技术领域technical field
本发明涉及区块链技术领域,尤其涉及一种区块链交易记录访问的方法及系统。The invention relates to the technical field of block chains, in particular to a method and system for accessing block chain transaction records.
背景技术Background technique
随着2009年比特币的出现,区块链技术也随之声名鹊起。区块链技术,又称为“分布式账本技术”,是一种去中心化、集体维护分布式账本的技术方案,其本质是由多个节点集体参与的分布式数据库系统。区块链不是一种单一的技术,而是多种技术整合的结果,利用区块链技术维护一个可靠的、难以篡改的账簿记录,可以降低信任的风险,并能有效的降低众参与方协作的维护成本。在区块链实际应用中,每个用户会产生一对非对称密钥对,用于区块链上的交易签名,其对应公钥的Hash值作为其交易账户的身份标识。考虑到安全性、效率等多种因素,区块链非对称加密算法一般选用ECC(椭圆曲线)算法,其算法的安全性取决于椭圆曲线离散对数问题(ECDLP) 的难解性。With the advent of Bitcoin in 2009, blockchain technology rose to prominence. Blockchain technology, also known as "distributed ledger technology", is a technical solution for decentralization and collective maintenance of distributed ledgers. Its essence is a distributed database system that is collectively participated by multiple nodes. Blockchain is not a single technology, but the result of the integration of multiple technologies. Using blockchain technology to maintain a reliable and difficult-to-tamper account record can reduce the risk of trust and effectively reduce the collaboration of various participants. maintenance costs. In the actual application of the blockchain, each user will generate a pair of asymmetric key pairs for transaction signatures on the blockchain, and the Hash value of the corresponding public key serves as the identity of its transaction account. Considering various factors such as security and efficiency, the blockchain asymmetric encryption algorithm generally uses the ECC (elliptic curve) algorithm, and the security of the algorithm depends on the intractability of the elliptic curve discrete logarithm problem (ECDLP).
在现有技术中,区块链技术已经被应用到各个领域,例如生产加工领域,从原材料的生产制造、物流运输、中间零部件产品的生产制造以及最终产品的生产制造涉及众多参与方,每个参与方的交易记录都可以存储于区块链网络的节点中形成账簿,使得整个生产活动的所有节点都能够溯源。但是,由于涉及到众多参与方的生产活动的交易记录可能存储有敏感数据,并不应被没有获得授权的其它方获取,因此亟需一种区块链交易记录访问控制方案。In the existing technology, blockchain technology has been applied to various fields, such as the field of production and processing, from the production and manufacturing of raw materials, logistics and transportation, production and manufacturing of intermediate parts and final products involving many participants, each The transaction records of each participant can be stored in the nodes of the blockchain network to form an account book, so that all nodes of the entire production activity can be traced. However, since the transaction records of production activities involving many participants may store sensitive data and should not be obtained by other parties without authorization, an access control scheme for blockchain transaction records is urgently needed.
发明内容Contents of the invention
为解决现有技术中的技术问题,本发明实施例提供了一种区块链交易记录访问的方法及系统,提高生产协作区块链网络中交易记录的安全性。In order to solve the technical problems in the prior art, the embodiment of the present invention provides a method and system for accessing blockchain transaction records to improve the security of transaction records in the production collaboration blockchain network.
本发明实施例的方法具体提供了一种区块链交易记录访问方法,包括:The method of the embodiment of the present invention specifically provides a method for accessing blockchain transaction records, including:
所有区块链节点将各自的私钥发送给管理服务器进行存储;All blockchain nodes send their private keys to the management server for storage;
所述区块链节点利用各自的公钥对待存储交易记录进行加密;The blockchain nodes use their respective public keys to encrypt the transaction records to be stored;
将所述加密后的待存储交易记录在区块链网络中广播,在得到其它区块链节点共识验证后,将所述加密后的待存储交易记录存储入区块链。The encrypted transaction records to be stored are broadcasted in the block chain network, and after the consensus verification of other block chain nodes is obtained, the encrypted transaction records to be stored are stored in the block chain.
本发明实施例还提供了一种区块链交易记录访问方法,包括:The embodiment of the present invention also provides a method for accessing blockchain transaction records, including:
接收各个区块链节点的私钥;Receive the private key of each blockchain node;
接收所述区块链节点发起的查询交易记录请求,所述查询交易记录请求中至少包括,查询人、被查询人以及被查询交易记录;Receive a request for querying transaction records initiated by the blockchain node, the request for querying transaction records includes at least the queryer, the person being queried, and the transaction record being queried;
若所述查询交易记录请求通过授权验证,则利用所述被查询人的私钥解密对应的被查询交易记录;If the query transaction record request passes the authorization verification, then use the private key of the queryee to decrypt the corresponding query transaction record;
将所述解密后的被查询交易记录发送给所述发起查询交易记录请求的区块链节点。Sending the decrypted transaction records to be queried to the block chain node that initiated the transaction record query request.
另一方面,本发明实施例提供了一种区块链节点装置,包括:On the other hand, the embodiment of the present invention provides a block chain node device, including:
第一发送模块,用于将各自的私钥发送给管理服务器进行存储;The first sending module is used to send respective private keys to the management server for storage;
加密模块,用于利用各自的公钥对待存储交易记录进行加密;An encryption module, used to encrypt the transaction records to be stored with their respective public keys;
第二发送模块,用于将所述加密后的待存储交易记录在区块链网络中广播,在得到其它区块链节点共识验证后,将所述加密后的待存储交易记录存储入区块链。The second sending module is used to broadcast the encrypted transaction record to be stored in the block chain network, and store the encrypted transaction record to be stored in the block after obtaining the consensus verification of other block chain nodes chain.
本发明实施例还提供了一种区块链管理服务器,包括:The embodiment of the present invention also provides a block chain management server, including:
第一接收单元,用于接收各区块链节点的私钥;The first receiving unit is used to receive the private key of each block chain node;
第二接收单元,用于接收区块链节点发起的查询交易记录请求,所述查询交易记录请求中至少包括,查询人、被查询人以及被查询交易记录;The second receiving unit is configured to receive a transaction record query request initiated by a blockchain node, the transaction record query request at least including the queryer, the person being queried, and the transaction record being queried;
授权验证单元,用于针对所述查询交易记录请求进行授权验证;An authorization verification unit, configured to perform authorization verification on the request for querying transaction records;
解密单元,用于若所述查询交易记录请求通过授权验证,则利用所述被查询人的私钥解密对应的被查询交易记录;A decryption unit, configured to decrypt the corresponding queried transaction record by using the queried person's private key if the query transaction record request passes the authorization verification;
发送单元,用于将所述解密后的被查询交易记录发送给所述发起查询交易记录请求的区块链节点。A sending unit, configured to send the decrypted inquired transaction record to the block chain node that initiates the inquiring transaction record request.
本发明实施例还提供了一种区块链交易记录访问系统,包括:The embodiment of the present invention also provides a blockchain transaction record access system, including:
多个如上所述的区块链节点,一个或者多个如上所述的管理服务器;Multiple blockchain nodes as described above, one or more management servers as described above;
所述多个区块链节点,用于将各自的私钥发送给管理服务器进行存储;利用各自的公钥对待存储交易记录进行加密;将所述加密后的待存储交易记录在区块链网络中广播,在得到其它区块链节点共识验证后,将所述加密后的待存储交易记录存储入区块链;The plurality of block chain nodes are used to send their respective private keys to the management server for storage; use their respective public keys to encrypt the transaction records to be stored; record the encrypted transaction records to be stored in the block chain network In broadcasting, after obtaining the consensus verification of other blockchain nodes, the encrypted transaction records to be stored are stored in the blockchain;
所述管理服务器,用于接收各个所述区块链节点的私钥;接收所述区块链节点发起的查询交易记录请求,所述查询交易记录请求中至少包括,查询人、被查询人以及被查询交易记录;若所述查询交易记录请求通过授权验证,则利用所述被查询人的私钥解密对应的被查询交易记录;将所述解密后的被查询交易记录发送给所述发起查询交易记录请求的区块链节点。The management server is configured to receive the private key of each of the blockchain nodes; receive the query transaction record request initiated by the blockchain node, and the transaction record query request includes at least the queryer, the queried person, and Inquired transaction records; if the inquired transaction record request passes authorization verification, use the inquired person’s private key to decrypt the corresponding inquired transaction record; send the decrypted inquired transaction record to the initiating inquiry The blockchain node for the transaction record request.
本发明实施例还提供了一种计算机可读存储介质,其特征在于,存储有程序,所述程序被配置执行上述的方法。An embodiment of the present invention also provides a computer-readable storage medium, which is characterized in that a program is stored, and the program is configured to execute the above-mentioned method.
利用本发明实施例,通过使用创建交易记录的区块链节点的公钥对交易记录进行加密,管理服务器根据授权验证后的结果利用各区块链节点的私钥进行解密,实现了生产协作区块链网络中交易记录的数据安全性。Utilizing the embodiment of the present invention, by using the public key of the block chain node that created the transaction record to encrypt the transaction record, the management server uses the private key of each block chain node to decrypt according to the result of authorization verification, and realizes the production of collaborative blocks. Data security of transaction records in the chain network.
附图说明Description of drawings
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present invention. Those skilled in the art can also obtain other drawings based on these drawings without creative work.
图1为本发明实施例一种区块链交易记录访问方法流程示意图;1 is a schematic flow diagram of a method for accessing blockchain transaction records according to an embodiment of the present invention;
图2所示为本发明实施例一种区块链交易记录访问方法流程示意图;FIG. 2 is a schematic flow diagram of a method for accessing blockchain transaction records according to an embodiment of the present invention;
图3所示为本发明实施例一种区块链节点装置结构示意图;FIG. 3 is a schematic structural diagram of a block chain node device according to an embodiment of the present invention;
图4所示为本发明实施例一种区块链管理服务器的结构示意图;Fig. 4 is a schematic structural diagram of a block chain management server according to an embodiment of the present invention;
图5所示为本发明实施例一种区块链交易记录访问系统的机构示意图;Fig. 5 is a schematic diagram of the organization of a blockchain transaction record access system according to an embodiment of the present invention;
图6所示为本发明实施例一种基于区块链网络的生产协作系统的交易信息存储流程图;FIG. 6 is a flow chart of transaction information storage of a production collaboration system based on a blockchain network according to an embodiment of the present invention;
图7所示为本发明实施例一种基于区块链网络的生产协作系统的交易信息查询流程图。Fig. 7 is a flowchart of transaction information query of a production collaboration system based on a blockchain network according to an embodiment of the present invention.
具体实施方式Detailed ways
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.
图1为本发明实施例一种区块链交易记录访问方法流程示意图。如图1所示,本发明实施例可以应用于由多个参与方组成的整个生产活动过程中,也就是说应用于相对比较封闭的私有链中,或者也可以应用于相对比较开放的公有链中。对于区块链中每个区块链节点来说,都需要将其生成的交易记录加密,然后在区块链网络中进行广播、存储,形成机密的账簿,所述区块链节点执行的方法如下:Fig. 1 is a schematic flow diagram of a method for accessing blockchain transaction records according to an embodiment of the present invention. As shown in Figure 1, the embodiment of the present invention can be applied to the entire production process composed of multiple participants, that is to say, it can be applied to a relatively closed private chain, or it can also be applied to a relatively open public chain middle. For each blockchain node in the blockchain, it is necessary to encrypt the transaction records generated by it, and then broadcast and store them in the blockchain network to form a confidential account book. The method executed by the blockchain node as follows:
步骤101,所有区块链节点将各自的私钥发送给管理服务器进行存储。Step 101, all blockchain nodes send their private keys to the management server for storage.
步骤102,所述区块链节点利用各自的公钥对待存储交易记录进行加密。Step 102, the blockchain nodes use their respective public keys to encrypt the transaction records to be stored.
步骤103,将所述加密后的待存储交易记录在区块链网络中广播,在得到其它区块链节点共识验证后,将所述加密后的待存储交易记录存储入区块链。Step 103, broadcast the encrypted transaction record to be stored in the blockchain network, and store the encrypted transaction record to be stored in the blockchain after obtaining the consensus verification of other blockchain nodes.
其中,所述公钥、私钥可以参考RSA非对称加密算法中的公钥和私钥,或者也可以参考其他现有技术中的非对称加密算法,即利用某个区块链节点的公钥加密交易记录后,只有该节点的私钥才能够对该加密交易记录进行解密,从而获得账簿中交易记录的明文。Wherein, the public key and the private key can refer to the public key and the private key in the RSA asymmetric encryption algorithm, or can also refer to other asymmetric encryption algorithms in the prior art, that is, to use the public key of a blockchain node After the encrypted transaction record, only the private key of the node can decrypt the encrypted transaction record, so as to obtain the plaintext of the transaction record in the account book.
作为本发明的一个实施例,还包括查询交易记录步骤,具体包括:As an embodiment of the present invention, it also includes the step of querying transaction records, specifically including:
向管理服务器发送查询交易记录的请求;Send a request for querying transaction records to the management server;
当所述查询交易记录的请求通过所述管理服务器授权验证后,接收所述管理服务器反馈的交易记录数据。After the request for querying transaction records is authorized and verified by the management server, the transaction record data fed back by the management server is received.
作为本发明的一个实施例,所述查询交易记录的请求中至少包括:查询人、被查询人以及被查询交易记录等信息。As an embodiment of the present invention, the request for inquiring transaction records at least includes information such as the inquirer, the inquired person, and the inquired transaction record.
其中,所述查询人指发出查询交易记录请求的参与方,被查询人指所述查询交易记录请求中的被查询交易记录的所有人(或者说创建者),被查询交易记录指被查询人创建有许多交易,其中哪一个交易记录是查询人想要查询的,例如可以包括交易的编号,或者该帐簿中参与交易的所有参与方的信息,或者还可以包括交易的标的物等。Wherein, the inquirer refers to the participant that sends out the query transaction record request, the inquired person refers to the owner (or creator) of the inquired transaction record in the inquired transaction record request, and the queried transaction record refers to the inquired person There are many transactions created, which transaction record is what the queryer wants to query, for example, it may include the transaction number, or the information of all parties involved in the transaction in the account book, or may also include the subject matter of the transaction, etc.
所述将所述加密后的待存储交易记录在区块链网络中广播,在得到其它区块链节点共识验证后,将所述加密后的待存储交易记录存储入区块链步骤中,所述共识验证就是根据区块链节点的签名对该区块链节点的身份和所述加密交易记录是否被篡改进行共识验证,所述区块链节点A根据加密交易记录生成摘要,可以是加密交易记录的一部分(例如加密交易记录开始的5%),利用该区块链节点A的私钥对该部分摘要进行签名,再将所述加密交易记录以及签名发送给其它区块链节点。在某个区块链节点B接收到所述加密的交易记录以及签名后,使用区块链节点A的公钥对所述签名进行解密,得到加密交易记录的摘要,将解密后的摘要与接收到的加密交易记录相比较,若两者一致(例如加密交易记录开始的5%相同),则说明加密交易记录未被篡改,也就是共识验证通过,在区块链节点中通过共识验证后就会将所述加密交易记录存储入本地的区块链中。Said broadcasting the encrypted transaction record to be stored in the block chain network, after obtaining the consensus verification of other block chain nodes, storing the encrypted transaction record to be stored in the block chain step, the The above consensus verification is to perform consensus verification on the identity of the blockchain node and whether the encrypted transaction record has been tampered with according to the signature of the blockchain node. The blockchain node A generates a summary according to the encrypted transaction record, which can be an encrypted transaction For a part of the record (for example, the first 5% of the encrypted transaction record), use the private key of the block chain node A to sign the summary of this part, and then send the encrypted transaction record and the signature to other block chain nodes. After a blockchain node B receives the encrypted transaction record and signature, it uses the public key of blockchain node A to decrypt the signature to obtain a summary of the encrypted transaction record, and combines the decrypted summary with the received Compared with the received encrypted transaction records, if the two are consistent (for example, the first 5% of the encrypted transaction records are the same), it means that the encrypted transaction records have not been tampered with, that is, the consensus verification has passed. After passing the consensus verification in the blockchain node, the The encrypted transaction records will be stored in the local blockchain.
作为本发明的一个实施例,当所述查询交易记录的请求被所述管理服务器验证后,接收所述管理服务器反馈的交易记录数据中进一步包括,As an embodiment of the present invention, after the request for querying transaction records is verified by the management server, the transaction record data fed back by the management server further includes:
接收所述管理服务器授权访问的请求;receiving a request from the management server to authorize access;
向所述管理服务器发送授权访问的指令。An instruction to authorize access is sent to the management server.
其中,授权访问的请求中至少包括查询人、被查询交易记录等信息。Wherein, the request for authorized access includes at least information such as the queryer and the transaction record to be queried.
本步骤可以在区块链节点的计算机上执行,也可以在区块链节点之外,也就是被查询人的计算机上执行。This step can be executed on the computer of the blockchain node, or outside the blockchain node, that is, on the computer of the person being queried.
所述授权访问的指令包括同意查询交易记录请求的指令,或拒绝该查询交易记录请求的指令。如果是拒绝查询交易记录请求的指令,则所述管理服务器将会拒绝所述查询交易记录请求,不会向发出该查询交易记录请求的区块链节点反馈交易记录数据。The instruction for authorizing access includes an instruction for agreeing to the request for inquiring transaction records, or an instruction for rejecting the request for inquiring transaction records. If it is an instruction to reject the transaction record query request, the management server will reject the transaction record query request, and will not feed back transaction record data to the block chain node that issued the transaction record query request.
通过上述实施例的方法,可以在区块链的每一个节点上存储加密交易记录,该交易记录可以由创建该交易记录的区块链节点读取,对于其它交易参与方的区块链节点来说是加密的,这样既保证了在整个生产活动中所有参与者的生产活动数据共享且不可篡改,既增强了大型生产活动中多个参与方的相互信任关系,还使得生产活动能够更加紧凑,节约资源;并且,还可以保证各参与方的商业秘密,其它参与方只能够在交易记录创建者许可的情况下才能访问账簿,提高了区块链中信息的安全性。Through the method of the above-mentioned embodiment, encrypted transaction records can be stored on each node of the block chain, and the transaction records can be read by the block chain node that created the transaction record. For the block chain nodes of other transaction participants It is said to be encrypted, which not only ensures that the production activity data of all participants in the entire production activity is shared and cannot be tampered with, it not only enhances the mutual trust relationship between multiple participants in large-scale production activities, but also makes production activities more compact. Save resources; moreover, it can also guarantee the trade secrets of each participant, and other participants can only access the account book with the permission of the creator of the transaction record, which improves the security of information in the blockchain.
如图2所示为本发明实施例一种区块链交易记录访问方法流程示意图。如图2 所示,在该图中描述了管理服务器在区块链账簿访问中所执行的方法,通过对查询交易记录请求的发起者进行身份核查,根据授权访问账簿的查询请求查找区块链节点中的加密账簿,并通过相应的私钥解密所述账簿,并将解密后的账簿数据反馈给查询账簿的请求方,具体包括:FIG. 2 is a schematic flowchart of a method for accessing blockchain transaction records according to an embodiment of the present invention. As shown in Figure 2, this figure describes the method performed by the management server in the access to the blockchain account book. By verifying the identity of the initiator of the query transaction record request, the blockchain is searched according to the query request authorized to access the account book. The encrypted account book in the node, and decrypt the account book through the corresponding private key, and feed back the decrypted account book data to the requester who inquired about the account book, specifically including:
步骤201,接收各个区块链节点的私钥。Step 201, receiving the private key of each blockchain node.
步骤202,接收所述区块链节点发起的查询交易记录请求,所述查询交易记录请求中至少包括,查询人、被查询人以及被查询交易记录。Step 202: Receive a transaction record query request initiated by the blockchain node, the transaction record query request at least including the queryer, the person to be queried, and the transaction record to be queried.
步骤203,若所述查询交易记录请求通过授权验证,则利用所述被查询人的私钥解密对应的被查询交易记录。Step 203, if the query transaction record request passes the authorization verification, decrypt the corresponding query transaction record by using the private key of the queryee.
步骤204,将所述解密后的被查询交易记录发送给所述发起查询交易记录请求的区块链节点。Step 204, sending the decrypted transaction record to be queried to the block chain node that initiated the transaction record query request.
作为本发明的一个实施例,所述授权验证中进一步包括:As an embodiment of the present invention, the authorization verification further includes:
获取所述查询人和被查询人在授权验证表中的对应关系;Obtain the corresponding relationship between the queryer and the queryee in the authorization verification table;
若所述查询人与所述被查询人处于相邻关系,则所述查询交易记录请求通过授权验证。If the inquirer is in a neighboring relationship with the inquired person, the request for inquiring transaction records passes authorization verification.
其中,授权验证表中存储有任一参与方与其上下游相关联参与方的记录,例如,在一个大型的生产活动中,螺丝零件生产商M,与其相关的钢锭材料提供商K,螺丝紧固零件生产商N,钢锭材料提供商K是螺丝零件生产商M的上游参与方,螺丝紧固零件生产商N是螺丝零件生产商M的下游参与方,钢锭材料提供商K和螺丝紧固零件生产商N都与螺丝零件生产商M相关联,由于钢锭材料提供商K和螺丝紧固零件生产商N都与螺丝零件生产商M相关联,因此这两方可能需要经常调取螺丝零件生产商M创建的电子合同或者其它存储于区块链上的交易记录,钢锭材料提供商K 需要访问其与螺丝零件生产商M之间的交易记录,螺丝紧固零件生产商N需要访问其与螺丝零件生产商M之间的交易记录,位于所述授权验证表中具有相关联性的几个参与方访问加密的交易记录时均不需得到创建这些交易记录的螺丝零件生产商M 的授权,这样可以令生产活动中相关联的参与方快速、灵活的访问区块链中存储的交易记录,而不必频繁的请求相关联创建该交易记录的一方的授权。在本例中,钢锭材料提供商K可能也包括几个相关联的参与方,例如,其上游的原材料生产厂商J,该原材料生产厂商J可以不通过钢锭材料提供商K的授权访问由钢锭材料提供商K创建的交易记录,但是却不能访问由螺丝零件生产商M创建的交易记录,同样也不能访问螺丝紧固零件生产商N创建的交易记录。Among them, the authorization verification table stores the records of any participant and its upstream and downstream related participants. Parts producer N, ingot material provider K is an upstream participant of screw parts producer M, screw fastening parts producer N is a downstream participant of screw parts producer M, ingot material provider K and screw fastening parts producer The supplier N is associated with the screw parts manufacturer M. Since the steel ingot material supplier K and the screw fastening parts manufacturer N are both associated with the screw parts manufacturer M, the two parties may need to frequently call the screw parts manufacturer M. Created electronic contracts or other transaction records stored on the blockchain, the steel ingot material provider K needs to access the transaction records between it and the screw parts manufacturer M, and the screw fastening parts manufacturer N needs to access its relationship with the screw parts production Transaction records between merchants M, when the associated parties in the authorization verification table access the encrypted transaction records, they do not need to be authorized by the screw parts manufacturer M who created these transaction records, so that The associated participants in the production activities can quickly and flexibly access the transaction records stored in the blockchain without having to frequently request authorization from the party that created the transaction records. In this example, the ingot material provider K may also include several associated parties, for example, its upstream raw material manufacturer J, which can access the ingot material provider K without the authorization of the steel ingot material provider K Transaction records created by supplier K, but cannot access the transaction records created by screw parts manufacturer M, nor can it access the transaction records created by screw fastening parts manufacturer N.
作为本发明的一个实施例,若所述查询人与所述被查询人不处于相邻关系时,包括:As an embodiment of the present invention, if the inquirer and the inquired person are not in an adjacent relationship, it includes:
向所述被查询人发出授权请求;issue a request for authorization to said person being queried;
接收所述被查询人反馈的授权应答;receiving an authorization response fed back by the person being queried;
若所述授权应答为同意所述查询交易记录请求,则执行利用所述被查询人的私钥解密对应的被查询交易记录。If the authorization response is to agree to the request for inquiring transaction records, decrypt the corresponding inquired transaction records by using the private key of the inquired person.
其中,所述授权请求中至少包括,查询交易记录请求中的查询人,被查询交易记录。Wherein, the authorization request at least includes the queryer in the transaction record query request, and the transaction record to be queried.
所述授权应答中可以包括,布尔值,0代表不同意授权请求,1代表同意授权请求,或者还可以包括其它字符串类型的数据代表同意或者不同意授权请求。The authorization response may include a Boolean value, 0 means not agreeing to the authorization request, 1 means agreeing to the authorization request, or may also include data of other character string types to indicate approval or disapproval of the authorization request.
若所述授权应答为不同意所述查询交易记录请求,则向发起查询交易记录请求的区块链节点发送拒绝查询的反馈信息。If the authorization response is disapproval of the request for inquiring transaction records, a feedback message of rejecting the inquiry is sent to the block chain node that initiated the request for inquiring transaction records.
通过本发明实施例的上述方法,可以在区块链的每一个节点上存储加密交易记录,通过管理服务器可以根据查询人与被查询人的关系,决定查询交易记录的请求是否实现,如果通过授权验证,则利用被查询人的私钥解密所述被查询交易记录,将被查询交易记录发送给查询人,保障了区块链网络中的商业秘密,对于不相关的生产活动参与方不给与原生的查询访问权利,只有对授权验证通过的查询交易记录请求给与响应,保证了区块链网络中数据的安全性。Through the above method of the embodiment of the present invention, encrypted transaction records can be stored on each node of the blockchain, and the management server can determine whether the request for querying transaction records is realized according to the relationship between the queryer and the person being queried. verification, use the private key of the queried person to decrypt the queried transaction record, and send the queried transaction record to the queried person, which guarantees the commercial secrets in the blockchain network, and does not give any unrelated production activity participants The original query access rights only respond to the query transaction record requests that have passed the authorization verification, ensuring the security of data in the blockchain network.
如图3所示为本发明实施例一种区块链节点装置结构示意图,在本图中描述了执行图1所示方法的装置结构图,本实施例装置中的某一个或者几个功能模块可以通过台式计算机实现,也可以通过平板电脑、手机等移动计算设备实现,还可以通过计算机集群实现,或者还可以通过使用通用计算处理芯片的设备实现,具体包括:Figure 3 is a schematic structural diagram of a block chain node device according to an embodiment of the present invention. In this figure, a device structure diagram for performing the method shown in Figure 1 is described. One or several functional modules in the device of this embodiment It can be realized through a desktop computer, a mobile computing device such as a tablet computer or a mobile phone, a computer cluster, or a device using a general-purpose computing processing chip, specifically including:
第一发送模块301,用于将各自的私钥发送给管理服务器进行存储。The first sending module 301 is configured to send respective private keys to the management server for storage.
加密模块302,用于利用各自的公钥对待存储交易记录进行加密。An encryption module 302, configured to encrypt the transaction records to be stored using their respective public keys.
第二发送模块303,用于将所述加密后的待存储交易记录在区块链网络中广播,在得到其它区块链节点共识验证后,将所述加密后的待存储交易记录存储入区块链。The second sending module 303 is used to broadcast the encrypted transaction record to be stored in the block chain network, and after obtaining the consensus verification of other block chain nodes, store the encrypted transaction record to be stored in the block blockchain.
作为本发明的一个实施例,还包括查询交易记录模块304,用于向管理服务器发送查询交易记录的请求;当所述查询交易记录的请求通过所述管理服务器授权验证后,接收所述管理服务器反馈的交易记录数据。As an embodiment of the present invention, it also includes a query transaction record module 304, which is used to send a request for querying transaction records to the management server; when the request for querying transaction records is authorized and verified by the management server, the management server receives the request. Feedback transaction data.
作为本发明的一个实施例,还包括授权模块305,用于接收所述管理服务器授权访问的请求;向所述管理服务器发送授权访问的指令。As an embodiment of the present invention, an authorization module 305 is also included, configured to receive a request from the management server to authorize access; and send an instruction to authorize access to the management server.
如图所示,查询交易记录模块304与授权模块305可以内置于所述区块链节点装置,也可以独立于所述区块链节点装置,它们之间可以只是逻辑上一体,实际上分别设置,通过不同的计算机或者功能模块来实现。As shown in the figure, the query transaction record module 304 and the authorization module 305 can be built in the block chain node device, or can be independent of the block chain node device. They can only be logically integrated, and actually set up separately , realized by different computers or functional modules.
通过上述实施例的装置,可以在区块链的每一个节点上存储加密交易记录,该交易记录可以由创建该交易记录的区块链节点读取,对于其它交易参与方的区块链节点来说是加密的,这样既保证了在整个生产活动中所有参与者的生产活动数据共享且不可篡改,既增强了大型生产活动中多个参与方的相互信任关系,还使得生产活动能够更加紧凑,节约资源;并且,还可以保证各参与方的商业秘密,其它参与方只能够在交易记录创建者许可的情况下才能访问账簿,提高了区块链中信息的安全性。Through the device of the above-mentioned embodiment, an encrypted transaction record can be stored on each node of the blockchain, and the transaction record can be read by the blockchain node that created the transaction record, and for other transaction participants’ blockchain nodes It is said to be encrypted, which not only ensures that the production activity data of all participants in the entire production activity is shared and cannot be tampered with, it not only enhances the mutual trust relationship between multiple participants in large-scale production activities, but also makes production activities more compact. Save resources; moreover, it can also guarantee the trade secrets of each participant, and other participants can only access the account book with the permission of the creator of the transaction record, which improves the security of information in the blockchain.
如图4所示为本发明实施例一种区块链管理服务器的结构示意图,在本图中描述的一个或者几个模块可以通过台式计算机实现,也可以通过平板电脑、手机等移动计算设备实现,还可以通过计算机集群实现,或者还可以通过使用通用计算处理芯片的设备实现,具体包括:As shown in Figure 4, it is a schematic structural diagram of a block chain management server according to an embodiment of the present invention. One or several modules described in this figure can be implemented by a desktop computer, or by a mobile computing device such as a tablet computer or a mobile phone. , can also be realized through a computer cluster, or can also be realized through a device using a general-purpose computing processing chip, specifically including:
第一接收单元401,用于接收各区块链节点的私钥。The first receiving unit 401 is configured to receive the private key of each blockchain node.
第二接收单元402,用于接收区块链节点发起的查询交易记录请求,所述查询交易记录请求中至少包括,查询人、被查询人以及被查询交易记录。The second receiving unit 402 is configured to receive a transaction record query request initiated by a blockchain node, the transaction record query request at least including the queryer, the queried person, and the queried transaction record.
授权验证单元403,用于针对所述查询交易记录请求进行授权验证。An authorization verification unit 403, configured to perform authorization verification for the request for querying transaction records.
解密单元404,用于若所述查询交易记录请求通过授权验证,则利用所述被查询人的私钥解密对应的被查询交易记录。The decryption unit 404 is configured to use the private key of the inquired person to decrypt the corresponding inquired transaction record if the inquired transaction record request passes the authorization verification.
发送单元405,用于将所述解密后的被查询交易记录发送给所述发起查询交易记录请求的区块链节点。The sending unit 405 is configured to send the decrypted transaction record to be queried to the block chain node that initiates the transaction record query request.
作为本发明的一个实施例,所述授权验证单元进一步用于,获取所述查询人和被查询人在授权验证表中的对应关系;若所述查询人与所述被查询人处于相邻关系,则所述查询交易记录请求通过授权验证。As an embodiment of the present invention, the authorization verification unit is further used to obtain the corresponding relationship between the queryer and the queried person in the authorization verification table; if the queryer and the queried person are in an adjacent relationship , then the query transaction record request passes authorization verification.
作为本发明的一个实施例,所述授权验证单元进一步用于,若所述查询人与所述被查询人不处于相邻关系时,向所述被查询人发出授权请求;接收所述被查询人反馈的授权应答;若所述授权应答为同意所述查询交易记录请求,则调用解密单元执行利用所述被查询人的私钥解密对应的被查询交易记录。As an embodiment of the present invention, the authorization verification unit is further configured to send an authorization request to the queried person if the queried person is not in an adjacent relationship with the queried person; receive the queried An authorization response fed back by the person; if the authorization response agrees with the request for inquiring transaction records, the decryption unit is invoked to decrypt the corresponding inquired transaction record using the private key of the inquired person.
如图所示,第一接收模块401可以独立于其它模块单独设置,也可以如图所示与解密单元404连接,按照第一接收模块401的功能,该模块只需要能够接收各区块链节点发送来的私钥即可,不一定必须与管理服务器一体设置,也可以通过不同的计算及或者功能模块来实现。As shown in the figure, the first receiving module 401 can be set independently from other modules, or can be connected to the decryption unit 404 as shown in the figure. According to the function of the first receiving module 401, this module only needs to be able to receive It does not necessarily have to be integrated with the management server, but it can also be realized through different calculations and or functional modules.
通过本发明实施例的上述管理服务器,可以在区块链的每一个节点上存储加密交易记录,通过管理服务器可以根据查询人与被查询人的关系,决定查询交易记录的请求是否实现,如果通过授权验证,则利用被查询人的私钥解密所述被查询交易记录,将被查询交易记录发送给查询人,保障了区块链网络中的商业秘密,对于不相关的生产活动参与方不给与原生的查询访问权利,只有对授权验证通过的查询交易记录请求给与响应,保证了区块链网络中数据的安全性。Through the above-mentioned management server of the embodiment of the present invention, encrypted transaction records can be stored on each node of the block chain, and the management server can determine whether the request for querying transaction records is realized according to the relationship between the queryer and the person being queried. Authorization verification, use the private key of the queried person to decrypt the queried transaction record, and send the queried transaction record to the queried person, which guarantees the commercial secrets in the blockchain network and does not give Unlike the original query access rights, only the query transaction record requests that pass the authorization verification are responded to, ensuring the security of data in the blockchain network.
如图5所示为本发明实施例一种区块链交易记录访问系统的机构示意图,如图5所示该系统运行于区块链网络中,其中管理服务器可以为区块链节点,也可以为独立于区块链节点的计算机,该系统具体包括:As shown in Figure 5, it is a schematic diagram of the structure of a blockchain transaction record access system according to an embodiment of the present invention. As a computer independent of blockchain nodes, the system specifically includes:
多个如上述图3所述区块链节点501,一个或者多个如上述图4所述的管理服务器502。A plurality of blockchain nodes 501 as described above in FIG. 3 , and one or more management servers 502 as described in FIG. 4 above.
所述多个区块链节点501,用于将各自的私钥发送给管理服务器进行存储;利用各自的公钥对待存储交易记录进行加密;将所述加密后的待存储交易记录在区块链网络中广播,在得到其它区块链节点共识验证后,将所述加密后的待存储交易记录存储入区块链;The plurality of block chain nodes 501 are used to send their respective private keys to the management server for storage; use their respective public keys to encrypt the transaction records to be stored; record the encrypted transaction records to be stored in the block chain Broadcast in the network, and after obtaining the consensus verification of other blockchain nodes, store the encrypted transaction records to be stored in the blockchain;
所述管理服务器502,用于接收各个所述区块链节点501的私钥;接收所述区块链节点501发起的查询交易记录请求,所述查询交易记录请求中至少包括,查询人、被查询人以及被查询交易记录;若所述查询交易记录请求通过授权验证,则利用所述被查询人的私钥解密对应的被查询交易记录;将所述解密后的被查询交易记录发送给所述发起查询交易记录请求的区块链节点501。The management server 502 is configured to receive the private key of each of the blockchain nodes 501; receive the transaction record query request initiated by the blockchain node 501, and the transaction record query request at least includes the queryer, the The inquirer and the inquired transaction record; if the inquired transaction record request passes the authorization verification, then use the inquired person’s private key to decrypt the corresponding inquired transaction record; send the decrypted inquired transaction record to the inquired transaction record The block chain node 501 that initiates the query transaction record request is described.
通过上述本发明实施例的系统,可以在记录生产、物流的区块链网络中实现各个生产、物流环节的数据安全性,只有与创建交易记录的参与方相关的参与方才能访问该交易记录,否则则需要单独获得创建交易记录参与方的授权才能访问该交易记录,让涉及生产、物流过程的商业信息更加安全的存储于区块链网络中。Through the above-mentioned system of the embodiment of the present invention, the data security of each production and logistics link can be realized in the block chain network that records production and logistics. Only the participants related to the participants who create the transaction records can access the transaction records. Otherwise, it is necessary to obtain the authorization of the participant who created the transaction record separately to access the transaction record, so that the business information related to the production and logistics process can be stored more securely in the blockchain network.
如图6所示为本发明实施例一种基于区块链网络的生产协作系统的交易信息存储流程图,在该图中,假设每两个厂商之间有关联关系,即,厂商A与厂商B和厂商C有关联,厂商B与厂商A和厂商D有关联,厂商C与厂商A和厂商D有关联,厂商A与厂商D无关联。Figure 6 is a flow chart of transaction information storage of a blockchain network-based production collaboration system according to an embodiment of the present invention. In this figure, it is assumed that there is an association between every two manufacturers, that is, manufacturer A and manufacturer A B is associated with vendor C, vendor B is associated with vendor A and vendor D, vendor C is associated with vendor A and vendor D, and vendor A is not associated with vendor D.
步骤601,厂商生成该厂商与上下游厂商之间的电子合同作为交易记录。In step 601, the manufacturer generates an electronic contract between the manufacturer and the upstream and downstream manufacturers as a transaction record.
在本步骤中,所述交易记录中可能包括有交易的双方名称,例如厂商A与厂商B;创建交易记录的发起者,例如为厂商A;交易的标的,例如钢铁原料、钢锭等,还包括交易标的的价格、交易地点、交割方式等内容,以上内容与电子合同中的内容相同。其中,举例来说,厂商B的上游厂商为厂商A,下游厂商为厂商D;厂商C的上游厂商为厂商A,下游厂商为厂商D;厂商A没有上游厂商,下游厂商包括厂商B和厂商C;厂商D上游厂商包括厂商B和厂商C,没有下游厂商。In this step, the transaction record may include the names of both parties to the transaction, such as manufacturer A and manufacturer B; the initiator who created the transaction record, such as manufacturer A; the target of the transaction, such as steel raw materials, steel ingots, etc., also includes The price of the transaction target, transaction location, delivery method, etc., the above contents are the same as those in the electronic contract. Among them, for example, the upstream manufacturer of manufacturer B is manufacturer A, and the downstream manufacturer is manufacturer D; the upstream manufacturer of manufacturer C is manufacturer A, and the downstream manufacturer is manufacturer D; manufacturer A has no upstream manufacturer, and the downstream manufacturers include manufacturer B and manufacturer C ; The upstream manufacturers of manufacturer D include manufacturers B and C, and there is no downstream manufacturer.
在本例中,厂商A创建与厂商B之间的交易记录,记为交易记录AB;厂商C 创建于厂商D之间的交易记录,记为交易记录CD。In this example, the transaction record created by vendor A with vendor B is recorded as transaction record AB; the transaction record created by vendor C between vendor D is recorded as transaction record CD.
步骤602,将所述厂商之间的关系发送给管理服务器,以建立授权验证表。Step 602, sending the relationship between the manufacturers to the management server to establish an authorization verification table.
在本步骤中,管理服务器根据厂商之间的关系建立授权验证表,其中存储有厂商与厂商之间的联系,即厂商与其上下游厂商的关系,该授权验证表用于记录厂商是否能够查询厂商之间交易记录的关系,处于上下游关系的厂商可以查询与其相关的交易记录,但是不能查询与其无关的交易记录,例如厂商A不能查询由厂商B创建的记录厂商B与厂商D之间的交易记录,厂商B可以查询由厂商A创建的记录厂商A与厂商B之间的交易记录。In this step, the management server establishes an authorization verification table based on the relationship between manufacturers, which stores the relationship between manufacturers, that is, the relationship between the manufacturer and its upstream and downstream manufacturers. The authorization verification table is used to record whether the manufacturer can query the manufacturer The relationship between transaction records, the manufacturers in the upstream and downstream relationship can query the transaction records related to them, but they cannot query the transaction records that are not related to them. For example, manufacturer A cannot query the records created by manufacturer B. The transaction between manufacturer B and manufacturer D Records, Vendor B can query the transaction records between Vendor A and Vendor B created by Vendor A.
在本步骤中,各厂商还将各自的私钥发送给管理服务器,以便管理服务器可以根据上述授权验证表对不同厂商存储入区块链的交易记录进行解密。所述各个厂商将私钥发送给管理服务器的时间可以为任意时间,并不一定在本步骤中进行。In this step, each manufacturer also sends its own private key to the management server, so that the management server can decrypt the transaction records stored in the blockchain by different manufacturers according to the above authorization verification table. The time when each manufacturer sends the private key to the management server can be any time, not necessarily in this step.
步骤603,厂商通过各自区块链节点,利用各自的公钥对其创建的交易记录进行加密。In step 603, the manufacturers use their respective public keys to encrypt the transaction records they create through their respective blockchain nodes.
在本步骤中,厂商A利用其公钥Ka对交易记录AB进行加密,形成加密后的交易记录Ka(AB),厂商C利用其公钥Kc对交易记录CD进行加密,形成加密后的交易记录Kc(CD)。其中,交易记录Ka(AB)还包括一部分未加密的信息或者在教秘的交易记录之外还具有一交易记录头文件,未加密信息或者交易记录头文件至少包括交易双方、创建该交易记录厂商,还可以包括交易的标的、日期等信息。In this step, vendor A uses its public key Ka to encrypt transaction records AB to form encrypted transaction records Ka(AB), and vendor C uses its public key Kc to encrypt transaction records CD to form encrypted transaction records Kc(CD). Among them, the transaction record Ka(AB) also includes a part of unencrypted information or has a transaction record header file in addition to the secret transaction record. , and may also include information such as the target and date of the transaction.
在本申请实施例中,由于是在特定的生产协作关系中,所有的参与方都是一个特定生产协作关系中的一环,因此每个参与方都将采用自己的区块链节点接入该生产协作的区块链网络,厂商与其对应的区块链节点可以认作为同一方,例如厂商A也就是区块链节点A,厂商B也就是区块链节点B。In the embodiment of this application, because it is in a specific production cooperation relationship, all participants are a part of a specific production cooperation relationship, so each participant will use its own blockchain node to access the In the collaborative blockchain network, manufacturers and their corresponding blockchain nodes can be regarded as the same party. For example, manufacturer A is also blockchain node A, and manufacturer B is also blockchain node B.
步骤604,厂商通过各自区块链节点,利用各自的私钥对其创建的加密后的交易记录进行签名。In step 604, the manufacturers use their own private keys to sign the encrypted transaction records they created through their respective blockchain nodes.
在本步骤中,厂商A用其私钥PKa对交易记录Ka(AB)进行签名,形成签名后的交易记录PKa(Ka(AB));厂商C利用其私钥PKc对交易记录Kc(CD)进行签名,形成签名后的交易记录PKc(Kc(CD))。其中,签名可以仅对加密后的交易记录的一部分进行签名,例如对交易记录头文件进行签名,将签名与交易记录头文件和其后的加密的交易记录构成签名后的交易记录,或者对于加密的交易文件的前或者后 5%(或者其它百分比)的字符串进行签名,将签名与交易记录头文件以及加密的交易记录构成签名后的交易记录。In this step, vendor A signs the transaction record Ka(AB) with its private key PKa to form a signed transaction record PKa(Ka(AB)); vendor C uses its private key PKc to sign the transaction record Kc(CD) Sign it to form a signed transaction record PKc(Kc(CD)). Among them, the signature can only sign a part of the encrypted transaction record, such as signing the transaction record header file, combining the signature with the transaction record header file and the subsequent encrypted transaction record to form a signed transaction record, or for encrypted Sign the strings of the first or last 5% (or other percentages) of the transaction file, and combine the signature with the transaction record header file and encrypted transaction records to form a signed transaction record.
步骤605,厂商将签名后的交易记录广播到区块链网络中,以通过共识验证。Step 605, the manufacturer broadcasts the signed transaction record to the blockchain network to pass the consensus verification.
在本步骤中,厂商A在区块链节点A上将其创建的交易记录PKa(Ka(AB)) 广播到其它区块链节点B/C/D上,这些区块链节点对所述加密交易记录进行共识验证,也就是利用厂商A的公钥对PKa(Ka(AB))的签名进行验签,将厂商A的公钥解密签名,并将解密后的签名内容,例如交易记录头文件或者交易记录的前5%,与接收到的交易记录头文件(明文)或者交易记录的前5%进行对比,如果一致,则证明该交易记录是由厂商A发送的,并且加密的交易记录为被篡改。In this step, manufacturer A broadcasts the transaction record PKa(Ka(AB)) created by it on blockchain node A to other blockchain nodes B/C/D, and these blockchain nodes encrypt the Consensus verification of transaction records, that is, using the public key of vendor A to verify the signature of PKa(Ka(AB)), decrypting the signature with the public key of vendor A, and decrypting the decrypted signature content, such as the transaction record header file Or the first 5% of the transaction record, compare it with the received transaction record header file (plain text) or the first 5% of the transaction record, if they are consistent, it proves that the transaction record was sent by vendor A, and the encrypted transaction record is tampered with.
步骤606,区块链节点将交易记录写入区块链的账簿中。Step 606, the blockchain node writes the transaction records into the ledger of the blockchain.
在本步骤中,当通过共识验证后,区块链中的各个节点将区块链节点A广播的交易记录Ka(AB)写入区块链的账簿中。其中,所述交易记录中包括加密的部分,以及未加密用于查询的部分,在这部分内容为交易记录的摘要,并不包括交易的详细内容。In this step, after passing the consensus verification, each node in the blockchain writes the transaction record Ka(AB) broadcast by blockchain node A into the ledger of the blockchain. Wherein, the transaction record includes an encrypted part and an unencrypted part for query, and the content of this part is a summary of the transaction record, and does not include the detailed content of the transaction.
如图7所示为本发明实施例一种基于区块链网络的生产协作系统的交易信息查询流程图,在本图中管理服务器根据查询方的权限判断是否能够访问详细的交易记录,增强了区块链网络中交易记录的数据安全性,不相关的生产协作参与方不能访问未授权访问的交易记录,具体包括:As shown in Figure 7, it is a transaction information query flow chart of a production collaboration system based on a blockchain network according to an embodiment of the present invention. In this figure, the management server judges whether it can access detailed transaction records according to the authority of the querying party, which enhances the For the data security of transaction records in the blockchain network, unrelated production collaboration participants cannot access transaction records that are not authorized to be accessed, including:
步骤701,接收并保存区块链节点中各节点的私钥。Step 701, receiving and saving the private key of each node in the blockchain node.
在本步骤中,区块链各个节点例如节点A、节点B等均将各自的私钥通过加密通道的方式发送给管理服务器,以保证私钥传输的安全。管理服务器还可以采用加密的方式存储所述各节点的私钥。本步骤接收并保存各节点私钥可以在任意时刻进行,并不一定要在管理服务器每次接收查询交易记录请求时进行。In this step, each node of the blockchain, such as node A, node B, etc., sends their private keys to the management server through an encrypted channel to ensure the security of private key transmission. The management server may also store the private keys of the nodes in an encrypted manner. This step of receiving and storing the private keys of each node can be performed at any time, not necessarily when the management server receives a request for querying transaction records every time.
步骤702,接收某个厂商对应区块链节点的查询请求。Step 702, receiving a query request from a certain manufacturer's corresponding blockchain node.
在本步骤中,厂商B通过其区块链节点B向管理服务器发送查询请求,其中查询请求包括查询人,例如为厂商B;被查询人,例如为厂商A;被查询的交易记录,例如为交易记录AB。In this step, vendor B sends a query request to the management server through its blockchain node B, where the query request includes the queryer, such as vendor B; the queried person, such as vendor A; the queried transaction record, such as Transaction record AB.
步骤703,管理服务器查询授权验证表,是否允许该查询请求,如果允许则进入步骤704,否则进入步骤705。Step 703 , the management server queries the authorization verification table to see if the query request is allowed, and if so, proceeds to step 704 , otherwise proceeds to step 705 .
在本步骤中,授权验证表中记录有,交易记录AB,该交易记录的创建者为A,厂商A的所有相邻厂商关系。In this step, the authorization verification table records the transaction record AB, the creator of the transaction record is A, and all the adjacent manufacturer relationships of manufacturer A.
步骤704,允许访问请求,并进入步骤708。Step 704, allow the access request, and go to step 708.
在本步骤中,由于查询人为厂商B,被查询厂商为A,收授权验证表中存储有厂商A与厂商B相邻,因此可以直接允许该查询请求。In this step, since the inquiring person is manufacturer B, the queried manufacturer is A, and the receiving authorization verification table stores that manufacturer A is adjacent to manufacturer B, the query request can be directly allowed.
步骤705,不允许查询请求,后进入步骤706。In step 705, the query request is not allowed, and then enters step 706.
在本步骤中,如果查询人为厂商D,被查询人为A,被查询的交易记录为AB,则授权验证表中记录有厂商A的所有相邻关系,其中有厂商A与厂商B,厂商A与厂商C,但是没有厂商A与厂商D,因此不能允许该查询请求。In this step, if the inquiring person is vendor D, the inquired person is A, and the queried transaction record is AB, then the authorization verification table records all the adjacent relationships of vendor A, including vendor A and vendor B, vendor A and Vendor C, but there is no vendor A and vendor D, so the query request cannot be allowed.
步骤706,管理服务器向被查询人的区块链节点发送授权请求。Step 706, the management server sends an authorization request to the blockchain node of the inquired person.
在本步骤中,管理服务器向厂商D发送授权请求,其中包括查询人、被查询交易记录。In this step, the management server sends an authorization request to vendor D, which includes the queryer and the transaction record to be queried.
步骤707,被查询人的区块链节点反馈授权应答,如果授权应答为允许访问,则进入步骤708,否则进入步骤711。Step 707, the block chain node of the queried person feeds back an authorization response, if the authorization response is to allow access, go to step 708, otherwise go to step 711.
步骤708,管理服务器根据被查询交易记录查询区块链节点账簿中的交易记录摘要。Step 708, the management server queries the summary of the transaction records in the ledger of the blockchain node according to the queried transaction records.
在本步骤中,区块链节点账簿中的交易记录均为加密存储的数据,可以将被查询交易记录与未加密的部分或者是交易记录头文件(也就是交易记录摘要)进行对比,找到一致的交易记录。In this step, the transaction records in the blockchain node account book are all encrypted and stored data, and the queried transaction records can be compared with the unencrypted part or the transaction record header file (that is, the summary of the transaction record) to find a consistent transaction records.
步骤709,管理服务器利用存储的被查询人的私钥解密所述找到的交易记录。Step 709, the management server uses the stored private key of the queried person to decrypt the found transaction records.
在本步骤中,管理服务器利用事先存储的厂商A的私钥PKa解密由厂商A创建的交易记录Ka(AB),得到明文的交易记录AB。In this step, the management server decrypts the transaction record Ka(AB) created by the vendor A by using the private key PKa of the vendor A stored in advance, and obtains the transaction record AB in clear text.
步骤710,将解密后的交易记录发送给查询人对应的区块链节点。Step 710, sending the decrypted transaction record to the blockchain node corresponding to the queryer.
步骤711,向查询人对应的区块链节点反馈查询失败的信息。Step 711, feed back the query failure information to the block chain node corresponding to the queryer.
在本步骤中,可以向查询人对应的区块链节点D反馈由于未得到厂商A的授权,因此查询失败,或者反馈查询人无权查询该交易记录等信息。In this step, it can be fed back to the blockchain node D corresponding to the inquirer that the query failed because it was not authorized by manufacturer A, or that the inquirer has no right to inquire about the transaction record and other information.
通过本发明的以上实施例,可以在记录生产、物流的区块链网络中实现各个生产、物流环节的数据安全性,只有与创建交易记录的参与方相关的参与方才能访问该交易记录,否则则需要单独获得创建交易记录参与方的授权才能访问该交易记录,让涉及生产、物流过程的商业信息更加安全的存储于区块链网络中。Through the above embodiments of the present invention, the data security of each production and logistics link can be realized in the block chain network that records production and logistics. Only the participants related to the participants who create the transaction records can access the transaction records, otherwise It is necessary to obtain the authorization of the participant who created the transaction record separately to access the transaction record, so that the business information related to the production and logistics process can be stored in the blockchain network more securely.
本发明实施例还提供一种计算机可读指令,其中在当电子设备中执行所述指令时,其中的程序使得电子设备执行如图1至图2所示的确定处理器操作的方法。The embodiment of the present invention also provides a computer-readable instruction, wherein when the instruction is executed in the electronic device, the program therein causes the electronic device to execute the method for determining the operation of the processor as shown in FIG. 1 to FIG. 2 .
应理解,在本发明的各种实施例中,上述各过程的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本发明实施例的实施过程构成任何限定。It should be understood that in various embodiments of the present invention, the sequence numbers of the above-mentioned processes do not mean the order of execution, and the execution order of each process should be determined by its functions and internal logic, rather than by the embodiment of the present invention. The implementation process constitutes any limitation.
还应理解,在本发明实施例中,术语“和/或”仅仅是一种描述关联对象的关联关系,表示可以存在三种关系。例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。另外,本文中字符“/”,一般表示前后关联对象是一种“或”的关系。It should also be understood that in the embodiments of the present invention, the term "and/or" is only an association relationship describing associated objects, indicating that there may be three relationships. For example, A and/or B may mean that A exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" in this article generally indicates that the contextual objects are an "or" relationship.
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、计算机软件或者二者的结合来实现,为了清楚地说明硬件和软件的可互换性,在上述说明中已经按照功能一般性地描述了各示例的组成及步骤。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本发明的范围。Those of ordinary skill in the art can realize that the units and algorithm steps of the examples described in conjunction with the embodiments disclosed herein can be implemented by electronic hardware, computer software, or a combination of the two. In order to clearly illustrate the relationship between hardware and software Interchangeability. In the above description, the composition and steps of each example have been generally described according to their functions. Whether these functions are executed by hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art may use different methods to implement the described functions for each specific application, but such implementation should not be regarded as exceeding the scope of the present invention.
所属领域的技术人员可以清楚地了解到,为了描述的方便和简洁,上述描述的系统、装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the above-described system, device and unit can refer to the corresponding process in the foregoing method embodiment, and will not be repeated here.
在本申请所提供的几个实施例中,应该理解到,所揭露的系统、装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另外,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口、装置或单元的间接耦合或通信连接,也可以是电的,机械的或其它的形式连接。In the several embodiments provided in this application, it should be understood that the disclosed systems, devices and methods may be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components can be combined or May be integrated into another system, or some features may be ignored, or not implemented. In addition, the mutual coupling or direct coupling or communication connection shown or discussed may be indirect coupling or communication connection through some interfaces, devices or units, and may also be electrical, mechanical or other forms of connection.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本发明实施例方案的目的。The units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place, or may be distributed to multiple network units. Part or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment of the present invention.
另外,在本发明各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以是两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, each unit may exist separately physically, or two or more units may be integrated into one unit. The above-mentioned integrated units can be implemented in the form of hardware or in the form of software functional units.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分,或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-OnlyMemory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated unit is realized in the form of a software function unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention is essentially or the part that contributes to the prior art, or all or part of the technical solution can be embodied in the form of software products, and the computer software products are stored in a storage medium In, several instructions are included to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the method described in each embodiment of the present invention. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (ROM, Read-OnlyMemory), random access memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program codes.
本发明中应用了具体实施例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其核心思想;同时,对于本领域的一般技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本发明的限制。In the present invention, specific examples have been applied to explain the principles and implementation methods of the present invention, and the descriptions of the above examples are only used to help understand the method of the present invention and its core idea; meanwhile, for those of ordinary skill in the art, according to this The idea of the invention will have changes in the specific implementation and scope of application. To sum up, the contents of this specification should not be construed as limiting the present invention.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810414064.4ACN108616539B (en) | 2018-05-03 | 2018-05-03 | A method and system for accessing blockchain transaction records |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810414064.4ACN108616539B (en) | 2018-05-03 | 2018-05-03 | A method and system for accessing blockchain transaction records |
| Publication Number | Publication Date |
|---|---|
| CN108616539A CN108616539A (en) | 2018-10-02 |
| CN108616539Btrue CN108616539B (en) | 2019-08-20 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810414064.4AActiveCN108616539B (en) | 2018-05-03 | 2018-05-03 | A method and system for accessing blockchain transaction records |
| Country | Link |
|---|---|
| CN (1) | CN108616539B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109447639A (en)* | 2018-10-23 | 2019-03-08 | 杭州复杂美科技有限公司 | Privacy transactions balances scan method, equipment and storage medium |
| CN112381646B (en)* | 2018-10-31 | 2024-10-22 | 蚂蚁链技术有限公司 | Blockchain-based privacy transaction and application method and device thereof |
| CN109660350A (en)* | 2018-10-31 | 2019-04-19 | 阿里巴巴集团控股有限公司 | Data based on block chain deposit card method and device, electronic equipment |
| US20220027903A1 (en) | 2018-11-27 | 2022-01-27 | nChain Holdings Limited | Systems and methods for efficient and secure processing, accessing and transmission of data via a blockchain network |
| CN109583759A (en)* | 2018-11-30 | 2019-04-05 | 深圳还是威健康科技有限公司 | Resource regulating method and relevant device in a kind of product development system |
| CN110457942B (en)* | 2018-12-07 | 2022-11-04 | 深圳市智税链科技有限公司 | Signature verification method for uplink data block, service node and medium |
| CN109741800A (en)* | 2018-12-20 | 2019-05-10 | 李秦豫 | Security protection method for internal and external network interaction of medical data based on blockchain technology |
| CN111404863A (en)* | 2019-01-02 | 2020-07-10 | 中国移动通信有限公司研究院 | Data processing method and device |
| CN113474804B (en)* | 2019-02-22 | 2025-04-25 | 王健 | Digital currency transaction and account verification method, device and storage medium |
| CN110083620A (en)* | 2019-03-21 | 2019-08-02 | 深圳壹账通智能科技有限公司 | Based on the data query method and device of block chain, storage medium, electronic device |
| CN110135175A (en)* | 2019-04-26 | 2019-08-16 | 平安科技(深圳)有限公司 | Blockchain-based information processing, acquisition method, device, equipment and medium |
| CN110232569B (en)* | 2019-05-07 | 2021-04-16 | 北京奇艺世纪科技有限公司 | Method and device for reading transaction record and storage medium |
| CN110190967A (en)* | 2019-06-03 | 2019-08-30 | 北京共识数信科技有限公司 | A kind of aeronautical material information sharing method based on block chain |
| CN110210861A (en)* | 2019-06-11 | 2019-09-06 | 北京艾摩瑞策科技有限公司 | Data trade method and its equipment on block chain |
| SG11202001961VA (en)* | 2019-06-27 | 2020-04-29 | Alibaba Group Holding Ltd | Managing cybersecurity vulnerabilities using blockchain networks |
| CN110377635B (en)* | 2019-07-02 | 2021-09-17 | 银清科技有限公司 | Block chain architecture-based RMB cross-border payment inquiry and retrieval method and device |
| CN112418850A (en)* | 2019-08-21 | 2021-02-26 | 中国移动通信有限公司研究院 | A transaction method, device and electronic device based on blockchain |
| US11288380B2 (en)* | 2019-10-14 | 2022-03-29 | Oracle International Corporation | Securely sharing selected fields in a blockchain with runtime access determination |
| WO2021132483A1 (en)* | 2019-12-26 | 2021-07-01 | シビラ株式会社 | Application linkage method, computer program, and application linkage system |
| CN111127021B (en)* | 2019-12-31 | 2020-10-30 | 蚂蚁区块链科技(上海)有限公司 | Service request method and device based on block chain |
| CN111008228A (en)* | 2020-03-09 | 2020-04-14 | 支付宝(杭州)信息技术有限公司 | Method and device for inquiring account privacy information in block chain |
| CN111598696B (en)* | 2020-05-19 | 2023-04-07 | 京东科技信息技术有限公司 | Transaction tracing method and device based on block chain |
| CN111553691A (en)* | 2020-05-21 | 2020-08-18 | 陈议尊 | Pure decentralized block chain method and system |
| CN111353176B (en)* | 2020-05-22 | 2020-12-04 | 支付宝(杭州)信息技术有限公司 | Method and system for inquiring block chain data |
| CN111835783B (en)* | 2020-07-22 | 2022-09-02 | 东莞盟大集团有限公司 | Data retrieval method and device and computer equipment |
| CN112612849B (en) | 2020-07-24 | 2024-06-18 | 支付宝(杭州)信息技术有限公司 | Data processing method, device, equipment and medium |
| CN111814172A (en) | 2020-08-28 | 2020-10-23 | 支付宝(杭州)信息技术有限公司 | Method, device and equipment for acquiring data authorization information |
| CN112866235B (en) | 2020-08-28 | 2023-03-24 | 支付宝(杭州)信息技术有限公司 | Data processing method, device and equipment |
| CN111815420B (en) | 2020-08-28 | 2021-07-06 | 支付宝(杭州)信息技术有限公司 | A matching method, device and device based on trusted asset data |
| CN111741036B (en) | 2020-08-28 | 2020-12-18 | 支付宝(杭州)信息技术有限公司 | A trusted data transmission method, device and device |
| CN113434849B (en) | 2020-09-04 | 2025-03-28 | 蚂蚁区块链科技(上海)有限公司 | A data management method, device and equipment based on trusted hardware |
| CN111814196B (en) | 2020-09-04 | 2021-01-05 | 支付宝(杭州)信息技术有限公司 | A data processing method, device and equipment |
| CN111814156B (en) | 2020-09-04 | 2022-04-29 | 支付宝(杭州)信息技术有限公司 | A data acquisition method, device and device based on trusted equipment |
| CN111932426B (en) | 2020-09-15 | 2021-01-26 | 支付宝(杭州)信息技术有限公司 | A method, device and device for identity management based on trusted hardware |
| CN111930846B (en)* | 2020-09-15 | 2021-02-23 | 支付宝(杭州)信息技术有限公司 | Data processing method, device and equipment |
| CN111931238B (en) | 2020-09-15 | 2021-05-04 | 支付宝(杭州)信息技术有限公司 | Block chain-based data asset transfer method, device and equipment |
| CN112905705A (en)* | 2021-03-19 | 2021-06-04 | 南京博雅区块链研究院有限公司 | Data life cycle management system based on block chain |
| CN113079006B (en)* | 2021-03-29 | 2021-11-30 | 上海纬百科技有限公司 | Information processing method for key, electronic device and storage medium |
| CN116029729B (en)* | 2023-03-22 | 2023-06-06 | 安徽省大数据中心 | Cross-link method and system based on dynamic access application link management contract mode |
| CN117294429B (en)* | 2023-09-23 | 2024-04-19 | 南京市公共资源交易中心江北新区分中心 | Public resource transaction data encryption and decryption method, system and medium based on blockchain |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107862215A (en)* | 2017-09-29 | 2018-03-30 | 阿里巴巴集团控股有限公司 | A kind of date storage method, data query method and device |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10749684B2 (en)* | 2016-09-30 | 2020-08-18 | Entrust, Inc. | Methods and apparatus for providing blockchain participant identity binding |
| CN106982203B (en)* | 2017-01-06 | 2020-05-22 | 中国银联股份有限公司 | Robust ATM network system based on block chain technology and information processing method thereof |
| CN107231351B (en)* | 2017-05-25 | 2021-01-08 | 远光软件股份有限公司 | Electronic certificate management method and related equipment |
| CN107888375A (en)* | 2017-11-08 | 2018-04-06 | 深圳市携网科技有限公司 | A kind of electronic evidence safety system and method based on block chain technology |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107862215A (en)* | 2017-09-29 | 2018-03-30 | 阿里巴巴集团控股有限公司 | A kind of date storage method, data query method and device |
| Publication number | Publication date |
|---|---|
| CN108616539A (en) | 2018-10-02 |
| Publication | Publication Date | Title |
|---|---|---|
| CN108616539B (en) | A method and system for accessing blockchain transaction records | |
| TWI764037B (en) | Interaction method and system across blockchain, computer equipment and storage medium | |
| CN111723355B (en) | Information management in a database | |
| EP3610606B1 (en) | Managing sensitive data elements in a blockchain network | |
| CN111556120B (en) | Data processing method and device based on block chain, storage medium and equipment | |
| US10778445B1 (en) | Processing data elements stored in blockchain networks | |
| WO2022121058A1 (en) | Blockchain-based trusted sharing method for protection of privacy-related government data | |
| CN111046352A (en) | Identity information security authorization system and method based on block chain | |
| TW202029044A (en) | Block chain transaction generation method and device | |
| CN111753002B (en) | Consent-based data management | |
| WO2022001526A1 (en) | Block chain-based trade data processing method and related device thereof | |
| CN110569666B (en) | Block chain-based data statistics method and device | |
| JP2023043870A (en) | Method and system for managing user data privacy | |
| CN113169866A (en) | Techniques to prevent collusion using simultaneous key distribution | |
| CN109743168B (en) | Alliance link resource sharing method and device and storage medium thereof | |
| CN108769010A (en) | The method and apparatus that node is invited to registration | |
| CN111291122B (en) | Bidding method and device based on block chain | |
| CN115065542A (en) | Permission verification method and device, processor and electronic equipment | |
| CN117009988A (en) | Encryption data storage and query method based on blockchain | |
| WO2021134897A1 (en) | Blockchain supply chain transaction hidden dynamic supervision system and method | |
| CN113242219A (en) | Data transmission method, block chain network and storage medium | |
| CN115085934A (en) | Contract management method based on block chain and combined key and related equipment | |
| CN117134893A (en) | Digital collection processing method, device and system | |
| WO2021057124A1 (en) | Fpga-based privacy block chain implementing method and device | |
| CN113783689B (en) | Sign information processing method and device |
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | Effective date of registration:20191223 Address after:518000 3 / F, building 3, Pingshan private enterprise science and Technology Park, No. 65, Lishan Road, Pingshan community, Taoyuan Street, Nanshan District, Shenzhen City, Guangdong Province Patentee after:Shenzhen Xinzhi Intellectual Property Operation Co., Ltd Address before:No. 17 building industry in Guangdong province 523000 Dongguan Dongcheng Street Dongguan Dongtai community Avenue 06 floor No. 08 Patentee before:Dongguan informative Mdt InfoTech Ltd | |
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right | Effective date of registration:20211021 Address after:523000 1801a, block D, first international wealth center, Yuanmei East Road, Xincheng street, Dongguan City, Guangdong Province Patentee after:DONGGUAN HENGBANG ENTERPRISE SERVICE Co.,Ltd. Address before:D08003, 3rd floor, building 3, Pingshan private enterprise science and Technology Park, 65 Lishan Road, Pingshan community, Taoyuan Street, Nanshan District, Shenzhen City, Guangdong Province Patentee before:Shenzhen Xinzhi Intellectual Property Operation Co.,Ltd. | |
| TR01 | Transfer of patent right |