CN113569279A

CN113569279A - Data processing method, device, equipment, medium and computer program product

Info

Publication number: CN113569279A
Application number: CN202110764759.7A
Authority: CN
Inventors: 张育明; 潘海清; 陈鹏; 陈力帆; 梁政锋; 黄凯峰
Original assignee: China Merchants Bank Co Ltd
Current assignee: China Merchants Bank Co Ltd
Priority date: 2021-07-06
Filing date: 2021-07-06
Publication date: 2021-10-29
Anticipated expiration: 2041-07-06
Also published as: CN113569279B

Abstract

The application discloses a data processing method, a device, equipment, a medium and a computer program product, wherein the data processing method comprises the following steps: if a service request is received, analyzing a target sub-chain identifier in the service request; determining a target sub-chain corresponding to the service request according to the target sub-chain identifier; and identifying an access operation in the service request, and routing the access operation to the target sub-chain. According to the method and the device, the access operation of the service request is routed to the corresponding target sub-chain according to the target sub-chain identifier in the service request, and the information in the target sub-chain cannot be checked by the parent chain common node, so that service isolation between the parent chain and the target sub-chain is realized, and the privacy isolation effect when a user applies the block chain is effectively improved.

Description

Data processing method, device, equipment, medium and computer program product

Technical Field

The present application relates to the field of block chain technologies, and in particular, to a data processing method, apparatus, device, medium, and computer program product.

Background

The blockchain is a term in the field of information technology, and has the characteristics of being unforgeable, completely traceable, publicly transparent, and collectively maintained. At present, factors such as single machine resources, network bandwidth, distributed consensus consumption and the like are limited, and a single blockchain has a problem in privacy protection because accounts on the same blockchain are readable for all nodes. Currently, in order to solve the service isolation privacy appeal, a brooain multi-chain enterprise-level permission chain architecture is proposed. However, in this way, transactions are uniformly handed to the consensus node, and the consensus node allocates transactions of different partitions to different processes to be executed in parallel, so that the business ledger isolation only aims at the witness node, and the consensus node can still check all ledger data, resulting in a poor privacy isolation effect of the current user when the block chain is applied.

Disclosure of Invention

The present application mainly aims to provide a data processing method, apparatus, device, medium, and computer program product, and aims to solve the technical problem of poor privacy isolation effect when a user applies a block chain.

In order to achieve the above object, an embodiment of the present application provides a data processing method, where the data processing method includes:

if a service request is received, analyzing a target sub-chain identifier in the service request;

determining a target sub-chain corresponding to the service request according to the target sub-chain identifier;

and identifying an access operation in the service request, and routing the access operation to the target sub-chain.

Preferably, the data processing method further includes:

receiving a registration request, and acquiring sub-chain attribute information in the registration request;

registering the sub-chain in a parent chain corresponding to the registration request according to the sub-chain attribute information;

and outputting the sub-chain identifier of the sub-chain to perform sub-chain positioning based on the sub-chain identifier.

Preferably, the step of registering the child chain in the parent chain corresponding to the registration request according to the child chain attribute information includes:

extracting a network node list, a public key list of a verifier, a consensus algorithm and a network type in the sub-chain attribute information;

and registering a sub-chain in the parent chain according to the network node list, the public key list of the verifier, the consensus algorithm and the network type.

Preferably, after the step of registering the child chain in the parent chain corresponding to the registration request according to the child chain attribute information, the method further includes:

and activating the sub-chain to route the access operation of the service request to the sub-chain when the service request is received.

Preferably, the step of determining the target sub-chain corresponding to the service request according to the target sub-chain identifier includes:

matching the target sub-chain identification with the sub-chain identification of each sub-chain;

and determining the sub chain in each sub chain, of which the sub chain identification is matched with the target sub chain identification, as a target sub chain.

Preferably, the access operation includes one or more of application deployment, application invocation, account authorization, and child chain monitoring, and the step of routing the access operation to the target child chain includes:

if the access operation is application deployment, addressing and positioning to the target sub-chain through a sub-chain routing function, and implementing application contract deployment operation in the target sub-chain;

if the access operation is application calling, addressing and positioning to the target sub-chain through a sub-chain routing function, and implementing application contract calling operation in the target sub-chain;

if the access operation is account authorization, authorizing access to an account corresponding to the service request through an application sub-chain administrator;

and if the access operation is subchain monitoring, monitoring the network running condition of the target subchain, and monitoring the consistency of the evidence storage data of the parent chain and the subchain block header information and signature.

To achieve the above object, the present application also provides a data processing apparatus, including:

the analysis module is used for analyzing the target sub-chain identifier in the service request if the service request is received;

the determining module is used for determining a target sub-chain corresponding to the service request according to the target sub-chain identifier;

and the routing module is used for identifying the access operation in the service request and routing the access operation to the target sub-chain.

Further, to achieve the above object, the present application also provides a data processing device, which includes a memory, a processor, and a data processing program stored on the memory and operable on the processor, and when executed by the processor, the data processing program implements the steps of the above data processing method.

Further, to achieve the above object, the present application also provides a medium, which is a computer readable storage medium, on which a data processing program is stored, and the data processing program, when executed by a processor, implements the steps of the data processing method described above.

Further, to achieve the above object, the present application also provides a computer program product comprising a computer program, which when executed by a processor, implements the steps of the above data processing method.

An embodiment of the application provides a data processing method, a device, equipment, a medium and a computer program product, wherein the data processing method comprises the following steps: if a service request is received, analyzing a target sub-chain identifier in the service request; determining a target sub-chain corresponding to the service request according to the target sub-chain identifier; and identifying an access operation in the service request, and routing the access operation to the target sub-chain. According to the method and the device, the access operation of the service request is routed to the corresponding target sub-chain according to the target sub-chain identifier in the service request, and the information in the target sub-chain cannot be checked by the parent chain common node, so that service isolation between the parent chain and the target sub-chain is realized, and the privacy isolation effect when a user applies the block chain is effectively improved.

Drawings

FIG. 1 is a schematic structural diagram of a hardware operating environment according to an embodiment of a data processing method of the present application;

FIG. 2 is a schematic flow chart diagram illustrating a first embodiment of a data processing method according to the present application;

FIG. 3 is a schematic diagram of an open license chain system based on a parent-child chain architecture according to the present application;

FIG. 4 is a schematic flow chart diagram illustrating a second embodiment of the data processing method of the present application;

fig. 5 is a first schematic diagram of routing an access operation in the service request to the target child chain in the third embodiment of the present application;

fig. 6 is a second schematic diagram illustrating routing an access operation in the service request to the target child chain according to a third embodiment of the present application;

fig. 7 is a third schematic diagram illustrating routing an access operation in the service request to the target child chain according to a third embodiment of the present application;

fig. 8 is a fourth schematic diagram illustrating routing an access operation in the service request to the target child chain according to the third embodiment of the present application;

FIG. 9 is a functional block diagram of a data processing apparatus according to a preferred embodiment of the present application.

The implementation, functional features and advantages of the objectives of the present application will be further explained with reference to the accompanying drawings.

Detailed Description

It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.

As shown in fig. 1, fig. 1 is a schematic structural diagram of a data processing device in a hardware operating environment according to an embodiment of the present application.

In the following description, suffixes such as "module", "component", or "unit" used to denote elements are used only for the convenience of description of the present application, and have no specific meaning by themselves. Thus, "module", "component" or "unit" may be used mixedly.

The data processing device in the embodiment of the application can be a PC, and can also be a mobile terminal device such as a tablet computer and a portable computer.

As shown in fig. 1, the data processing apparatus may include: a processor 1001, such as a CPU, a network interface 1004, a user interface 1003, a memory 1005, a communication bus 1002. Wherein a communication bus 1002 is used to enable connective communication between these components. The user interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 1005 may be a high-speed RAM memory or a non-volatile memory (e.g., a magnetic disk memory). The memory 1005 may alternatively be a storage device separate from the processor 1001.

Those skilled in the art will appreciate that the data processing device architecture shown in FIG. 1 does not constitute a limitation of the data processing device and may include more or fewer components than shown, or some components may be combined, or a different arrangement of components.

As shown in fig. 1, a memory 1005, which is a storage medium, may include therein an operating system, a network communication module, a user interface module, and a data processing program.

In the device shown in fig. 1, the network interface 1004 is mainly used for connecting to a backend server and performing data communication with the backend server; the user interface 1003 is mainly used for connecting a client (user side) and performing data communication with the client; and the processor 1001 may be configured to call a data processing program stored in the memory 1005 and perform the following operations:

Further, the data processing method further comprises:

Further, the step of registering the child chain in the parent chain corresponding to the registration request according to the child chain attribute information includes:

Further, after the step of registering the child chain in the parent chain corresponding to the registration request according to the child chain attribute information, the processor 1001 may be configured to call a data processing program stored in the memory 1005, and perform the following operations:

Further, the step of determining the target sub-chain corresponding to the service request according to the target sub-chain identifier includes:

Further, the access operation includes one or more of application deployment, application invocation, account authorization, and child chain monitoring, and the step of routing the access operation to the target child chain includes:

For a better understanding of the above technical solutions, exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.

In order to better understand the technical solution, the technical solution will be described in detail with reference to the drawings and the specific embodiments.

Referring to fig. 2, a first embodiment of the present application provides a flowchart of a data processing method. In this embodiment, the data processing method includes the steps of:

step S10, if a service request is received, analyzing a target sub-chain identifier in the service request;

at present, due to the factors of single machine resource, network bandwidth, distributed consensus consumption and the like, a single block chain has a performance bottleneck and cannot support increasingly higher uplink demands of more and more applications; in addition, the account book on the same blockchain is readable for all nodes, and the privacy protection scheme also has problems. In order to solve single-chain performance bottleneck and service isolation privacy requirements, medium-currency credit card industry development limited companies propose a Brochain multi-chain enterprise-level permission chain architecture, and adopt a combination of 'main account book-partition account book', namely, each partition account book generates respective page data firstly, and then submits page data hash (hash function, also called hash function) to the main account book, and after the main account book collects the page data hash of all partition account books, final block data is generated. After the hierarchical data structure formed by the tree and the linked list together is adopted, the characteristic that data in the block chain cannot be tampered can still be guaranteed, once data of any partition account book is illegally modified, the hash of the page data of the modified partition account book is inconsistent, and finally the hash of the block data where the page is located is inconsistent, so that all the partition account books cannot be tampered as long as the main account book is owned. However, rather than handing transactions to different nodes for processing, the transaction is handed to a consensus node, which assigns transactions from different partitions to different processes for parallel execution. Therefore, the transaction on the blockchain is uniformly verified and recorded in the account book by the consensus node and then distributed to the witness node for witness, so that the business account book is isolated only for the witness node, and the consensus node can still check all account book data, and the scheme comprises the following steps: 1. the consensus node can check all account book data, and the business account book isolation only aims at the witness nodes; 2. the performance bottleneck depends on the consensus node, and the resource limitation of a single server cannot be eliminated; 3. the application of the main account book cannot be migrated to the partition account book and other problems, so that the privacy isolation effect of the current user is poor when the block chain is applied. On the basis, the data processing method is provided, the access operation of the service request is routed to the corresponding target sub-chain according to the target sub-chain identifier in the service request, and the information in the target sub-chain cannot be checked by the parent chain common identification node, so that service isolation between the parent chain and the target sub-chain is realized, and the privacy isolation effect when the user applies the block chain is effectively improved.

The data processing method in this embodiment is applied to an open grant link system based on a parent-child chain architecture, referring to fig. 3, fig. 3 is a schematic diagram of the open grant link system based on the parent-child chain architecture in this embodiment, the open grant link system based on the parent-child chain architecture is composed of three layers, namely, a base layer, an application layer, and a user layer, where the base layer includes function modules such as child chain creation, child chain activation, child chain update, child chain closing, child chain routing, and child chain monitoring, the application layer includes function modules such as application deployment, application invocation, and application migration, and the user layer includes function modules such as user registration, account generation, and account authorization. Furthermore, the sub-chain creation function module is used for creating the sub-chain, the sub-chain activation function module is used for activating the sub-chain, the sub-chain update function module is used for updating information of the sub-chain, the sub-chain closing function module is used for closing the sub-chain, the sub-chain routing function module is used for achieving routing of access of the sub-chain, and the sub-chain monitoring function module is mainly used for monitoring the network operation condition of the sub-chain. The application deployment function module is used for addressing and positioning to a specific sub-chain through the sub-chain routing module, implementing application contract deployment operation and realizing deployment operation experience of one chain; the application calling function module is used for addressing and positioning to a specific sub-chain through the sub-chain routing function module, implementing application contract calling operation and realizing calling operation experience of one chain; and the application migration function module is used for forking and migrating the corresponding child chain from the parent chain. The user registration function module is used for registering information for a user, the account generation function module is used for generating an account number for the user, and the account authorization module is used for authorizing access to the account through an application sub-chain administrator. It is to be understood that, for convenience of description, the open license chain system based on the parent chain architecture will be referred to as a system in the following.

On one hand, a user can register the user with the account generation function module through the user registration function module and the account generation function module of the user layer to generate an account, wherein the generated account has the access right of the mother chain as a default, and one user can use a plurality of sub-chains and also can generate a plurality of accounts. After the user registration is completed and the account generation is completed, the user can log in the account, wherein the account has an access right to the mother chain. Further, based on the service requirement, the user inputs the access operation to be performed and information such as an Identity (unique code) identifier of the sub-chain to be accessed in the system, wherein the sub-chain unique ID identifier is used as the target sub-chain identifier. The system combines the information input by the user with the account information to carry out information coding so as to form a service request. The access operation may include one or more of application deployment, application invocation, account authorization, child chain monitoring, and the like. And then the service request is sent to the basic layer based on the interactive relation between the user layer and the basic layer, so that the target sub-chain needing to be accessed is determined in the basic layer according to the service request, and the access operation in the service request is routed to the target sub-chain.

On the other hand, after receiving a service request sent by a user to the base layer based on the user layer, the system parses the service request, specifically, may decode the information of the service request through a preset decoder, and obtain a target sub-chain identifier input by the user from the service request, where the target sub-chain identifier is used to point to a unique sub-chain in each sub-chain of the block chain. And the access request corresponding to the service request is routed to the target sub-chain.

Step S20, determining a target sub-chain corresponding to the service request according to the target sub-chain identifier;

after the target sub-chain identifier in the service request is obtained through analysis, the system performs identifier matching in each sub-chain of the block chain system through the target sub-chain identifier. After matching is completed, a target sub-chain corresponding to the service request is determined from the sub-chains of the block chain system, so that access operation corresponding to the service request is routed to the target sub-chain in a subsequent process.

step S21, matching the target sub-chain identification with the sub-chain identification of each sub-chain;

step S22, determining a sub chain in each of the sub chains, where the sub chain identifier matches the target sub chain identifier, as a target sub chain.

After the target sub-chain identifier in the service request is obtained through analysis, the system matches the target sub-chain identifier with the sub-chain identifiers of the plurality of sub-chains which are registered and activated to operate, and determines whether the sub-chain with the sub-chain identifier matched with the target sub-chain identifier exists in each sub-chain. And if the sub-chain with the sub-chain identifier matched with the target sub-chain identifier exists in each sub-chain determined by matching, determining the sub-chain as the target sub-chain corresponding to the service request, so that the access operation corresponding to the service request is routed to the target sub-chain in the subsequent process.

Step S30, identifying an access operation in the service request, and routing the access operation to the target child chain.

After determining the target sub-chain, the system identifies an access operation in the service request from information obtained by analyzing the service request, where the access operation may include application deployment, application invocation, account authorization, sub-chain monitoring, and the like in this embodiment, wherein the application deployment is to deploy an application on the sub-chain, the application invocation is to invoke the application in the sub-chain, the account authorization is used to perform authorization audit on an account which needs to access the sub-chain, the sub-chain monitoring is used to monitor the network operation status of the sub-chain, meanwhile, the consistency of the master chain certificate storage data and the block head hash and signature of the target sub-chain area is monitored, by monitoring the consistency of the certificate storing data of the master chain and the hash and signature of the block head of the target sub-chain area, any tampering of the account book of the target sub-chain can be found and the sub-chain dishonest alarm is triggered, so that the whole open permission chain based on the parent sub-chain framework is credible.

The present embodiment provides a data processing method, an apparatus, a device, a medium, and a computer program product, where the data processing method includes: if a service request is received, analyzing a target sub-chain identifier in the service request; determining a target sub-chain corresponding to the service request according to the target sub-chain identifier; and identifying an access operation in the service request, and routing the access operation to the target sub-chain. According to the method and the device, the access operation of the service request is routed to the corresponding target sub-chain according to the target sub-chain identifier in the service request, and the information in the target sub-chain cannot be checked by the parent chain common node, so that service isolation between the parent chain and the target sub-chain is realized, and the privacy isolation effect when a user applies the block chain is effectively improved.

Further, referring to fig. 4, a second embodiment of the data processing method of the present application is proposed based on the first embodiment of the data processing method of the present application, and in the second embodiment, the data processing method further includes:

step S40, receiving a registration request, and acquiring the sub-chain attribute information in the registration request;

step S50, registering the sub-chain in the parent chain corresponding to the registration request according to the sub-chain attribute information;

and step S60, outputting the sub chain identifier of the sub chain to perform sub chain positioning based on the sub chain identifier.

It can be understood that, when the user has a registration requirement, one or more sub-chains may be registered in the system according to an actual requirement, so as to perform access operations such as application deployment, application invocation, account authorization, sub-chain monitoring, and the like on the sub-chains in the following. When a user registers a sub-chain, the user can input sub-chain attribute information and account information such as a network node list of the sub-chain, a public key list of a verifier, a consensus algorithm, a bottom network type and the like into the system, the user layer of the system performs information coding on the basis of the sub-chain attribute information and the account information input by the user to form a registration request, and the registration request is sent to the base layer on the basis of an interactive relation between the user layer and the base layer so that the system can register the sub-chain in a corresponding parent chain according to the registration request in the base layer. The sub-chains and the corresponding parent chains may adopt the same underlying network type, or may adopt different underlying network types, for example, the parent chain adopts a citia (container Inter-entity Trust Automation), the sub-chains may adopt Fabric/citia, the citia is a block chain frame supporting an intelligent contract facing enterprise-level application, the Fabric is a network topology, in which all nodes are interconnected with all other nodes, and is generally described as a matrix similar to a woven square, and is therefore referred to as a "structure".

It can be understood that the sub-chain corresponding to the sub-chain attribute information may be a sub-chain newly created by creating a corresponding unit through the sub-chain, or may be an application sub-chain obtained by performing application migration from a parent chain. Specifically, the formation process of the application subchain may be: the system copies the copy of the master chain in a packing or synchronous node branching mode, and the master chain normally operates at the moment; then, replacing the management node key and the verifier key of the copy of the mother chain with a new key system; and finally, restarting the copy of the parent chain, namely completing the migration of the application from the parent chain to the single chain, and migrating the application to the private application sub-chain of the parent chain according to a sub-chain creation flow of a base layer, so that the management of the sub-chain is completely responsible for the sub-chain, and the parent chain is only responsible for monitoring and endorsement of the non-tampering property of the sub-chain. The application is migrated from the parent chain to the child chain in a bifurcation mode, so that the usability of historical data can be ensured, and a user can select a private account book according to business flow because the application of the parent chain can be migrated to the child chain as required.

It can also be understood that the sub-chain corresponding to the sub-chain attribute information may also be an existing sub-chain, for example, a sub-chain created by another account, that is, the user may request to perform a business operation in another sub-chain created by another person, for example, to deposit evidence to the sub-chain of another person or to obtain evidence from the sub-chain of another person. However, since the account used by the user to send the service request does not have access rights to other sub-chains, the account authorization function module is required to authorize the account to access through the application sub-chain administrator, and after the account is authorized, the system can perform corresponding service operations in other sub-chains.

Further, when the system receives the registration request through the base layer, the registration request is analyzed first, and specifically, the information of the registration request may be decoded, so as to obtain the sub-chain attribute information in the registration request. After acquiring the sub-chain attribute information, the system registers the sub-chain according to the acquired sub-chain attribute information and the parent chain corresponding to the registration request, and generates an initial sub-chain. Further, the system performs trusted certificate storage policy configuration on the generated initial child chain in the base layer, specifically, obtains a pre-configured trusted certificate storage policy (such as selectable block head/hour/day/month), and uploads a child chain block head hash or a block head packing hash of a certain period (such as hour/day/month) and the trusted certificate storage policy to the corresponding parent chain certificate according to the trusted certificate storage policy, and the process is implemented by a trusted certificate storage program, where the child chain needs to grant the program access right to the block head. The specific implementation process is as follows: the program reads the signatures of the block head and the verifier from the sub-chain according to the credible evidence storing strategy, simultaneously reads a verifier public key list registered in advance from the mother chain, and stores the block hash into the mother chain sub-chain management special contract after verifying that the verifier public key list is consistent and the signature is correct, and registers the sub-chain in the mother chain, namely completing the creation of the sub-chain.

Further, the system generates a sub-chain unique ID identifier (i.e., a sub-chain identifier) after the registration of the sub-chain is completed, and outputs the generated sub-chain identifier from the base layer to the user layer, so that the user can acquire the sub-chain identifier of the registered sub-chain, and the user can rapidly locate the corresponding sub-chain based on the sub-chain identifier when the user subsequently needs to access the sub-chain, thereby improving the efficiency of data processing.

step S51, extracting a network node list, a public key list of a verifier, a consensus algorithm and a network type in the sub-chain attribute information;

and step S52, registering a sub-chain in the parent chain according to the network node list, the public key list of the verifier, the consensus algorithm and the network type.

After acquiring sub-chain attribute information such as a network node list of a sub-chain, a public key list of a verifier, a consensus algorithm, a network type and the like, the system registers the sub-chain in a parent chain, and specifically, provides the child chain with the sub-chain attribute information such as the network node list of the sub-chain, the public key list of the verifier, the consensus algorithm, the network type and the like, so that the parent chain can configure the sub-chain according to the sub-chain attribute information, wherein the network type of the sub-chain can be CITA/Fabric; and after the parent chain completes the configuration of the child chain according to the information of the network node list of the child chain, the public key list of the verifier, the consensus algorithm, the network type and the like, obtaining an initial child chain, and after the initial child chain is configured with a credible evidence storage strategy, completing the creation of the child chain.

Further, after the step of registering the child chain in the parent chain corresponding to the registration request according to the child chain attribute information, the method further includes:

step S100, activating the sub-chain to the sub-chain, so as to route the access operation of the service request to the sub-chain when receiving the service request.

It can be understood that, after the sub-chain is registered in the parent chain, because the sub-chain just created is in an unavailable state at this time, the system needs to activate the target sub-chain to open the sub-chain for operation, and simultaneously, a trusted evidence storing program is started to check the block header of the sub-chain and perform trusted evidence storing in the parent chain. After the creation and activation of the sub-chain are completed, when a user has an access requirement, the user can conveniently perform access operations such as application deployment, application calling, account authorization, sub-chain monitoring and the like on the sub-chain.

According to the embodiment, the sub-chain is registered in the master chain corresponding to the service request according to the service or service requirement of the user, so that the isolation of the private account book is realized, and the security of the private data of the user is improved.

Further, based on the first embodiment of the data processing method of the present application, a third embodiment of the data processing method of the present application is provided, in which the step of routing the access operation in the service request to the target child chain includes:

step A, if the access operation is application deployment, addressing and positioning to the target sub-chain through a sub-chain routing function, and implementing application contract deployment operation in the target sub-chain;

since the access operation of the user to the sub-chain in this embodiment may include one or more of multiple operations such as application deployment, application invocation, account authorization, sub-chain monitoring, and the like, when the system routes the access operation included in the service request to the target sub-chain obtained through registration and activation, the system needs to identify an operation type included in the access operation, and route each operation type included in the access operation to the target sub-chain, so as to implement various functions of the access operation. Specifically, referring to fig. 5, fig. 5 is a first schematic diagram of routing an access operation in the service request to the target sub-chain in the third embodiment of the present application, and if it is determined that the access operation includes application deployment through identification, the system grants a deployment permission of the target sub-chain to an application deployment function module, and then invokes a sub-chain routing function module in a base layer, and addresses and locates the target sub-chain through a sub-chain routing function of the sub-chain routing function module, and implements an application contract deployment operation in the target sub-chain, thereby implementing a deployment operation experience of one chain.

B, if the access operation is application calling, addressing and positioning to the target sub-chain through a sub-chain routing function, and implementing application contract calling operation in the target sub-chain;

further, referring to fig. 6, fig. 6 is a second schematic diagram of routing an access operation in the service request to the target sub-chain in the third embodiment of the present application, and if it is determined that the access operation includes an application call, the system first grants a contract call authority to an application call function module, so that the service system can directly perform the application contract call to the target sub-chain or perform the application contract call through a general application call service, specifically, the system addresses and locates the target sub-chain through a sub-chain routing function and performs the application contract call operation in the target sub-chain, thereby implementing a call operation experience of one chain.

Step C, if the access operation is account authorization, authorizing access to an account corresponding to the service request through an application sub-chain administrator;

further, referring to fig. 7, fig. 7 is a third schematic diagram of routing an access operation in the service request to the target sub-chain in the third embodiment of the present application, and if it is determined that the access operation includes account authorization, it indicates that a user needs to perform an access operation in an existing sub-chain of another person, and therefore needs to access the sub-chain of another person, and since the account does not have access authority to the sub-chain, the system authorizes the account to perform an access through the application sub-chain administrator, so as to perform a corresponding access operation in the sub-chain after being authorized.

And D, if the access operation is subchain monitoring, monitoring the network running condition of the target subchain, and monitoring the consistency of the certificate storage data of the master chain and the subchain block header information and signature.

Further, referring to fig. 8, fig. 8 is a fourth schematic diagram illustrating that an access operation in the service request is routed to the target sub-chain in the third embodiment of the present application, and if it is determined that the access operation includes sub-chain monitoring, the system monitors a network operating condition of the created target sub-chain, and simultaneously monitors consistency of the master chain deposit certificate data with the block head hash and the signature of the target sub-chain region, and monitors consistency of the master chain deposit certificate data with the block head hash and the signature of the target sub-chain region, so that any tampering of the account book of the target sub-chain can be found and a sub-chain dishonest alarm is triggered, thereby ensuring that the entire open permit chain based on the master sub-chain architecture is trusted.

In the embodiment, each operation type included in the access operation is respectively routed to the target child chain, so that unified management of deployment, account authorization and operation docking of a plurality of child chain contracts is realized through child chain routing, and the reliability of the whole open permission chain based on the parent child chain architecture can be improved.

It can be understood that after the sub-chain registration and activation are completed, or the access operation is routed to the target sub-chain, the system may further update the sub-chain or the target sub-chain according to a request of the user, specifically, update information such as a node list of the sub-chain or the target sub-chain and a verifier public key, and specifically, complete the sub-chain update through the sub-chain update function module.

It can also be understood that after the sub-chain registration and activation are completed, or the access operation is routed to the target sub-chain, the system may close the sub-chain or the target sub-chain according to a request of a user, specifically, when the sub-chain or the target sub-chain exits, a sub-chain closing function module is needed, a parent chain "closes" the state of the sub-chain or the target sub-chain, and stops the trusted deposit of the trusted deposit program, and at this time, the sub-chain routing function module may not find the sub-chain or the target sub-chain (it is located that the sub-chain or the target sub-chain is closed).

Further, when the performance of a single physical chain cannot meet the same service requirement, a plurality of sub-chains can be established by adopting the idea of 'database partitioning and table partitioning', and historical data (more than five years) and active data (nearly five years) are distributed, so that the service requirement is met.

Further, the application also provides a data processing device.

Referring to fig. 9, fig. 9 is a functional block diagram of a data processing apparatus according to a first embodiment of the present application.

The data processing apparatus includes:

the analysis module 10 is configured to, if a service request is received, analyze a target sub-chain identifier in the service request;

a determining module 20, configured to determine, according to the target sub-chain identifier, a target sub-chain corresponding to the service request;

the routing module 30 is configured to identify an access operation in the service request, and route the access operation to the target sub-chain.

Further, the determining module 20 includes:

the matching unit is used for matching the target sub-chain identification with the sub-chain identification of each sub-chain;

and the determining unit is used for determining the sub-chain identifier in each sub-chain as the target sub-chain, wherein the sub-chain identifier is matched with the target sub-chain identifier.

Further, the routing module 30 includes:

a first routing unit, configured to, if the access operation is application deployment, address and locate the target child chain through a child chain routing function, and implement an application contract deployment operation in the target child chain;

the second routing unit is used for addressing and positioning the target sub-chain through a sub-chain routing function if the access operation is application calling, and implementing application contract calling operation in the target sub-chain;

a third routing unit, configured to authorize, by an application sub-chain administrator, access to an account corresponding to the service request if the access operation is account authorization;

and the fourth routing unit is used for monitoring the network running condition of the target sub-chain and monitoring the consistency of the certificate storage data of the parent chain and the information and the signature of the block head of the sub-chain if the access operation is sub-chain monitoring.

Further, the data processing apparatus further includes:

an obtaining module 40, configured to receive a registration request, and obtain sub-chain attribute information in the registration request;

a registration module 50, configured to register a child chain in a parent chain corresponding to the registration request according to the child chain attribute information;

an output module 60, configured to output the sub-chain identifier of the sub-chain, so as to perform sub-chain positioning based on the sub-chain identifier.

Further, the registration module 50 includes:

the extraction unit is used for extracting a network node list, a public key list of a verifier, a consensus algorithm and a network type from the subchain attribute information;

and the registering unit is used for registering the sub-chain in the parent chain according to the network node list, the public key list of the verifier, the consensus algorithm and the network type.

Further, the registration module 50 further includes:

and the activation unit is used for activating the sub-chain, so that the access operation of the service request is routed to the sub-chain when the service request is received.

Furthermore, the present application also provides a medium, preferably a computer readable storage medium, on which a data processing program is stored, which when executed by a processor implements the steps of the embodiments of the data processing method described above.

Furthermore, the present application also provides a computer program product comprising a computer program which, when being executed by a processor, realizes the steps of the embodiments of the data processing method described above.

In the embodiments of the data processing device, the computer-readable storage medium, and the computer program product of the present application, all technical features of the embodiments of the data processing method are included, and the descriptions and explanations of the embodiments are basically the same as those of the embodiments of the data processing method, and are not repeated herein.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.

Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present application or a part contributing to the prior art may be embodied in the form of a software product, where the computer software product is stored in a storage medium (e.g., a ROM/RAM, a magnetic disk, and an optical disk), and includes a plurality of instructions for enabling a terminal device (which may be a fixed terminal, such as an internet of things smart device including smart homes, such as a smart air conditioner, a smart lamp, a smart power supply, and a smart router, or a mobile terminal, including a smart phone, a wearable networked AR/VR device, a smart sound box, and a network device such as an auto-driven automobile) to execute the method according to the embodiments of the present application.

The above description is only a preferred embodiment of the present application, and not intended to limit the scope of the present application, and all modifications of equivalent structures and equivalent processes, which are made by the contents of the specification and the drawings of the present application, or which are directly or indirectly applied to other related technical fields, are included in the scope of the present application.

Claims

1. A data processing method, characterized in that the data processing method comprises:

2. The data processing method of claim 1, wherein the data processing method further comprises:

3. The data processing method of claim 2, wherein the step of registering the child chain in the parent chain corresponding to the registration request according to the child chain attribute information comprises:

4. The data processing method of claim 2, wherein after the step of registering the child chain in the parent chain corresponding to the registration request according to the child chain attribute information, the method further comprises:

5. The data processing method of claim 1, wherein the step of determining the target child chain corresponding to the service request according to the target child chain identifier comprises:

6. The data processing method of claim 1, wherein the access operation comprises one or more of application deployment, application invocation, account authorization, child chain monitoring, and the step of routing the access operation to the target child chain comprises:

7. A data processing apparatus, characterized in that the data processing apparatus comprises:

8. A data processing device, characterized in that the data processing device comprises a memory, a processor and a data processing program stored on the memory and executable on the processor, which data processing program, when executed by the processor, implements the steps of the data processing method according to any one of claims 1-6.

9. A medium, which is a computer-readable storage medium, characterized in that a data processing program is stored on the computer-readable storage medium, which when executed by a processor implements the steps of the data processing method according to any one of claims 1-6.

10. A computer program product comprising a computer program, characterized in that the computer program realizes the steps of the data processing method according to any one of claims 1-6 when executed by a processor.