operation instruction aiming at the data to be audited in the database to be audited through the built-in database, broadcasting the audit data operation acquired according to the operation instruction to other block chain nodes for consensus by using the data forwarding network card, and then persisting the audit data operation to the block chain.
2. The data processing method according to claim 1, wherein the obtaining, by the built-in database, the operation instruction for the data to be audited in the database to be audited comprises:
configuring the database to be audited and the built-in database as a master-slave database; in the master database and the slave database, a first initial state of the database to be audited is consistent with a second initial state of the built-in database; the first initial state indicates data operation aiming at the data to be audited in the database to be audited, and the second initial state indicates data operation aiming at the data to be audited in the built-in database;
under the condition that the first initial state is updated to a first state, synchronously updating the second initial state to a second state through a trigger deployed in the built-in database, and acquiring an operation instruction corresponding to the second state; the first state indicates the updated data operation in the database to be audited, and the second state indicates the updated data operation in the built-in database.
3. The data processing method of claim 2, wherein after the configuring the database to be audited and the built-in database as a master-slave database, the method further comprises:
and under the condition that communication interruption between the database to be audited and the built-in database is detected, taking the obtained communication interruption alarm information as block chain transaction data uplink.
4. The data processing method of claim 1, wherein when performing privacy computation on more than two parties of audit data, invoking the multi-party computing component to execute an audit service model, and obtaining the to-be-audited data comprises:
accessing privacy data of a multi-party association department by applying the multi-party computing component through the auditing service model, and acquiring the data to be audited according to the privacy data; wherein the multi-party affiliation department comprises: one or more departments of industry and commerce, tax department, credit department, public deposit department, social security department, enterprise, public institution, bank.
5. The data processing method of claim 1, wherein the method further comprises:
acquiring a request transaction and request parameters on a chain;
and issuing a data reply response parameter corresponding to the audit data to the block chain according to the on-chain request transaction and the request parameter, and scheduling the audit data based on the issued data reply response parameter to obtain a scheduling result.
6. The data processing method of claim 1, wherein the blockchain all-in-one machine further comprises an off-chain computing device, the method further comprising:
based on the audit service model, the off-link audit data corresponding to the audit service model is obtained through the cooperative execution of the off-link computing equipment;
deploying a downlink smart contract in the downlink computing device; the intelligent contract comprises an off-link data calling interface;
and under the condition of operating the audit service model, calling the intelligent contract under the chain, executing the data calling interface outside the chain, acquiring the audit data outside the chain, and calculating by using the audit service model.
7. The data processing method of any one of claims 1 to 6, wherein the blockchain all-in-one machine further comprises an encryption chip and a hardware root-of-trust key, and after the configuring the blockchain service component and before the configuring the audit business model, the method further comprises:
generating a unique digital identity aiming at the current block chain all-in-one machine through the encryption chip, and broadcasting an identity public key of the unique digital identity to other block chain nodes;
acquiring a private key of the hardware trust root key, and issuing a digital certificate to the identity public key based on the private key;
and under the condition that the identity public key is verified based on the data certificate, sending the same secret key to each node of the block chain.
8. An apparatus for data processing oriented to audit traffic, the apparatus comprising: the device comprises a judging module, an executing module and a chaining module;
the judging module is used for configuring an audit business model and judging whether the audit business model is executed by the intelligent contract chip or not according to the parameter number and the model calculation complexity of the audit business model;
the execution module is used for calling a preset trusted sandbox component to execute the audit business model to obtain data to be audited when the judgment result is that the audit business model is executed by the intelligent contract chip and privacy calculation is carried out on audit data of two parties; when more than two parties of audit data are subjected to privacy calculation, calling a preset multi-party calculation component to execute the audit service model to obtain the data to be audited;
and the uplink module is used for acquiring an operation instruction aiming at the data to be audited in the database to be audited through a preset built-in database, broadcasting the audit data operation acquired according to the operation instruction to other block chain link points for common identification by using a data forwarding network card, and then persisting the audit data operation to the block chain.
9. The data processing system for the audit service is applied to a block chain all-in-one machine, wherein the block chain all-in-one machine comprises a block chain service component, an intelligent contract chip, a trusted sandbox component, a multi-party computing component, a data forwarding network card and a built-in database, the system comprises a data trusted switching subsystem, and the data trusted switching subsystem comprises: the system comprises a data execution module, a multi-party calculation module, a data trusted sandbox module and a data trusted tracing module;
the data execution module is also used for configuring an audit business model and judging whether the audit business model is executed by the intelligent contract chip or not according to the parameter number and the model calculation complexity of the audit business model;
the data credible sandbox module is used for calling the credible sandbox component to execute the audit business model to obtain data to be audited when the judgment result is that the audit business model is executed by the intelligent contract chip and privacy calculation is carried out on audit data of two parties;
the multi-party calculation module is used for calling the multi-party calculation component to execute the audit service model to obtain the data to be audited when the judgment result is that the intelligent contract chip executes the audit service model and privacy calculation is carried out on more than two parties of audit data;
the data credibility tracing module is used for acquiring an operation instruction aiming at the data to be audited in the database to be audited through the built-in database, broadcasting the audit data operation acquired according to the operation instruction to other block chain link points for consensus through the data forwarding network card, and then persisting the audit data operation to the block chain.
10. The data processing system of claim 9, wherein the system further comprises a data wind control subsystem;
and the data wind control subsystem is used for verifying the data to be audited according to a wind control rule preset in the data processing system to obtain a verification result.
11. The data processing system of claim 9 or 10, wherein the system further comprises an operation and maintenance subsystem, the operation and maintenance subsystem comprising a data configuration module, a data display module, a business statistics module, and a system compatibility module;
the data configuration module is used for configuring the block chain service component; the block chain service component is used for enabling the block chain all-in-one machine and at least three other block chain all-in-one machines to form a block chain network;
the data display module is used for sending the linked data to the user terminal for display;
the service statistical module is used for acquiring an audit service type according to the data on the link;
and the system compatible module is used for connecting an external system to be audited and carrying out audit data interaction with the system to be audited.
12. An audit service oriented blockchain all-in-one machine, comprising: the system comprises a block chain service component, an intelligent contract chip, a trusted sandbox component, a multi-party computing component, a data forwarding network card and a built-in database;
the block chain service component is used for forming a block chain network by the current block chain all-in-one machine and at least three other block chain all-in-one machines;
the intelligent contract chip is used for executing the audit business model according to the parameter number and the model calculation complexity of the pre-configured audit business model;
the credible sandbox component is used for calling the credible sandbox component to execute the audit business model to obtain data to be audited when the intelligent contract chip executes the audit business model and carries out privacy calculation on audit data of two parties;
the multi-party computing component is used for calling the multi-party computing component to execute the audit business model to obtain the data to be audited when the intelligent contract chip executes the audit business model and carries out privacy computation on more than two parties of audit data;
and the data forwarding network card is used for acquiring an operation instruction aiming at the data to be audited in the database to be audited through the built-in database, broadcasting the audit data operation acquired according to the operation instruction to other block chain nodes for consensus and then persisting the audit data operation to the block chain.
13. An electronic device comprising a memory and a processor, wherein the memory has stored therein a computer program, and the processor is configured to execute the computer program to perform the auditing service oriented data processing method of any of claims 1-7.
14. A storage medium having stored thereon a computer program, wherein the computer program is arranged to execute the audit service oriented data processing method of any of claims 1 to 7 when executed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110279909.5A CN112667748B (en) | 2021-03-16 | 2021-03-16 | Block chain all-in-one machine facing audit service, data processing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110279909.5A CN112667748B (en) | 2021-03-16 | 2021-03-16 | Block chain all-in-one machine facing audit service, data processing method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112667748A true CN112667748A (en) | 2021-04-16 |
| CN112667748B CN112667748B (en) | 2021-07-13 |
Family
ID=75399497
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110279909.5A Active CN112667748B (en) | 2021-03-16 | 2021-03-16 | Block chain all-in-one machine facing audit service, data processing method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112667748B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20210344753A1 (en) * | 2020-07-08 | 2021-11-04 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for synchronizing data based on blockchain integrated station |
| US11336660B2 (en) | 2020-07-08 | 2022-05-17 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for identifying replay transaction based on blockchain integrated station |
| US11444783B2 (en) | 2020-07-08 | 2022-09-13 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for processing transactions based on blockchain integrated station |
| US11463553B2 (en) | 2020-07-08 | 2022-10-04 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for identifying to-be-filtered transaction based on blockchain integrated station |
| US11783339B2 (en) | 2020-07-08 | 2023-10-10 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for transferring transaction based on blockchain integrated station |
| CN117348999A (en) * | 2023-12-06 | 2024-01-05 | 之江实验室 | Service execution system and service execution method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108833514A (en) * | 2018-06-01 | 2018-11-16 | 众安信息技术服务有限公司 | Audit log processing method, device and Log Audit System based on block chain |
| CN108985936A (en) * | 2018-07-09 | 2018-12-11 | 北京中电普华信息技术有限公司 | A kind of auditing method and system based on intelligent contract |
| US20190305938A1 (en) * | 2018-03-30 | 2019-10-03 | Spyrus, Inc. | Threshold secret share authentication proof and secure blockchain voting with hardware security modules |
| US20190363938A1 (en) * | 2018-05-24 | 2019-11-28 | International Business Machines Corporation | System and method for network infrastructure analysis and convergence |
-
2021
- 2021-03-16 CN CN202110279909.5A patent/CN112667748B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190305938A1 (en) * | 2018-03-30 | 2019-10-03 | Spyrus, Inc. | Threshold secret share authentication proof and secure blockchain voting with hardware security modules |
| US20190363938A1 (en) * | 2018-05-24 | 2019-11-28 | International Business Machines Corporation | System and method for network infrastructure analysis and convergence |
| CN108833514A (en) * | 2018-06-01 | 2018-11-16 | 众安信息技术服务有限公司 | Audit log processing method, device and Log Audit System based on block chain |
| CN108985936A (en) * | 2018-07-09 | 2018-12-11 | 北京中电普华信息技术有限公司 | A kind of auditing method and system based on intelligent contract |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20210344753A1 (en) * | 2020-07-08 | 2021-11-04 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for synchronizing data based on blockchain integrated station |
| US11336660B2 (en) | 2020-07-08 | 2022-05-17 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for identifying replay transaction based on blockchain integrated station |
| US11444783B2 (en) | 2020-07-08 | 2022-09-13 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for processing transactions based on blockchain integrated station |
| US11463553B2 (en) | 2020-07-08 | 2022-10-04 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for identifying to-be-filtered transaction based on blockchain integrated station |
| US11665234B2 (en) * | 2020-07-08 | 2023-05-30 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for synchronizing data based on blockchain integrated station |
| US11783339B2 (en) | 2020-07-08 | 2023-10-10 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for transferring transaction based on blockchain integrated station |
| CN117348999A (en) * | 2023-12-06 | 2024-01-05 | 之江实验室 | Service execution system and service execution method |
| CN117348999B (en) * | 2023-12-06 | 2024-02-23 | 之江实验室 | Service execution system and service execution method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112667748B (en) | 2021-07-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112667748B (en) | Block chain all-in-one machine facing audit service, data processing method and device | |
| CN109525671B (en) | Block chain-based data storage method, electronic device and storage medium | |
| US11694110B2 (en) | Aggregated machine learning verification for database | |
| CN110597832A (en) | Government affair information processing method and device based on block chain network, electronic equipment and storage medium | |
| US11387979B2 (en) | Partially-ordered blockchain | |
| CN110569658B (en) | User information processing method and device based on blockchain network, electronic equipment and storage medium | |
| US11368285B2 (en) | Efficient threshold storage of data object | |
| CN110598434B (en) | House information processing method and device based on blockchain network, electronic equipment and storage medium | |
| US11354198B2 (en) | Snapshot for world state recovery | |
| US20210029163A1 (en) | Security layer for configuring blockchain | |
| US11489663B2 (en) | Correlation-based hash tree verification | |
| CN112053274B (en) | Construction guide method and device for government block chain network | |
| US11269863B2 (en) | Index structure for blockchain ledger | |
| US10956204B1 (en) | Free-riding node identification for blockchain | |
| US11050822B2 (en) | Secure data dissemination | |
| US11475365B2 (en) | Verification of stochastic gradient descent | |
| KR20230005353A (en) | Sanctioned Events in a Decentralized Database | |
| CN112231755A (en) | Data authorization method, device and system based on block chain | |
| US11847234B2 (en) | Verifiable training of model in untrusted environment | |
| US20210279284A1 (en) | Behavior driven graph expansion | |
| US20210250180A1 (en) | Entity certification management | |
| CN116684160A (en) | Public service litigation data security sharing and privacy protecting method and system | |
| WO2022116753A1 (en) | Automated merge of dlt networks | |
| US11563558B2 (en) | Behavior driven graph expansion | |
| US20210232539A1 (en) | Document storage and verification |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Yin Keting Inventor after: Tang Quan Inventor after: Zhang Dehui Inventor after: Ma Zhenjun Inventor after: Chen Hejun Inventor before: Zhang Dehui Inventor before: Ma Zhenjun Inventor before: Tang Quan Inventor before: Chen Hejun Inventor before: Yin Keting |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |