+

CN109766712B - Credit reporting streaming method based on block chain and Intel SGX - Google Patents

Credit reporting streaming method based on block chain and Intel SGX Download PDF

Info

Publication number
CN109766712B
CN109766712B CN201811530665.8A CN201811530665A CN109766712B CN 109766712 B CN109766712 B CN 109766712B CN 201811530665 A CN201811530665 A CN 201811530665A CN 109766712 B CN109766712 B CN 109766712B
Authority
CN
China
Prior art keywords
credit investigation
credit
report
intelligent contract
individual user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811530665.8A
Other languages
Chinese (zh)
Other versions
CN109766712A (en
Inventor
邵奇峰
张召
金澈清
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
East China Normal University
Original Assignee
East China Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by East China Normal University filed Critical East China Normal University
Priority to CN201811530665.8A priority Critical patent/CN109766712B/en
Publication of CN109766712A publication Critical patent/CN109766712A/en
Application granted granted Critical
Publication of CN109766712B publication Critical patent/CN109766712B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明公开了一种基于区块链与Intel SGX的征信报告流转方法,该方法包括征信授权阶段、征信提供阶段和征信查询阶段;所述征信授权阶段是个人用户自定义征信报告格式,并设定具体授权信息;所述征信提供阶段是征信机构依据个人用户定义的报告格式及授权信息生成征信报告;所述征信查询阶段是金融机构查询审核征信机构提供的征信报告。流转过程中涉及的报告格式、授权信息、征信报告及报告查询记录均通过SGX加密并存储在区块链上。本发明结合区块链与Intel SGX实现了征信报告流转过程中数据的不可篡改、可追溯及隐私保护,解决了传统流转方法造成的纸质报告易被篡改伪造,用户隐私关注度低,无法管控信用报告滥用等问题。

Figure 201811530665

The invention discloses a credit reporting report circulation method based on block chain and Intel SGX. The method includes a credit reporting authorization stage, a credit reporting provision stage and a credit reporting query stage; the credit reporting authorization stage is a user-defined credit reporting stage. The credit report format and specific authorization information are set; in the credit reporting stage, the credit reporting agency generates a credit reporting report based on the report format and authorization information defined by individual users; the credit reporting query stage is when the financial institution inquires and reviews the credit reporting agency. Credit report provided. The report format, authorization information, credit report and report query records involved in the circulation process are encrypted by SGX and stored on the blockchain. The invention combines the blockchain and Intel SGX to realize the non-tampering, traceability and privacy protection of the data in the circulation process of the credit report, and solves the problem that the paper report caused by the traditional circulation method is easy to be tampered with and forged, the user's privacy concern is low, and it is impossible to Manage credit report abuse and other issues.

Figure 201811530665

Description

一种基于区块链与Intel SGX的征信报告流转方法A credit report transfer method based on blockchain and Intel SGX

技术领域technical field

本发明属于区块链技术领域,尤其涉及基于区块链的征信报告流转方法。The invention belongs to the technical field of blockchain, and in particular relates to a method for circulating credit reports based on blockchain.

背景技术Background technique

征信报告由是由征信机构依法采集、整理、记录、加工自然人、法人及企业的信用行为轨迹,并反映其信用状况、信用风险的文件。国内银行、互联网信贷等金融企业在为客户提供贷款买房、买车等各专项服务时,通常都要求客户提供征信报告。除了在金融信贷机构申办贷款、信用卡等金融业务中的应用外,征信报告在其它多个领域也有重要应用。许多单位招聘员工时,已经把政审材料改为个人征信报告,尤其是银行、保险、证券等行业,都要求求职者提供个人征信报告,个人征信报告已然成为求职材料中不可或缺的内容。另外,在房屋租聘行业,已有部分出租者要求租房者提供个人征信报告,以证明租房者的诚信状况,以防范其拖欠房租或损坏房屋设施。The credit report is a document that is collected, sorted, recorded, and processed by the credit reporting agency according to the law on the credit behavior traces of natural persons, legal persons and enterprises, and reflects their credit status and credit risks. Domestic banks, Internet credit and other financial companies usually require customers to provide credit reports when they provide customers with special services such as loans to buy houses and cars. In addition to the application in financial services such as loan application and credit card application by financial credit institutions, credit reporting reports also have important applications in many other fields. When many units recruit employees, they have changed the political review materials to personal credit reports, especially in banking, insurance, securities and other industries, requiring job seekers to provide personal credit reports, and personal credit reports have become an indispensable part of job search materials. content. In addition, in the housing rental industry, some lessors have asked renters to provide personal credit reports to prove the renters' integrity to prevent them from defaulting on rent or damaging housing facilities.

传统征信报告流转过程是个人用户先向征信机构提出申请,征信机构将加盖机构公章的纸质报告返回给个人用户,个人用户再向金融机构出具该纸质报告。随着众多行业要求出具征信报告需求的增长,传统征信报告流转方法面临着诸多问题。首先,纸质征信报告在流转过程中无法有效应对篡改、伪造、丢失等问题,报告接收机构经常会对纸质报告的可信性提出质疑。其次,用户在办理非金融类业务并出具征信报告时,往往不愿意泄露证件号码、出生年月、婚姻状况的等隐私信息,而传统征信报告采用统一报告版式,难以满足个性化隐私保护的新需求。最后,传统流转方法没有从技术层面保护用户的数据主权,纸质报告一旦被提交至征信使用方,无法控制其被滥用于办理其它业务。总之,传统征信报告流转方法造成纸质报告易被篡改伪造,用户隐私关注度低,无法管控信用报告滥用,很难适应众多行业的各类新型业务需求,因而迫切需要一种在个人用户(征信授权方)、征信机构(征信提供方)、金融机构(征信查询方)等多方间实现征信报告可信可控的流转方法。The traditional credit reporting report circulation process is that individual users first apply to the credit reporting agency, the credit reporting agency returns the paper report with the official seal of the institution to the individual user, and the individual user issues the paper report to the financial institution. With the increasing demand for issuing credit reports in many industries, the traditional credit report circulation method faces many problems. First, the paper credit report cannot effectively deal with tampering, forgery, loss and other issues during the circulation process, and the report receiving agency often questions the credibility of the paper report. Secondly, when users handle non-financial businesses and issue credit reports, they are often reluctant to disclose private information such as certificate numbers, date of birth, and marital status. Traditional credit reports use a unified report format, which is difficult to meet personalized privacy protection. new demands. Finally, the traditional circulation method does not protect the user's data sovereignty from the technical level. Once the paper report is submitted to the credit user, it cannot be controlled to be abused for other business. In a word, the traditional credit report circulation method makes paper reports easy to be tampered with and forged, users pay little attention to privacy, cannot control the abuse of credit reports, and it is difficult to adapt to various new business needs of many industries. A method of credible and controllable circulation of credit reports among multiple parties, such as credit reporting authorizers), credit reporting agencies (credit reporting providers), and financial institutions (credit reporting inquirers).

区块链作为一种去中心化、不可篡改、可追溯、多方共同维护的分布式数据库,可在互不信任的多方间建立可靠的信任,在没有第三方中介机构的协调下,划时代地实现了可信的数据共享和点对点的价值传输。基于区块链流转征信报告可实现征信数据的不可篡改性、可追溯性、可信性。但传统区块链为了全网验证链上交易并防范数据篡改与丢失,通常将所有交易数据公开、透明地全量存储在全网每个节点上,这显然无法保护隐私数据。Intel SGX(Software Guard Extensions)能够在计算平台上提供一个可信的内存隔离空间Enclave,任何恶意软件甚至操作系统都无法访问和影响Enclave内部的敏感代码和数据,从而保障了用户关键代码和数据的机密性和完整性。结合区块链与Intel SGX即可实现征信报告的不可篡改性、可追溯性、可信性及隐私性。As a decentralized, non-tamperable, traceable, and multi-party jointly maintained distributed database, blockchain can establish reliable trust among multiple parties that do not trust each other, and achieve an epoch-making realization without the coordination of third-party intermediaries. Trusted data sharing and peer-to-peer value transfer. Based on the circulation of the credit report on the blockchain, the immutability, traceability and credibility of the credit data can be realized. However, in order to verify the transactions on the chain and prevent data tampering and loss, the traditional blockchain usually stores all transaction data openly and transparently on each node of the entire network, which obviously cannot protect private data. Intel SGX (Software Guard Extensions) can provide a trusted memory isolation space Enclave on the computing platform. No malware or even the operating system can access and affect the sensitive code and data inside the Enclave, thus ensuring the user's critical code and data. Confidentiality and Integrity. Combining blockchain and Intel SGX can achieve immutability, traceability, credibility and privacy of credit reports.

发明内容SUMMARY OF THE INVENTION

本发明的目的是针对传统征信报告流转方法的不足与缺陷而提供的一种基于区块链与Intel SGX的征信报告流转方法。该方法还可应用于公积金缴存证明、个人收入证明、纳税证明等涉及数据授权方、数据提供方、数据使用方的多方应用(Many-PartyApplications)场景。The purpose of the present invention is to provide a method for the circulation of credit reports based on blockchain and Intel SGX in view of the deficiencies and defects of the traditional methods of circulation of credit reports. The method can also be applied to many-party applications (Many-PartyApplications) scenarios involving data authorizers, data providers, and data users, such as provident fund deposit certificates, personal income certificates, and tax payment certificates.

实现本发明目的的具体技术方案是:The concrete technical scheme that realizes the object of the present invention is:

一种基于区块链与Intel SGX的征信报告流转方法,包括征信授权阶段、征信提供阶段和征信查询阶段;所述征信授权阶段是个人用户自定义征信报告格式,并设定具体授权信息;所述征信提供阶段是征信机构依据个人用户定义的报告格式及授权信息生成征信报告;所述征信查询阶段是金融机构查询审核征信机构提供的征信报告;所涉及的征信报告格式、授权信息、征信报告及报告查询记录均通过SGX加密后存储在区块链上;其中:A credit reporting report circulation method based on blockchain and Intel SGX, including a credit reporting authorization stage, a credit reporting provision stage, and a credit reporting query stage; the credit reporting authorization stage is an individual user-defined credit reporting report format, and is set up. In the credit reporting stage, the credit reporting agency generates a credit reporting report according to the report format and authorization information defined by the individual user; the credit reporting query stage is when the financial institution inquires and reviews the credit reporting report provided by the credit reporting agency; The involved credit report format, authorization information, credit report and report query records are encrypted by SGX and stored on the blockchain; among them:

所述征信授权阶段包括如下步骤:The credit authorization stage includes the following steps:

步骤A1:个人用户在满足金融机构所要求提供的征信明细信息的前提下,依据个人隐私需求定制征信报告格式,以减少个人隐私数据泄露;Step A1: On the premise of satisfying the detailed credit information information required by the financial institution, the individual user customizes the credit reporting report format according to personal privacy needs to reduce the leakage of personal privacy data;

步骤A2:个人用户明确指定征信提供方、征信查询方、授权时间范围、授权原因和数字签名具体授权信息;Step A2: The individual user clearly specifies the credit provider, the credit inquirer, the authorization time range, the reason for authorization and the specific authorization information of the digital signature;

步骤A3:个人用户调用智能合约将征信报告格式、授权信息进行加密并写入区块链;Step A3: The individual user calls the smart contract to encrypt the credit report format and authorization information and write it into the blockchain;

所述征信提供阶段包括如下步骤:The credit reference provision stage includes the following steps:

步骤B1:征信机构调用智能合约读取区块链上个人用户写入的征信报告格式和授权信息;Step B1: The credit reporting agency invokes the smart contract to read the credit reporting report format and authorization information written by the individual user on the blockchain;

步骤B2:征信机构依据报告格式从后端征信数据库提取个人用户的征信数据,生成征信报告;Step B2: The credit reporting agency extracts the credit reporting data of the individual user from the back-end credit reporting database according to the report format, and generates a credit reporting report;

步骤B3:征信机构将个人用户提供的授权信息及数字签名附于征信报告每页页头或页尾,以方便将来验证;Step B3: The credit reporting agency attaches the authorization information and digital signature provided by the individual user to the header or footer of each page of the credit reporting report to facilitate future verification;

步骤B4:征信机构调用智能合约将征信报告及其数字签名进行加密并写入区块链;Step B4: The credit reporting agency calls the smart contract to encrypt the credit reporting report and its digital signature and write it into the blockchain;

所述征信查询阶段包括如下步骤:The credit inquiry stage includes the following steps:

步骤C1:金融机构调用智能合约读取区块链上征信机构提交的征信报告及数字签名,并验证征信机构数字签名;Step C1: The financial institution invokes the smart contract to read the credit report and digital signature submitted by the credit reporting agency on the blockchain, and verifies the digital signature of the credit reporting agency;

步骤C2:金融机构核实个人用户的授权信息,并验证个人用户数字签名;Step C2: The financial institution verifies the authorization information of the individual user and verifies the digital signature of the individual user;

步骤C3:金融机构查验征信报告。Step C3: The financial institution checks the credit report.

所述步骤A3包括如下步骤:The step A3 includes the following steps:

步骤A31:验证智能合约所在的Enclave提供的远程证明并建立加密通道;Step A31: Verify the remote proof provided by the Enclave where the smart contract is located and establish an encrypted channel;

步骤A32:调用智能合约并传入报告格式、授权信息及存储秘钥;Step A32: call the smart contract and pass in the report format, authorization information and storage key;

步骤A33:智能合约验证个人用户数字签名,将个人用户ID及存储秘钥写入Enclave,以实现基于个人用户ID的区块链数据加密;Step A33: The smart contract verifies the digital signature of the individual user, and writes the individual user ID and storage key into the Enclave, so as to realize the blockchain data encryption based on the individual user ID;

步骤A34:智能合约基于存储秘钥加密报告格式和授权信息,并将加密数据写入区块链状态数据库。Step A34: The smart contract encrypts the report format and authorization information based on the storage key, and writes the encrypted data into the blockchain state database.

所述步骤B1包括如下步骤:The step B1 includes the following steps:

步骤B11:验证智能合约所在的Enclave提供的远程证明并建立加密通道;Step B11: Verify the remote proof provided by the Enclave where the smart contract is located and establish an encrypted channel;

步骤B12:基于个人用户ID与征信机构ID查询智能合约以获取征信报告格式;Step B12: Query the smart contract based on the individual user ID and the credit reporting agency ID to obtain the credit reporting report format;

步骤B13:智能合约验证征信机构数字签名,并基于个人用户ID查询状态数据库并获取加密的征信报告格式和授权信息;Step B13: The smart contract verifies the digital signature of the credit reporting agency, and queries the status database based on the individual user ID to obtain the encrypted credit reporting report format and authorization information;

步骤B14:智能合约基于个人用户ID获取存储秘钥解密数据,并基于授权信息验证征信机构权限;Step B14: the smart contract obtains the storage key decryption data based on the personal user ID, and verifies the authority of the credit reporting agency based on the authorization information;

步骤B15:智能合约返回征信报告格式和授权信息。Step B15: The smart contract returns the credit report format and authorization information.

所述步骤B4包括如下步骤:The step B4 includes the following steps:

步骤B41:验证智能合约所在的Enclave提供的远程证明并建立加密通道;Step B41: Verify the remote proof provided by the Enclave where the smart contract is located and establish an encrypted channel;

步骤B42:调用智能合约并传入征信报告;Step B42: call the smart contract and pass in the credit report;

步骤B43:智能合约验证征信机构数字签名,并基于个人用户ID查询状态数据库并获取加密的授权信息;Step B43: The smart contract verifies the digital signature of the credit reporting agency, and queries the state database based on the individual user ID and obtains encrypted authorization information;

步骤B44:智能合约基于个人用户ID获取存储秘钥解密数据,并基于授权信息验证征信机构权限;Step B44: the smart contract obtains the storage key decryption data based on the personal user ID, and verifies the authority of the credit reporting agency based on the authorization information;

步骤B45:智能合约基于存储秘钥加密征信报告,并将加密数据写入区块链状态数据库。Step B45: The smart contract encrypts the credit report based on the storage key, and writes the encrypted data into the blockchain state database.

所述步骤C1包括如下步骤:The step C1 includes the following steps:

步骤C11:验证智能合约所在的Enclave提供的远程证明并建立加密通道;Step C11: Verify the remote proof provided by the Enclave where the smart contract is located and establish an encrypted channel;

步骤C12:基于个人用户ID与金融机构ID查询智能合约以获取征信报告;Step C12: Query the smart contract based on the individual user ID and the financial institution ID to obtain a credit report;

步骤C13:智能合约验证金融机构数字签名,并基于个人用户ID查询状态数据库并获取加密的授权信息;Step C13: The smart contract verifies the digital signature of the financial institution, and queries the state database based on the individual user ID and obtains encrypted authorization information;

步骤C14:智能合约先基于个人用户ID获取存储秘钥解密数据,再基于授权信息验证金融机构权限,其后将金融机构访问记录存入区块链状态数据库;Step C14: The smart contract first obtains the storage key decryption data based on the personal user ID, then verifies the authority of the financial institution based on the authorization information, and then stores the access record of the financial institution in the blockchain state database;

步骤C15:智能合约基于个人用户ID查询状态数据库并返回加密的征信报告;Step C15: The smart contract queries the state database based on the personal user ID and returns an encrypted credit report;

步骤C16:智能合约基于存储秘钥加密数据,并返回征信报告。Step C16: The smart contract encrypts the data based on the storage key, and returns a credit report.

本发明的有益效果包括:The beneficial effects of the present invention include:

征信报告从授权、生成到查询都在基于SGX加密的区块链上流转,实现了全流程完整追溯、信息不可篡改等特性,避免了传统纸质信息报告存在的篡改、伪造、丢失及隐私泄露等诸多问题。授权、查询记录一旦被记录于区块链上,任何人都不能篡改,避免了传统中心化数据库带来的抵赖与争议问题。个人用户可自定义征信报告明细格式,既灵活地保护了个人隐私也适用了各类行业的特定需求。个人用户可追溯征信报告的授权、查询记录,有效防范了征信报告被随意滥用。相对于传统人工操作,全流程自动化的运行与管理降低了征信机构人工与柜台等实体运营成本,提高了征信业务的运行效率和处理规模,通过实现征信报告的电子化与便捷性,免去了个人用户来回奔波的劳碌。本发明提出的基于区块链与Intel SGX的数据流转方法,还可应用于公积金缴存证明、个人收入证明、纳税证明等涉及数据授权方、数据提供方、数据使用方的多方应用场景。From authorization, generation to query, the credit report is circulated on the blockchain based on SGX encryption, realizing the characteristics of complete traceability of the whole process and non-tampering of information, avoiding the tampering, forgery, loss and privacy of traditional paper information reports. leakage and many other issues. Once the authorization and query records are recorded on the blockchain, no one can tamper with them, avoiding the denial and disputes caused by traditional centralized databases. Individual users can customize the detailed format of the credit report, which not only flexibly protects personal privacy, but also meets the specific needs of various industries. Individual users can trace the authorization and query records of the credit report, which effectively prevents the credit report from being abused at will. Compared with traditional manual operations, the automatic operation and management of the whole process reduces the labor and counter and other physical operating costs of credit reporting agencies, and improves the operational efficiency and processing scale of credit reporting business. It saves individual users the toil of running back and forth. The data flow method based on blockchain and Intel SGX proposed by the present invention can also be applied to multi-party application scenarios involving data authorizers, data providers, and data users, such as provident fund payment certificates, personal income certificates, and tax payment certificates.

附图说明Description of drawings

图1是本发明涉及的区块链节点体系结构图;Fig. 1 is the block chain node architecture diagram involved in the present invention;

图2是本发明提出的征信报告流转时序图。FIG. 2 is a flow sequence diagram of a credit report proposed by the present invention.

具体实施方式Detailed ways

结合以下具体实施例和附图,对本发明作进一步的详细说明。实施本发明的过程、条件、实验方法等,除以下专门提及的内容之外,均为本领域的普遍知识和公知常识,本发明没有特别限制内容。The present invention will be further described in detail with reference to the following specific embodiments and accompanying drawings. Except for the content specifically mentioned below, the process, conditions, experimental methods, etc. for implementing the present invention are all common knowledge and common knowledge in the field, and the present invention is not particularly limited.

图1显示了本发明涉及的区块链节点体系结构图。区块链是一种去中心化、不可篡改、可追溯、可信的、多方共享的分布式数据库。Intel SGX技术实现了加密数据在Enclave内的解密与处理,可避免数据的泄露并保护数据隐私。本发明结合区块链与Intel SGX实现了征信报告的不可篡改性、可追溯性、可信性及隐私性,首先,智能合约运行在SGX提供的Enclave中,智能合约执行中涉及的所有数据都是加密的;其次,个人用户初次调用智能合约时,需向智能合约提交一个存储秘钥,智能合约将秘钥存储在加密的Enclave中,并基于该秘钥对个人用户以后写入区块与状态的所有数据进行加密;最后,个人用户访问历史加密数据时,必须基于智能合约在Enclave中进行解密并读取,因而可将其访问记录存储于区块链上,以便将来审查追溯,即征信报告何时因何种原因被何人查询过的历史记录。所以基于图1的区块链节点可同时实现数据的不可篡改性、可追溯性、可信性及隐私性。Figure 1 shows the block chain node architecture diagram involved in the present invention. Blockchain is a decentralized, immutable, traceable, trusted, and multi-party shared distributed database. Intel SGX technology realizes the decryption and processing of encrypted data in the Enclave, which can avoid data leakage and protect data privacy. The invention combines the blockchain and Intel SGX to realize the immutability, traceability, credibility and privacy of the credit report. First, the smart contract runs in the Enclave provided by SGX, and all the data involved in the execution of the smart contract are encrypted; secondly, when individual users call the smart contract for the first time, they need to submit a storage key to the smart contract. The smart contract stores the key in the encrypted Enclave, and writes the block to the individual user based on the key. Encrypt all data with the state; finally, when individual users access historical encrypted data, they must be decrypted and read in the Enclave based on smart contracts, so their access records can be stored on the blockchain for future review and traceability, i.e. A historical record of when and why the credit report was queried by whom. Therefore, the blockchain nodes based on Figure 1 can simultaneously achieve data immutability, traceability, credibility and privacy.

图2显示了本发明提出的基于区块链与Intel SGX的征信报告流转时序图。本发明包括征信授权阶段、征信提供阶段和征信查询阶段三个阶段。三个阶段的功能描述如下:Figure 2 shows the flow sequence diagram of the credit reporting report based on the blockchain and Intel SGX proposed by the present invention. The present invention includes three stages: a credit reporting authorization stage, a credit reporting providing stage and a credit reporting query stage. The functions of the three stages are described as follows:

征信授权阶段的主要参与者是个人用户,其核心功能是定制征信报告格式和设定具体授权信息。在满足征信使用方业务需求的前提下,通过自定义报告格式,避免了个人隐私数据的泄露。Grant方法指定了征信报告涉及的具体征信机构和金融机构,根据需求可进一步设定授权时间范围、授权原因等具体授权信息。因为智能合约运行在SGX提供的Enclave中,所以在调用智能合约前,要执行远程证明并与Enclave建立加密通道。在调用智能合约时,除了要传入报告格式和授权信息,还需传递存储秘钥,以对个人用户存储在区块链上的所有数据进行加密,从而实现区块链上的数据隐私保护。The main participants in the credit authorization stage are individual users, and its core function is to customize the format of the credit report and set specific authorization information. On the premise of meeting the business needs of credit reporting users, the disclosure of personal privacy data is avoided by customizing the report format. The Grant method specifies the specific credit reporting institutions and financial institutions involved in the credit reporting report, and can further set the specific authorization information such as the authorization time range and authorization reasons according to the needs. Because the smart contract runs in the Enclave provided by SGX, before invoking the smart contract, it is necessary to perform remote attestation and establish an encrypted channel with the Enclave. When calling a smart contract, in addition to the report format and authorization information, it is also necessary to pass a storage key to encrypt all data stored on the blockchain by individual users, thereby realizing data privacy protection on the blockchain.

征信授权阶段智能合约的主要功能是将报告格式与授权信息加密后提交到区块链系统。Seal方法按个人用户ID将存储秘钥K加密存储在Enclave中,以实现基于用户ID的秘钥管理。在调用EncryptK方法使用秘钥K对报告格式和授权信息加密后,即可按个人用户ID将密文存储到区块链状态数据库。The main function of the smart contract in the credit authorization stage is to encrypt the report format and authorization information and submit it to the blockchain system. The Seal method encrypts and stores the storage key K in the Enclave according to the personal user ID, so as to realize the key management based on the user ID. After calling the Encrypt K method and encrypting the report format and authorization information with the secret key K, the ciphertext can be stored in the blockchain state database according to the individual user ID.

以上是征信授权阶段的具体实施过程,在区块链系统中可通过以下方法1中的相关代码实现,方法1的代码如下所示:The above is the specific implementation process of the credit authorization stage, which can be implemented in the blockchain system through the relevant codes in the following method 1. The code of method 1 is as follows:

Figure BDA0001905576450000051
Figure BDA0001905576450000051

征信提供阶段的主要参与者是征信机构,其核心功能是依据用户定制的报告格式和授权信息生成具体的征信报告。首先,需要查询智能合约以从区块链系统获取报告格式和授权信息;其次,依据报告格式从后端数据库中导出征信数据生成征信报告,为了方便以后验证征信报告的真实性和有效性,需要将个人用户提供的授权信息(授权方、使用方、授权时间范围、授权原因及数字签名等)附于征信报告每页页头或页尾;最后,调用智能合约将征信报告提交到区块链系统。The main participants in the credit reporting stage are credit reporting agencies, whose core function is to generate specific credit reporting reports based on user-customized report formats and authorization information. First, the smart contract needs to be queried to obtain the report format and authorization information from the blockchain system; secondly, the credit report data is derived from the back-end database according to the report format to generate a credit report, in order to facilitate the later verification of the authenticity and validity of the credit report It is necessary to attach the authorization information (authorizer, user, authorization time range, authorization reason and digital signature, etc.) provided by individual users to the header or footer of each page of the credit report; Submit to the blockchain system.

征信授权阶段智能合约的主要功能是从区块链系统查询报告格式和将征信报告提交到区块链系统。查询报告格式时,需要先基于个人用户ID获取到加密的报告格式和授权信息,在调用DecryptK方法使用秘钥K解密后,如果验证征信机构确被授权,即可返回报告格式和授权信息。提交征信报告时,如果验证征信机构确被授权,在调用EncryptK方法使用秘钥K对征信报告加密后,即可按个人用户ID将密文存储在区块链状态数据库。The main function of the smart contract in the credit authorization stage is to query the report format from the blockchain system and submit the credit report to the blockchain system. When querying the report format, you need to first obtain the encrypted report format and authorization information based on the personal user ID. After calling the Decrypt K method and decrypting with the key K, if it is verified that the credit reporting agency is indeed authorized, the report format and authorization information can be returned. . When submitting a credit report, if it is verified that the credit reporting agency is indeed authorized, after calling the Encrypt K method to encrypt the credit report with the secret key K, the ciphertext can be stored in the blockchain state database according to the individual user ID.

以上是征信提供阶段的具体实施过程,在区块链系统中可通过以下方法2中的相关代码实现,方法2的代码如下所示:The above is the specific implementation process of the credit information provision stage, which can be implemented in the blockchain system through the relevant codes in the following method 2. The code of method 2 is as follows:

Figure BDA0001905576450000061
Figure BDA0001905576450000061

Figure BDA0001905576450000071
Figure BDA0001905576450000071

征信查询阶段的主要参与者是金融机构,其核心功能是查询审核征信报告。在查询智能合约并取得征信报告后,其需要依据征信报告验证征信机构的数字签名,需要依据授权信息验证个人用户的数字签名;还需要核实授权信息涉及的授权时间范围、授权原因等内容。The main participants in the credit inquiry stage are financial institutions, whose core function is to inquire and review credit reports. After querying the smart contract and obtaining the credit report, it needs to verify the digital signature of the credit reporting agency based on the credit report, and the digital signature of the individual user based on the authorization information; it also needs to verify the authorization time range and authorization reasons involved in the authorization information. content.

征信授权阶段智能合约的主要功能是从区块链系统查询征信报告。如果验证金融机构确被授权,即可基于个人用户ID获取加密征信报告,并调用DecryptK方法使用秘钥K解密后,即可返回征信报告。The main function of the smart contract in the credit authorization stage is to query the credit report from the blockchain system. If it is verified that the financial institution is indeed authorized, the encrypted credit report can be obtained based on the personal user ID, and the Decrypt K method can be called to decrypt it with the key K, and then the credit report can be returned.

以上是征信查询阶段的具体实施过程,在区块链系统中可通过以下方法3中的相关代码实现,方法3的代码如下所示:The above is the specific implementation process of the credit inquiry stage, which can be implemented in the blockchain system by the relevant codes in the following method 3. The code of method 3 is as follows:

Figure BDA0001905576450000072
Figure BDA0001905576450000072

Figure BDA0001905576450000081
Figure BDA0001905576450000081

本发明的保护内容不局限于以上实施例。在不背离发明构思的精神和范围下,本领域技术人员能够想到的变化和优点都被包括在本发明中,并且以所附的权利要求书为保护范围。The protection content of the present invention is not limited to the above embodiments. Variations and advantages that can occur to those skilled in the art without departing from the spirit and scope of the inventive concept are included in the present invention, and the appended claims are the scope of protection.

Claims (1)

1. A credit investigation report circulation method based on a block chain and an Intel SGX comprises a credit investigation authorization stage, a credit investigation providing stage and a credit investigation query stage; the credit investigation authorization stage is that a personal user customizes a credit investigation report format and sets specific authorization information; the credit investigation providing stage is that a credit investigation organization generates a credit investigation report according to a report format and authorization information defined by an individual user; the credit investigation phase is that the financial institution inquires and audits the credit investigation report provided by the credit investigation institution; the related credit investigation report format, authorization information, credit investigation report and report inquiry record are encrypted by SGX and then stored in the block chain; wherein:
the credit investigation authorization phase comprises the following steps:
step A1: on the premise that the individual user meets credit investigation detail information required to be provided by a financial institution, customizing a credit investigation report format according to individual privacy requirements so as to reduce personal privacy data leakage;
step A2: an individual user explicitly specifies a credit investigation provider, a credit investigation inquirer, an authorization time range, an authorization reason and digital signature specific authorization information;
step A3: an individual user calls an intelligent contract to encrypt a credit investigation report format and authorization information and writes the information into a block chain;
the credit providing stage comprises the following steps:
step B1: calling an intelligent contract by a credit investigation mechanism to read a credit investigation report format and authorization information written by an individual user on a block chain;
step B2: the credit investigation organization extracts credit investigation data of the individual user from a back-end credit investigation database according to the report format to generate a credit investigation report;
step B3: the credit investigation institution attaches the authorization information and the digital signature provided by the individual user to the header or the footer of each page of the credit investigation report so as to facilitate future verification;
step B4: the credit investigation mechanism calls an intelligent contract to encrypt the credit investigation report and the digital signature thereof and write the encrypted credit investigation report and the digital signature into the block chain;
the credit investigation phase comprises the following steps:
step C1: the financial institution calls an intelligent contract to read a credit investigation report and a digital signature submitted by a credit investigation institution on the block chain and verifies the digital signature of the credit investigation institution;
step C2: the financial institution verifies the authorization information of the individual user and verifies the digital signature of the individual user;
step C3: the financial institution checks the credit report;
the step a3 specifically includes:
step A31: verifying the remote certification provided by Enclave where the intelligent contract is located and establishing an encryption channel;
step A32: calling an intelligent contract and transmitting a report format, authorization information and a storage secret key;
step A33: the intelligent contract verifies the digital signature of the individual user, and writes the individual user ID and the storage secret key into the envelope so as to realize the block chain data encryption based on the individual user ID;
step A34: the intelligent contract encrypts a report format and authorization information based on the storage secret key and writes encrypted data into a block chain state database;
the step B1 specifically includes:
step B11: verifying the remote certification provided by Enclave where the intelligent contract is located and establishing an encryption channel;
step B12: inquiring an intelligent contract based on the ID of the individual user and the ID of the credit investigation institution to obtain a credit investigation report format;
step B13: the intelligent contract verifies the digital signature of the credit investigation institution, queries a state database based on the ID of the individual user and acquires the encrypted credit investigation report format and the authorization information;
step B14: the intelligent contract acquires the decryption data of the storage secret key based on the ID of the individual user and verifies the authority of the credit investigation institution based on the authorization information;
step B15: the intelligent contract returns a credit investigation report format and authorization information;
the step B4 specifically includes:
step B41: verifying the remote certification provided by Enclave where the intelligent contract is located and establishing an encryption channel;
step B42: calling an intelligent contract and transmitting a credit investigation report;
step B43: the intelligent contract verifies the digital signature of the credit investigation institution, queries a state database based on the ID of the individual user and acquires encrypted authorization information;
step B44: the intelligent contract acquires the decryption data of the storage secret key based on the ID of the individual user and verifies the authority of the credit investigation institution based on the authorization information;
step B45: the intelligent contract encrypts the credit investigation report based on the storage secret key and writes the encrypted data into a block chain state database;
the step C1 specifically includes:
step C11: verifying the remote certification provided by Enclave where the intelligent contract is located and establishing an encryption channel;
step C12: inquiring an intelligent contract based on the ID of the individual user and the ID of the financial institution to obtain a credit investigation report;
step C13: the intelligent contract verifies the digital signature of the financial institution, queries a state database based on the ID of the individual user and acquires encrypted authorization information;
step C14: the intelligent contract firstly acquires the decryption data of the storage secret key based on the ID of the personal user, then verifies the authority of the financial institution based on the authorization information, and then stores the access record of the financial institution into a block chain state database;
step C15: the intelligent contract inquires a state database based on the ID of the individual user and returns an encrypted credit investigation report;
step C16: the intelligent contract encrypts data based on the storage key and returns a credit investigation report.
CN201811530665.8A 2018-12-14 2018-12-14 Credit reporting streaming method based on block chain and Intel SGX Active CN109766712B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811530665.8A CN109766712B (en) 2018-12-14 2018-12-14 Credit reporting streaming method based on block chain and Intel SGX

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811530665.8A CN109766712B (en) 2018-12-14 2018-12-14 Credit reporting streaming method based on block chain and Intel SGX

Publications (2)

Publication Number Publication Date
CN109766712A CN109766712A (en) 2019-05-17
CN109766712B true CN109766712B (en) 2020-08-25

Family

ID=66450723

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811530665.8A Active CN109766712B (en) 2018-12-14 2018-12-14 Credit reporting streaming method based on block chain and Intel SGX

Country Status (1)

Country Link
CN (1) CN109766712B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111935183A (en) * 2020-09-27 2020-11-13 南京第三极区块链科技有限公司 Method and system for credible transfer of user information between non-cooperative bodies of distributed network

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110266467B (en) * 2019-05-31 2021-04-27 创新先进技术有限公司 Method and device for implementing dynamic encryption based on block height
CN110689348B (en) * 2019-09-30 2023-12-29 腾讯云计算(北京)有限责任公司 Revenue verification method, device, terminal and medium based on alliance chain
CN110889696A (en) * 2019-11-27 2020-03-17 杭州趣链科技有限公司 Storage method, device, equipment and medium for alliance block chain secret key based on SGX technology
CN111309811B (en) * 2020-02-24 2024-04-23 北京阿尔山金融科技有限公司 Authorization information processing method and device and electronic equipment
CN111368313B (en) * 2020-02-27 2023-09-01 上海资信有限公司 Method for information body to participate in credit activities by using credit report on Internet platform
CN111489250A (en) * 2020-03-16 2020-08-04 天元大数据信用管理有限公司 Credit report sharing method, device, medium and system based on block chain
SG11202103226UA (en) 2020-06-08 2021-04-29 Alipay Labs Singapore Pte Ltd Blockchain-based smart contract pools
EP3837617B1 (en) 2020-06-08 2023-08-02 Alipay Labs (Singapore) Pte. Ltd. Distributed storage of custom clearance data
CN111936994A (en) 2020-06-08 2020-11-13 支付宝实验室(新加坡)有限公司 Block chain based document registration for customs clearance
EP3844655B1 (en) 2020-06-08 2023-05-03 Alipay Labs (Singapore) Pte. Ltd. Managing user authorizations for blockchain-based custom clearance services
WO2020169127A2 (en) 2020-06-08 2020-08-27 Alipay Labs (singapore) Pte. Ltd. User management of blockchain-based custom clearance service platform
EP3844699A4 (en) 2020-06-08 2021-08-18 Alipay Labs (Singapore) Pte. Ltd. BLOCKCHAIN-BASED PROCESSING OF IMPORT CLEARANCE DATA
CN113781200A (en) * 2021-08-12 2021-12-10 南京星云数字技术有限公司 Automatic credit investigation authorization method, system and electronic equipment
CN114117522B (en) * 2021-11-23 2024-05-28 上海交通大学 Implementation method of data sharing in Internet of Vehicles based on blockchain and trusted execution environment
DE202023103820U1 (en) 2023-07-09 2023-09-19 Ankit Agarwal System based on artificial intelligence and blockchain technology to improve the quality of financial reporting and relationships between auditors and clients

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102882949B (en) * 2012-09-14 2016-08-24 东莞宇龙通信科技有限公司 Method and server for perfecting contact information
CN104966238A (en) * 2015-06-11 2015-10-07 安徽融信金模信息技术有限公司 System for simulating and analyzing enterprise operation information
CN106651346A (en) * 2016-11-28 2017-05-10 上海凯岸信息科技有限公司 Block chain-based credit investigation data sharing and trading system
CN106789436A (en) * 2016-12-29 2017-05-31 深圳微众税银信息服务有限公司 A kind of reference report-generating method and system
CN106815764B (en) * 2017-01-18 2020-12-08 中钞信用卡产业发展有限公司杭州区块链技术研究院 Digital asset management method and system based on alliance chain
CN107919954B (en) * 2017-10-20 2019-05-14 浙江大学 A kind of block chain user key guard method and device based on SGX software protecting extended instruction

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111935183A (en) * 2020-09-27 2020-11-13 南京第三极区块链科技有限公司 Method and system for credible transfer of user information between non-cooperative bodies of distributed network

Also Published As

Publication number Publication date
CN109766712A (en) 2019-05-17

Similar Documents

Publication Publication Date Title
CN109766712B (en) Credit reporting streaming method based on block chain and Intel SGX
CN112950220B (en) A blockchain-based enterprise digital identity management system and method
Gross et al. Designing a central bank digital currency with support for cash-like privacy
Xu et al. Design of network media’s digital rights management scheme based on blockchain technology
US20240104521A1 (en) System and method for compliance-enabled digitally represented assets
JP2020535543A (en) Methods, devices, and computer-readable media for compliant tokenization and asset value control
Chytis et al. A review of blockchain technology and its applications in the business environment
CN109636569B (en) Credit investigation data management method and system based on block chain
CN111417945A (en) Credible insurance letter based on block chain
KR20010043332A (en) System and method for electronic transmission, storage and retrieval of authenticated documents
CN113302612B (en) Computer implementation method, system and device for cross-chain and cross-network data transmission
CN112215610A (en) Digital currency transaction payment platform based on block chain BaaS core technology
CN113597608B (en) Trusted platform based on blockchain
CN115380303A (en) Trusted platform based on block chain
CN113302610B (en) Trusted platform based on blockchain
US20250117848A1 (en) Integrated platform for digital asset registration, tracking and validation
WO2020169128A2 (en) Storage management based on message feedback
CN110766548A (en) Block chain based information processing method and device, storage medium and electronic equipment
US20240386489A1 (en) Tokenized asset exchange
CN114969786A (en) Blockchain-based guarantee data processing method, node and system
Gross et al. How to design a compliant, privacy-preserving fiat stablecoin via zero-knowledge proofs
Jaber et al. A Blockchain Framework in the Banking Sector Based in e-KYC System Conceptual Framework
CN110310011A (en) A kind of asset management system and its method based on block chain
CN113491090B (en) Trusted platform based on blockchain
Sun Application of Blockchain Technology in Asset Securitization

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载