CN113486409A

Movatterモバイル変換

Info

Publication number: CN113486409A
Application number: CN202110851550.4A
Authority: CN
Inventors: 章秀杨
Original assignee: Bank of China Ltd
Current assignee: Bank of China Ltd
Priority date: 2021-07-27
Filing date: 2021-07-27
Publication date: 2021-10-08

Abstract

Translated fromChinese

本发明公开了一种电子合同的防篡改方法及装置、存储介质及电子设备，当接收到用户发送的对待操作电子合同的操作请求时，获取所述用户输入的用户私钥；对所述用户私钥进行密钥验证；若所述用户私钥通过密钥验证，则允许所述用户对所述待操作电子合同进行操作，并将所述用户对所述待操作电子合同的操作信息以及所述用户的个人信息上传至已建立的联盟链中。本发明实施例提供的方法中，当用户需要对电子合同进行操作时，系统首先验证用户输入的用户私钥，在通过私钥验证后允许用户对电子合同进行操作，并将操作过程中产生的操作信息上传至联盟链，由联盟链进行监督，起到了对用户行为的监督作用，使电子合同不被随意篡改，保证了电子合同的安全性。

The invention discloses an anti-tampering method and device for an electronic contract, a storage medium and an electronic device. When receiving an operation request sent by a user to operate an electronic contract, the user private key input by the user is obtained; The private key performs key verification; if the user's private key passes the key verification, the user is allowed to operate the electronic contract to be operated, and the user's operation information on the electronic contract to be operated and all The user's personal information is uploaded to the established alliance chain. In the method provided by the embodiment of the present invention, when the user needs to operate the electronic contract, the system first verifies the user's private key input by the user, and after passing the private key verification, allows the user to operate the electronic contract, and converts the data generated during the operation to the user's private key. The operation information is uploaded to the alliance chain, which is supervised by the alliance chain, which plays a role in supervising the user's behavior, so that the electronic contract is not tampered with at will, and the security of the electronic contract is guaranteed.

Description

Electronic contract tamper-proof method and device, storage medium and electronic equipment

Technical Field

The present invention relates to the field of block chain technologies, and in particular, to a tamper-resistant method and apparatus for an electronic contract, a storage medium, and an electronic device.

Background

With the development of internet technology, the electronization of paper pieces has become a trend. Traditional paper contracts have been gradually replaced by electronic contracts in the banking and insurance fields. With the application of electronic contracts to the internet, the security of electronic contracts has become an important solution.

In practical applications, the contract amount or related constraints involved in the electronic contract will bring direct profit damage to both parties if the contract amount or related constraints are improperly regulated or are freely changed in case of network intrusion.

Disclosure of Invention

In view of the above problems, the present invention provides a tamper-proof method and apparatus for an electronic contract, a storage medium and an electronic device, which overcome the above problems or at least partially solve the above problems, and the technical solutions are as follows:

a tamper-resistant method of an electronic contract, comprising:

when an operation request of an electronic contract to be operated sent by a user is received, acquiring a user private key input by the user;

performing key verification on the user private key;

and if the private key of the user passes the key verification, allowing the user to operate the electronic contract to be operated, and uploading the operation information of the user on the electronic contract to be operated and the personal information of the user to an established alliance chain.

Optionally, the above method, where performing key verification on the user private key includes:

comparing the user private key with a verification private key in a pre-generated asymmetric key;

and if the user private key is the same as the verification private key, the user private key is verified through the key verification of the user private key.

Optionally, the method for generating the verification private key includes:

acquiring personal information of the user;

and according to the personal information, generating an asymmetric key by applying a digital signature technology, wherein the asymmetric key comprises a verification public key and a verification private key.

Optionally, in the method, the operating the to-be-operated electronic contract by the user includes:

determining the operation type of the user on the electronic contract to be operated;

determining the operation flow of the user to the electronic contract to be operated according to the operation type;

and operating the electronic contract to be operated according to the operation flow.

The above method, optionally, further includes:

and when the prompt message of the alliance chain is received, the operation of the user on the electronic contract to be operated is cancelled.

A tamper-resistant device for an electronic contract, comprising:

the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring a user private key input by a user when receiving an operation request of an electronic contract to be operated sent by the user;

the verification unit is used for carrying out key verification on the user private key;

and the uploading unit is used for allowing the user to operate the electronic contract to be operated if the private key of the user passes the key verification, and uploading the operation information of the user on the electronic contract to be operated and the personal information of the user to an established alliance chain.

The above apparatus, optionally, the uploading unit includes:

the first determining subunit is used for determining the operation type of the user on the electronic contract to be operated;

the second determining subunit is configured to determine, according to the operation type, an operation flow of the user for the to-be-operated electronic contract;

and the operation subunit is used for operating the electronic contract to be operated according to the operation process.

The above apparatus, optionally, further comprises:

and the canceling unit is used for canceling the operation of the user on the electronic contract to be operated when the prompt message of the alliance chain is received.

A storage medium, the storage medium comprising stored instructions, wherein when the instructions are executed, a device where the storage medium is located is controlled to execute the above-mentioned tamper-proof method for an electronic contract.

An electronic device comprises at least one processor, at least one memory connected with the processor, and a bus; the processor and the memory complete mutual communication through a bus; the processor is used for calling the program instructions in the memory to execute the tamper-proof method of the electronic contract.

Compared with the prior art, the invention has the following advantages: the invention provides a tamper-proof method of an electronic contract, which comprises the steps of obtaining a user private key input by a user when receiving an operation request of the electronic contract to be operated, which is sent by the user; performing key verification on the user private key; and if the private key of the user passes the key verification, allowing the user to operate the electronic contract to be operated, and uploading the operation information of the user on the electronic contract to be operated and the personal information of the user to an established alliance chain. In the method provided by the embodiment of the invention, when a user needs to operate the electronic contract, the system firstly verifies the user private key input by the user, allows the user to operate the electronic contract after the private key is verified, uploads the operation information generated in the operation process to the alliance chain, and is supervised by the alliance chain, thereby playing a role in supervising the user behavior, preventing the electronic contract from being randomly tampered and ensuring the safety of the electronic contract.

The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.

Drawings

Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:

fig. 1 is a flowchart of a method for preventing an electronic contract from being tampered according to an embodiment of the present invention;

FIG. 2 is a flowchart of another method for preventing an electronic contract from being tampered with according to an embodiment of the present invention;

FIG. 3 is a flowchart of another method for implementing a tamper-proof method for an electronic contract according to an embodiment of the present invention;

fig. 4 is a schematic structural diagram of a tamper-proofing device for an electronic contract according to an embodiment of the present invention;

fig. 5 is a schematic structural diagram of a tamper-proofing apparatus for an electronic contract according to an embodiment of the present invention;

fig. 6 is a structural diagram of an electronic device according to an embodiment of the present invention.

Detailed Description

Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.

Referring to fig. 1, which is a method flowchart illustrating a method for preventing an electronic contract from being tampered according to an embodiment of the present invention, an execution process of the method illustrated in fig. 1 is a feasible implementation method of the method for preventing an electronic contract from being tampered according to the embodiment of the present invention, the method for preventing an electronic contract from being tampered according to the embodiment of the present invention may be applied to various enterprise and public service system platforms, an execution subject for executing the method may be a processor disposed in a system platform, the system platform related in the method provided in the embodiment of the present invention is associated with an established federation chain, and members of the federation chain may include all interaction terminals having business relationships with the system platform. The method specifically comprises the following steps:

s101: when an operation request of an electronic contract to be operated sent by a user is received, acquiring a user private key input by the user;

in the method provided by the embodiment of the invention, when a user needs to operate the related electronic contract, the user needs to send an operation request for operating the electronic contract to the system platform, and the system platform needs to verify the identity of the user after receiving the operation request sent by the user.

S102: performing key verification on the user private key;

in the method provided by the embodiment of the invention, after the user inputs the user private key, the system platform can verify the user private key input by the user.

S103: and if the private key of the user passes the key verification, allowing the user to operate the electronic contract to be operated, and uploading the operation information of the user on the electronic contract to be operated and the personal information of the user to an established alliance chain.

In the method provided by the embodiment of the invention, if the private key of the user passes the key verification, the user is allowed to log in the system platform at the system platform to operate the electronic contract required to be operated, and simultaneously, the system platform can record all operation information of the user on the electronic contract and personal information of the user.

The system platform uploads the operation information of the user on the electronic contract and the personal information of the user to an established alliance chain, and the operation behavior of the user on the electronic contract is supervised through each interactive end in the alliance chain.

In the method provided by the embodiment of the invention, when a user needs to operate the electronic contract, the system firstly verifies the user private key input by the user, allows the user to operate the electronic contract after the private key is verified, uploads the operation information generated in the operation process to the alliance chain, and is supervised by the alliance chain, thereby playing a role in supervising the user behavior, preventing the electronic contract from being randomly tampered and ensuring the safety of the electronic contract.

In the method provided by the embodiment of the present invention, the performing key verification on the user private key includes:

In the method provided by the embodiment of the present invention, the generating process of the verification private key includes:

acquiring personal information of the user;

In the method provided by the embodiment of the invention, in the process of establishing the system platform, a corresponding asymmetric key is generated by applying a relevant digital signature technology aiming at personal information of each user in advance, wherein a verification private key included in the asymmetric key is a certificate for verifying the identity of the user.

Referring to fig. 2, a specific process of the user operating the to-be-operated electronic contract in the method provided by the embodiment of the present invention is shown, including:

s201: determining the operation type of the user on the electronic contract to be operated;

s202: determining the operation flow of the user to the electronic contract to be operated according to the operation type;

s203, operating the electronic contract to be operated according to the operation flow.

In the method provided by the embodiment of the invention, the operation types of the electronic contract to be operated by the user can be various, and the method can comprise uploading a specific electronic contract to the system platform, and also can comprise modifying a contract item in the specific electronic contract in the system platform.

In the method provided by the embodiment of the invention, after the operation type of the electronic contract to be operated by the user is determined, the operation flow is determined according to the corresponding operation type, and then the electronic contract is operated according to the operation flow.

Referring to fig. 3, on the basis of fig. 1, the method provided by the embodiment of the present invention further includes:

s104: and when the prompt message of the alliance chain is received, the operation of the user on the electronic contract to be operated is cancelled.

In the method provided by the embodiment of the invention, after the system platform uploads the operation information of the user on the electronic contract and the personal information of the user to the alliance chain, if the system platform receives the prompt information of the alliance chain to prompt the user that the operation of the user on the electronic contract is wrong, the system platform can cancel the operation of the user on the electronic contract to be operated.

In the tamper-proofing method for the electronic contract provided by the embodiment of the invention, the digital signature technology is adopted to ensure the integrity of the data and protect the data, and the data is prevented from being forged by people, so that the safety of the information of the electronic contract in the transmission process is protected. In the method provided by the embodiment of the invention, a block chain evidence storing technology is adopted, the characteristic that a plurality of parties participate in management and operation on a block chain is utilized, the electronic contract information is broadcasted to respective nodes of all members on the link, once all the information is stored, any party cannot be tampered, and the safety of the electronic contract during the storage period is ensured. The two are combined, so that the electronic contract can be guaranteed to be tamper-proof.

In the method provided by the embodiment of the invention, an open block chain alliance with multiple parties participating together is realized, the bottom layer is supported by a block chain technology, a system platform is used for inquiring and uploading by all parties, all parties can use the system platform only by registering real names, an asymmetric key is generated by using a digital signature technology, the user can upload and modify an electronic contract only under the condition that a private key is correct, once electronic contract information is uploaded or changed, recorded operator information and the electronic contract information are linked together, and all related parties can check the information, thereby guaranteeing the fair disclosure of each operation to the maximum extent.

The embodiment of the present invention further provides a tamper-proofing device for an electronic contract, which corresponds to the tamper-proofing method for an electronic contract, where the tamper-proofing device for an electronic contract is used to implement an application of the tamper-proofing method for an electronic contract in practice, and a structural diagram of the tamper-proofing device for an electronic contract may refer to fig. 4, and the tamper-proofing device for an electronic contract includes:

an obtainingunit 301, configured to obtain a user private key input by a user when receiving an operation request of an electronic contract to be operated sent by the user;

averification unit 302, configured to perform key verification on the user private key;

anuploading unit 303, configured to allow the user to operate the to-be-operated electronic contract if the user private key passes the key verification, and upload the operation information of the to-be-operated electronic contract and the personal information of the user to an established alliance chain.

In the device provided by the embodiment of the invention, when a user needs to operate the electronic contract, the system firstly verifies the user private key input by the user, allows the user to operate the electronic contract after the private key is verified, uploads the operation information generated in the operation process to the alliance chain, and is supervised by the alliance chain, so that the supervision effect on the user behavior is achieved, the electronic contract is not randomly tampered, and the safety of the electronic contract is ensured.

Referring to fig. 5, on the basis of fig. 4, there is shown another schematic structural diagram of the tamper-proofing apparatus for electronic contracts provided by the embodiment of the present invention, where theuploading unit 303 includes:

a first determiningsubunit 304, configured to determine an operation type of the user on the electronic contract to be operated;

a second determiningsubunit 305, configured to determine, according to the operation type, an operation flow of the user for the to-be-operated electronic contract;

anoperation subunit 306, configured to operate the electronic contract to be operated according to the operation flow.

The tamper-proof device for the electronic contract further comprises:

arevoking unit 307, configured to revoke, when receiving the prompt information of the federation chain, an operation of the user on the to-be-operated electronic contract.

The task execution device provided by the embodiment of the invention comprises a processor and a memory, wherein the acquisition unit, the verification unit, the uploading unit, the first determining subunit, the second determining subunit, the operation subunit and the revocation unit are all stored in the memory as program units, and the processor executes the program units stored in the memory to realize corresponding functions.

The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. The kernel can be set to be one or more, and the anti-tampering process of the electronic contract is dynamically executed by adjusting the kernel parameters.

An embodiment of the present invention provides a storage medium on which a program is stored, the program implementing the tamper-proof method of an electronic contract when executed by a processor.

The embodiment of the invention provides a processor, which is used for running a program, wherein the program executes the tamper-proof method of the electronic contract when running.

As shown in fig. 6, an embodiment of the present invention provides an electronic device, where theelectronic device 40 includes at least oneprocessor 401, at least onememory 402 connected to theprocessor 401, and abus 403; theprocessor 401 and thememory 402 complete communication with each other through thebus 403;processor 401 is configured to call program instructions inmemory 402 to perform the tamper-resistant method of electronic contracts described above. The device herein may be a server, a PC, a PAD, a mobile phone, etc.

The present application further provides a computer program product adapted to perform a program for initializing the following method steps when executed on a data processing device, the method comprising:

performing key verification on the user private key;

Optionally, the method for generating the verification private key includes:

acquiring personal information of the user;

The above method, optionally, further includes:

The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In a typical configuration, a device includes one or more processors (CPUs), memory, and a bus. The device may also include input/output interfaces, network interfaces, and the like.

The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip. The memory is an example of a computer-readable medium.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.

As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.