Background technology
At present, data sharing is a problem in the industry.The primary solutions of shared data have following several:It is total to by dataSquare tube reason data are enjoyed, and are accessed to shared side's offer permission is received for it;Data receive shared side by shared direction and complete a business transaction, by connecingFollow-up management and maintenance are carried out to data by shared side;Receive shared side in a manner that SaaS services to be provided, receive and recognize at that timeFor relevant data, shared data only exists in short term, does not do long-term retention.More than several ways are all modes commonly used in the trade,Technology relative maturity has corresponding a large amount of use-cases in practical applications.
For being supplied for its access by data sharing square tube reason data, and to shared side's offer permission is received, due to networkPermission, safety management, data permission often relate to multiple systems, it could even be possible to needs are to receive being connected into for shared side to carry out spyThe customization of fixed IT schemes (such as special line) and business circuit.This kind of mode is more demanding for the technical capability for sharing side, andIt is larger for the O&M pressure for sharing side.When the data framework for sharing side changes or receives to share square data consumption mouldWhen formula changes, the necessary corrdinated adjustment of both sides can ensure that remaining valid for data is shared.
Receive shared side by shared direction for data to complete a business transaction, follow-up management and dimension are carried out to data by receiving shared sideShield:After data complete a business transaction completion, shared side loses data the follow-up maintenance to data, monitoring, managerial ability substantially, connectsIt is continued to complete by shared side to the O&Ms of data and completes to dock with oneself system.Need during this large amount of manpower intoIt is original to carry out knowledge handing-over, while if such complete a business transaction the lasting progress of needs, then to receiving to share the operation of side and technology energyPower requirement is larger.When the data framework for sharing side changes, corresponding adjustment must be made by receiving shared side, can ensure numberAccording to remain valid it is shared.
For receiving shared side in a manner of providing SaaS services, receive and thinking relevant data at that time.Shared dataOnly exist in short term, do not do long-term retention.Shared data do not do it is long-term retain reduce retain for a long time required software and hardware intoSheet and the operation pressure, but it is detrimental to the further demands such as data filing, big data analysis, machine learning, intelligent base foundationIt completes.Meanwhile with the evolution that Saas is serviced, both sides are required for constantly modifying during it, customize, and to participantMember is accordingly trained.
Apply for content
In view of this, the embodiment of the present application provides a kind of data sharing method and device.
On the one hand, the embodiment of the present application provides a kind of data sharing method, the method includes:At least one recipientEquipment shares the shared token of method, apparatus transmission by the reception of block chain network;At least one receiver equipment passes through blockChain network sends acknowledgement information to the method, apparatus of sharing;At least one receiver equipment is from least one Cloud ServerObtain shared information corresponding with the shared token.
On the other hand, the embodiment of the present application additionally provides a kind of data sharing device, and described device includes:Shared token connectsModule is received, for passing through the shared token that method, apparatus transmission is shared in the reception of block chain network;Acknowledgement information sending module, for leading toIt crosses block chain network and sends acknowledgement information to the method, apparatus of sharing;Shared information acquisition module, for being taken from least one cloudIt is engaged in obtaining shared information corresponding with the shared token in device.
Data sharing method and device provided by the embodiments of the present application have the beneficial effect that:
In data sharing method and device provided by the embodiments of the present application, at least one recipient is connect by block chain networkContracture enjoys the shared token of method, apparatus transmission, and at least one recipient is sent back by block chain network to method, apparatus is sharedInformation is held, at least one receiver equipment obtains shared information corresponding with shared token from least one Cloud Server.WithThe prior art is compared, and without increasing pointing out for extras newly for data sharing, and is greatly increased by introducing block chain technologyThe strong safety of data.
Specific embodiment
First embodiment
Fig. 1 is referred to, Fig. 1 shows the data sharing method that the application first embodiment provides, and this method specifically includesFollowing steps:
Step S110, at least one receiver equipment share the shared order of method, apparatus transmission by the reception of block chain networkBoard.
In data sharing process, it will usually have sharing for multi-party participation data.A side in multi-party is intended to shared informationWhen, the party can be by as the side of sharing, other several sides can be by as recipient, that is to say, that the concept of the side of sharing and recipientIt is opposite, and is that meeting is changed.The equipment that recipient is held can be used as receiver equipment, and the side of sharing is heldEquipment can be used as share method, apparatus.
Block chain network is with the network of block chain technology structure, and the core of block chain technology is the public affairs of distributed P 2 PDemonstrate,prove account book system, have can not tamper, be a kind of faith mechanism of decentralization.
The shared token includes shared information identification information, Cloud Server information corresponding with the shared information, is total toEnjoy information authority information and Cloud Server authority information.Shared information identification information be by be sharing, sharing orThe information for the data set shared.Cloud Server information for data set storage used by one or more publicly-owned Cloud Servers orThe information of privately owned Cloud Server.Shared information authority information shares permission, shares deadline information for data set.Cloud Server is weighedLimit information is the information such as identity, the permission of corresponding one or more publicly-owned Cloud Servers or privately owned Cloud Server.Above-mentioned letterBreath can need all information of data set shared or the partial information of data set that needs are shared, can alsoIt is the modification (such as increase, remove, modification information) of the data set to having shared.
Public cloud and privately owned cloud connected by the interface of standard, and the stabilization that can provide large capacity is depositedStorage media, and provide a variety of data storage services such as error correction, backup, it can ensure safety, the persistence of data by cloud service providerAnd availability.Block chain technology is effectively combined by the application with cloud, via shared multi-party accessible public affairsThere are network or internal network, complete in many ways to the shared purpose safeguarded, be used in conjunction with jointly of data.
It is described to share method, apparatus for that preset before the shared token of method, apparatus transmission is shared in receiver equipment receptionData information is sent at least one Cloud Server, wherein, it is sent to preset data at least one Cloud ServerData is by as the shared information.Specifically, share method, apparatus can from its storage device by the data that need to be shared to cloudServer is transmitted.Cloud Server can temporarily or permanently store shared data.Storage device is storage platform, storage machineCabinet, storage server or storage computer.
Step S120, at least one receiver equipment send receipt by block chain network to the method, apparatus of sharingInformation.
At least one receiver equipment is received after shared token, its letter included can be obtained from shared tokenThen breath sends acknowledgement information by block chain network to method, apparatus is shared.
Step S130, at least one receiver equipment obtain and the shared token from least one Cloud ServerCorresponding shared information.
If shared information update, at least one receiver equipment according to the shared token from it is described at leastObtained in one Cloud Server it is updated after shared information.
Within the data sharing time limit, receiver equipment can access one or more Cloud Servers with shared token, obtainData and data update.In its extent of competence, the corresponding recipient of receiver equipment can carry out the permitted phase of its permissionIt the data manipulations such as should upload, download, changing, increasing, deleting.
Fig. 2 is referred to, Fig. 2 shows a kind of specific embodiment parties for the data sharing method that the application first embodiment providesThe flow chart of formula, this method specifically comprise the following steps:
Step S110, at least one receiver equipment share the shared order of method, apparatus transmission by the reception of block chain networkBoard.
Step S120, at least one receiver equipment send receipt by block chain network to the method, apparatus of sharingInformation.
Step S130, at least one receiver equipment obtain and the shared token from least one Cloud ServerCorresponding shared information.
Fig. 2 shows step S110 to step S130 it is identical to step S130 with the step S110 shown in Fig. 1, herein just notIt repeats.
Step S140 judges whether the time limit is more than the default time limit, if so, performing step S150.
Server may determine that whether the time limit is more than the default time limit.Shared information usually has a time restriction, such as can be withThe default time limit is set as 1 month or 3 months, and judges whether the time limit is more than the default time limit, if so, performing step S150.
Step S150 when at least one receiver equipment accesses the shared information according to the shared token, connectsReceive the shared failure instruction that at least one Cloud Server is sent.
After the shared time limit or when the business or Technical arrangements shared change, shared initiator can lead toThe permission of the shared recipient of limiting operation modification to one or more public clouds or private clound is crossed, extends, change or terminates altogetherIt enjoys.
Since block chain technology is still being deduced in itself, the application should be guaranteed that before shared token is initiated, Ying CaiWith corresponding scheme, to receiver equipment, corresponding recipient's identity is verified.A variety of existing ripe skills may be used in authenticationArt scheme, and be transmitted using block chain network to ensure the safety of follow-up shared token.
After the completion of authentication, the information such as block chain address, master key are exchanged behind in the data transmission that both sides can be,And current both sides are transmitted into wheel and are defined as 0, so as to subsequent transmission shared token.
Due to during storing and sharing, it is possible that following situation:Receiver equipment increases or decreases;It is sharedThe sharing policy variation of information, the increase of information, update, all or part of deletion, the corresponding permission variation of receiver equipment, cloudMigration, update, increase, all or part of deletion of service.Therefore shared token can transmit as follows:
Share method, apparatus generation shared token, and the next round for generating shared token share initiator block chain address andMain key;Then shared token is encrypted by recipient's public key and main key;It is transmitted and encrypted by block chain network.
Receiver equipment receives encrypted shared token by block chain network, passes through the private key of receiver equipment itselfAnd shared token is decrypted in the main key;And pass through recipient's public key, response is encrypted to shared token in main key, lead toIt crosses block chain network and transmits the encrypted response.Share method, apparatus and receive the encrypted response that receiver equipment is sent.
Second embodiment
Fig. 3 is referred to, Fig. 3 shows the data sharing device that the application second embodiment provides, which includes:
Shared token receiving module 310, for passing through the shared token that method, apparatus transmission is shared in the reception of block chain network.
The method, apparatus of sharing is used for preset data data transmission at least one Cloud Server, wherein, transmissionInto at least one Cloud Server, preset data data is by as the shared information.
The shared token includes shared information identification information, Cloud Server information corresponding with the shared information, is total toEnjoy information authority information and Cloud Server authority information.
Acknowledgement information sending module 320 sends acknowledgement information for passing through block chain network to the method, apparatus of sharing.
Shared information acquisition module 330, it is corresponding with the shared token for being obtained from least one Cloud ServerShared information.
Wherein, the shared information acquisition module further includes:Information updates submodule, if for the shared information moreNewly, then at least one receiver equipment obtained from least one Cloud Server according to the shared token it is updatedShared information afterwards.
Fig. 4 is referred to, in a kind of specific embodiment, which further includes:
Time limit judgment module 340, for judging whether the time limit is more than the default time limit.
Shared failure reminding module 350 during for accessing the shared information according to the shared token, receives describedThe shared failure instruction that at least one Cloud Server is sent.
It is apparent to those skilled in the art that for convenience and simplicity of description, the device of foregoing descriptionSpecific work process, can refer to preceding method in corresponding process, no longer excessively repeat herein.
In this implementation, required network, equipment are to share the existing equipment of participant, without newly-increased to shareWholesale information technoloy equipment expenditure (purchase of such as special storage device, the erection of special line, gateway service are set up).
If company/office system and policy allow, this realization can allow to participate in multi-party using containing public cloud, public affairsThere are means of the component of network as transmission, storage.Due to the continuous development of public cloud and global network, profession maintenance teamIt is all constantly progressive in integrality, duration and the safety for ensureing data.For a long time from cost and the angle of SLA, than each ginsengThe advantage of bigger will be had by voluntarily implementing corresponding scheme with side.
With it is existing using public cloud, global network transmission compared with, introduce block chain technology greatly enhance dataSafety.Its signature, sign test, Hash and selectable cryptographic operation ensure that the safety in cryptography meaning;Its more accountThe distributed account book system of this more copy has very big meaning to the consistency, availability and the persistence that enhance data.
Compared with the data transmission of entire data set, transmission quantity is very little for the direct transmission of shared token.This is alsoCoordination requirement is completed a business transaction between the great each side for alleviating participation and sharing.Participating in each side need to only concentrate one's energy to store with data setInvolved one or more public clouds or the docking of private cloud storage platform can effectively use data.
Compared with passing square tube reason data, this programme allows multi-party association control data set, allows the deduction of data set, permitsEach side's permission of many side's association controls is not reciprocity, allows the redjustment and modification of permission, and permission increases in real time or reduces association control side.Allow eachSide is shared, and to its other party real-time informing to the data formulation oneself generated by strategy.Compared with previous mode, it can allow moreMore Technical Architectures and business model.
In data sharing method and device provided by the embodiments of the present application, at least one recipient is connect by block chain networkContracture enjoys the shared token of method, apparatus transmission, and at least one recipient is sent back by block chain network to method, apparatus is sharedInformation is held, at least one receiver equipment obtains shared information corresponding with shared token from least one Cloud Server.WithThe prior art is compared, and without increasing pointing out for extras newly for data sharing, and is greatly increased by introducing block chain technologyThe strong safety of data.
It should be noted that each embodiment in this specification is described by the way of progressive, each embodiment weightPoint explanation is all difference from other examples, and just to refer each other for identical similar part between each embodiment.For device class embodiment, since it is basicly similar to embodiment of the method, so description is fairly simple, related part is joinedSee the part explanation of embodiment of the method.
In several embodiments provided herein, it should be understood that disclosed device and method can also pass through itIts mode is realized.The apparatus embodiments described above are merely exemplary, for example, the flow chart and block diagram in attached drawing are shownThe device of multiple embodiments according to the application, architectural framework in the cards, the work(of method and computer program product are shownIt can and operate.In this regard, each box in flow chart or block diagram can represent one of a module, program segment or codePoint, a part for the module, program segment or code includes one or more and is used to implement the executable of defined logic functionInstruction.It should also be noted that at some as in the realization method replaced, the function of being marked in box can also be attached to be different fromThe sequence marked in figure occurs.For example, two continuous boxes can essentially perform substantially in parallel, they also may be used sometimesTo perform in the opposite order, this is depended on the functions involved.It is it is also noted that each in block diagram and/or flow chartThe combination of box and the box in block diagram and/or flow chart function or the dedicated of action can be based on as defined in executionThe system of hardware is realized or can be realized with the combination of specialized hardware and computer instruction.
In addition, each function module in each embodiment of the application can integrate to form an independent portionPoint or modules individualism, can also two or more modules be integrated to form an independent part.
If the function is realized in the form of software function module and is independent product sale or in use, can be withIt is stored in a computer read/write memory medium.Based on such understanding, the technical solution of the application is substantially in other wordsThe part contribute to the prior art or the part of the technical solution can be embodied in the form of software product, the meterCalculation machine software product is stored in a storage medium, is used including some instructions so that a computer equipment (can bePeople's computer, server or network equipment etc.) perform each embodiment the method for the application all or part of step.And aforementioned storage medium includes:USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are depositedThe various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic disc or CD.It needsIllustrate, herein, relational terms such as first and second and the like be used merely to by an entity or operation withAnother entity or operation distinguish, and without necessarily requiring or implying between these entities or operation, there are any this realitiesThe relationship or sequence on border.Moreover, term " comprising ", "comprising" or its any other variant are intended to the packet of nonexcludabilityContain so that process, method, article or equipment including a series of elements not only include those elements, but also includingIt other elements that are not explicitly listed or further includes as elements inherent to such a process, method, article, or device.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including the elementProcess, method, also there are other identical elements in article or equipment.
The foregoing is merely the preferred embodiments of the application, are not limited to the application, for the skill of this fieldFor art personnel, the application can have various modifications and variations.It is all within spirit herein and principle, made any repairChange, equivalent replacement, improvement etc., should be included within the protection domain of the application.It should be noted that:Similar label and letter existsSimilar terms are represented in following attached drawing, therefore, once being defined in a certain Xiang Yi attached drawing, are then not required in subsequent attached drawingIt is further defined and is explained.
The specific embodiment of the above, only the application, but the protection domain of the application is not limited thereto, it is anyIn the technical scope that those familiar with the art discloses in the application, change or replacement can be readily occurred in, should all be containedIt covers within the protection domain of the application.Therefore, the protection domain of the application described should be subject to the protection scope in claims.