CN117421774A - Block chain-based data storage and verification method, device, equipment, medium and product - Google Patents

Block chain-based data storage and verification method, device, equipment, medium and product Download PDF

Info

Publication number
CN117421774A
CN117421774A CN202311437845.2A CN202311437845A CN117421774A CN 117421774 A CN117421774 A CN 117421774A CN 202311437845 A CN202311437845 A CN 202311437845A CN 117421774 A CN117421774 A CN 117421774A
Authority
CN
China
Prior art keywords
data
certificate
blockchain
evidence
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311437845.2A
Other languages
Chinese (zh)
Inventor
刘汉卿
王宗友
时一防
朱耿良
刘区城
廖志勇
聂凯轩
黄杨峻
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN202311437845.2A priority Critical patent/CN117421774A/en
Publication of CN117421774A publication Critical patent/CN117421774A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/21Design, administration or maintenance of databases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The application provides a data storage method, device, equipment, medium and product based on a blockchain. The data certification method based on the blockchain comprises the following steps: receiving a certificate line authorization transaction sent by a data certificate object, wherein the certificate line authorization transaction comprises first data to be stored, a certificate line increment and a certificate line authorization certificate; the certificate line authorization certificate is generated for the data certificate object after the data certificate service party successfully applies for the certificate line increment; based on the credit limit authorization credentials, carrying out authorization verification on the credit limit increment; if the authorization verification of the credit limit increment is passed, updating the credit limit of the data credit object on the block chain based on the credit limit increment; and carrying out evidence storage processing on the first data on the blockchain according to the updated evidence storage limit. By adopting the method and the device, the management of the certificate line can be made transparent, and the management credibility of the certificate line can be improved.

Description

Block chain-based data storage and verification method, device, equipment, medium and product
Technical Field
The present application relates to the field of computer technology, and in particular, to the field of blockchain technology, and more particularly, to a blockchain-based data certification method, a blockchain-based data certification device, a computer readable storage medium, and a computer program product.
Background
The data certification target can request the data certification service to perform certification processing on the data by using the data certification capability of the data certification service. In order to limit the data certification capability of the data certification service for unlimited use by the data certification object, the data certification service sets a certification credit for the data certification object, and after the data of the data certification object is subjected to certification processing, the data certification service can reduce a certain amount of certification resources from the certification credit, and after the certification credit is used, the data certification capability of the data certification service cannot be continuously used by the data certification object. Currently, the credit line of the data credit object is managed by a data credit service, for example, after the data credit object applies for the credit line, the data credit service authorizes the credit line, and for example, the data credit service reduces a certain amount of credit resources from the credit line of the data credit object; that is, the certificate line of the data certificate object is centrally managed by the data certificate service, so that the management of the certificate line is not enough public and transparent, and the reliability of the management of the certificate line is not high.
Disclosure of Invention
The embodiment of the application provides a blockchain-based data evidence storage method, device, equipment, medium and product, which can enable the management of the evidence storage amount to be transparent and promote the credibility of the management of the evidence storage amount.
In one aspect, an embodiment of the present application provides a blockchain-based data certification method, including:
receiving a certificate line authorization transaction sent by a data certificate object, wherein the certificate line authorization transaction comprises first data to be stored, a certificate line increment and a certificate line authorization certificate; the evidence-deposit amount increment is applied by the data evidence-deposit object to the data evidence-deposit business party, and the evidence-deposit amount authorization certificate is generated by the data evidence-deposit business party after the data evidence-deposit object successfully applies for the evidence-deposit amount increment;
based on the credit limit authorization credentials, carrying out authorization verification on the credit limit increment;
if the authorization verification of the credit limit increment is passed, updating the credit limit of the data credit object on the block chain based on the credit limit increment;
and carrying out evidence storage processing on the first data on the blockchain according to the updated evidence storage limit.
Accordingly, the embodiment of the application provides a blockchain-based data certification device, which comprises:
The communication unit is used for receiving a certificate line authorization transaction sent by the data certificate object, wherein the certificate line authorization transaction comprises first data to be stored, a certificate line increment and a certificate line authorization certificate; the evidence-deposit amount increment is applied by the data evidence-deposit object to the data evidence-deposit business party, and the evidence-deposit amount authorization certificate is generated by the data evidence-deposit business party after the data evidence-deposit object successfully applies for the evidence-deposit amount increment;
the processing unit is used for carrying out authorization verification on the credit limit increment based on the credit limit authorization certificate;
the processing unit is further used for updating the certificate line of the data certificate storing object based on the certificate line increment on the blockchain if the authorization verification of the certificate line increment is passed;
and the processing unit is also used for carrying out the certificate storage processing on the first data on the blockchain according to the updated certificate storage amount.
In one implementation, the credit authorization credential includes object identification data of the data credit object and a credit increment applied by the data credit object; the processing unit is used for executing the following steps when carrying out authorization verification on the credit limit increment based on the credit limit authorization certificate:
Obtaining object verification data of a data storage certificate object from a blockchain;
verifying the object identification data based on the object verification data;
if the object identification data passes the verification, comparing the increment of the credit limit in the credit limit authorization certificate with the increment of the credit limit in the credit limit authorization transaction;
if the increment of the credit limit in the credit limit authorization certificate is consistent with the increment of the credit limit in the credit limit authorization transaction, determining that the authorization verification of the increment of the credit limit passes.
In one implementation, the processing unit is further configured to perform the steps of:
obtaining a blockchain address of a data storage certificate service party from a blockchain;
comparing the blockchain address of the data storage certification service party with the blockchain address of the data storage certification service manager maintained by the blockchain;
if the blockchain address of the data storage certification service party is the same as the blockchain address of the data storage certification service manager maintained by the blockchain, triggering and executing the step of acquiring the object verification data of the data storage certification object from the blockchain;
the blockchain address of the data storage certificate service manager is maintained by taking the blockchain address of the data storage certificate service party as the blockchain address of the data storage certificate service manager after the blockchain authorizes the data storage certificate service party as the data storage certificate service manager.
In one implementation, the object identification data includes a blockchain address of the data certification object and a check value of the data certification object; the object verification data comprises a blockchain address of the data storage verification object and a verification value of the data storage verification object; the processing unit is used for executing the following steps when verifying the object identification data based on the object verification data:
comparing the blockchain address of the data storage certificate object in the object identification data with the blockchain address of the data storage certificate object in the object verification data;
if the blockchain address of the data certificate object in the object identification data is the same as the blockchain address of the data certificate object in the object verification data, comparing the verification value of the data certificate object in the object identification data with the verification value of the data certificate object in the object verification data;
if the check value of the data certificate-storing object in the object identification data is the same as the check value of the data certificate-storing object in the object check data, determining that the object identification data passes the check.
In one implementation, the object identification data includes a verification value of the data-holding object, and when the object identification data is verified, the verification value of the data-holding object needs to be verified;
The processing unit is further used for executing the following steps:
and after the authorization verification of the credit limit increment is passed, updating the verification value of the data credit object on the blockchain.
In one implementation, a conversion rule between the amount of forensic data and the amount of resources that the forensic data needs to consume is stored on the blockchain; the processing unit is used for executing the following steps when the first data is subjected to the evidence storage processing on the blockchain according to the updated evidence storage amount:
obtaining conversion rules from the blockchain;
determining a first resource amount required for performing certification processing on the first data according to the conversion rule;
if the first resource amount is smaller than or equal to the updated credit limit, the first data is subjected to the credit processing, and the corresponding credit resources of the first resource amount are reduced from the updated credit limit on the blockchain.
In one implementation, the communication unit is further configured to perform the steps of:
if the first resource amount is larger than the updated evidence-storing amount, generating an evidence-storing failure notice;
returning a certificate storing failure notice to the data certificate storing object;
the certificate storing failure notification is used for notifying that the updated certificate storing amount is insufficient for storing the first data.
In one implementation, the communication unit is further configured to perform the steps of:
receiving a first data certification transaction sent by a data certification object, wherein the first data certification transaction comprises second data to be certified and a first data certification authority certificate; the first data certificate authority certificate is generated by the data certificate service party after the data certificate service party successfully applies the data certificate authority to the data certificate service party;
the processing unit is further used for executing the following steps:
verifying the data storage certificate authority of the data storage certificate object based on the first data storage certificate authorization certificate;
and if the data storage authority verification of the data storage object passes, carrying out storage processing on the second data on the blockchain.
In one implementation, the first data certificate authority credential includes object identification data of a data certificate object and a certificate rated data amount corresponding to a data certificate authority; the processing unit is used for executing the following steps when verifying the data certificate authority of the data certificate object based on the first data certificate authority certificate:
obtaining object verification data of a data storage certificate object from a blockchain;
verifying the object identification data based on the object verification data;
If the object identification data passes the verification, comparing the rated data quantity of the verification with the data quantity of the second data;
and if the data volume of the second data is smaller than or equal to the rated data volume of the certificate, determining that the data certificate authority verification of the data certificate object passes.
In one implementation, the communication unit does not perform the following steps:
receiving a second data evidence-storing transaction sent by the data evidence-storing object, wherein the second data evidence-storing transaction comprises third data to be authenticated and a second data evidence-storing authorization certificate; the second data storage certificate authorization certificate is generated by a data storage certificate service party for a data storage certificate object;
the processing unit is further used for executing the following steps:
verifying the data storage certificate authority of the data storage certificate object based on the second data storage certificate authorization certificate;
if the data certification authority of the data certification object passes the verification, performing certification processing on the third data on the blockchain according to the certification line of the data certification object.
In one implementation, the communication unit is further configured to perform the steps of:
receiving a third data certification transaction sent by the data certification object, wherein the third data certification transaction comprises fourth data to be certified;
The processing unit is further used for executing the following steps:
and carrying out certification processing on the fourth data according to the certification credit of the data certification target on the blockchain.
Accordingly, embodiments of the present application provide a computer device comprising:
a processor adapted to implement a computer program;
a computer readable storage medium storing a computer program adapted to be loaded by a processor and to perform the blockchain-based data certification method described above.
Accordingly, embodiments of the present application provide a computer-readable storage medium storing a computer program that, when read and executed by a processor of a computer device, causes the computer device to perform the blockchain-based data certification method described above.
Accordingly, embodiments of the present application provide a computer program product comprising a computer program stored in a computer readable storage medium. The processor of the computer device reads the computer program from the computer-readable storage medium, and the processor executes the computer program to cause the computer device to perform the blockchain-based data certification method described above.
In the embodiment of the application, the credit limit authorization transaction of the data credit object comprises first data to be authenticated, a credit limit increment and a credit limit authorization certificate, wherein the credit limit increment is applied by the data credit object to a data credit service party, and the credit limit authorization certificate is generated by the data credit service party after the data credit service party successfully applies for the credit limit increment; after receiving the credit limit authorization transaction of the data credit object, carrying out authorization verification on the increment of the credit limit based on the credit limit authorization certificate; if the authorization verification of the evidence amount increment is passed, the evidence amount of the data evidence object can be updated on the blockchain based on the evidence amount increment; and then, according to the updated evidence amount, carrying out evidence storage processing on the first data on the blockchain. Therefore, in the embodiment of the application, the management of the certificate line is performed by means of the blockchain, and based on the characteristics of transparent disclosure and non-falsification of the blockchain, the management of the certificate line can be made transparent, and the management reliability of the certificate line can be improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a block chain network architecture according to an embodiment of the present application;
FIG. 2 is a block chain architecture diagram provided in an embodiment of the present application;
fig. 3 is a schematic structural diagram of a block generation process according to an embodiment of the present application;
FIG. 4 is a schematic diagram of a data storage system according to an embodiment of the present disclosure;
FIG. 5 is a schematic flow chart of a credit limit authorization provided in an embodiment of the present application;
FIG. 6 is a schematic flow chart of a data storage certificate according to an embodiment of the present application;
FIG. 7 is a schematic flow chart of another data storage method according to an embodiment of the present application;
FIG. 8 is a schematic flow chart of a data storage method according to an embodiment of the present application;
FIG. 9 is a flowchart of a block chain based data logging method according to an embodiment of the present application;
FIG. 10 is a schematic diagram of authorization verification for a credit limit increment according to an embodiment of the present disclosure;
FIG. 11 is a flowchart of another exemplary blockchain-based data certification method provided in an embodiment of the present application;
FIG. 12 is a flowchart of yet another exemplary blockchain-based data certification method provided in an embodiment of the present application;
FIG. 13 is a schematic diagram of a block chain based data storage device according to an embodiment of the present disclosure;
Fig. 14 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.
In order to more clearly understand the technical solutions provided by the embodiments of the present application, some key terms involved in the technical solutions provided by the embodiments of the present application are introduced here:
(1) Block chain network:
a blockchain network is a network of point-to-point connections, each blockchain node of the point-to-point connection being referred to as a peer node, the blockchain network being based on a specific class of network protocols such that there is no need for a central node between peers to maintain network state, each peer node maintaining the node state of the whole network and its connection state with neighboring nodes through broadcast interactions with neighboring nodes.
The blockchain network may be understood as the data sharing system 10 shown in fig. 1. The data sharing system 10 refers to a system for performing data sharing between blockchain nodes, where the data sharing system may include a plurality of blockchain nodes 101, and the plurality of blockchain nodes 101 may be clients, terminal devices, or servers in the data sharing system. Each blockchain node 101 may receive input information (e.g., blockchain transactions) while operating normally and maintain shared data within the data sharing system based on the received input information. In order to ensure the information intercommunication in the data sharing system, information connection can exist between each block chain link point in the data sharing system, and information transmission can be carried out between the block chain nodes through the information connection. For example, when any block link point in the data sharing system receives input information, other nodes in the data sharing system acquire the input information according to a consensus algorithm, and store the input information as data in shared data, so that the data stored on all block link nodes in the data sharing system are consistent.
Each blockchain node in the data sharing system has a node identifier corresponding to the blockchain node, and each blockchain node in the data sharing system can store the node identifiers of other blockchain nodes in the data sharing system, so that the generated block can be broadcasted to other blockchain nodes in the data sharing system according to the node identifiers of other blockchain nodes. Each blockchain node may maintain a list of node identifiers as shown in table 1 below, and store the node names and node identifiers in the list of node identifiers. The node identifier may be an IP (Internet Protocol, protocol interconnected between networks) address and any other information that can be used to identify the blockchain node, and table 1 is only illustrated by taking the IP address as an example:
TABLE 1
Node name Node identification
Node 1 111.111.111.111
Node 2 222.222.222.222
Node N NNN.NNN.NNN.NNN
(2) Blockchain:
each blockchain node in the blockchain network stores the same blockchain, and the blockchain is a distributed account book technology in the field of information technology, and generally consists of common knowledge, transaction blocks, state data storage, cryptography identity security and other contents. The blockchain is composed of a plurality of blocks, and can be seen in the blockchain structure shown in fig. 2, the blockchain is composed of a plurality of blocks, an initiating block in the blockchain comprises a block head and a block main body, the block head of the initiating block stores an input information characteristic value, a version number, a timestamp and a difficulty value, and the block main body of the initiating block stores input information (namely transaction); the next block of the starting block takes the starting block as a father block, the next block also comprises a block head and a block main body, the block head of the next block stores the block head characteristic value of the father block besides the input information characteristic value, the version number, the time stamp and the difficulty value of the current block, and the like, so that the block data stored in each block in the blockchain are associated with the block data stored in the father block, and the safety of the input information in the block is ensured.
When each block in the blockchain is generated, referring to the block generation process shown in fig. 3, when the blockchain node where the blockchain is located receives input information, checking the input information, after the checking is completed, storing the input information into a transaction pool, and updating a hash tree for recording the input information; then, updating the update time stamp to the time of receiving the input information, trying different random numbers, and calculating the characteristic value for a plurality of times, so that the calculated characteristic value can meet the following formula:
SHA256(SHA256(version+prev_hash+merkle_root+ntime+nbits+x))<TARGET
wherein SHA256 (Secure Hash Algorithm, a secure hash algorithm) is a eigenvalue algorithm used to calculate eigenvalues; version (version number) is version information of the related block protocol in the block chain; the prev_hash is the block header characteristic value of the parent block of the current block; the merkle_root is a characteristic value of input information; ntime is the update time of the update timestamp; the nbits is the current difficulty, is a fixed value in a period of time, and is determined again after exceeding a fixed period of time; x is a random number; TARGET is a eigenvalue threshold that can be determined from nbits.
Thus, when the random number meeting the formula is calculated, the information can be correspondingly stored to generate the block head and the block main body, and the current block is obtained. And then, the block chain node where the block chain is positioned sends the newly generated block to other block chain nodes in the data sharing system according to the node identification of other block chain nodes in the data sharing system, the other block chain nodes verify the newly generated block, and the newly generated block is added into the block chain stored in the block chain after the verification is completed.
(3) Data storage and certification service:
the data certification service may also be referred to as a data storage service, which refers to a service with data certification capability, where the data certification capability refers to the capability of performing secure storage on data by means of certification contracts in a blockchain, that is, data certification is data secure storage, and the data certification service may perform secure storage on data by means of certification contracts in the blockchain.
The certification contract refers to an intelligent contract for safely storing data. Smart Contract (Smart contact) is a computer protocol intended to propagate, verify, or execute contracts in an informative manner; smart contracts allow trusted transactions to be made without third parties, which transactions are traceable and irreversible. The smart contract mentioned above is a contract written in a code form, which can be automatically executed on a blockchain; contract functions are implemented, such as data logging, etc. The smart contract is in fact a piece of program made up of computer code, and the process of writing and deploying the smart contract can be summarized as: in the first step, after two or more parties participating in the contract agree, the common consensus is formulated into an intelligent contract, namely, a code segment for realizing tasks or providing services is written. The second step, compiling into byte codes through the virtual machine and storing the byte codes in the block chain, so that the intelligent contract also has a unique address on the block chain; and the intelligent contract is broadcast and stored to various blockchain nodes throughout the world via a blockchain network. And thirdly, triggering an intelligent contract code when the blockchain node in the blockchain network sends a transaction to the address where the intelligent contract is located or certain conditions are met, wherein the intelligent contract is automatically and independently executed on each blockchain node in the blockchain network in a specified mode, and the functions of storing data in the blockchain or changing certain states, changing account balance and the like are completed.
(4) The credit limit:
the certification credit refers to a certification resource threshold set for each data certification object in order to limit the data certification capability of the data certification object (the data certification object refers to an object with a data certification requirement) to use the data certification service without limit, in which case excessive data is stored in the certification contract. The data evidence-storing object can apply for evidence-storing amount from the data evidence-storing business, and after the evidence-storing contract carries out evidence-storing processing on the data of the data evidence-storing object, a certain amount of evidence-storing resources can be reduced from the memory amount of the data evidence-storing object; that is, the data certification capability of the data certification service may be further understood as referring to the capability of securely storing data and managing certification credit by means of certification contracts in the blockchain.
The positive correlation is formed between the evidence amount of the data evidence object and the data amount which can be stored by the data evidence object, the larger the evidence amount of the data evidence object is, the larger the data amount which can be stored by the data evidence object is, namely the more data which can be stored by the data evidence object is, otherwise, the smaller the evidence amount of the data evidence object is, the smaller the data amount which can be stored by the data evidence object is, namely the less data can be stored by the data evidence object is; after the credit line of the data credit object is used up, the data credit object can not continue to use the data credit capability of the data credit service, or the data credit object can also continue to apply for a new credit line to the data credit service.
The data evidence-storing service is usually provided with a data evidence-storing service manager, which may also be referred to as a data evidence-storing service party, and refers to an object for performing service management on the data evidence-storing service, for example, when the data evidence-storing object applies for evidence-storing amount to the data evidence-storing service party, the data evidence-storing service party can determine whether to grant evidence-storing amount to the data evidence-storing object, and can determine how many evidence-storing amounts are granted to the data evidence-storing object.
Based on the description of related terms such as the blockchain network, the blockchain, the data certification service, the certification contract, the certification line and the like, the embodiment of the application provides a blockchain-based data certification method, which performs data certification by means of the certification contract in the blockchain on one hand, performs certification line management (including certification of the certification line and reduction of the certification resource from the certification line) by means of the certification contract in the blockchain on the other hand, performs secure certification on the data based on the characteristics of transparent disclosure and non-falsification of the blockchain, and can also enable the management of the certification line to be transparent and promote the reliability of the certification line management.
In addition, in the blockchain-based data certification method provided by the embodiment of the application, after the data certification service party successfully applies for the certification credit increment, the certification credit authorization certificate can be generated for the data certification object. The data credit object can carry the credit limit authorization certificate to the transaction requesting to carry out data credit, and the blockchain node can authorize the credit limit increment after the credit limit increment is authorized and checked based on the credit limit authorization certificate, wherein the authorization refers to updating the credit limit of the data credit object based on the credit limit increment. That is, the data certificate object can request to authorize the certificate line together in the transaction of requesting to perform the data certificate, the data certificate object does not need to additionally submit a transaction (the transaction is used for requesting to authorize the certificate line), the uplink cost of the data certificate object is saved, the data certificate service party does not need to additionally submit a transaction (the transaction is used for requesting to authorize the certificate line), and the uplink cost of the data certificate service party is saved.
The data certification system provided in the embodiments of the present application will be described below with reference to the accompanying drawings, where the data certification system may be adapted to implement the blockchain-based data certification method provided in the embodiments of the present application.
As shown in fig. 4, the data logging system may include: a data-certification requesting device 401, a data-certification service device 402, and a data-certification processing device 403. The communication connection manner among the data authentication request device 401, the data authentication service device 402, and the data authentication processing device 403 is not limited, and direct communication connection can be established among the data authentication request device 401, the data authentication service device 402, and the data authentication processing device 403 through wired communication, or indirect communication connection can be established among the data authentication request device 401, the data authentication service device 402, and the data authentication processing device 403 through wireless communication. Wherein:
the data credit request device 401 may be a device used by a data credit object, where the data credit object may apply a credit line to a data credit service party through the data credit request device 401, request to perform credit line authorization to the data credit processing device 403, and request to perform data credit. The data credit service device 402 is a device used by a data credit service party, and the data credit service party may generate an authorization credential (the authorization credential may include a credit limit authorization credential (may also be referred to as a credit limit authorization token), a data credit authorization credential (may also be referred to as a data credit authorization token), and so on) for a data credit object through the data credit service device 402; the certificate line authorization certificate can be used for carrying out authorization verification on the certificate line, and the data certificate authorization certificate can be used for verifying the data certificate authority of the data certificate object. The data certification processing device 403 may be a blockchain node in a blockchain network, where a certification contract is deployed in the blockchain, and the data certification processing device 403 may authorize a certification credit of a data certification target by running the certification contract in the blockchain, perform certification processing on data to be certified of the data certification target, and return a certification credit authorization result and a data certification result to the data certification target.
The data-certificate requesting device 401 may be a terminal device, the data-certificate service device 402 may be a terminal device or a server, and the data-certificate processing device 403 may be a terminal device or a server. In the embodiment of the present application, the terminal device may include, but is not limited to, any of the following: smart phones, tablet computers, notebook computers, desktop computers, smart watches, smart home appliances, smart car terminals, and aircraft, among others. The server 102 may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs (Content Delivery Network, content delivery networks), basic cloud computing services such as big data and artificial intelligence platforms, and the like.
It may be understood that, the data storage system described in the embodiments of the present application is for more clearly describing the technical solution of the embodiments of the present application, and does not constitute a limitation on the technical solution provided in the embodiments of the present application, and those skilled in the art can know that, with the evolution of the system architecture and the appearance of a new service scenario, the technical solution provided in the embodiments of the present application is equally applicable to similar technical problems.
Based on the data certification system shown in fig. 4, the certification credit authorization process and the data certification process in the embodiment of the present application may generally include:
(1) And (3) a certificate-storing limit authorization process:
the license line authorization refers to: after the verification of the certificate line increment authorization applied to the data certificate service party by the data certificate processing device 403 passes, updating the certificate line of the data certificate object based on the certificate line increment on the blockchain; for the case that the data evidence object applies for the evidence amount increment to the data evidence business side for the first time, the evidence amount of the data evidence object on the blockchain is 0, and after updating the evidence amount of the data evidence object based on the evidence amount increment, the updated evidence amount of the data evidence object is equal to the evidence amount increment; for the situation that the data evidence object applies for the evidence amount increment to the data evidence business side for the non-first time, after the evidence amount increment is updated on the basis of the evidence amount increment, the evidence amount updated by the data evidence object is equal to the sum of the evidence amount before the data evidence object is updated and the evidence amount increment.
As shown in fig. 5, the credit limit authorization procedure may generally include: (1) the data evidence-storing object applies for evidence-storing amount increment to the data evidence-storing business party, and the application for evidence-storing amount increment can be understood as purchasing evidence-storing amount increment, and the purchasing resource of the data evidence-storing object is converted into corresponding evidence-storing amount increment. (2) After agreeing to issue the credit limit increment to the data credit object, the data credit service party sends the credit limit authorization certificate to the data credit object. (3) The data credit object sends a credit authorization transaction to the data credit processing device 403, the credit authorization transaction including data to be authenticated, a credit increment, and a credit authorization credential. (4) The data credit processing device 403 performs authorization verification on the credit limit increment based on the credit limit authorization credential. (5) If the authorization verification of the credit limit increment is passed, the data credit processing device 403 updates the credit limit of the data credit object based on the credit limit increment on the blockchain. (6) And carrying out the certificate storing processing on the data to be stored on the blockchain according to the updated certificate storing amount.
In the process of verifying the credit limit authorization, whether the credit limit increment is really applied to the data credit business side by the data credit limit increment is verified, namely after the verification of the credit limit increment is confirmed to be the data credit limit increment applied to the data credit business side by the data credit limit increment, the credit limit of the data credit object is updated, and the accuracy and the reliability of the credit limit authorization can be improved.
(2) Data storage and verification flow:
the data certification refers to the safe storage of the data to be certified of the data certification object in the certification contract deployed by the blockchain. In the embodiment of the present application, the data logging may include any one of the following three ways: the first mode is a data storage mode requiring authorization, a disposable data storage mode and a data storage mode without authorization. Wherein:
the data storage mode requiring authorization means that: before data is stored, the data storage authority needs to be checked, and after the data storage is successfully carried out, a storage mode of a certain amount of storage resources is scratched from the storage amount on the blockchain. As shown in fig. 6, in the data certification manner based on the certification credit, the data certification process may generally include: (1) after agreeing to issue the credit limit increment to the data credit object, the data credit business party can send the data credit authorization certificate to the data credit object together with the credit limit authorization certificate. (2) The data forensic object sends to the data forensic processing device 403 a data forensic transaction comprising data to be forensic data and data forensic authorization credentials. (3) The data-deposit-certificate processing device 403 verifies the data-deposit-certificate authority of the data-deposit-certificate object based on the data-deposit-certificate authority certificate. (4) If the data signing authority of the data signing object passes the verification, the data signing processing device 403 performs signing processing on the data to be signing on the blockchain according to the signing amount of the data signing object.
In the data storage mode requiring authorization, the data storage authorization certificate is used for verifying the data storage rights of the data storage certificate object, so that the data storage certificate object carrying out data storage certificate is ensured to be the data storage certificate object with the data storage certificate rights, but not the illegal data storage certificate object without the data storage certificate rights, and the safety and the reliability of the data storage certificate are improved. And based on the certificate line of the data certificate object, the use of the data certificate function by the data certificate object is limited, and the data certificate object can be prevented from requesting the data certificate service to store too much data.
The disposable data storage mode refers to: the data certification target applies for the disposable data certification authority from the data certification service party, and performs a certification mode of primary data certification on the block chain based on the disposable data certification authority. As shown in fig. 7, in the case of the disposable data certification method, the data certification process may generally include: (1) the data certificate object applies a data certificate authority to the data certificate service party once. (2) After agreeing to issue data certificate authority to data certificate object, the data certificate service party sends data certificate authority certificate to data certificate object. (3) The data forensic object sends a data forensic transaction to the data forensic processing device 403, the data forensic transaction including data to be forensic data and data forensic authorization credentials. (4) The data-deposit-certificate processing device 403 verifies the data-deposit-certificate authority of the data-deposit-certificate object based on the data-deposit-certificate authority certificate. (5) If the data-storing rights of the data-storing object pass the verification, the data-storing processing device 403 performs the storing processing on the data to be stored on the blockchain.
In the disposable data storage mode, the data storage authority of the data storage object is verified through the data storage authorization certificate, so that the data storage object for data storage is ensured to be the data storage object with the data storage authority, but not the illegal data storage object without the data storage authority, and the safety and the reliability of the data storage are improved. And, the degree of adaptation between the data of disposable data and only having a data and deposit the evidence object of evidence demand is higher, compares in the data that needs to authorize and deposits the evidence object, to only having a data and deposit the evidence object of evidence demand, disposable data deposit the evidence way can avoid data to deposit the evidence amount that the evidence object applied exceeds the required evidence resource of depositing the evidence data of waiting, causes the condition that the evidence amount is extravagant, or disposable data deposit the evidence way can avoid data to deposit the evidence amount that the evidence object applied is insufficient to wait to deposit the required evidence resource of evidence data, causes the condition that the evidence failed.
The data evidence storage mode without authorization means that: and directly carrying out the certificate storing processing on the data to be stored of the data certificate storing object without checking the data certificate storing authority of the data certificate storing object. As shown in fig. 8, in a data authentication manner without authorization, the data authentication process may generally include: (1) the data forensic object sends a data forensic transaction to the data forensic processing device 403, the data forensic transaction including data to be forensic. (2) The data certification processing device 403 performs certification processing on the data to be certified on the blockchain according to the certification credit of the data certification object.
In the data evidence storage mode without authorization, the use of the data evidence storage function by the data evidence storage object is limited based on the evidence storage limit of the data evidence storage object, so that the data evidence storage object can be prevented from requesting the data evidence storage service to store too much data. And the data storage certificate processing equipment defaults that the data storage certificate object has the data storage certificate authority, so that the consumption of verifying the data storage certificate authority of the data storage certificate object is saved, and the efficiency of data storage certificates is improved.
It should be noted that, in the embodiment of the present application, the relevant data collection process should strictly obtain the personal information according to the requirements of the relevant laws and regulations, and the personal information needs to be informed or agreed (or has the legal basis of information acquisition), and develop the subsequent data use and processing behaviors within the authorized range of the laws and regulations and the personal information body. For example, when the embodiments of the present application are applied to specific products or technologies, for example, when obtaining to-be-authenticated data of a data-authenticated object, permission or consent of the supply object needs to be obtained, and collection, use, and processing of relevant data (for example, to-be-authenticated data of the data-authenticated object) needs to comply with relevant laws and regulations and standards of relevant regions.
The block chain-based data certification method provided in the embodiments of the present application is described in detail below with reference to the accompanying drawings.
The embodiment of the application provides a data certification method based on a blockchain, which mainly introduces a process of authorizing a certification credit on the blockchain and a process of reducing certification resources of data to be certified from the certification credit on the blockchain. The blockchain-based data certification method may be performed by a computer device, such as the data certification processing device 403 in the data certification system shown in fig. 4 described above. As shown in fig. 9, the blockchain-based data certification method may include, but is not limited to, the following steps S901-S904:
s901, a certificate line deposit authorization transaction sent by a data certificate deposit object is received, wherein the certificate line deposit authorization transaction comprises first data to be stored, a certificate line deposit increment and a certificate line deposit authorization certificate.
In step S901, the credit limit authorization transaction sent by the data credit object may include the first data to be authenticated, the credit limit increment, and the credit limit authorization credential. The evidence-storing amount increment may be applied by the data evidence-storing object to the data evidence-storing business party, and the evidence-storing amount authorization certificate is generated for the data evidence-storing object after the data evidence-storing business party successfully applies for the evidence-storing amount increment, which can be understood that the data evidence-storing business party agrees to issue the evidence-storing amount increment to the data evidence-storing object.
S902, based on the certificate-storing amount authorization certificate, authorization verification is carried out on the certificate-storing amount increment.
In step S902, the certificate line authorization credential may include object identification data of the data certificate object and a certificate line increment applied by the data certificate object, where the object identification data of the data certificate object may be used to uniquely identify the data certificate object. The certificate line authorization certificate is provided by the data certificate service party, and the certificate line increment in the certificate line authorization certificate can be understood as the certificate line increment applied by the data certificate object to the data certificate service party, the certificate line authorization transaction provided by the data certificate object also comprises the certificate line increment, and the certificate line increment in the certificate line authorization transaction can be understood as the certificate line increment requested to be authorized by the data certificate object.
The authorization verification mainly needs to verify the following three aspects: in a first aspect, a data credit service party that generates a credit authorization credential is checked for an authorized data credit service administrator. In the second aspect, the verification certificate limit authorization credential is generated by the data certificate service party for the current data certificate object, but not for other data certificate objects, and the object identification data of the data certificate object is data which can be used for uniquely identifying the data certificate object, so that the verification of the object identification data of the data certificate object is required. In the third aspect, the certificate line authorization credential is provided by the data certificate service party, and the certificate line increment in the certificate line authorization credential can be understood as the certificate line increment applied by the data certificate object to the data certificate service party, the certificate line authorization transaction is provided by the data certificate object, and the certificate line increment in the certificate line authorization transaction can be understood as the certificate line increment required to be verified by the data certificate object to request authorization, and the certificate line increment required to be verified by the data certificate object to be applied to the data certificate service party is consistent with the certificate line increment required to be authorized by the data certificate object, so that the certificate line increment required to be authorized by the data certificate object is avoided from being more than the certificate line increment required to be applied by the data certificate service party.
Specifically, based on the credit limit authorization credential, performing authorization verification on the credit limit increment may include:
firstly, a blockchain address of a data storage certificate service party can be obtained from a blockchain; the blockchain address of the data certification authority may be compared with a blockchain address (address_admin) of a data certification authority maintained by a blockchain (may specifically be a certification contract of the blockchain), and the blockchain address of the data certification authority may be maintained by the blockchain as the blockchain address of the data certification authority after authorizing the data certification authority as the data certification authority, and may specifically be maintained by the certification contract in the blockchain; if the blockchain address of the data certificate service party is the same as the blockchain address of the data certificate service manager maintained by the blockchain, the data certificate service party generating the certificate line authorization certificate can be determined to be an authorized data certificate service manager; if the blockchain address of the data certificate service party is different from the blockchain address of the data certificate service manager maintained by the blockchain, the data certificate service party generating the certificate line authorization certificate can be determined, the data certificate service manager which is not authorized can be determined, and the authorization verification of the certificate line increment is not passed.
Secondly, if the data certificate service party generating the certificate limit authorization certificate is determined to be an authorized data certificate service manager, object verification data of a data certificate object can be obtained from the blockchain; verifying the object identification data based on the object verification data; if the object identification data passes the verification, the verification that the certificate-storing amount authorization certificate is generated for the current data certificate-storing object by the data certificate-storing service party can be determined; if the verification of the object identification data is not passed, it can be determined that the certificate line quantity verification certificate is not generated by the data certificate service party for the current data certificate object, and it can be determined that the verification of the certificate line quantity increment verification is not passed.
Then, if it is determined that the credit authorization credential is indeed generated by the data credit service party for the current data credit object, the credit increment in the credit authorization credential may be compared with the credit increment in the credit authorization transaction; if the increment of the credit limit in the credit limit authorization certificate is consistent with the increment of the credit limit in the credit limit authorization transaction, the increment of the credit limit applied by the data credit object to the data credit service party can be determined, and the increment of the credit limit requested to be authorized by the data credit object is identical with the increment of the credit limit, so that the authorization verification of the increment of the credit limit can be determined to pass; if the increment of the credit limit in the credit limit authorization certificate is inconsistent with the increment of the credit limit in the credit limit authorization transaction, the increment of the credit limit applied by the data credit object to the data credit service party can be determined, and if the increment of the credit limit is different from the increment of the credit limit requested to be authorized by the data credit object, the authorization verification of the increment of the credit limit can be determined to be failed.
In the authorization verification process, in more detail, the object identification data of the data logging object may include a blockchain address of the data logging object and a verification value of the data logging object; the blockchain address of the data storage certificate object is a blockchain resource account identifier formed by converting a key (the key can be generated by adopting an asymmetric encryption algorithm) of the data storage certificate object according to a certain rule, and the blockchain address of the data storage certificate object can be used for uniquely identifying the data storage certificate object; the check value of the data storage object is a value set for checking the data storage object, and each block chain address of each data storage object is associated with a respective check value on the block chain, and the check value is updated after being checked once so as to avoid repeated requests by using the same check value. The object check data of the data logging object may include a blockchain address of the data logging object and a check value of the data logging object. On the basis, the process of verifying the object identification data based on the object verification data can comprise the following steps:
comparing the blockchain address of the data storage certificate object in the object identification data with the blockchain address of the data storage certificate object in the object verification data; if the blockchain address of the data storage certificate object in the object identification data is different from the blockchain address of the data storage certificate object in the object verification data, determining that the verification of the object identification data fails; if the blockchain address of the data certificate object in the object identification data is the same as the blockchain address of the data certificate object in the object verification data, the verification value of the data certificate object in the object identification data can be compared with the verification value of the data certificate object in the object verification data; if the check value of the data storage certificate object in the object identification data is different from the check value of the data storage certificate object in the object check data, the fact that the object identification data is not checked is determined; if the check value of the data certificate-storing object in the object identification data is the same as the check value of the data certificate-storing object in the object check data, the object identification data can be determined to pass the check.
Further, in order to reduce the amount of data transmitted, improve the authorization verification efficiency of the blockchain, and protect the data security, the memory line increment in the memory line transaction certificate, the blockchain address of the data memory certificate object in the object identification data, and the verification value of the data memory certificate object in the object identification data are all transmitted in a coding mode; that is, the credit line authorization credential may include an object identification data and a code (v_add) of the credit line increment, and the object identification data may include a blockchain address code (address) of the data credit object and a check value code (nonce) of the data credit object; the embodiments of the present application are not limited to the data encoding method, and are described herein.
Based on this, in the authorization verification process, after determining that the data deposit card service party generating the deposit card amount authorization credential is an authorized data deposit card service manager, as shown in fig. 10, the blockchain address of the data deposit card object may be obtained from the blockchain and encoded to obtain address'; the verification value of the data storage object can be obtained from the blockchain and encoded to obtain a nonce'; encoding the credit limit increment in the credit limit authorization transaction to obtain v_add'; if the address ' is consistent with the address, the nonce ' is consistent with the nonce, and the v_add ' is consistent with the v_add, the authorization verification of the increment of the credit line can be determined to pass.
In addition to the above three verification aspects, it may also be verified that the certificate authority credential is indeed sent by the data certificate authority, and that the certificate authority credential has not been tampered with. Specifically, the credit authorization credential may be signed by a private key of the data credit service party, and the credit authorization transaction may include a signature of the credit authorization credential in addition to the credit authorization credential. Before checking whether the data certificate service party generating the certificate limit authorization credential is an authorized data certificate service manager, the public key of the data certificate service party can be adopted to analyze the signature of the certificate limit authorization credential to obtain an analyzed certificate limit authorization credential; if the analyzed credit limit authorization credential is consistent with the credit limit authorization credential included in the credit limit authorization transaction, the passing of the credit limit authorization credential verification can be determined; if the signature analysis of the credit limit authorization credential fails, or if the analyzed credit limit authorization credential is inconsistent with the credit limit authorization credential included in the credit limit authorization transaction, it may be determined that the credit limit authorization credential verification is not passed. If the certificate verification of the certificate line authorization certificate passes, the data certificate service party generating the certificate line authorization certificate can be further checked to determine whether the data certificate service party is an authorized data certificate service manager, and if the certificate verification of the certificate line authorization certificate does not pass, the authorization verification of the certificate line increment can be determined to not pass. In the above-mentioned verification and approval process of the credit limit authorization document, if the signature analysis of the credit limit authorization document fails, it can be explained that the credit limit authorization document is not sent by the data credit service party, if the analyzed credit limit authorization document is inconsistent with the credit limit authorization document included in the credit limit authorization transaction, it can be explained that the credit limit authorization document is tampered in the sending process, therefore, by verifying and approving the credit limit authorization document, it can be ensured that the credit limit authorization document is sent by the data credit service party, and the credit limit authorization document is not tampered, and the reliability of the credit limit authorization can be further improved.
In addition to verifying the credit limit authorization credential, it may also be verified whether the data credit object is a trusted data credit object. Specifically, a blockchain (specifically, a blockchain certification contract) maintains a list of untrusted objects provided by the data certification authority, and the list of untrusted objects may include a blockchain address of the untrusted data certification object provided by the data certification authority. Before checking and signing the certificate limit authorization certificate, the blockchain address of the data certificate object can be queried in the non-trusted object list; if the blockchain address of the data certificate object is not queried in the non-trusted object list, the data certificate object can be indicated to be a trusted data certificate object, and the certificate limit authorization certificate can be continuously checked and signed; if the blockchain address of the data certificate object is queried in the non-trusted object list, the data certificate object can be indicated to be the non-trusted data certificate object, and the authorization verification failure of the certificate line increment can be determined.
In the above authorization verification process for the credit limit increment, the blockchain address of the data storage certificate object and the verification value of the data storage certificate object need to be obtained from the blockchain, further, the blockchain address of the data storage certificate object and the verification value of the data storage certificate object are maintained by a storage contract in the blockchain, and are stored in a collection form in the storage certificate contract, where the collection specifically refers to a map data structure (a data structure). The certificate contract includes a map data structure corresponding to each data certificate object, where the map data structure may be represented as mapping (address= > { nonce (uint 256), v (uint 256) }) which is a key pair with address (a blockchain address representing the data certificate object) as a key, nonce (a check value representing the data certificate object) and v (a certificate value representing the data certificate object) as values, and uint256 represents both the check value of the data certificate object and the certificate value of the data certificate object as 256-bit unsigned integers. That is, obtaining the blockchain address of the data-logging object and the check value of the data-logging object from the blockchain refers to obtaining the blockchain address of the data-logging object and the check value of the data-logging object from the map data structure of the data-logging object on the blockchain.
S903, if the authorization verification of the credit limit increment is passed, updating the credit limit of the data credit object based on the credit limit increment on the blockchain.
In step S903, if the authorization verification of the credit limit increment is passed, the credit limit of the data credit object is updated based on the credit limit increment on the blockchain, and the credit limit of the data credit object is stored in the map data structure of the data credit object on the blockchain, so that the updating of the credit limit of the data credit object based on the credit limit increment on the blockchain refers to updating of the credit limit of the data credit object based on the credit limit increment in the map data structure of the data credit object on the blockchain; for the case that the data evidence-storing object applies for evidence-storing amount increment to the data evidence-storing business side for the first time, the evidence-storing amount of the data evidence-storing object on the blockchain is 0, and the evidence-storing amount of the data evidence-storing object is updated on the blockchain based on the evidence-storing amount increment, which means that: the increment of the evidence amount is used as the evidence amount after the update of the data evidence object on the blockchain; for the situation that the data evidence object does not apply for evidence amount increment to the data evidence business side for the first time, updating the evidence amount of the data evidence object based on the evidence amount increment on the blockchain means that: and taking the sum of the evidence amount before updating the data evidence object and the increment of the evidence amount as the evidence amount after updating the data evidence object on the blockchain. If the authorization verification of the credit limit increment is not passed, an authorization failure notification can be generated, and the authorization failure notification can be returned to the data credit object and can be used for notifying the credit limit increment authorization failure of the data credit object.
In addition, if the authorization verification of the credit limit increment is passed, after the authorization verification of the credit limit increment is determined to be passed, the verification value of the data storage object may be updated on the blockchain, where updating refers to modifying the verification value of the data storage object to a new verification value, for example, the verification value after the update of the data storage object may be equal to the sum of the verification value before the update of the data storage object and the target value (for example, the target value may be 1). By updating the verification value of the data certificate storing object, if the data certificate storing object uses the certificate storing amount authorization voucher request to authorize the certificate storing amount increment again, the verification value of the data certificate storing object is changed, and the authorization verification of the certificate storing amount increment cannot pass, so that the data certificate storing object can be prevented from authorizing the certificate storing amount increment by using the same certificate storing amount authorization voucher request for multiple times.
S904, according to the updated evidence amount, carrying out evidence storage processing on the first data on the blockchain.
In step S904, after updating the credit limit of the data credit object based on the increment of the credit limit on the blockchain, the first data may be subjected to the credit processing on the blockchain according to the updated credit limit. Specifically, the process of performing the certification processing on the first data on the blockchain according to the updated certification credit line by storing a conversion rule between the certification data amount and the amount of resources required to be consumed for performing the data certification on the blockchain may include: obtaining conversion rules from the blockchain; determining a first resource amount required for performing certification processing on the first data according to the conversion rule; if the first resource amount is less than or equal to the updated credit limit, the updated credit limit of the data credit object can be indicated to be sufficient for storing the first data, the first data can be subjected to the credit processing, and the corresponding credit resources of the first resource amount are reduced from the updated credit limit on the blockchain; if the first resource amount is greater than the updated credit limit, it may be indicated that the updated credit limit of the data credit object is insufficient for storing the first data, and a credit failure notification may be generated and returned to the data storage object, where the credit failure notification may be used to notify that the updated credit limit of the data credit object is insufficient (i.e., insufficient for storing the first data).
In the embodiment of the application, the management of the credit line is performed by means of the blockchain, and based on the characteristics of transparent disclosure and non-falsification of the blockchain, the management of the credit line can be made transparent, and the management credibility of the credit line can be improved. Before the block chain authorizes the credit limit increment, the credit limit increment can be authorized and checked from multiple angles (including checking whether a data credit object is a trusted data credit object or not, checking whether the credit limit authorization credential is sent by a data credit service party and is not tampered, checking whether a data credit service party generating the credit limit authorization credential is an authorized data credit service manager or not, checking whether the credit limit authorization credential is generated by the data credit service party for the current data credit object, and checking whether the credit limit increment applied by the data credit object to the data credit service party is the same as the credit limit increment requested to be authorized by the data credit service party or not), so that the authorization check of the credit limit increment can be enabled to have higher credibility through the checking of multiple angles.
The embodiment of the application provides a data certification method based on a blockchain, which mainly introduces a one-time data certification mode (refers to a certification mode that a data certification object applies one-time data certification authority to a data certification service party and performs one-time data certification on the blockchain based on the one-time data certification authority). The blockchain-based data certification method may be performed by a computer device, such as the data certification processing device 403 in the data certification system shown in fig. 4 described above. As shown in fig. 11, the blockchain-based data certification method may include, but is not limited to, the following steps S1101-S1103:
S1101, a first data forensic transaction sent by the data forensic object is received, wherein the first data forensic transaction comprises second data to be forensic and a first data forensic authorization credential.
In step S1101, the first data forensic transaction sent by the data forensic object may include second data to be forensic and the first data forensic authorization credential. The first data certificate authority certificate is generated by the data certificate service party after the data certificate service party successfully applies the data certificate authority to the data certificate service party; the data certification authority herein specifically refers to a disposable data certification authority, and it can be understood that the data certification object can perform a data certification based on the first data certification authority certificate.
S1102, based on the first data certificate authority certificate, verifying the data certificate authority of the data certificate object.
In step S1102, the first data certificate authority credential may include object identification data of the data certificate object and a certificate rating data amount corresponding to the data certificate authority; the object identification data of the data evidence object can be used for uniquely identifying the data evidence object, the evidence storage rated data volume corresponding to the data evidence storage authority is the maximum evidence storage data volume applied by the data evidence storage object to the data evidence storage business party, that is, the data evidence storage object applies for the data evidence storage authority for the data evidence storage business party once, and the data quantity of the once data evidence storage can be the evidence storage rated data volume at most.
The verification of the data storage authorization only comprises the following three aspects: in a first aspect, the checking of whether the data forensic service party generating the first data forensic authorization credential is an authorized data forensic service administrator is identical to the first aspect check involved in the authorization check process of the forensic amount increment. In a second aspect, verification of the first data forensic authorization credential is the result of the data forensic service party generating for the current data forensic object, but not for other data forensic objects, the object identification data of the data forensic object being data that can be used to uniquely identify the data forensic object, and therefore, verification of the object identification data of the data forensic object is required, similar to the second aspect verification involved in the forensic increment authorization verification process. In the third aspect, whether the data volume of the request certificate exceeds the rated data volume of the certificate corresponding to the disposable data certificate authority is checked.
Specifically, verifying the data-holding certificate authority of the data-holding certificate object based on the first data-holding certificate authority credential may include:
firstly, a blockchain address of a data storage certificate service party can be obtained from a blockchain; the blockchain address of the data storage certification service party can be compared with the blockchain address (address_admin) of the data storage certification service manager maintained by the blockchain; if the blockchain address of the data storage certificate service party is the same as the blockchain address of the data storage certificate service manager maintained by the blockchain, the data storage certificate service party generating the first data storage certificate authority certificate can be determined to be an authorized data storage certificate service manager; if the blockchain address of the data storage certificate service party is different from the blockchain address of the data storage certificate service manager maintained by the blockchain, the data storage certificate service party generating the first data storage certificate authority certificate can be determined to be not the authorized data storage certificate service manager, and the data storage certificate authority verification of the data storage certificate object can be determined to be failed.
Secondly, if the data certificate service party generating the first data certificate authority certificate is determined to be an authorized data certificate service manager, object verification data of a data certificate object can be obtained from the blockchain; verifying the object identification data based on the object verification data; if the verification of the object identification data is passed, it may be determined that the first data certificate authority credential is indeed generated by the data certificate service party for the current data certificate object, and if the verification of the object identification data is not passed, it may be determined that the first data certificate authority credential is not generated by the data certificate service party for the current data certificate object, and it may be determined that the verification of the data certificate authority of the data certificate object is not passed.
Then, if the first data certification authority certificate is determined to be generated by the data certification service party for the current data certification object, comparing the certification rated data volume with the data volume of the second data; if the data volume of the second data is smaller than or equal to the certificate storing rated data volume, the fact that the data volume of the request certificate is not larger than the certificate storing rated data volume corresponding to the disposable data certificate storing authority can be indicated, and the data certificate storing authority verification of the data certificate storing object can be determined to pass; if the data volume of the second data is larger than the rated data volume of the certificate, the condition that the data volume of the request certificate exceeds the rated data volume of the certificate corresponding to the disposable data certificate authority can be indicated, and the data certificate authority verification of the data certificate object can be determined to be failed.
In the data storage authority verification process of the data storage certificate object, in more detail, the object identification data of the data storage certificate object may include a blockchain address of the data storage certificate object and a verification value of the data storage certificate object; the object check data of the data logging object may include a blockchain address of the data logging object and a check value of the data logging object. On the basis, the process of verifying the object identification data based on the object verification data can comprise the following steps: comparing the blockchain address of the data storage certificate object in the object identification data with the blockchain address of the data storage certificate object in the object verification data; if the blockchain address of the data storage certificate object in the object identification data is different from the blockchain address of the data storage certificate object in the object verification data, determining that the verification of the object identification data is not passed; if the blockchain address of the data certificate object in the object identification data is the same as the blockchain address of the data certificate object in the object verification data, the verification value of the data certificate object in the object identification data can be compared with the verification value of the data certificate object in the object verification data; if the check value of the data storage certificate object in the object identification data is different from the check value of the data storage certificate object in the object check data, the fact that the object identification data is not checked is determined; if the check value of the data certificate-storing object in the object identification data is the same as the check value of the data certificate-storing object in the object check data, the object identification data can be determined to pass the check.
Further, in order to reduce the transmitted data quantity, improve the authorization verification efficiency of the blockchain and protect the data security, the certificate-storing rated data quantity in the first data certificate-storing authorization certificate, the blockchain address of the data certificate-storing object in the object identification data and the verification value of the data certificate-storing object in the object identification data are transmitted in a coding mode; that is, the first data forensic authority certificate may include object identification data and forensic rated data amount coding (MD), and the object identification data may include blockchain coding (address) of the data forensic object and check coding (nonce) of the data forensic object; the embodiments of the present application are not limited to the data encoding method, and are described herein.
Based on the above, in the data storage certificate authority verification process of the data storage certificate object, after determining that the data storage certificate service party generating the first data storage certificate authority certificate is an authorized data storage certificate service manager, the blockchain address of the data storage certificate object can be obtained from the blockchain and encoded to obtain address'; the verification value of the data storage object can be obtained from the blockchain to be encoded, so that nonce' is obtained; and the data volume of the second data can be encoded to obtain DV; if the address 'is consistent with the address, the nonce' is consistent with the nonce, and the DV is less than or equal to the MD, the data storage certificate authority verification of the data storage certificate object can be determined to pass.
In addition to the above three verification aspects, similar to the authorization verification process of the credit limit increment, it may also be verified that the first data credit authorization credential is indeed sent by the data credit service party and that the first data credit authorization credential has not been tampered with. Specifically, the first data forensic authorization credential may be signed by a private key of the data forensic service party, and the first data forensic transaction may include a signature of the first data forensic authorization credential in addition to the first data forensic authorization credential. Before checking whether the data certificate authority generating the first data certificate authority certificate is an authorized data certificate authority manager, a public key of the data certificate authority certificate can be adopted to analyze the signature of the first data certificate authority certificate so as to obtain an analyzed first data certificate authority certificate; if the analyzed first data certificate authority certificate is consistent with the first data certificate authority certificate included in the first data certificate transaction, the first data certificate authority certificate can be confirmed to pass through; if the signature analysis of the first data deposit certificate authority credential fails, or if the analyzed first data deposit certificate authority credential is inconsistent with the first data deposit certificate authority credential included in the first data deposit certificate transaction, it may be determined that the signature verification of the first data deposit certificate authority credential fails. If the first data storage certificate authorization certificate passes the verification, the data storage certificate service party generating the first data storage certificate can be further verified to be an authorized data storage certificate service manager, and if the first data storage certificate authorization certificate passes the verification, the data storage certificate authority verification of the data storage certificate object can be determined to pass the verification. In the above-mentioned verification process of the first data certificate authority certificate, if the signature analysis of the first data certificate authority certificate fails, it may be indicated that the first data certificate authority certificate is not sent by the data certificate authority party, if the analyzed first data certificate authority certificate is inconsistent with the first data certificate authority certificate included in the first data certificate transaction, it may be indicated that the first data certificate authority certificate is tampered in the sending process, so by verifying the first data certificate authority certificate, it may be ensured that the first data certificate authority certificate is sent by the data certificate authority party, and the first data certificate authority certificate is not tampered, and may further improve the reliability of the data certificate.
In addition to verifying the first data-logging authorization credential, it may also be verified whether the data-logging object is a trusted data-logging object. Specifically, a blockchain (specifically, a blockchain certification contract) maintains a list of untrusted objects provided by the data certification authority, and the list of untrusted objects may include a blockchain address of the untrusted data certification object provided by the data certification authority. Before the first data certificate authority certificate is checked and signed, the blockchain address of the data certificate object can be queried in the non-trusted object list; if the blockchain address of the data storage certificate object is not queried in the non-trusted object list, the data storage certificate object can be indicated to be a trusted data storage certificate object, and the verification of the first data storage certificate authorization certificate can be continued; if the blockchain address of the data storage certificate object is queried in the non-trusted object list, the data storage certificate object can be indicated to be an unreliable data storage certificate object, and the data storage certificate authority verification of the data storage certificate object can be determined to be failed.
S1103, if the data storage authority of the data storage object passes the verification, the second data is subjected to storage processing on the blockchain.
In step S1103, if the data certification authority of the data certification target passes, the certification process may be performed on the second data on the blockchain. If the data evidence authority verification of the data evidence object is not passed, generating an evidence accumulation failure notice, and returning the evidence accumulation failure notice to the data evidence accumulation object, wherein the evidence accumulation failure notice can be used for informing that the data evidence accumulation object does not have the data evidence accumulation authority.
In addition, after the second data is subjected to the certification processing on the blockchain, the verification value of the data certification object may be updated on the blockchain, where updating refers to modifying the verification value of the data certification object to a new verification value, for example, the verification value after the update of the data certification object may be equal to the sum of the verification value before the update of the data certification object and the target value (for example, the target value may be 1). By updating the verification value of the data evidence object, if the data evidence object uses the first data evidence authority request again to carry out evidence preservation on new data, the verification value of the data evidence object is changed, and the data evidence authority verification of the data evidence object cannot pass, so that the data evidence object can be prevented from using the same first data evidence authority request for carrying out evidence preservation on the data for a plurality of times.
In the embodiment of the application, the data is subjected to the certification processing by virtue of the blockchain, and the safety of data certification can be improved based on the characteristics of transparent disclosure and non-falsification of the blockchain. Before the data of the data certificate request certificate is subjected to certificate storage processing by the blockchain, the data certificate authority of the data certificate object can be verified from multiple angles (comprising the steps of verifying whether the data certificate object is a trusted data certificate object, verifying that the first data certificate authorization certificate is sent by a data certificate service party and is not tampered, verifying whether the data certificate service party generating the first data certificate authorization certificate is an authorized data certificate service manager, verifying that the first data certificate authorization certificate is indeed generated by the data certificate service party for the current data certificate object, and verifying that the data volume of the data certificate request certificate is not more than the rated data volume of the data certificate requested by the data certificate object to the data certificate service party), so that the reliability of the data certificate can be improved through multiple-angle verification.
The embodiment of the application provides a data verification method based on a blockchain, which mainly introduces a verification mode needing authorization (namely a verification mode needing to verify data verification authority before data verification is carried out, and after successful data verification, a verification mode of digging a certain number of verification resources from a verification line on the blockchain) and a verification mode not needing authorization (namely a mode needing not to verify the data verification authority of a data verification object and directly carrying out verification processing on data to be verified of the data verification object). The blockchain-based data certification method may be performed by a computer device, such as the data certification processing device 403 in the data certification system shown in fig. 4 described above. As shown in fig. 12, the blockchain-based data certification method may include, but is not limited to, the following steps S1201-S1203:
S1201, a second data deposit certificate transaction sent by the data deposit certificate object is received, wherein the second data deposit certificate transaction comprises third data to be stored and a second data deposit certificate authorization certificate.
In step S1201, the second data forensic transaction sent by the data forensic object may include third data to be forensic and second data forensic authorization credentials. The second data certificate authority certificate is generated by the data certificate service party for the data certificate object, and specifically, the data certificate service party generates and issues the certificate limit authority certificate to the data certificate object when generating the certificate limit authority certificate for the data certificate object.
S1202, based on the second data certificate authority certificate, verifying the data certificate authority of the data certificate object.
In step S1202, the second data certification authority credential may include object identification data of the data certification object; the object identification data of the data certification object may be used to uniquely identify the data certification object. The verification of the data storage right only comprises the following two aspects: in a first aspect, the checking of whether the data-banking party that generated the second data-banking authorization credential is an authorized data-banking administrator is identical to the first aspect check involved in the authorization check of the increment of the banking amount. In a second aspect, verification of the second data forensic authorization credential is the result of the data forensic service party generating for the current data forensic object, but not for other data forensic objects, the object identification data of the data forensic object being data that can be used to uniquely identify the data forensic object, and therefore, verification of the object identification data of the data forensic object is required, similar to the second aspect verification involved in the forensic increment authorization verification process.
Specifically, verifying the data-holding certificate authority of the data-holding certificate object based on the second data-holding certificate authority credential may include:
firstly, a blockchain address of a data storage certificate service party can be obtained from a blockchain; the blockchain address of the data storage certification service party can be compared with the blockchain address (address_admin) of the data storage certification service manager maintained by the blockchain; if the blockchain address of the data storage certificate service party is the same as the blockchain address of the data storage certificate service manager maintained by the blockchain, the data storage certificate service party generating the second data storage certificate authorization certificate can be determined to be an authorized data storage certificate service manager; if the blockchain address of the data storage certificate service party is different from the blockchain address of the data storage certificate service manager maintained by the blockchain, the data storage certificate service party generating the second data storage certificate authority certificate can be determined to be not the authorized data storage certificate service manager, and the data storage certificate authority verification of the data storage certificate object can be determined to be failed.
Secondly, if the data storage certificate service party generating the second data storage certificate authority certificate is determined to be an authorized data storage certificate service manager, object verification data of a data storage certificate object can be obtained from the blockchain; verifying the object identification data based on the object verification data; if the verification of the object identification data is passed, it can be determined that the second data certificate authority certificate is generated by the data certificate service party for the current data certificate object, if the verification of the object identification data is not passed, it can be determined that the second data certificate authority certificate is not generated by the data certificate service party for the current data certificate object, and it can be determined that the verification of the data certificate authority of the data certificate object is not passed.
In the data-storing rights verification process of the data-storing certificate object, in more detail, the object identification data of the data-storing certificate object may include a blockchain address of the data-storing certificate object; the object check data of the data certification object may include a blockchain address of the data certification object. On the basis, the process of verifying the object identification data based on the object verification data can comprise the following steps: comparing the blockchain address of the data storage certificate object in the object identification data with the blockchain address of the data storage certificate object in the object verification data; if the blockchain address of the data storage certificate object in the object identification data is different from the blockchain address of the data storage certificate object in the object verification data, determining that the verification of the object identification data is not passed; if the blockchain address of the data verification object in the object identification data is the same as the blockchain address of the data verification object in the object verification data, the verification of the object identification data can be determined to pass.
Further, in order to reduce the amount of data transmitted, the authorization verification efficiency of the blockchain is improved, the data security is protected, and the blockchain address of the data authentication object in the object identification data is transmitted in a coded form; that is, the second data logging authorization credential includes object identification data including a blockchain address code (address) of the data logging object; the embodiments of the present application are not limited to the data encoding method, and are described herein. Based on the above, in the data storage certificate authority verification process of the data storage certificate object, after determining that the data storage certificate service party generating the second data storage certificate authority certificate is an authorized data storage certificate service manager, the blockchain address of the data storage certificate object can be obtained from the blockchain and encoded to obtain address'; if the address' is consistent with the address, the data storage certificate authority verification of the data storage certificate object can be determined to pass.
In addition to the above two verification aspects, it is also possible to verify that the second data storage certificate authority credential is actually sent by the data storage certificate service party and that the second data storage certificate authority credential is not tampered, which is the same as the process of verifying that the first data storage certificate authority credential is actually sent by the data storage certificate service party and that the first data storage certificate authority credential is not tampered in step S1102 of the embodiment shown in fig. 11, which is specifically described in the above step S1102 of the embodiment shown in fig. 11 and will not be repeated here.
In addition to verifying that the second data certificate authority certificate is a trusted data certificate object, the data certificate authority certificate verification method can verify whether the data certificate object is a trusted data certificate object or not, and can verify whether the data certificate object is a trusted data certificate object or not before verifying that the second data certificate authority certificate is sent by the data certificate service party and the second data certificate authority certificate is not tampered, if the data certificate object is a trusted data certificate object, the data certificate authority certificate verification method can further verify that the second data certificate authority certificate is sent by the data certificate service party and the second data certificate authority certificate is not tampered, and if the data certificate object is an unreliable data certificate object, the data certificate authority verification on the data certificate object is not passed. In this embodiment of the present application, the process of verifying whether the data-logging object is a trusted data-logging object is the same as the process of verifying whether the data-logging object is a trusted data-logging object in step S1102 of the embodiment shown in fig. 11, and specifically, reference may be made to the description related to step S1102 of the embodiment shown in fig. 11, which is not repeated herein.
And S1203, if the data certification authority of the data certification object passes the verification, performing certification processing on the third data on the blockchain according to the certification line of the data certification object.
In step S1203, if the data authentication rights of the data authentication object pass the authentication, the third data is authenticated on the blockchain according to the authentication amount of the data authentication object. Specifically, the process of performing the certification processing on the third data on the blockchain according to the updated certification credit line by storing the conversion rule between the certification data amount and the resource amount required to be consumed for performing the data certification on the blockchain may include: obtaining conversion rules from the blockchain; determining a second resource amount required for the authentication processing of the third data according to the conversion rule; if the second resource amount is smaller than or equal to the evidence amount of the data evidence object, the evidence amount of the data evidence object can be indicated to be enough for storing third data, the third data can be subjected to evidence storing processing, and evidence storing resources corresponding to the second resource amount are reduced from the evidence amount of the data evidence object on the blockchain; if the second resource amount is greater than the updated credit limit, it may be indicated that the updated credit limit of the data credit object is insufficient for storing the third data, and a credit failure notification may be generated and returned to the data storage object, where the credit failure notification may be used to notify that the updated credit limit of the data credit object is insufficient (i.e., insufficient for storing the third data).
It should be noted that, the above steps S1201-S1203 mainly describe a certificate storing manner requiring authorization, and for a certificate storing manner not requiring authorization, may include: and receiving a third data evidence-storing transaction sent by the data evidence-storing object, wherein the third data evidence-storing transaction comprises fourth data to be evidence-stored, and carrying out evidence-storing processing on the fourth data on the blockchain according to the evidence-storing amount of the data evidence-storing object.
In the certification mode without authorization, before the certification processing is performed on the fourth data according to the certification line of the data certification object, whether the data certification object is a trusted data certification object can be checked, before the certification processing is performed on the fourth data according to the certification line of the data certification object on the blockchain, whether the data certification object is a trusted data certification object can be checked, if the data certification object is a trusted data certification object, the certification processing can be performed on the fourth data according to the certification line of the data certification object on the blockchain, and if the data certification object is an unreliable data certification object, the verification of the data certification authority of the data certification object can be determined not to be passed. In this embodiment of the present application, the process of verifying whether the data-logging object is a trusted data-logging object is the same as the process of verifying whether the data-logging object is a trusted data-logging object in step S1102 of the embodiment shown in fig. 11, and specifically, reference may be made to the description related to step S1102 of the embodiment shown in fig. 11, which is not repeated herein.
In addition, in the authentication mode without authorization, the process of performing authentication processing on the fourth data according to the authentication amount of the data authentication object on the blockchain is the same as the process of performing authentication processing on the third data according to the authentication amount of the data authentication object on the blockchain in the authentication mode without authorization, and specifically, reference may be made to the related description in the authentication mode with authorization, which is not repeated herein.
In the embodiment of the application, for the authentication mode needing authorization, the data is authenticated by virtue of the blockchain, and the security of the data authentication can be improved based on the characteristics of transparent disclosure and non-falsification of the blockchain; the data quantity which can be stored by the data storage object is limited through the storage limit, so that the situation that the data storage business cannot provide balanced data storage capacity for different data storage objects is avoided; before the data of the data storage certificate object request storage certificate is subjected to storage certificate processing, the blockchain can verify the data storage certificate authority of the data storage certificate object from multiple angles (including verifying whether the data storage certificate object is a trusted data storage certificate object, verifying that the second data storage certificate authority certificate is determined by a data storage certificate service party and is not tampered, verifying whether the data storage certificate service party generating the second data storage certificate authority certificate is an authorized data storage certificate service manager, and verifying that the second data storage certificate authority certificate is indeed generated by the data storage certificate service party is the current data storage certificate object), so that the reliability of the data storage certificate can be improved through multiple-angle verification. For a certificate storage mode without authorization, limiting the data quantity which can be stored by a data certificate storage object through a certificate storage amount, and avoiding that the data certificate storage business can not provide balanced data certificate storage capacity for different data certificate storage objects; and the data storage certificate processing equipment defaults that the data storage certificate object has the data storage certificate authority, so that the consumption of verifying the data storage certificate authority of the data storage certificate object is saved, and the efficiency of data storage certificates is improved.
The above description is presented in detail with reference to fig. 9, 11 and 12, and the blockchain-based data certification method provided in the embodiment of the present application may also be applied to an artificial intelligence scenario. Artificial intelligence (Artificial Intelligence, AI) is the theory, method, technique and application system that uses a digital computer or a machine controlled by a digital computer to simulate, extend and extend human intelligence, sense the environment, acquire knowledge and use the knowledge to obtain optimal results. In other words, artificial intelligence is an integrated technology of computer science that attempts to understand the essence of intelligence and to produce a new intelligent machine that can react in a similar way to human intelligence. Artificial intelligence, i.e. research on design principles and implementation methods of various intelligent machines, enables the machines to have functions of sensing, reasoning and decision. The artificial intelligence technology is a comprehensive subject, and relates to the technology with wide fields, namely the technology with a hardware level and the technology with a software level. Artificial intelligence infrastructure technologies generally include, for example, sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technologies, pre-training model technologies, operation/interaction systems, mechatronics, and the like. The pre-training model is also called a large model and a basic model, and can be widely applied to all large-direction downstream tasks of artificial intelligence after fine adjustment. The artificial intelligence software technology mainly comprises a computer vision technology, a voice processing technology, a natural language processing technology, machine learning/deep learning and other directions.
Specifically, in addition to disposing the certification contract, the blockchain may be disposed with an artificial intelligence model, the certification contract may be used to perform certification processing on certification data of the different data certification objects requesting the certification, in the artificial intelligence scene, the certification data may refer to data of the request for the artificial intelligence model to perform the artificial intelligence processing, the data certification object may request the certification contract to perform the certification processing on the certification data, and the artificial intelligence processing model may acquire the certification data from the certification contract to perform the artificial intelligence processing, thereby protecting the data security in the artificial intelligence scene.
The foregoing details of the method of embodiments of the present application are set forth in order to provide a better understanding of the foregoing aspects of embodiments of the present application, and accordingly, the following provides a device of embodiments of the present application.
Referring to fig. 13, fig. 13 is a schematic structural diagram of a blockchain-based data certification device provided in an embodiment of the present application, where the blockchain-based data certification device may be provided in a computer device provided in an embodiment of the present application, and the computer device may be, for example, a data certification processing device 403 in the data certification system shown in fig. 4. The blockchain-based data certification device shown in fig. 13 may be a computer program running in a computer device that may be used to perform some or all of the steps in the method embodiments shown in fig. 9, 11, or 12. Referring to fig. 13, the blockchain-based data certification device may include the following units:
A communication unit 1301, configured to receive a credit limit authorization transaction sent by a data credit object, where the credit limit authorization transaction includes first data to be authenticated, a credit limit increment, and a credit limit authorization credential; the evidence-deposit amount increment is applied by the data evidence-deposit object to the data evidence-deposit business party, and the evidence-deposit amount authorization certificate is generated by the data evidence-deposit business party after the data evidence-deposit object successfully applies for the evidence-deposit amount increment;
a processing unit 1302, configured to perform authorization verification on the credit limit increment based on the credit limit authorization credential;
the processing unit 1302 is further configured to update the credit limit of the data credit object based on the credit limit increment on the blockchain if the authorization check of the credit limit increment is passed;
the processing unit 1302 is further configured to perform a certification processing on the first data on the blockchain according to the updated certification credit.
In one implementation, the credit authorization credential includes object identification data of the data credit object and a credit increment applied by the data credit object; the processing unit 1302 is configured to perform, based on the credit limit authorization credential, authorization verification on the credit limit increment, specifically configured to perform the following steps:
Obtaining object verification data of a data storage certificate object from a blockchain;
verifying the object identification data based on the object verification data;
if the object identification data passes the verification, comparing the increment of the credit limit in the credit limit authorization certificate with the increment of the credit limit in the credit limit authorization transaction;
if the increment of the credit limit in the credit limit authorization certificate is consistent with the increment of the credit limit in the credit limit authorization transaction, determining that the authorization verification of the increment of the credit limit passes.
In one implementation, the processing unit 1302 is further configured to perform the following steps:
obtaining a blockchain address of a data storage certificate service party from a blockchain;
comparing the blockchain address of the data storage certification service party with the blockchain address of the data storage certification service manager maintained by the blockchain;
if the blockchain address of the data storage certification service party is the same as the blockchain address of the data storage certification service manager maintained by the blockchain, triggering and executing the step of acquiring the object verification data of the data storage certification object from the blockchain;
the blockchain address of the data storage certificate service manager is maintained by taking the blockchain address of the data storage certificate service party as the blockchain address of the data storage certificate service manager after the blockchain authorizes the data storage certificate service party as the data storage certificate service manager.
In one implementation, the object identification data includes a blockchain address of the data certification object and a check value of the data certification object; the object verification data comprises a blockchain address of the data storage verification object and a verification value of the data storage verification object; the processing unit 1302 is configured to, when verifying the object identification data based on the object verification data, specifically perform the following steps:
comparing the blockchain address of the data storage certificate object in the object identification data with the blockchain address of the data storage certificate object in the object verification data;
if the blockchain address of the data certificate object in the object identification data is the same as the blockchain address of the data certificate object in the object verification data, comparing the verification value of the data certificate object in the object identification data with the verification value of the data certificate object in the object verification data;
if the check value of the data certificate-storing object in the object identification data is the same as the check value of the data certificate-storing object in the object check data, determining that the object identification data passes the check.
In one implementation, the object identification data includes a verification value of the data-holding object, and when the object identification data is verified, the verification value of the data-holding object needs to be verified;
The processing unit 1302 is further configured to perform the following steps:
and after the authorization verification of the credit limit increment is passed, updating the verification value of the data credit object on the blockchain.
In one implementation, a conversion rule between the amount of forensic data and the amount of resources that the forensic data needs to consume is stored on the blockchain; the processing unit 1302 is configured to perform, when performing the certification processing on the first data on the blockchain according to the updated certification credit, the following steps:
obtaining conversion rules from the blockchain;
determining a first resource amount required for performing certification processing on the first data according to the conversion rule;
if the first resource amount is smaller than or equal to the updated credit limit, the first data is subjected to the credit processing, and the corresponding credit resources of the first resource amount are reduced from the updated credit limit on the blockchain.
In one implementation, the communication unit 1301 is further configured to perform the following steps:
if the first resource amount is larger than the updated evidence-storing amount, generating an evidence-storing failure notice;
returning a certificate storing failure notice to the data certificate storing object;
the certificate storing failure notification is used for notifying that the updated certificate storing amount is insufficient for storing the first data.
In one implementation, the communication unit 1301 is further configured to perform the following steps:
receiving a first data certification transaction sent by a data certification object, wherein the first data certification transaction comprises second data to be certified and a first data certification authority certificate; the first data certificate authority certificate is generated by the data certificate service party after the data certificate service party successfully applies the data certificate authority to the data certificate service party;
the processing unit 1302 is further configured to perform the following steps:
verifying the data storage certificate authority of the data storage certificate object based on the first data storage certificate authorization certificate;
and if the data storage authority verification of the data storage object passes, carrying out storage processing on the second data on the blockchain.
In one implementation, the first data certificate authority credential includes object identification data of a data certificate object and a certificate rated data amount corresponding to a data certificate authority; the processing unit 1302 is configured to, based on the first data certificate authority credential, perform the following steps when verifying the data certificate authority of the data certificate object:
obtaining object verification data of a data storage certificate object from a blockchain;
Verifying the object identification data based on the object verification data;
if the object identification data passes the verification, comparing the rated data quantity of the verification with the data quantity of the second data;
and if the data volume of the second data is smaller than or equal to the rated data volume of the certificate, determining that the data certificate authority verification of the data certificate object passes.
In one implementation, communication unit 1301 does not perform the following steps:
receiving a second data evidence-storing transaction sent by the data evidence-storing object, wherein the second data evidence-storing transaction comprises third data to be authenticated and a second data evidence-storing authorization certificate; the second data storage certificate authorization certificate is generated by a data storage certificate service party for a data storage certificate object;
the processing unit 1302 is further configured to perform the following steps:
verifying the data storage certificate authority of the data storage certificate object based on the second data storage certificate authorization certificate;
if the data certification authority of the data certification object passes the verification, performing certification processing on the third data on the blockchain according to the certification line of the data certification object.
In one implementation, the communication unit 1301 is further configured to perform the following steps:
receiving a third data certification transaction sent by the data certification object, wherein the third data certification transaction comprises fourth data to be certified;
The processing unit 1302 is further configured to perform the following steps:
and carrying out certification processing on the fourth data according to the certification credit of the data certification target on the blockchain.
According to another embodiment of the present application, each unit in the blockchain-based data storage device shown in fig. 13 may be separately or completely combined into one or several other units to form the blockchain-based data storage device, or some unit(s) thereof may be further split into a plurality of units with smaller functions to form the blockchain-based data storage device, which may achieve the same operation without affecting the implementation of the technical effects of the embodiments of the present application. The above units are divided based on logic functions, and in practical applications, the functions of one unit may be implemented by a plurality of units, or the functions of a plurality of units may be implemented by one unit. In other embodiments of the present application, the blockchain-based data certification device may also include other units, and in actual practice, these functions may be implemented with assistance by other units, and may be implemented by multiple units in cooperation.
According to another embodiment of the present application, a blockchain-based data certification device as shown in fig. 13 may be constructed by running a computer program capable of executing the steps involved in some or all of the methods as shown in fig. 9, 11 or 12 on a general-purpose computing device such as a computer including a Central Processing Unit (CPU), a random access storage medium (RAM), a read-only storage medium (ROM), etc., processing elements and storage elements, and implementing the blockchain-based data certification method of the embodiments of the present application. The computer program may be recorded on, for example, a computer-readable storage medium, and loaded into and executed by the computing device described above.
In the embodiment of the application, the credit limit authorization transaction of the data credit object comprises first data to be authenticated, a credit limit increment and a credit limit authorization certificate, wherein the credit limit increment is applied by the data credit object to a data credit service party, and the credit limit authorization certificate is generated by the data credit service party after the data credit service party successfully applies for the credit limit increment; after receiving the credit limit authorization transaction of the data credit object, carrying out authorization verification on the increment of the credit limit based on the credit limit authorization certificate; if the authorization verification of the evidence amount increment is passed, the evidence amount of the data evidence object can be updated on the blockchain based on the evidence amount increment; and then, according to the updated evidence amount, carrying out evidence storage processing on the first data on the blockchain. Therefore, in the embodiment of the application, the management of the certificate line is performed by means of the blockchain, and based on the characteristics of transparent disclosure and non-falsification of the blockchain, the management of the certificate line can be made transparent, and the management reliability of the certificate line can be improved.
Based on the method and the device embodiments, the embodiment of the application provides a computer device. Referring to fig. 14, fig. 14 is a schematic structural diagram of a computer device according to an embodiment of the present application. The computer device shown in fig. 14 includes at least a processor 1401, an input interface 1402, an output interface 1403, and a computer-readable storage medium 1404. Wherein the processor 1401, the input interface 1402, the output interface 1403, and the computer-readable storage medium 1404 may be connected by a bus or other means.
The computer readable storage medium 1404 may be stored in a memory of a computer device, the computer readable storage medium 1404 for storing a computer program comprising computer instructions, and the processor 1401 for executing the computer program stored by the computer readable storage medium 1404. The processor 1401, or CPU (Central Processing Unit ), is a computing core as well as a control core of the computer device, which is adapted to implement a computer program, in particular to load and execute the computer program for realizing the respective method flows or the respective functions.
The embodiments of the present application also provide a computer-readable storage medium (Memory), which is a Memory device in a computer device, for storing programs and data. It is understood that the computer readable storage medium herein may include both built-in storage media in a computer device and extended storage media supported by the computer device. The computer-readable storage medium provides storage space that stores an operating system of the computer device. In addition, a computer program suitable for being loaded and executed by the processor is stored in the storage space. Note that the computer readable storage medium can be either a high-speed RAM Memory or a Non-Volatile Memory (Non-Volatile Memory), such as at least one magnetic disk Memory; optionally, at least one computer readable storage medium remotely located from the aforementioned processor.
The computer device may be, for example, the data logging processing device 403 in the data logging system shown in fig. 4, and in a specific implementation, the processor 1401 may load and execute a computer program stored in the computer readable storage medium 1404 to implement the corresponding steps in the blockchain-based data logging method described above in relation to fig. 9, 11 or 12. In a specific implementation, a computer program in the computer readable storage medium 1404 is loaded by the processor 1401 and performs the steps of:
receiving a certificate line authorization transaction sent by a data certificate object, wherein the certificate line authorization transaction comprises first data to be stored, a certificate line increment and a certificate line authorization certificate; the evidence-deposit amount increment is applied by the data evidence-deposit object to the data evidence-deposit business party, and the evidence-deposit amount authorization certificate is generated by the data evidence-deposit business party after the data evidence-deposit object successfully applies for the evidence-deposit amount increment;
based on the credit limit authorization credentials, carrying out authorization verification on the credit limit increment;
if the authorization verification of the credit limit increment is passed, updating the credit limit of the data credit object on the block chain based on the credit limit increment;
and carrying out evidence storage processing on the first data on the blockchain according to the updated evidence storage limit.
In one implementation, the credit authorization credential includes object identification data of the data credit object and a credit increment applied by the data credit object; the computer program in the computer readable storage medium 1404 is loaded by the processor 1401 and executed to perform authorization verification on the credit limit increment based on the credit limit authorization credential, and specifically is used to perform the following steps:
obtaining object verification data of a data storage certificate object from a blockchain;
verifying the object identification data based on the object verification data;
if the object identification data passes the verification, comparing the increment of the credit limit in the credit limit authorization certificate with the increment of the credit limit in the credit limit authorization transaction;
if the increment of the credit limit in the credit limit authorization certificate is consistent with the increment of the credit limit in the credit limit authorization transaction, determining that the authorization verification of the increment of the credit limit passes.
In one implementation, a computer program in the computer readable storage medium 1404 is loaded by the processor 1401 and is further used to perform the steps of:
obtaining a blockchain address of a data storage certificate service party from a blockchain;
comparing the blockchain address of the data storage certification service party with the blockchain address of the data storage certification service manager maintained by the blockchain;
If the blockchain address of the data storage certification service party is the same as the blockchain address of the data storage certification service manager maintained by the blockchain, triggering and executing the step of acquiring the object verification data of the data storage certification object from the blockchain;
the blockchain address of the data storage certificate service manager is maintained by taking the blockchain address of the data storage certificate service party as the blockchain address of the data storage certificate service manager after the blockchain authorizes the data storage certificate service party as the data storage certificate service manager.
In one implementation, the object identification data includes a blockchain address of the data certification object and a check value of the data certification object; the object verification data comprises a blockchain address of the data storage verification object and a verification value of the data storage verification object; the computer program in the computer readable storage medium 1404 is specifically configured to perform the following steps when loaded by the processor 1401 and executed to verify object identification data based on object verification data:
comparing the blockchain address of the data storage certificate object in the object identification data with the blockchain address of the data storage certificate object in the object verification data;
if the blockchain address of the data certificate object in the object identification data is the same as the blockchain address of the data certificate object in the object verification data, comparing the verification value of the data certificate object in the object identification data with the verification value of the data certificate object in the object verification data;
If the check value of the data certificate-storing object in the object identification data is the same as the check value of the data certificate-storing object in the object check data, determining that the object identification data passes the check.
In one implementation, the object identification data includes a verification value of the data-holding object, and when the object identification data is verified, the verification value of the data-holding object needs to be verified;
the computer program in the computer readable storage medium 1404 is loaded into the processor 1401 and is further used to execute the steps of:
and after the authorization verification of the credit limit increment is passed, updating the verification value of the data credit object on the blockchain.
In one implementation, a conversion rule between the amount of forensic data and the amount of resources that the forensic data needs to consume is stored on the blockchain; the computer program in the computer readable storage medium 1404 is loaded by the processor 1401 and executed to perform the following steps when performing the certification processing on the first data on the blockchain according to the updated certification credit:
obtaining conversion rules from the blockchain;
determining a first resource amount required for performing certification processing on the first data according to the conversion rule;
if the first resource amount is smaller than or equal to the updated credit limit, the first data is subjected to the credit processing, and the corresponding credit resources of the first resource amount are reduced from the updated credit limit on the blockchain.
In one implementation, a computer program in the computer readable storage medium 1404 is loaded by the processor 1401 and is further used to perform the steps of:
if the first resource amount is larger than the updated evidence-storing amount, generating an evidence-storing failure notice;
returning a certificate storing failure notice to the data certificate storing object;
the certificate storing failure notification is used for notifying that the updated certificate storing amount is insufficient for storing the first data.
In one implementation, a computer program in the computer readable storage medium 1404 is loaded by the processor 1401 and is further used to perform the steps of:
receiving a first data certification transaction sent by a data certification object, wherein the first data certification transaction comprises second data to be certified and a first data certification authority certificate; the first data certificate authority certificate is generated by the data certificate service party after the data certificate service party successfully applies the data certificate authority to the data certificate service party;
verifying the data storage certificate authority of the data storage certificate object based on the first data storage certificate authorization certificate;
and if the data storage authority verification of the data storage object passes, carrying out storage processing on the second data on the blockchain.
In one implementation, the first data certificate authority credential includes object identification data of a data certificate object and a certificate rated data amount corresponding to a data certificate authority; the computer program in the computer readable storage medium 1404 is loaded by the processor 1401 and executed to verify the data-holding authorization of the data-holding object based on the first data-holding authorization credential, specifically for performing the following steps:
obtaining object verification data of a data storage certificate object from a blockchain;
verifying the object identification data based on the object verification data;
if the object identification data passes the verification, comparing the rated data quantity of the verification with the data quantity of the second data;
and if the data volume of the second data is smaller than or equal to the rated data volume of the certificate, determining that the data certificate authority verification of the data certificate object passes.
In one implementation, the computer program in the computer readable storage medium 1404 is loaded by the processor 1401 and further does not perform the steps of:
receiving a second data evidence-storing transaction sent by the data evidence-storing object, wherein the second data evidence-storing transaction comprises third data to be authenticated and a second data evidence-storing authorization certificate; the second data storage certificate authorization certificate is generated by a data storage certificate service party for a data storage certificate object;
Verifying the data storage certificate authority of the data storage certificate object based on the second data storage certificate authorization certificate;
if the data certification authority of the data certification object passes the verification, performing certification processing on the third data on the blockchain according to the certification line of the data certification object.
In one implementation, a computer program in the computer readable storage medium 1404 is loaded by the processor 1401 and is further used to perform the steps of:
receiving a third data certification transaction sent by the data certification object, wherein the third data certification transaction comprises fourth data to be certified;
and carrying out certification processing on the fourth data according to the certification credit of the data certification target on the blockchain.
In the embodiment of the application, the credit limit authorization transaction of the data credit object comprises first data to be authenticated, a credit limit increment and a credit limit authorization certificate, wherein the credit limit increment is applied by the data credit object to a data credit service party, and the credit limit authorization certificate is generated by the data credit service party after the data credit service party successfully applies for the credit limit increment; after receiving the credit limit authorization transaction of the data credit object, carrying out authorization verification on the increment of the credit limit based on the credit limit authorization certificate; if the authorization verification of the evidence amount increment is passed, the evidence amount of the data evidence object can be updated on the blockchain based on the evidence amount increment; and then, according to the updated evidence amount, carrying out evidence storage processing on the first data on the blockchain. Therefore, in the embodiment of the application, the management of the certificate line is performed by means of the blockchain, and based on the characteristics of transparent disclosure and non-falsification of the blockchain, the management of the certificate line can be made transparent, and the management reliability of the certificate line can be improved.
Embodiments of the present application also provide a computer program product or computer program comprising computer instructions stored in a computer-readable storage medium. The processor of the computer device reads the computer instructions from the computer readable storage medium and executes the computer instructions to cause the computer device to perform the blockchain-based data certification method described above.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on a computer, the processes or functions in accordance with embodiments of the present application are produced in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable devices. The computer instructions may be stored in or transmitted across a computer-readable storage medium. The computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by a wired (e.g., coaxial cable, fiber optic, digital Subscriber Line (DSL)), or wireless (e.g., infrared, wireless, microwave, etc.). Computer readable storage media can be any available media that can be accessed by a computer or data storage devices, such as servers, data centers, etc., that contain an integration of one or more available media. The usable medium may be a magnetic medium (e.g., a floppy Disk, a hard Disk, a magnetic tape), an optical medium (e.g., a DVD), or a semiconductor medium (e.g., a Solid State Disk (SSD)), or the like.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (15)

1. A blockchain-based data certification method, comprising:
receiving a credit limit authorization transaction sent by a data credit object, wherein the credit limit authorization transaction comprises first data to be subjected to a credit, a credit limit increment and a credit limit authorization credential; the evidence deposit amount increment is applied by the data evidence deposit object to a data evidence deposit business party, and the evidence deposit amount authorization certificate is generated for the data evidence deposit business party after the data evidence deposit object successfully applies for the evidence deposit amount increment;
based on the certificate limit authorization certificate, carrying out authorization verification on the certificate limit increment;
if the authorization verification of the evidence amount increment is passed, updating the evidence amount of the data evidence object based on the evidence amount increment on a blockchain;
And carrying out evidence storage processing on the first data on the blockchain according to the updated evidence storage limit.
2. The method of claim 1, wherein the credit authorization credential includes object identification data of the data credit object and a credit increment applied by the data credit object; the verifying the authorization of the credit limit increment based on the credit limit authorization certificate comprises the following steps:
obtaining object verification data of the data storage object from the blockchain;
verifying the object identification data based on the object verification data;
if the object identification data passes the verification, comparing the increment of the credit limit in the credit limit authorization certificate with the increment of the credit limit in the credit limit authorization transaction;
if the credit limit increment in the credit limit authorization certificate is consistent with the credit limit increment in the credit limit authorization transaction, determining that the authorization verification of the credit limit increment passes.
3. The method of claim 2, wherein the method further comprises:
acquiring a blockchain address of the data storage certificate service party from the blockchain;
Comparing the blockchain address of the data storage certification service party with the blockchain address of the data storage certification service manager maintained by the blockchain;
if the blockchain address of the data storage verification service party is the same as the blockchain address of the data storage verification service manager maintained by the blockchain, triggering and executing the step of acquiring the object verification data of the data storage verification object from the blockchain;
the blockchain address of the data certification service manager is maintained as the blockchain address of the data certification service manager after the blockchain authorizes the data certification service party to be the data certification service manager.
4. The method of claim 2, wherein the object identification data includes a blockchain address of the data certification object and a check value of the data certification object; the object verification data comprises a blockchain address of the data storage verification object and a verification value of the data storage verification object; the verifying the object identification data based on the object verification data includes:
Comparing the blockchain address of the data storage certificate object in the object identification data with the blockchain address of the data storage certificate object in the object verification data;
if the blockchain address of the data certification object in the object identification data is the same as the blockchain address of the data certification object in the object verification data, comparing the verification value of the data certification object in the object identification data with the verification value of the data certification object in the object verification data;
and if the verification value of the data verification object in the object identification data is the same as the verification value of the data verification object in the object verification data, determining that the verification of the object identification data is passed.
5. The method of claim 2, wherein the object identification data includes a verification value of the data-holding object, the verification value of the data-holding object being required to be verified when the object identification data is verified;
the method further comprises the steps of:
and after the authorization verification of the credit limit increment is passed, updating the verification value of the data credit object on the blockchain.
6. The method of claim 1, wherein the blockchain has stored thereon a conversion rule between an amount of data to be authenticated and an amount of resources to be consumed for performing the data authentication; and performing the certification processing on the first data on the blockchain according to the updated certification credit, including:
obtaining the conversion rule from the blockchain;
determining a first resource amount required for performing certification processing on the first data according to the conversion rule;
and if the first resource amount is smaller than or equal to the updated evidence-storing amount, carrying out evidence-storing processing on the first data, and reducing the evidence-storing resources corresponding to the first resource amount from the updated evidence-storing amount on the blockchain.
7. The method of claim 6, wherein the method further comprises:
if the first resource amount is larger than the updated evidence-storing amount, generating an evidence-storing failure notice;
returning the evidence-storing failure notice to the data evidence-storing object;
the evidence-based failure notification is used for notifying that the updated evidence amount is insufficient for storing the first data.
8. The method of claim 1, wherein the method further comprises:
Receiving a first data evidence-preserving transaction sent by the data evidence-preserving object, wherein the first data evidence-preserving transaction comprises second data to be authenticated and a first data evidence-preserving authorization certificate; the first data certification authority certificate is generated for the data certification service party after the data certification service party successfully applies data certification authority to the data certification service party;
verifying the data certificate authority of the data certificate object based on the first data certificate authority certificate;
and if the data storage authority of the data storage object passes the verification, carrying out storage processing on the second data on the blockchain.
9. The method of claim 8, wherein the first data forensic authorization credential includes object identification data of the data forensic object and a forensic rated data amount corresponding to the data forensic authority; the verifying the data certificate authority of the data certificate object based on the first data certificate authority certificate comprises the following steps:
obtaining object verification data of the data storage object from the blockchain;
verifying the object identification data based on the object verification data;
If the object identification data passes the verification, comparing the verification rated data volume with the data volume of the second data;
and if the data volume of the second data is smaller than or equal to the rated data volume of the certificate, determining that the data certificate authority verification of the data certificate object passes.
10. The method of claim 1, wherein the method further comprises:
receiving a second data evidence-preserving transaction sent by the data evidence-preserving object, wherein the second data evidence-preserving transaction comprises third data to be authenticated and a second data evidence-preserving authorization certificate; the second data certificate authority certificate is generated by the data certificate service party for the data certificate object;
verifying the data certificate authority of the data certificate object based on the second data certificate authority certificate;
and if the data evidence authority of the data evidence object passes the verification, carrying out evidence-storing processing on the third data on the blockchain according to the evidence-storing amount of the data evidence object.
11. The method of claim 1, wherein the method further comprises:
receiving a third data evidence-preserving transaction sent by the data evidence-preserving object, wherein the third data evidence-preserving transaction comprises fourth data to be subjected to evidence preservation;
And carrying out the certification processing on the fourth data on the blockchain according to the certification credit of the data certification object.
12. A blockchain-based data certification device, comprising:
the communication unit is used for receiving a certificate line authorization transaction sent by a data certificate object, wherein the certificate line authorization transaction comprises first data to be stored, a certificate line increment and a certificate line authorization certificate; the evidence deposit amount increment is applied by the data evidence deposit object to a data evidence deposit business party, and the evidence deposit amount authorization certificate is generated for the data evidence deposit business party after the data evidence deposit object successfully applies for the evidence deposit amount increment;
the processing unit is used for carrying out authorization verification on the credit limit increment based on the credit limit authorization certificate;
the processing unit is further configured to update, on a blockchain, the certificate line of the data certificate object based on the certificate line increment if the authorization verification of the certificate line increment passes;
and the processing unit is further used for carrying out the certification processing on the first data on the blockchain according to the updated certification credit.
13. A computer device, the computer device comprising:
a processor adapted to implement a computer program;
a computer readable storage medium storing a computer program adapted to be loaded by the processor and to perform the blockchain-based data certification method of any of claims 1-11.
14. A computer readable storage medium, characterized in that the computer readable storage medium stores a computer program adapted to be loaded by a processor and to perform the blockchain-based data certification method of any of claims 1-11.
15. A computer program product, characterized in that the computer program product comprises a computer program which, when executed by a processor, implements the blockchain-based data certification method of any of claims 1-11.
CN202311437845.2A 2023-10-31 2023-10-31 Block chain-based data storage and verification method, device, equipment, medium and product Pending CN117421774A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311437845.2A CN117421774A (en) 2023-10-31 2023-10-31 Block chain-based data storage and verification method, device, equipment, medium and product

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311437845.2A CN117421774A (en) 2023-10-31 2023-10-31 Block chain-based data storage and verification method, device, equipment, medium and product

Publications (1)

Publication Number Publication Date
CN117421774A true CN117421774A (en) 2024-01-19

Family

ID=89529895

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311437845.2A Pending CN117421774A (en) 2023-10-31 2023-10-31 Block chain-based data storage and verification method, device, equipment, medium and product

Country Status (1)

Country Link
CN (1) CN117421774A (en)

Similar Documents

Publication Publication Date Title
CN111898153B (en) Method and device for calling contract
US20230239284A1 (en) Federated identity management with decentralized computing platforms
US20220394468A1 (en) Secure mobile initiated authentication
WO2020134942A1 (en) Identity verification method and system therefor
US9621355B1 (en) Securely authorizing client applications on devices to hosted services
CN108259438B (en) Authentication method and device based on block chain technology
Yavari et al. An improved blockchain-based authentication protocol for IoT network management
CN112131316B (en) Data processing method and device applied to block chain system
CN110069908A (en) A kind of authority control method and device of block chain
WO2019033116A1 (en) Systems and methods for rights control of network-connected or iot devices using information stored in a distributed ledger
CN103259663A (en) User unified authentication method in cloud computing environment
US9565211B2 (en) Managing exchanges of sensitive data
WO2021164598A1 (en) Authorization verification system, method and apparatus for application, and storage medium
Shammar et al. An attribute-based access control model for Internet of things using hyperledger fabric blockchain
CN110910110B (en) Data processing method and device and computer storage medium
Rashid et al. RC-AAM: blockchain-enabled decentralized role-centric authentication and access management for distributed organizations
Ouaddah et al. FairAccess2. 0: a smart contract-based authorisation framework for enabling granular access control in IoT
KR20230147761A (en) Authenticated modification of blockchain-based data
Saleem et al. ProofChain: An X. 509-compatible blockchain-based PKI framework with decentralized trust
Durán et al. An architecture for easy onboarding and key life-cycle management in blockchain applications
CN112422516A (en) Connection method and device of power system, computer equipment and storage medium
Angelogianni et al. How many FIDO protocols are needed? Surveying the design, security and market perspectives
US20100030805A1 (en) Propagating information from a trust chain processing
CN108600266B (en) Statement filtering authentication method and system
CN116975901A (en) Identity verification method, device, equipment, medium and product based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication