CN113779607A - Industrial data asset management method, system and equipment - Google Patents
Industrial data asset management method, system and equipment Download PDFInfo
- Publication number
- CN113779607A CN113779607A CN202111088379.2A CN202111088379A CN113779607A CN 113779607 A CN113779607 A CN 113779607A CN 202111088379 A CN202111088379 A CN 202111088379A CN 113779607 A CN113779607 A CN 113779607A
- Authority
- CN
- China
- Prior art keywords
- data
- node
- uplink
- channel
- client node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000007726 management method Methods 0.000 title claims abstract description 42
- 238000000034 method Methods 0.000 claims abstract description 100
- 238000003860 storage Methods 0.000 claims abstract description 35
- 238000012163 sequencing technique Methods 0.000 claims abstract description 15
- 238000004519 manufacturing process Methods 0.000 claims description 18
- 230000015654 memory Effects 0.000 claims description 18
- 230000005540 biological transmission Effects 0.000 claims description 14
- 238000012423 maintenance Methods 0.000 claims description 12
- 238000012795 verification Methods 0.000 claims description 11
- 238000012827 research and development Methods 0.000 claims description 9
- 238000013461 design Methods 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 7
- 238000004806 packaging method and process Methods 0.000 claims description 5
- 238000012856 packing Methods 0.000 claims description 2
- 238000013475 authorization Methods 0.000 abstract description 3
- 238000012790 confirmation Methods 0.000 description 15
- 230000008520 organization Effects 0.000 description 14
- 238000010586 diagram Methods 0.000 description 7
- 230000008569 process Effects 0.000 description 7
- 238000013523 data management Methods 0.000 description 6
- 230000002159 abnormal effect Effects 0.000 description 5
- 238000006243 chemical reaction Methods 0.000 description 5
- 238000013500 data storage Methods 0.000 description 5
- 238000009776 industrial production Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 2
- 239000004744 fabric Substances 0.000 description 2
- 230000002427 irreversible effect Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000013524 data verification Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 238000012384 transportation and delivery Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an industrial data asset management method which is realized based on a block chain, wherein the block chain comprises a plurality of data channels, and different data channels are used for storing different types of information, and the method comprises the following steps: an endorsement node is used for endorsement of a to-be-uplink request sent by any client node; then, the endorsement result is sent to the client node, so that when the client node receives the endorsement result as authentication pass, the client node packs the data abstract and the storage path of the data to be chained according to the data category to generate packed data with a category label; then sending the packed data to a sorting node for carrying out packed data sorting and new block generation operation; broadcasting the new block to the nodes in the corresponding data channel through the sequencing nodes, saving the new block to an account book after the nodes on the channel achieve consensus, and generating an intelligent contract of the new block. The technical scheme provided by the invention solves the problems of safety and credibility of the authorization, sharing and transaction of the edge data of the industrial internet.
Description
Technical Field
The invention relates to the field of data assets, in particular to an industrial data asset management method, system and equipment.
Background
With the development of the industrial internet and 5G, the data volume is growing explosively, and the data assets become more and more important to the enterprise. The demand of industrial enterprises for cross-enterprise, cross-industry data sharing collaboration is rapidly increasing, and data can only release its potential value in the flow. However, at present, data right determination and transaction mechanisms are not established and perfected, and for the concerns of leakage of business secrets and privacy and lending of data assets, data transaction needs to be carried out between a data owner and a data demand party through endorsement of a third party institution, so that the transaction cost is increased and the efficiency is reduced; in addition, the traditional centralized data storage mode has the risk of data theft; meanwhile, various industry pain points such as insufficient trust of a transaction intermediary endorsement organization, source tracing difficulty caused by frequent right-of-delivery transaction and the like exist. The method seriously hinders the exertion of the efficiency of data assets and the efficient transfer and circulation sharing of values, the data sharing and circulation across enterprises and industries is difficult to develop, the promotion of data innovation application is hindered, the method also becomes the core pain point of the popularization and application of the current industrial internet platform, and the ownership, the reliable transaction and the transmission safety of the edge data of the industrial internet platform become problems which need to be solved urgently.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method, a system, and a device for managing industrial data assets, so as to solve the problems of security and credibility of the authorization, sharing, and transaction of industrial data assets.
According to a first aspect, a method for industrial data asset management is implemented on the basis of a blockchain, the blockchain comprising a plurality of data channels, the data channels being composed of a plurality of the nodes within the blockchain, different data channels being used for storing different categories of data, the method comprising: an endorsement node is used for endorsement of a to-be-uplink request sent by any client node; the endorsement result is sent to a client node through the endorsement node, so that when the client node receives the endorsement result that the endorsement result is authenticated, a data abstract and a storage path of the data to be chained are packaged according to the data category to generate packaged data with a category label; receiving the packed data sent by the client node, and sending the packed data to a sorting node for packed data sorting and new block generation operation; broadcasting the new block to the nodes in the corresponding data channel through the sequencing node, so that the new block is stored in an account book after the nodes on the channel achieve consensus, and an intelligent contract of the new block is generated.
Optionally, before the endorsement node performs endorsement on the to-be-uplink request sent by any client node, the method further includes: receiving a chain loading data ciphertext, a digital signature and an encryption key sent by a client node, wherein the chain loading data ciphertext is generated by encrypting data to be chain loaded by a symmetric key, the digital signature is generated by encrypting a data abstract of the data to be chain loaded by a first asymmetric encryption method, and the encryption key is generated by encrypting the symmetric key by a second asymmetric encryption method; sending the uplink data ciphertext, the digital signature and the encryption key to an endorsement node; decrypting the digital signature and the encrypted key by the endorsement node with a first asymmetric decryption method and a second asymmetric decryption method respectively to obtain the data digest and the symmetric key respectively; and decrypting the uplink data ciphertext by using the symmetric key to obtain the data to be uplink, and verifying the identity of the client node and the data to be uplink by using the data abstract.
Optionally, the data channel of the blockchain includes an account information channel for storing user account information, and the method further includes: receiving a registration request sent by a user through the client node and distributing a user ID; establishing a user private key corresponding to the user ID based on a first asymmetric encryption method, wherein the user private key is used for encryption during data transmission; and generating a digital certificate based on the user private key and the user ID; and returning the digital certificate to the client node, and simultaneously saving the user private key, the digital certificate and the user ID as account information into the account information channel.
Optionally, the client node is communicatively connected to an external industrial edge module, the industrial edge module is configured to classify data in a hierarchical manner, perform channel-divided uplink grant on a data digest of the data to be uplink-transmitted according to a uplink request of the client node, and for a ciphertext, a digital signature, and an encryption key of uplink data transmitted by the receiving client node, the method further includes: and receiving a uplink data ciphertext, a digital signature and an encryption key sent by the industrial edge module according to the uplink request of the client node.
Optionally, the endorsing, by the endorsement node, a request to be uplink sent by any client node, includes: receiving a uplink request sent by the client node, and receiving a digital signature, a uplink data ciphertext and an encryption key sent by the external industrial edge module, wherein the digital signature is generated by encrypting the data abstract by using a user private key based on a first asymmetric encryption method, the uplink data ciphertext is generated by encrypting the data to be uplink by using a symmetric key, and the encryption key is generated by encrypting the symmetric key by using a block chain CA public key based on a second asymmetric encryption method; decrypting the encrypted key by using a block chain CA private key based on a second asymmetric decryption method to obtain the symmetric key; decrypting the uplink data ciphertext by using the symmetric key to obtain the data to be uplink; calculating a second data abstract of the data to be uplink based on a preset abstract algorithm; acquiring a user public key corresponding to the user private key, and decrypting the digital signature by using the user public key based on a first asymmetric decryption method; if the decryption is successful, comparing the obtained data abstract with the second data abstract; and if the comparison result is consistent, generating an endorsement result that the to-be-cochain request authentication passes, and if the comparison result is inconsistent, generating an endorsement result that the to-be-cochain request authentication fails.
Optionally, the data channels of the block chain further include industrial data channels for storing different types of industrial data, and the generating of the packed data with the category label by packing the data digest of the data to be linked and the storage path according to the data category includes: judging the industrial data category to which the data to be uplink belongs, wherein the industrial data category comprises any multiple of research and development design, production and manufacture, operation management and operation and maintenance service; and packaging the data abstract of the data to be linked and the storage path and marking an industrial data channel corresponding to the industrial data type, wherein the industrial channel comprises a research and development channel, a production and manufacturing channel, an operation management channel and an operation and maintenance service channel.
Optionally, each data channel includes a preset master node and a preset slave node, and the broadcasting the new tile to the nodes in the corresponding data channel through the sorting node includes: and broadcasting the received new block to the master node in the data channel of the corresponding category so as to continuously broadcast the new block to the slave node of the channel through the master node.
According to a second aspect, an industrial data asset management method is implemented based on a blockchain, where the blockchain includes a plurality of data channels, different data channels are used for storing different types of data, and after a data summary is successfully converted into a new blockchain, the method includes: receiving a transaction request sent by any data demander through a client node, and verifying a user ID of the transaction request; when the user ID passes the verification, positioning a target data channel according to the data type of the required data in the transaction request; broadcasting the transaction request to all nodes in the target data channel so as to analyze the user ID of the data owner and the storage path of the original data through the nodes in the target data channel; and acquiring target data through the user ID of the data owner and the storage path of the original data, and sending the target data to the client node according to a transaction rule set by the intelligent contract.
Optionally, said sending said target data to said client node according to transaction rules set by a smart contract, comprising: when the transaction rule states that the original data cannot be sent in a plaintext mode, verifying the acquired original data based on a preset digest algorithm and an on-chain data digest, and sending a processing result generated based on the original data to the client node as the target data when the verification is passed; and when the transaction rule states that the original data can be sent in a clear text, verifying the acquired original data based on a preset digest algorithm and a data digest on the chain, and sending the original data serving as the target data to the client node when the verification is passed.
Optionally, the data channel further includes a transaction information channel for storing transaction information, and after the target data is sent to the client node according to the transaction rule set by the smart contract, the method further includes: generating transaction information and uploading the transaction information to a transaction information channel of the blockchain in the same manner as uploading the data summary to the blockchain in any of the optional embodiments of the first aspect.
According to a third aspect, an industrial data asset management device comprises:
a memory and a processor, the memory and the processor being communicatively coupled to each other, the memory having stored therein computer instructions, and the processor being configured to execute the computer instructions to perform the method of the first aspect, the second aspect, any one of the alternative embodiments of the first aspect, or any one of the alternative embodiments of the second aspect.
According to a fourth aspect, an embodiment of the present invention provides a computer-readable storage medium, wherein the computer-readable storage medium stores computer instructions for causing the computer to execute the method according to the first aspect, the second aspect, any one of the optional implementation manners of the first aspect, or any one of the optional implementation manners of the second aspect.
The technical scheme of the invention has the following advantages:
the embodiment of the invention provides a data asset management method. The method specifically comprises the following steps: the management of industrial edge data is realized on the basis of a block chain, the industrial data are classified and classified according to different data categories and potential influences on industrial production, data channels corresponding to the categories are arranged in the block chain, the permission of acquiring the data is flexibly set according to the data levels and privacy, the industrial data management capacity is improved, the system operation efficiency is improved, meanwhile, the privacy protection requirements of the data of different categories are met, the privacy information is protected from being easily revealed, and the risk is easier to control. When the uplink authority is confirmed, the endorsement node sends the endorsement result passing the authentication to the client node, the client node performs data packaging after receiving the endorsement result passing the authentication, then sends the packaged data to the sequencing node, the sequencing node sequences the data after receiving the packaged data, and generates a new block broadcast to nodes in a corresponding channel of the block chain, and the nodes form the uplink authority for commonly recognizing the completed data and generate an intelligent contract of the new block.
In addition, before endorsement of the endorsement node, the symmetric key and the uplink data abstract for encrypting the uplink data are simultaneously and asymmetrically encrypted through the first asymmetric encryption algorithm and the second asymmetric encryption algorithm, so that an uplink data ciphertext has triple guarantee in the transmission process, and the data uplink safety is improved. The invention classifies data according to classification guidelines (trial) of industrial data, classifies the data into a research and development design class, a production and manufacturing class, an operation management class and an operation and maintenance service class, and classifies each class of data into a first class, a second class and a third class according to potential influence on industrial production. And different types of data are stored in different types of channels of the block chain, the permission for acquiring the data is flexibly set according to the data level and privacy, the industrial data management capability is improved, the system operation efficiency is improved, the privacy protection requirements of different types of data are met, the privacy information is protected from being easily revealed, and the risk is easier to control.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a schematic illustration of the steps of a method of industrial data asset management according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a federation chain as an example of an industrial data asset management method according to an embodiment of the present invention;
FIG. 3 is a block diagram of an industrial data asset management method according to an embodiment of the present invention;
FIG. 4 is a schematic diagram illustrating the encryption and decryption steps of a method for industrial data asset management according to an embodiment of the present invention;
FIG. 5 is a schematic illustration of the steps of a method of industrial data asset management according to an embodiment of the present invention;
FIG. 6 is a block diagram of an industrial data asset management system according to an embodiment of the present invention;
FIG. 7 is a block diagram of an industrial data asset management system according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of an industrial data asset management apparatus according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The technical features mentioned in the different embodiments of the invention described below can be combined with each other as long as they do not conflict with each other.
Referring to fig. 1 and fig. 2, an industrial data asset management method provided in an embodiment of the present invention is implemented based on a blockchain, where the blockchain includes a plurality of data channels, each data channel is composed of a plurality of nodes in the blockchain, and different data channels are used for storing different types of information. Fabric is a sub-project of hyper-hedger, is a blockchain adopted by most large enterprises, and can construct a specific blockchain solution for a specific industry. The invention solves the problem of uplink authorization and transaction of industrial data based on a Fabric Enterprise-level alliance chain, wherein the alliance chain comprises a plurality of organizations, and each organization represents an independent enterprise in the embodiment of the invention. The method specifically comprises the following steps:
step S101: and an endorsement node is utilized to endorse the to-be-uplink request sent by any client node. Specifically, the endorsement authentication is performed on the to-be-cochain request through the endorsement node in the block nodes, the identities of all parties of the to-be-cochain data are confirmed, and the reliability of the cochain data is ensured. The bulk of the original data chaining can increase the burden of the whole block chain system, so that the data abstract and the storage path of the original data are subjected to the chaining, thereby not only ensuring the safety of data storage, transmission and sharing, but also reducing the load of the block chain system.
Step S102: and sending the endorsement result to the client node through the endorsement node, so that the client node packages the data abstract and the storage path of the data to be chained according to the data category to generate the packaged data with the category label when receiving that the endorsement result is that the authentication is passed. Specifically, the endorsement node performs endorsement authentication on the to-be-uplink request, and sends an authentication result to the client node after confirming that all the entities of the data and the data have no problem, and the client node starts to call the SDK to be in butt joint with the block chain after receiving the result of passing the authentication, sends the uplink request to the block chain system, and packages the data abstract of the to-be-uplink data and the storage path information together according to the type of the data.
Step S103: and receiving the packed data sent by the client node, and sending the packed data to a sequencing node to perform packed data sequencing and new block generation operation. Specifically, the sequencing node is responsible for receiving uplink requests sent by all client nodes in the network, sequencing the uplink requests according to the receiving time sequence of the client node requests, and generating a block. The new block is composed of a block head and a block body, as shown in fig. 3, the block structure diagram is composed by taking transaction information content as an example, and the block head comprises a version number, a parent block head hash value, a timestamp, a Merkle tree root value, a block size, difficulty and a random number; the block body can be divided into account information content, data owner data information content and transaction information content according to different channels.
Step S104: broadcasting the new block to the nodes in the corresponding data channel through the sequencing nodes, saving the new block to an account book after the nodes on the channel achieve consensus, and generating an intelligent contract of the new block. Specifically, after the new block is sorted by the sorting node, when the uplink of the new block is started, the new block is broadcasted to the master nodes of different organizations on the corresponding channel, and after the nodes on the channel achieve consensus, the new block is stored in the account book, so that the intelligent contract of the new block is generated. Among others, Smart contracts (Smart contracts) are a computer protocol in blockchains that aims to propagate, verify or execute contracts in an informative way. Smart contracts allow trusted transactions to be conducted without third parties, which transactions are traceable and irreversible. In the embodiment of the present invention, the content of the intelligent contract includes, but is not limited to: and presetting the validity period of data, wherein the appointed part of data only can output an operation result and does not send original data. The ledger is a database shared, replicated, and synchronized among members of a decentralized network (i.e., the blockchain system in this embodiment), and records transactions among the participants of the network in a distributed manner.
Specifically, in an embodiment, before the step S101, the industrial data asset management method provided in the embodiment of the present invention further includes the following steps:
step S105: and receiving a chain data ciphertext, a digital signature and an encryption key sent by the client node, wherein the chain data ciphertext is generated by encrypting the data to be chain linked through a symmetric key, the digital signature is generated by encrypting the data abstract of the data to be chain linked through a first asymmetric encryption method, and the encryption key is generated by encrypting the symmetric key through a second asymmetric encryption method.
Step S106: and sending the uplink data ciphertext, the digital signature and the encryption key to the endorsement node.
Step S107: decrypting the digital signature and the encryption key respectively by using the endorsement node through a first asymmetric decryption method and a second asymmetric decryption method to respectively obtain a data digest and a symmetric key; and decrypting the uplink data ciphertext by using the symmetric key to obtain the data to be uplink, and verifying the identity of the client node and the original data by using the data abstract to verify whether the digital signatures of all parties of the data are correct and the authenticity of the data.
Specifically, the correctness of the identity of the data owner and the integrity of the data are the basis of data security and credible transaction, so that the security transmission of the data is crucial, and hackers often attack the link, so that a security transmission method is provided to improve the difficulty of the hackers in intercepting the data and ensure the data security to the greatest extent in the endorsement process. In the embodiment of the invention, firstly, a client node adopts a symmetric key to symmetrically encrypt data to be uplink (namely original data) to obtain an uplink data ciphertext, then, the symmetric key is encrypted by using a second asymmetric encryption method to generate an encryption key, and then, data abstract of the data to be uplink is asymmetrically encrypted to obtain a digital signature. And then the client node sends the three encrypted information to a block chain system, the block chain system sends the encrypted information to an endorsement node after receiving the sent three-channel encrypted information, the endorsement node firstly decrypts the received encrypted key to obtain a symmetric key, then decrypts an uplink data ciphertext by using the symmetric key to obtain original data, decrypts the digital signature by using a first asymmetric decryption method to obtain a data digest, then performs digest operation on the original data obtained by the block chain system by using a preset digest algorithm to obtain a new data digest, compares the new data digest with the decrypted data digest, and if the three encrypted information is completely consistent, indicates the correctness of the client identity and the integrity of the data. The information transmission method using the triple encryption information further improves the security of data, so that even if a hacker intercepts three types of information during transmission, the hacker can not decrypt any information because the decryption key without the block chain CA cannot decrypt any information, and thus the original uplink data cannot be obtained.
Specifically, in an embodiment, the data channel includes an account information channel, and the industrial data asset management method provided in the embodiment of the present invention further includes the following steps:
step S108: receiving a registration request sent by a user through a client node, and distributing a user ID; establishing a user private key corresponding to the user ID based on a first asymmetric encryption method, wherein the user private key is used for encryption during data transmission; and generates a digital certificate based on the user private key and the user ID.
Step S109: and returning the digital certificate to the client node, and simultaneously saving the user private key, the digital certificate and the user ID as account information into an account information channel.
Specifically, when a client registers, the blockchain system distributes a unique user ID for each user, establishes a user private key, generates a digital certificate, and stores the user private key, the digital certificate and the user ID in the blockchain system; and the user public key is used for decrypting the digital signature after the endorsement node receives the digital signature. The digital certificate is used for increasing a way for verifying the identity of a client during user transaction and ensuring the authenticity of the identity of the client. Specifically, in one embodiment, the account information further includes a user name, and if the same organization (e.g., a business) has multiple accounts (i.e., multiple user IDs), the user name of the organization plays a role in conveniently indexing the same organization.
Specifically, in an embodiment, the client node establishes a communication connection with an external industrial edge module, the industrial edge module is configured to classify data in a hierarchical manner, and perform channel-divided uplink grant on a data abstract of data to be uplink-divided according to an uplink request of the client node, based on steps S108 to S109, step S105 further includes the following steps:
step S1051: and the industrial edge receiving module receives an uplink data ciphertext, a digital signature and an encryption key sent by the industrial edge module according to the uplink request of the client node. Specifically, in the embodiment of the invention, the processing operations such as equipment access, protocol analysis, data acquisition, data classification and classification are realized through the industrial edge module, and the operations are performed on one side of the adjacent equipment, so that the computing power of cloud computing is greatly reduced, more network resources can be saved to provide network connection, and more effective protection is provided for network security and privacy. In embodiments of the present invention, the industrial edge module includes, but is not limited to, an industrial edge server and an industrial edge gateway.
Specifically, as shown in fig. 4, in an embodiment, based on step S1051, the step S101 includes the following steps:
step S1011: the method comprises the steps of receiving a chain loading request sent by a client node, and receiving a digital signature, a chain loading data ciphertext and an encryption key sent by an external industrial edge module, wherein the digital signature is generated by encrypting a data abstract of data to be chain loaded by using a user private key based on a first asymmetric encryption method, the chain loading data ciphertext is generated by encrypting original data by using a symmetric key, and the encryption key is generated by encrypting the encrypted key by using a block chain CA public key based on a second asymmetric encryption method.
Step S1012: and decrypting the encryption key by using the private key of the block chain CA based on the second asymmetric decryption method to obtain a symmetric key.
Step S1013: and decrypting the uplink data ciphertext by using the symmetric key to obtain the to-be-uplink data.
Step S1014: and calculating a second data abstract of the data to be uplink based on a preset abstract algorithm.
Step S1015: and acquiring a user public key corresponding to the user private key, and decrypting the digital signature by using the user public key based on a first asymmetric decryption method.
Step S1016: and if the decryption is successful, comparing the obtained data abstract with the second data abstract.
Step S1017: and if the comparison result is consistent, generating an endorsement result that the to-be-cochain request authentication passes, and if the comparison result is inconsistent, generating an endorsement result that the to-be-cochain request authentication fails.
Specifically, in the embodiment of the present invention, after the client node sends the data uplink request message, the industrial edge module simultaneously responds to the request, and encrypts the data to be uplink (i.e. the original data) to perform the endorsement operation. The industrial edge module calculates the data abstract of the original data by using a preset abstract algorithm, in one embodiment, an SHA-3 abstract algorithm is adopted, and the invention is not limited to this; then, encrypting the data abstract according to a user private key of the client node to obtain a digital signature; simultaneously, encrypting the original data by using a symmetric key to obtain an uplink data ciphertext; and then the industrial edge module receives the CA public key sent by the blockchain system, and encrypts the symmetric key by using the CA public key to obtain an encryption key, so that the encryption key can only be decrypted by the blockchain system by using the CA private key of the industrial edge module. Thus, three kinds of encrypted information are obtained at the industrial edge module end, namely an encryption key, a digital signature and a cochain data ciphertext. The encryption key is encrypted by using a block chain CA public key, so that decryption can be performed only through the CA private key of the block chain, the uplink data ciphertext can be decrypted only through a symmetric key obtained after the encryption key is decrypted, the digital signature can be decrypted by obtaining a user public key corresponding to the user private key, the digital signature does not contain any password information, only the identity of a client and the integrity of data are authenticated, and the data can be proved to be uploaded data authorized by the current user ID only when the public key successfully decrypts the digital signature. Therefore, the decryption operation needs to be performed in the blockchain, and after a hacker intercepts the three encrypted information, the hacker cannot perform any cracking by using the current technical means. The encryption transmission method provided by the embodiment of the invention greatly improves the safety in the data transmission and right confirmation process. After receiving the three kinds of encrypted information, the block chain system sends the encrypted information to an endorsement node in the chain for decryption, calculates a second data abstract of the obtained original data after decryption is completed, compares the second data abstract with a data abstract obtained by previous decryption, and if the second data abstract and the data abstract are consistent, indicates that the user identity verification is passed and the original data is not tampered during transmission, so that an endorsement result is obtained by a certificate passing the issuance authentication of the to-be-cochain request, and the endorsement result is sent to the client node. And if the authentication fails, sending the endorsement result of the authentication failure to the client node, and abandoning the data uplink.
Specifically, in an embodiment, the data channel of the blockchain further includes an industrial data channel for storing different types of industrial data, and the step S102 specifically includes the following steps:
step S1021: and judging the industrial data category to which the data to be linked belongs, wherein the industrial data category comprises any multiple of research and development design, production and manufacture, operation management and operation and maintenance service.
Step S1022: and packaging the data abstract and the storage path of the data to be linked and marking an industrial data channel corresponding to the industrial data type, wherein the industrial data channel comprises a research and development design channel, a production and manufacturing channel, an operation management channel and an operation and maintenance service channel.
Specifically, the existing industrial data management platform does not store industrial data in a classified and graded manner, and in the embodiment of the present invention, the industrial data is classified in a graded manner according to an industrial data classification grading guideline (trial) issued by an industrial and informatization portion, the data is classified into a research and development design class, a production and manufacturing class, an operation and management class, and an operation and maintenance service class, and each class of data is classified into a first class, a second class, and a third class according to potential influences on industrial production (the higher the grade is, the larger the loss and negative influences caused when the data is tampered, damaged, leaked, or illegally used are represented). Therefore, the summary information and the storage path information of the data to be linked are linked into the corresponding category channels according to the category of the industrial data, the acquisition authority is flexibly set according to the data level and the privacy, the industrial data management capacity is improved, the system operation efficiency is improved, the privacy information is protected from being easily revealed, and the risk is easier to control.
Specifically, in an embodiment, each data channel includes a preset master node and a preset slave node, and the step S104 specifically includes the following steps:
step S1041: and broadcasting the received new block to the main node in the data channel of the corresponding category so as to continuously broadcast the new block to the slave node of the channel through the main node, and storing the new block to the account book after all nodes on the channel achieve consensus. Specifically, in any channel of any organization, a large amount of network resources are occupied by all nodes communicating with the blockchain system, a master node communicating with the blockchain system is needed in one channel, and other nodes are used as slave nodes to communicate with the master node. For example: if a certain uplink data is operation and maintenance data, the sequencing node firstly broadcasts the abstract to the main node of the operation and maintenance service channel in each organization, and then the main node broadcasts the abstract information to all the slave nodes in the operation and maintenance service channel. In the embodiment of the invention, the nodes in the block chain are enabled to reach the agreement based on the Byzantine fault-tolerant mechanism, and the uplink right confirmation of the data is completed. Specifically, for any channel of any organization, if it is known that f abnormal nodes (faulty nodes that cannot normally send and receive messages) are included, where f is a positive integer, the data chain is completed through the following steps:
1. and receiving a new block broadcasted by the main node, and judging whether the broadcasting time of the main node exceeds the preset time.
2. And if the preset time is not exceeded, judging whether a normal slave node capable of receiving 2f correct new blocks exists according to the return message of the slave node, wherein the correct new blocks are blocks mutually transmitted between the slave nodes and are consistent with the new blocks transmitted by the master node.
3. If the normal slave nodes exist, when the number of the normal slave nodes reaches 2f, the new block is reserved, and if the correct slave nodes do not exist, the current intra-organization data uplink is abandoned.
4. And if the broadcast exceeds the preset time, sending the view conversion message to all nodes, and counting the number of the confirmation nodes returning the view conversion confirmation message.
5. And if the number of the confirmation nodes reaches 2f +1, selecting any node from the confirmation nodes as a new main node, and broadcasting the new block to other confirmation nodes until the confirmation messages of the 2f new blocks are returned.
Specifically, the embodiments of the present invention enable nodes in an organization to achieve consensus based on a byzantine fault-tolerant algorithm, thereby completing data uplink operations. If the current type channel of the current organization contains f abnormal nodes (nodes which cannot send messages due to the damage of node equipment in a alliance or software protocol and other problems), as long as the total number of the nodes is more than or equal to 3f +1, all the nodes can achieve consensus on the principle that a small number of nodes obey a majority (the Byzantine fault tolerance principle is the prior art, and the method is not repeated in the invention), the data uplink is realized, the reliability of a block chain system is verified on one hand, and the safety of the data uplink is further ensured. Therefore, it is first determined that the time for the master node in the current organization to broadcast the new block exceeds the preset time, and if the preset time is exceeded, the master node is an abnormal node, for example: the preset time is 1 minute, and the abnormal node is obtained when the main node does not perform the broadcast operation within 1 minute. If the main node broadcasts normally within the preset time, the main node is the normal node. After the master node broadcasts the new block, the slave nodes send the new block to each other, and for any slave node, when the received new block is consistent with the new block sent by the master node in comparison, the slave node receives 1 correct new block, and when the slave node can receive 2f correct new blocks, the slave node is added with the own node, so that the block chain contains nodes with the total number larger than 3f +1, namely the block chain is normally usable, and the slave node is a normal slave node, namely a normal node. And then in a return message received by the block chain system, when the number of confirmation messages returned to the normal slave nodes reaches 2f, at least 2f +1 normal nodes in the representative band block receive the new block, so that all the nodes achieve consensus on a minority-compliant principle, reserve the new block and finish the storage of the current uplink data.
If the broadcasting of the new block by the main node exceeds the preset time, the main node is represented as an abnormal node, so that the block chain system sends view conversion messages to all nodes in the current type channel of the current organization, when the number of the returned view conversion confirmation messages received by the block chain system reaches 2f +1, at least 2f +1 normal nodes capable of correctly returning the messages are represented, the network comprises nodes with the total number more than or equal to 3f +1, and the block chain system in the current organization can be normally used. And then selecting a new main node from the 2f +1 nodes returning the view conversion confirmation message, and as long as the 2f +1 normal nodes reach the consensus, the whole channel in the organization can reach the consensus, and then broadcasting a new block to the remaining 2f slave nodes returning the confirmation message by the main node, wherein when the block chain system receives the returned 2f new block confirmation messages, the block chain system indicates that all the nodes in the channel can reach the consensus, the uplink of uplink data is completed, and an intelligent contract of the new block is generated. As shown in fig. 5, an embodiment of the present invention further provides an industrial data asset management method, which is implemented based on a blockchain, where the blockchain includes a plurality of data channels, different data channels are used to store different types of information, and after a data summary is successfully converted into a new blockchain, the method specifically includes the following steps:
step S110: and receiving a transaction request sent by any data demander through the client node, and verifying the user ID of the transaction request.
Step S111: when the user ID is verified, the target data channel is located according to the data type of the required data in the transaction request.
Step S112: and broadcasting the transaction request to all nodes in the target data channel so as to analyze the user ID of the data owner and the storage path of the original data through the nodes in the target data channel.
Step S113: and acquiring target data through the user ID of the data owner and the storage path of the original data, and sending the target data to the client node according to the transaction rule set by the intelligent contract.
Specifically, the blockchain is connected with a plurality of client nodes, when a certain client node needs to perform data transaction, after a blockchain system receives a transaction request, firstly, identity verification is performed on a user ID of a data demand party, when the verification is passed, a corresponding data channel is positioned according to the industrial data type needed by the data demand party, the request is broadcasted to all nodes in a target channel, each node analyzes the user ID of the data ownership party and a data storage path pre-stored in the blockchain system, and then, the target data is found and acquired through the storage path of the target data. And finally, sending the target data to a client node of a data demand party according to a transaction rule in the intelligent contract during data storage. A Smart contract (Smart contract) is a computer protocol in a blockchain that aims to propagate, verify or execute contracts in an informative way. Smart contracts allow trusted transactions to be conducted without third parties, which transactions are traceable and irreversible. In the embodiment of the present invention, the content of the intelligent contract includes, but is not limited to: and presetting the validity period of data, wherein the appointed part of data only can output an operation result and does not send original data. The steps ensure the safety and reliability of data transaction.
Specifically, in an embodiment, the step S113 specifically includes the following steps:
step S1131: when the transaction rule states that the original data cannot be sent in a plaintext mode, verifying the acquired original data based on a preset digest algorithm and a linked data digest, and sending a processing result generated based on the original data to the client node as target data when the verification is passed; specifically, when some data levels are secondary or tertiary, and a user demander is not allowed to acquire data plaintext of original data, the blockchain system needs to process the original data according to specific requirements of the demander. After the block chain acquires original data from the data owner according to the storage path, the block chain system calculates the data abstract of the original data by a preset abstract algorithm, compares the data abstract with the data abstract stored on the chain, if the comparison is consistent, the block chain indicates that the original data acquired from the data owner by the block chain is not problematic, further processes the original data on the chain, and then sends the processing result to the demand party.
Step S1132: and when the transaction rule states that the original data can be sent in a clear text, verifying the acquired original data based on a preset digest algorithm and the data digest on the chain, and sending the original data serving as target data to the client node when the verification is passed. Specifically, when some data levels are at one level, when the user demanding party is allowed to obtain the data plaintext of the original data, after the blockchain obtains the original data from all the data parties according to the storage path, and when the data digest calculated based on the preset digest algorithm is the same as the data digest stored on the chain, the blockchain system directly sends the original data to the demanding party, the specific principle refers to step S1131, and is not described herein again.
Specifically, in an embodiment, after the step S113, the method further includes the following steps:
step S114: transaction information is generated and uploaded to the transaction information channel of the blockchain in the same manner as described in steps S101-S109 for uploading the data summary to the blockchain. Specifically, the transaction information generated after each transaction is finished needs to be linked up, and the same step as that in the abstract linking up is used for linking up the transaction information to a specific transaction information channel, so that the transaction information is clear and transparent and cannot be changed, and the security and reliability of the transaction are further ensured.
By executing the above steps, the embodiment of the present invention provides: an industrial data asset management method. The method specifically comprises the following steps: the method comprises the steps of classifying data in a grading way at the edge and confirming right of uplink in a branch channel, classifying industrial data in a grading way according to an industrial data classification grading guideline (trial implementation), classifying the data into a research and development design class, a production and manufacturing class, an operation and management class and an operation and maintenance service class, and classifying each class of data into a first class, a second class and a third class according to potential influence on industrial production. And set up the cochain passageway of corresponding classification in the block chain, according to data rank and the nimble authority that acquires that sets up of privacy nature, promote industrial data management ability, improve system operating efficiency, satisfied the privacy protection requirement of different types of data simultaneously, protect the privacy information not revealed easily, the risk is controlled more easily. And then, generating a new block through endorsement authentication and sequencing of the data, and broadcasting the new block to a node to form a cochain right for commonly recognizing the completed data to generate an intelligent contract of the new block.
In addition, the symmetric key and the uplink data abstract used for encrypting the uplink data are simultaneously and asymmetrically encrypted through the first asymmetric encryption algorithm and the second asymmetric encryption algorithm, so that uplink data ciphertext has triple guarantees in the transmission process, and the security of data uplink is improved. And then after the data verification is passed, the endorsement node sends the endorsement result passing the authentication to the client node, the client node sends the data to the client node for data packaging after receiving the endorsement result passing the authentication, then the packaged data is sent to the sequencing node, the sequencing node sequences the data after receiving the packaged data, a new block is generated and broadcasted to the master nodes of different organizations of corresponding channels of the block chain, the master nodes are broadcasted to the slave nodes in the organizations, and after the nodes on the channels achieve the consensus, the new block is stored in the account book, so that the intelligent contract of the new block is generated. According to the embodiment of the invention, the data is stored in the corresponding channel according to the type of the data in the data chaining process, the acquisition right is flexibly set according to the data grade and the privacy, the industrial data management capability is improved, the system operation efficiency is improved, the privacy information is protected from being easily leaked, and the risk is easier to control.
As shown in fig. 6, the present embodiment further provides an industrial data asset management system, which is implemented based on a blockchain, where the blockchain includes a plurality of data channels, and the system includes:
the endorsement module 101 performs endorsement on the to-be-linked request sent by any client node by using an endorsement node. For details, refer to the related description of step S101 in the above method embodiment, and no further description is provided here.
The communication module 102 sends the endorsement result to the client node through the endorsement node, so that when the client node receives the endorsement result that the endorsement result is authenticated, the client node packages the data abstract and the storage path of the data to be uplink according to the data category to generate the packaged data with the category label. For details, refer to the related description of step S102 in the above method embodiment, and no further description is provided here.
And the sorting module 103 receives the packed data sent by the client node, and sends the packed data to a sorting node to perform packed data sorting and new block generation operation. For details, refer to the related description of step S103 in the above method embodiment, and no further description is provided here.
The consensus module 104 broadcasts the new block to the nodes in the corresponding data channel through the sequencing nodes, so as to store the new block to the account book after the nodes on the channel achieve consensus, and generate an intelligent contract of the new block. For details, refer to the related description of step S104 in the above method embodiment, and no further description is provided here.
The industrial data asset management system provided by the embodiment of the present invention is configured to execute the industrial data asset management method provided by the above embodiment, and the implementation manner and the principle thereof are the same, and details are referred to the related description of the above method embodiment and are not described again.
As shown in fig. 7, the present embodiment further provides an industrial data asset management system, which is implemented based on a blockchain, where the blockchain includes a plurality of data channels, and the system includes:
the identity authentication module 110 is configured to receive a transaction request sent by any client node, and authenticate a user ID of the transaction request. For details, refer to the related description of step S110 in the above method embodiment, and no further description is provided here.
And the category confirmation module 111 is used for positioning the target data channel according to the data category of the required data in the transaction request when the user ID is verified. For details, refer to the related description of step S111 in the above method embodiment, and no further description is provided herein.
And the path confirmation module 112 broadcasts the transaction request to all nodes in the target data channel so as to analyze the user ID of the data owner and the storage path of the original data through the nodes in the target data channel. For details, refer to the related description of step S112 in the above method embodiment, and no further description is provided here.
And the data acquisition module 113 acquires target data through the user ID of the data owner and the storage path of the original data, and transmits the target data to the client node according to the transaction rule set by the intelligent contract. For details, refer to the related description of step S113 in the above method embodiment, and no further description is provided here.
The industrial data asset management system provided by the embodiment of the present invention is configured to execute the industrial data asset management method provided by the above embodiment, and the implementation manner and the principle thereof are the same, and details are referred to the related description of the above method embodiment and are not described again.
FIG. 8 illustrates an industrial data asset management device according to an embodiment of the present invention, the device comprising: the processor 901 and the memory 902 may be connected by a bus or other means, and fig. 8 illustrates an example of a connection by a bus.
The memory 902, which is a non-transitory computer-readable storage medium, may be used to store non-transitory software programs, non-transitory computer-executable programs, and modules, such as program instructions/modules corresponding to the methods in the above-described method embodiments. The processor 901 executes various functional applications and data processing of the processor by executing non-transitory software programs, instructions and modules stored in the memory 902, that is, implements the methods in the above-described method embodiments.
The memory 902 may include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required for at least one function; the storage data area may store data created by the processor 901, and the like. Further, the memory 902 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory 902 may optionally include memory located remotely from the processor 901, which may be connected to the processor 901 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
One or more modules are stored in the memory 902, which when executed by the processor 901 performs the methods in the above-described method embodiments.
The specific details of the industrial data asset management device may be understood by referring to the corresponding related descriptions and effects in the above method embodiments, and are not described herein again.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, and the implemented program can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Hard Disk (Hard Disk Drive, abbreviated as HDD) or a Solid State Drive (SSD), etc.; the storage medium may also comprise a combination of memories of the kind described above.
Although the embodiments of the present invention have been described in conjunction with the accompanying drawings, those skilled in the art may make various modifications and variations without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope defined by the appended claims.
Claims (12)
1. An industrial data asset management method implemented based on a blockchain, the blockchain comprising a plurality of data channels, the data channels being made up of a plurality of the nodes within the blockchain, different data channels being used to store different categories of data, the method comprising:
an endorsement node is used for endorsement of a to-be-uplink request sent by any client node;
the endorsement result is sent to a client node through the endorsement node, so that when the client node receives the endorsement result that the endorsement result is authenticated, a data abstract and a storage path of the data to be chained are packaged according to the data category to generate packaged data with a category label;
receiving the packed data sent by the client node, and sending the packed data to a sorting node for packed data sorting and new block generation operation;
broadcasting the new block to the nodes in the corresponding data channel through the sequencing node, so that the new block is stored in an account book after the nodes on the channel achieve consensus, and an intelligent contract of the new block is generated.
2. The method of claim 1, wherein before the endorsing with an endorsement node a request to uplink sent by any one of the client nodes, the method further comprises:
receiving a chain loading data ciphertext, a digital signature and an encryption key sent by a client node, wherein the chain loading data ciphertext is generated by encrypting data to be chain loaded by a symmetric key, the digital signature is generated by encrypting a data abstract of the data to be chain loaded by a first asymmetric encryption method, and the encryption key is generated by encrypting the symmetric key by a second asymmetric encryption method;
sending the uplink data ciphertext, the digital signature and the encryption key to an endorsement node;
decrypting the digital signature and the encrypted key by the endorsement node with a first asymmetric decryption method and a second asymmetric decryption method respectively to obtain the data digest and the symmetric key respectively;
and decrypting the uplink data ciphertext by using the symmetric key to obtain the data to be uplink, and verifying the identity of the client node and the data to be uplink by using the data abstract.
3. The method of claim 2, wherein the data channel of the blockchain comprises an account information channel for storing user account information, the method further comprising:
receiving a registration request sent by a user through the client node and distributing a user ID;
establishing a user private key corresponding to the user ID based on a first asymmetric encryption method, wherein the user private key is used for encryption during data transmission;
and generating a digital certificate based on the user private key and the user ID;
and returning the digital certificate to the client node, and simultaneously saving the user private key, the digital certificate and the user ID as account information into the account information channel.
4. The method of claim 3, wherein the client node is communicatively coupled to an external industrial edge module, and wherein the industrial edge module is configured to classify data hierarchically and perform a channel-wise uplink grant for a data digest of the data to be uplink according to a uplink request from the client node, and wherein the method further comprises, for a ciphertext, a digital signature, and an encryption key of uplink data sent by the receiving client node:
and receiving a uplink data ciphertext, a digital signature and an encryption key sent by the industrial edge module according to the uplink request of the client node.
5. The method of claim 4, wherein the endorsing, by the endorsement node, a request to uplink sent by any one of the client nodes comprises:
receiving a uplink request sent by the client node, and receiving a digital signature, a uplink data ciphertext and an encryption key sent by the external industrial edge module, wherein the digital signature is generated by encrypting the data abstract by using a user private key based on a first asymmetric encryption method, the uplink data ciphertext is generated by encrypting the data to be uplink by using a symmetric key, and the encryption key is generated by encrypting the symmetric key by using a block chain CA public key based on a second asymmetric encryption method;
decrypting the encrypted key by using a block chain CA private key based on a second asymmetric decryption method to obtain the symmetric key;
decrypting the uplink data ciphertext by using the symmetric key to obtain the data to be uplink;
calculating a second data abstract of the data to be uplink based on a preset abstract algorithm;
acquiring a user public key corresponding to the user private key, and decrypting the digital signature by using the user public key based on a first asymmetric decryption method;
if the decryption is successful, comparing the obtained data abstract with the second data abstract;
and if the comparison result is consistent, generating an endorsement result that the to-be-cochain request authentication passes, and if the comparison result is inconsistent, generating an endorsement result that the to-be-cochain request authentication fails.
6. The method of claim 1, wherein the data channels of the blockchain further include an industrial data channel for storing different types of industrial data, and the step of packing the data summary and the storage path of the data to be uplink according to the data category to generate the packed data with the category label comprises:
judging the industrial data category to which the data to be uplink belongs, wherein the industrial data category comprises any multiple of research and development design, production and manufacture, operation management and operation and maintenance service;
and packaging the data abstract of the data to be linked and the storage path and marking an industrial data channel corresponding to the industrial data type, wherein the industrial channel comprises a research and development channel, a production and manufacturing channel, an operation management channel and an operation and maintenance service channel.
7. The method of claim 1, wherein each data channel comprises a master node and a slave node which are preset, and the broadcasting the new tile to the nodes in the corresponding data channel through the sorting node comprises:
and broadcasting the received new block to the master node in the data channel of the corresponding category so as to continuously broadcast the new block to the slave node of the channel through the master node.
8. A method for industrial data asset management, implemented based on a blockchain, wherein the blockchain comprises a plurality of data channels, different data channels are used for storing different types of data, and after a data summary is successfully converted into a new blockchain, the method comprises:
receiving a transaction request sent by any data demander through a client node, and verifying a user ID of the transaction request;
when the user ID passes the verification, positioning a target data channel according to the data type of the required data in the transaction request;
broadcasting the transaction request to all nodes in the target data channel so as to analyze the user ID of the data owner and the storage path of the original data through the nodes in the target data channel;
and acquiring target data through the user ID of the data owner and the storage path of the original data, and sending the target data to the client node according to a transaction rule set by the intelligent contract.
9. The method according to claim 8, wherein said sending said target data to said client node according to transaction rules set by a smart contract comprises:
when the transaction rule states that the original data cannot be sent in a plaintext mode, verifying the acquired original data based on a preset digest algorithm and an on-chain data digest, and sending a processing result generated based on the original data to the client node as the target data when the verification is passed;
and when the transaction rule states that the original data can be sent in a clear text, verifying the acquired original data based on a preset digest algorithm and a data digest on the chain, and sending the original data serving as the target data to the client node when the verification is passed.
10. The method of claim 8, wherein the data path further comprises a transaction information path for storing transaction information, and wherein after the target data is sent to the client node according to the transaction rules set by the smart contract, the method further comprises:
generating transaction information and uploading the transaction information to a transaction information channel of a blockchain in the same way as uploading a data summary to a blockchain in the method according to any one of claims 1 to 7.
11. An industrial data asset management device, comprising:
a memory and a processor communicatively coupled to each other, the memory having stored therein computer instructions, the processor executing the computer instructions to perform the method of any of claims 1-10.
12. A computer-readable storage medium having stored thereon computer instructions for causing a computer to thereby perform the method of any one of claims 1-10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111088379.2A CN113779607B (en) | 2021-09-16 | 2021-09-16 | Industrial data asset management method, system and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111088379.2A CN113779607B (en) | 2021-09-16 | 2021-09-16 | Industrial data asset management method, system and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113779607A true CN113779607A (en) | 2021-12-10 |
| CN113779607B CN113779607B (en) | 2024-06-07 |
Family
ID=78851480
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111088379.2A Active CN113779607B (en) | 2021-09-16 | 2021-09-16 | Industrial data asset management method, system and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113779607B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114499849A (en) * | 2022-01-27 | 2022-05-13 | 王立娟 | Service user terminal, secure transmission system and method |
| CN115033645A (en) * | 2022-07-06 | 2022-09-09 | 贵州电网有限责任公司 | Electric power data storage method and system based on block chain technology |
| CN115118461A (en) * | 2022-06-07 | 2022-09-27 | 讯飞智元信息科技有限公司 | Data processing method and device, electronic equipment and storage medium |
| CN115840787A (en) * | 2023-02-20 | 2023-03-24 | 塔比星信息技术(深圳)有限公司 | Supply chain data sharing method, device, equipment and medium based on block chain |
| CN115907593A (en) * | 2023-02-14 | 2023-04-04 | 湖南炅旭生物科技有限公司 | Block chain-based drug transportation management method, system, equipment and storage medium |
| CN115941364A (en) * | 2023-03-13 | 2023-04-07 | 广东电网有限责任公司 | Asset data management method and system based on smart power grid |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111047319A (en) * | 2019-09-03 | 2020-04-21 | 腾讯科技(深圳)有限公司 | Transaction processing method of block chain network and block chain network |
| CN111200589A (en) * | 2019-12-05 | 2020-05-26 | 北京数字认证股份有限公司 | Data protection method and system for alliance chain |
| US20200201843A1 (en) * | 2018-12-19 | 2020-06-25 | International Business Machines Corporation | Optimization of chaincode statements |
| CN112132682A (en) * | 2020-08-10 | 2020-12-25 | 国网浙江省电力有限公司嘉兴供电公司 | Electric power transaction method, device and system based on block chain technology |
| CN112311772A (en) * | 2020-10-12 | 2021-02-02 | 华中师范大学 | Hyperridge-based cross-domain certificate management system and method |
| CN112600892A (en) * | 2020-12-07 | 2021-04-02 | 北京邮电大学 | Block chain equipment and system for Internet of things and working method |
-
2021
- 2021-09-16 CN CN202111088379.2A patent/CN113779607B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20200201843A1 (en) * | 2018-12-19 | 2020-06-25 | International Business Machines Corporation | Optimization of chaincode statements |
| CN111047319A (en) * | 2019-09-03 | 2020-04-21 | 腾讯科技(深圳)有限公司 | Transaction processing method of block chain network and block chain network |
| CN111200589A (en) * | 2019-12-05 | 2020-05-26 | 北京数字认证股份有限公司 | Data protection method and system for alliance chain |
| CN112132682A (en) * | 2020-08-10 | 2020-12-25 | 国网浙江省电力有限公司嘉兴供电公司 | Electric power transaction method, device and system based on block chain technology |
| CN112311772A (en) * | 2020-10-12 | 2021-02-02 | 华中师范大学 | Hyperridge-based cross-domain certificate management system and method |
| CN112600892A (en) * | 2020-12-07 | 2021-04-02 | 北京邮电大学 | Block chain equipment and system for Internet of things and working method |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114499849A (en) * | 2022-01-27 | 2022-05-13 | 王立娟 | Service user terminal, secure transmission system and method |
| CN115118461A (en) * | 2022-06-07 | 2022-09-27 | 讯飞智元信息科技有限公司 | Data processing method and device, electronic equipment and storage medium |
| CN115033645A (en) * | 2022-07-06 | 2022-09-09 | 贵州电网有限责任公司 | Electric power data storage method and system based on block chain technology |
| CN115033645B (en) * | 2022-07-06 | 2023-11-21 | 贵州电网有限责任公司 | Power data storage method and system based on block chain technology |
| CN115907593A (en) * | 2023-02-14 | 2023-04-04 | 湖南炅旭生物科技有限公司 | Block chain-based drug transportation management method, system, equipment and storage medium |
| CN115840787A (en) * | 2023-02-20 | 2023-03-24 | 塔比星信息技术(深圳)有限公司 | Supply chain data sharing method, device, equipment and medium based on block chain |
| CN115941364A (en) * | 2023-03-13 | 2023-04-07 | 广东电网有限责任公司 | Asset data management method and system based on smart power grid |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113779607B (en) | 2024-06-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113779607B (en) | Industrial data asset management method, system and equipment | |
| CN110012015B (en) | Block chain-based Internet of things data sharing method and system | |
| CN109409122B (en) | File storage method, electronic device and storage medium | |
| CN109377198B (en) | Signing system based on multi-party consensus of alliance chain | |
| CN110933108B (en) | Data processing method and device based on block chain network, electronic equipment and storage medium | |
| US20230023857A1 (en) | Data processing method and apparatus, intelligent device, and storage medium | |
| CN111600908B (en) | Data processing method, system, computer device and readable storage medium | |
| CN101981889B (en) | Secure communications in computer cluster systems | |
| WO2022037596A1 (en) | Combined signature and signature verification method and system, and storage medium | |
| CN111415157A (en) | Block chain-based data asset safety circulation method | |
| CN112398853B (en) | Method, device and system for realizing alliance chain cross-chain communication | |
| CN104735087A (en) | Public key algorithm and SSL (security socket layer) protocol based method of optimizing security of multi-cluster Hadoop system | |
| CN114884674A (en) | Block chain-based user data transfer method, device and equipment | |
| CN108881240B (en) | Member privacy data protection method based on block chain | |
| CN115567312B (en) | Alliance chain data authority management system and method capable of meeting various scenes | |
| CN115796871A (en) | Resource data processing method and device based on block chain and server | |
| EP3542300B1 (en) | Method for operating a peer-to-peer application | |
| CN113328854B (en) | Service processing method and system based on block chain | |
| CN114239044A (en) | Decentralized traceable shared access system | |
| CN110796448A (en) | Intelligent contract verification method based on block chain, participating node and medium | |
| CN104735020A (en) | Method, device and system for acquiring sensitive data | |
| CN112261002A (en) | Data interface docking method and device | |
| CN115409511B (en) | Personal information protection system based on block chain | |
| CN114157428A (en) | Block chain-based digital certificate management method and system | |
| CN113672655A (en) | File collaborative checking method and device based on block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |