CN115186033A - Data processing method based on block chain, authorization method and device and electronic equipment - Google Patents

Abstract

The present disclosure provides a block chain-based data processing method, authorization method and device, and electronic equipment, which can be applied to the field of block chain technology and can also be used in the field of financial technology. The above block chain-based data processing method includes: obtaining summary information of target data from a block chain network, wherein the summary information is released to the block chain network through a data authorizer, and the summary information includes the same information as the relevant data. The target request address associated with the target data, wherein the target request address is linked to the data storage party; initiate a data sharing request to the data storage party by accessing the target request address; receive all the data from the data storage party The target data, wherein the target data is sent under the condition that the data storage party confirms the data requester according to the target authorization record on the chain and passes the verification.

Description

Blockchain-based data processing method, authorization method and device, and electronic equipment

technical field

The present disclosure relates to the technical field of blockchain, and in particular to a blockchain-based data processing method, authorization method, apparatus, device, medium and program product.

Background technique

For the scenarios of multi-party data sharing and change, most of the related technologies are based on the centralized services of the data owner. After online or offline negotiation with the data operator, the data operator obtains and analyzes the data to change the data. and so on. Due to the multi-party negotiation, the communication cost is high, and there is no effective and credible mechanism. Although the method of realizing data sharing through blockchain in related technologies can solve the problem of communication cost, it basically realizes data sharing through blockchain, and the data has certain security risks.

SUMMARY OF THE INVENTION

In view of the above problems, the present disclosure provides a blockchain-based data processing method, authorization method, apparatus, device, medium and program product.

One aspect of the present disclosure provides a blockchain-based data processing method, including:

Obtain the summary information of the target data from the blockchain network, wherein the summary information is published to the blockchain network by the data authorizer, and the summary information includes the target request address associated with the target data, wherein the target request address is linked to the data storage party ;

Initiate a data sharing request to the data storage party by accessing the target request address;

Receive the target data from the data storage party, where the target data is sent when the data storage party confirms and verifies the data requester according to the target authorization record on the chain.

According to an embodiment of the present disclosure, the above method further includes:

Change the data information of the target data;

The changed data information is sent to the blockchain network, so that after the blockchain network pushes the change notification to the data storage party, the data storage party updates the target data according to the changed data information.

According to an embodiment of the present disclosure, the data information of the target data includes a value of an extension field associated with the target data, wherein the extension field is used to represent an attribute type of the target data.

According to an embodiment of the present disclosure, wherein the summary information further includes the name of the extension field associated with the target data, and the data information of changing the target data includes:

Read the name of the extension field from the summary information;

According to the name of the extension field, determine the target attribute type that needs to be changed to the target data;

Determine the target attribute value of the target data under the target attribute type;

Change the initial value of the extension field to the target property value.

According to an embodiment of the present disclosure, sending the changed data information to the blockchain network includes:

Use the sub-certificate to access the target authorization record on the chain, where the target authorization record and the sub-certificate are issued by the data authorizer, the sub-certificate carries a keyword, and the sub-certificate is associated with the target authorization record through the keyword;

The target attribute value obtained by changing the initial value of the extension field is updated to the target authorization record.

According to embodiments of the present disclosure, wherein:

The summary information also includes at least one of the following: the name of the data source of the target data, the data identifier, the hash digest of the data source, the owner of the data, the module on the chain to which the data belongs, and a brief description of the data.

A blockchain-based data processing method, comprising:

Receive a data sharing request initiated by the data requester by accessing the target request address, where the data sharing request is used to request target data, where the target request address is included in the summary information associated with the target data, and the summary information is released by the data authorizer to the blockchain network;

From multiple authorization records in the blockchain network, determine the target authorization record associated with the data requester and the target data, wherein the target authorization record is issued by the data authorizer;

Confirm the data requester according to the target authorization record;

When the right is confirmed, the target data is sent to the data requester.

According to an embodiment of the present disclosure, wherein, from a plurality of authorization records in the blockchain network, determining the target authorization record associated with the data requester and the target data includes:

Obtain the sub-certificate of the data requester, wherein the sub-certificate is issued by the data authorizer, the sub-certificate carries a keyword, and the sub-certificate is associated with the target authorization record through the keyword;

Among the multiple authorization records, the authorization record associated with the keyword of the sub-certificate is used as the target authorization record associated with the data requester and the target data.

According to an embodiment of the present disclosure, the target authorization record includes a requestable number of times and a requestable time period for an authorized data requester to request the target data;

Confirming the data requester's rights according to the target authorization record includes:

Based on the target authorization record, if the number of times the data requester has requested the target data is less than the number of times that can be requested, and the current request period of the data requester is within the range of the requestable time period, determine that the data requester currently has a request for the target data permissions.

A blockchain-based authorization method that includes:

Publish the summary information of the target data to the blockchain network, so that the data requester initiates a data sharing request to the data storage party according to the target request address associated with the target data contained in the summary information;

Receive data authorization requests from data requesters;

In response to the data authorization request, generating a target authorization record associated with the data requester and the target data;

Publish the target authorization record to the blockchain network, so that the data storage party can send the target data to the data requester after verifying the data requester according to the target authorization record obtained from the chain.

According to an embodiment of the present disclosure, the above method further includes:

A sub-certificate associated with the target authorization record is issued to the data requester, so that the data requester uses the sub-certificate to access the target authorization record, wherein the sub-certificate carries a keyword, and the sub-certificate is associated with the target authorization record through the keyword.

Another aspect of the present disclosure provides a blockchain-based data processing device, including:

The obtaining module is used to obtain the summary information of the target data from the blockchain network, wherein the summary information is released to the blockchain network through the data authorizer, and the summary information includes the target request address associated with the target data, wherein the target request address link to the data store;

The request module is used to initiate a data sharing request to the data storage party by accessing the target request address;

The first receiving module is used for receiving the target data from the data storage party, wherein the target data is sent when the data storage party confirms the right of the data requester according to the target authorization record on the chain and passes the verification.

According to an embodiment of the present disclosure, the above-mentioned apparatus further includes:

The change module is used to change the data information of the target data;

The first sending module is used to send the changed data information to the blockchain network, so that after the blockchain network pushes the change notification to the data storage party, the data storage party updates the target data according to the changed data information.

According to an embodiment of the present disclosure, the data information of the target data includes a value of an extension field associated with the target data, wherein the extension field is used to represent an attribute type of the target data.

According to an embodiment of the present disclosure, wherein the summary information further includes the name of the extension field associated with the target data, and the changing module includes:

The reading unit is used to read the name of the extension field from the summary information;

a first determining unit, configured to determine the target attribute type that needs to be changed to the target data according to the name of the extension field;

a second determining unit, used for determining the target attribute value of the target data under the target attribute type;

The change unit is used to change the initial value of the extension field to the target attribute value.

According to an embodiment of the present disclosure, the first sending module includes:

The access unit is used to use the sub-certificate to access the target authorization record on the chain, wherein the target authorization record and the sub-certificate are issued by the data authorizer, the sub-certificate carries a keyword, and the sub-certificate is associated with the target authorization record through the keyword;

The updating unit is used for updating the target attribute value obtained after changing the initial value of the extension field to the target authorization record.

According to embodiments of the present disclosure, wherein:

The summary information also includes at least one of the following: the name of the data source of the target data, the data identifier, the hash digest of the data source, the owner of the data, the module on the chain to which the data belongs, and a brief description of the data.

A blockchain-based data processing device, comprising:

The second receiving module is configured to receive a data sharing request initiated by the data requester by accessing the target request address, wherein the data sharing request is used to request target data, and the target request address is included in the summary information associated with the target data, The summary information is released to the blockchain network through the data authorizer;

The determining module is used to determine the target authorization record associated with the data requester and the target data from multiple authorization records in the blockchain network, wherein the target authorization record is issued by the data authorizer;

The right confirmation module is used to confirm the right of the data requester according to the target authorization record;

The second sending module is configured to send the target data to the data requester when the right is confirmed.

According to an embodiment of the present disclosure, wherein the determining module includes:

The obtaining unit is used to obtain the sub-certificate of the data requester, wherein the sub-certificate is issued by the data authorizer, the sub-certificate carries a keyword, and the sub-certificate is associated with the target authorization record through the keyword;

The third determining unit is configured to use the authorization record associated with the keyword of the sub-certificate among the plurality of authorization records as the target authorization record associated with the data requester and the target data.

According to an embodiment of the present disclosure, the target authorization record includes a requestable number of times and a requestable time period for an authorized data requester to request the target data;

The right confirmation module includes a right confirmation unit for, based on the target authorization record, in the case that the number of times the data requester has requested the target data is less than the number of times that can be requested, and the current request period of the data requester is within the range of the time period that can be requested, Determines that the data requester currently has the request permission for the target data.

A blockchain-based authorization device, comprising:

a first publishing module, configured to publish the summary information of the target data to the blockchain network, so that the data requester initiates a data sharing request to the data storage party according to the target request address associated with the target data contained in the summary information;

The third receiving module is used to receive the data authorization request from the data requester;

A generating module, configured to generate a target authorization record associated with the data requester and the target data in response to the data authorization request;

The second publishing module is used to publish the target authorization record to the blockchain network, so that the data storage party confirms the data requester according to the target authorization record obtained from the chain, and sends the target to the data requester after passing the authorization verification data.

According to an embodiment of the present disclosure, the above-mentioned apparatus further includes:

The issuing module is used to issue the sub-certificate associated with the target authorization record to the data requester, so that the data requester can use the sub-certificate to access the target authorization record, wherein the sub-certificate carries a keyword, and the sub-certificate is associated with the target authorization record through the keyword. .

Another aspect of the present disclosure provides an electronic device, comprising: one or more processors; a memory for storing one or more programs, wherein when the one or more programs are executed by the one or more programs When the processor executes, one or more processors are caused to execute the above data processing method.

Another aspect of the present disclosure also provides a computer-readable storage medium having executable instructions stored thereon, the instructions, when executed by a processor, cause the processor to execute the above data processing method.

Another aspect of the present disclosure also provides a computer program product, including a computer program, which implements the above data processing method when executed by a processor.

Description of drawings

The foregoing and other objects, features and advantages of the present disclosure will become more apparent from the following description of embodiments of the present disclosure with reference to the accompanying drawings, in which:

FIG. 1 schematically shows an application scenario diagram of a data processing method, apparatus, device, medium and program product according to an embodiment of the present disclosure;

FIG. 2 schematically shows a flowchart of a data processing method according to an embodiment of the present disclosure;

FIG. 3 schematically shows a system diagram of data sharing and data updating by multiple parties through a blockchain according to an embodiment of the present disclosure;

FIG. 4 schematically shows a flowchart of a data processing method according to an embodiment of the present disclosure;

FIG. 5 schematically shows a flowchart of an authorization method according to an embodiment of the present disclosure;

6 schematically shows a structural block diagram of a data processing apparatus according to an embodiment of the present disclosure;

FIG. 7 schematically shows a structural block diagram of a data processing apparatus according to an embodiment of the present disclosure;

FIG. 8 schematically shows a structural block diagram of an authorization apparatus according to an embodiment of the present disclosure;

FIG. 9 schematically shows a block diagram of an electronic device suitable for implementing a data processing method according to an embodiment of the present disclosure.

Detailed ways

Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood, however, that these descriptions are exemplary only, and are not intended to limit the scope of the present disclosure. In the following detailed description, for convenience of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the present disclosure. It will be apparent, however, that one or more embodiments may be practiced without these specific details. Also, in the following description, descriptions of well-known structures and techniques are omitted to avoid unnecessarily obscuring the concepts of the present disclosure.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to limit the present disclosure. The terms "comprising", "comprising" and the like as used herein indicate the presence of stated features, steps, operations and/or components, but do not preclude the presence or addition of one or more other features, steps, operations or components.

All terms (including technical and scientific terms) used herein have the meaning as commonly understood by one of ordinary skill in the art, unless otherwise defined. It should be noted that terms used herein should be construed to have meanings consistent with the context of the present specification and should not be construed in an idealized or overly rigid manner.

Where expressions like "at least one of A, B, and C, etc.," are used, they should generally be interpreted in accordance with the meaning of the expression as commonly understood by those skilled in the art (eg, "has A, B, and C") At least one of the "systems" shall include, but not be limited to, systems with A alone, B alone, C alone, A and B, A and C, B and C, and/or A, B, C, etc. ).

For the scenarios of multi-party data sharing and change, most of the related technologies are based on the centralized services of the data owner. After online or offline negotiation with the data operator, the data operator obtains and analyzes the data to change the data. and so on. Due to the need for multi-party negotiation, high communication costs, lack of effective and credible mechanisms, and centralized services are not scalable. Although the method of realizing data sharing through blockchain in related technologies can solve the problem of communication cost, it basically realizes data sharing through blockchain, and the data has certain security risks.

In view of this, the embodiments of the present disclosure utilize the multi-party mutual trust and cooperation capability of the blockchain to provide a credible, multi-party access data processing method, which is suitable for scenarios of multi-party data sharing, modification and interoperability.

The blockchain-based data processing method provided by the embodiments of the present disclosure includes:

Obtain the summary information of the target data from the blockchain network, wherein the summary information is published to the blockchain network by the data authorizer, and the summary information includes the target request address associated with the target data, wherein the target request address is linked to the data storage party ;

Initiate a data sharing request to the data storage party by accessing the target request address;

Receive the target data from the data storage party, where the target data is sent when the data storage party confirms and verifies the data requester according to the target authorization record on the chain.

FIG. 1 schematically shows an application scenario diagram of a data processing method, apparatus, device, medium, and program product according to an embodiment of the present disclosure.

As shown in FIG. 1 , an application scenario 100 according to this embodiment may include a blockchain network 101 , a data authorizer 102 , a data requester 103 , and a data store 104 .

The blockchain corresponding to the blockchain network 101 may be a blockchain associated with a business contract. The data authorizer 102 , the data requester 103 , and the data storage party 104 may respectively include multiple nodes accessing the blockchain network 101 .

Through the blockchain network 101, the data authorizer 102, the data requester 103, and the data storage party 104 can realize data sharing. A network connection can be established between each node for data transmission over the network connection.

The data authorizer 102 can publish the summary information of the data to the blockchain network, so that the data requester 103 can know the basic information of the data by reading the summary information. The data authorizer 102 may also issue a sub-certificate for accessing the blockchain network 101 to the data requester 103 based on the data authorization request of the data requester 103 .

The summary information includes a target request address associated with the target data, wherein the target request address is linked to the data storage party 104, and the data requester 103 can access the target request address after learning the basic information of the data by reading the summary information. A data sharing request is initiated to the data store 104 .

After receiving the data sharing request initiated by the data requester 103, the data storage party 104 authenticates the data requester 103 through the blockchain network 101, and after the authentication is passed, the data is sent to the data requester 103 through the off-chain.

The data requester 103 can also act as a data changer to change the data when authorized, and upload the changed data to the blockchain network 101, and the blockchain network 101 can notify the data authorization message of the data change party 102 and data store party 104.

It should be understood that the data authorizer 102 and the data store 104 may be the same node, or may be different nodes. The data authorizer 102, the data requester 103, and the data storage party 104 may respectively include multiple nodes, or may include only one node.

It should be noted that the data processing method, authorization method and device disclosed in the present disclosure can be used in the field of blockchain technology, can also be used in the field of financial technology, and can also be used in any field other than the field of blockchain technology and financial technology. The embodiments of the present disclosure do not limit the application fields of the above-mentioned data processing method, authorization method, and apparatus.

In the technical solution of the present disclosure, the collection, storage, use, processing, transmission, provision, disclosure and application of the user's personal information involved are all in compliance with the relevant laws and regulations, and necessary confidentiality measures have been taken, and do not violate the Public order and good customs.

In the technical solution of the present disclosure, the authorization or consent of the user is obtained before the user's personal information is obtained or collected.

Based on the scenario described in FIG. 1 , the data processing method of the disclosed embodiment will be described in detail below with reference to FIGS. 2 to 9 .

FIG. 2 schematically shows a flowchart of a data processing method according to an embodiment of the present disclosure. FIG. 3 schematically shows a system diagram of data sharing and data updating by multiple parties through a blockchain according to an embodiment of the present disclosure. The method of the embodiment of the present disclosure will be described below with reference to FIG. 2 and FIG. 3 .

As shown in FIG. 2 , the blockchain-based data processing method of this embodiment includes operations S201 to S203.

In operation S201, the abstract information of the target data is obtained from the blockchain network, wherein the abstract information is published to the blockchain network by the data authorizer, and the abstract information includes the target request address associated with the target data, wherein the target request address is linked to the data store;

In operation S202, initiate a data sharing request to the data storage party by accessing the target request address;

In operation S203, the target data from the data storage party is received, wherein the target data is sent under the condition that the data storage party confirms the right of the data requester according to the target authorization record on the chain and passes the verification.

As shown in FIG. 3 , according to an embodiment of the present disclosure, the data processing method of this embodiment is implemented based on blockchain, and there can be multiple parties accessing the blockchain network, such as but not limited to data authorizers, data requesters, Data storage party, data change party, etc. Multiple parties can access the blockchain data authorization center through the blockchain access medium. The data authorizer, data requester, data storage party, and data change party can include one or more nodes accessing the blockchain network. As shown in Figure 3, the scalable data sources of the data authorization center accessing the blockchain may include, but are not limited to, data centers, storage systems, government affairs sharing systems . . .

According to the embodiment of the present disclosure, the data requester can also act as the data changer, change the data under the condition of authorization, and upload the changed data to the blockchain network, and the blockchain network can change the information of the data change. Notify the data authorizer and data store. It should be understood that the data authorizer and the data storage party may be the same node or different nodes.

The blockchain-based data processing method in this embodiment may be executed by a data requester or a data changer, and the data requester and the data changer may be the same executive body or different executive bodies.

As shown in Figure 3, the data requester or data changer can request the target data through the blockchain network. The data authorizer can publish the summary information of the target data to the blockchain network data authorization center. The summary information can include but is not limited to the data source name of the target data, data identification (data primary key), data source hash abstract, data owner , the module the data belongs to on the chain, the brief description of the data, etc., so that the data requester or data changer can know the basic information of the data by reading the summary information. The data summary information disclosed on the chain can be authorized by the data authorizer and the authorization information can be uploaded to the chain. The summary information includes a target request address associated with the target data, wherein the target request address is linked to the data storage party.

After obtaining the summary information of the target data from the chain, the data requester or data changer can decide whether to request the data according to the obtained basic information of the data, and can initiate a data sharing request to the data storage party by accessing the target request address.

After the data storage party receives the data sharing request initiated by the data requester, it authenticates the data requester or data changer through the blockchain network. After the authentication is passed, the data is sent off-chain to the data requester or data Change party.

According to an embodiment of the present disclosure, as shown in FIG. 3 , the data storage party authenticates the data request, for example, the data requester may be authenticated according to the target authorization record on the chain. The target authorization record is issued by the data authorizer, which can be the data requester or the data change direction. After the data authorizer initiates a data authorization request to request the target data, the data authorizer responds to the data authorization request and generates an association between the data requester and the target data. , and upload the target authorization record to the chain. The target authorization record may include a requestable number of times, a requestable time period, and the like for the authorized data requester to request the target data.

According to the embodiments of the present disclosure, when the data storage party authenticates the data requester or the data changer, it can access the blockchain to determine whether there is a target authorization record associated with the data requester and the target data in the blockchain network , if it exists, then further determine whether the data requester or data changer currently has the data request authority according to the information such as the number of requests and the requestable time period recorded in the target authorization record. The target data is sent off-chain to the data requester or data changer.

According to the embodiments of the present disclosure, different from the method of sharing data between multiple parties through the blockchain network in the related art, the data processing method of the embodiment of the present disclosure only shares the summary information of the data through the blockchain network, rather than sharing entity data. By sharing the summary information of the data, it is convenient for multiple parties accessing the blockchain to know the basic information of the data, so as to determine whether to request the data according to their actual needs. In the case of requesting data, the data requester can initiate a data request to the data storage party through the request address shared in the summary information, and the data storage party further authenticates through the blockchain and transmits the entity data through the off-chain. It can be seen that the data processing method of the embodiment of the present disclosure shares the summary information of the data through the blockchain network, rather than sharing the entity data. The entity data is transmitted through the chain point-to-point, which can ensure the security of the data. Only when the chain network authentication is passed, the data is transmitted off-chain, which further improves the security of the data, and multiple parties realize their respective functions through the blockchain (the data authorizer performs authorization, the data storage side performs authentication, and the data requests data). , realizes a credible, multi-participation data sharing method, has the characteristics of multi-participation and extensibility, and at the same time endows data sharing and interoperability capabilities, providing a reference for the credible flow of data.

According to an embodiment of the present disclosure, as shown in FIG. 3 , the summary information of the target data published by the data authorizer on the chain may include but not limited to the following information content, such as the data source name of the target data, the data identifier (data primary key ), data source hash digest, data owner, data on-chain module, data brief description, etc.

Among them, in the summary information, the data source hash summary is a unique string generated by the source data through the summary algorithm, which is used for data verification and confirmation. After the data requester or data changer obtains the target data, it is generated by running the relevant summary algorithm. A string, whether the generated string is consistent with the data source hash digest in the on-chain digest information.

According to the embodiments of the present disclosure, the data authorizer can authorize the data requester or the data changer to change the data information of the target data, such as changing the price, data type, data verification result, etc. of the target data, according to the specific usage scenario of the target data. Certainly. Specifically, the data authorizer can authorize the data requester or the data changer to change the value of the extension field associated with the target data, for example, change the value of the extension field "price", change the type value of "data type", and so on.

According to the embodiment of the present disclosure, based on the above data change scenario, the summary information may include the name of the extension field associated with the target data, so that the data changer can understand the data change requirements of the data authorizer.

According to an embodiment of the present disclosure, as shown in FIG. 3 , the data authorizer needs to register the data source on the chain in advance, and the data authorizer sends the data source information (registration) to the blockchain, including the name of the application, application keywords, Module name, extension field name, etc. The chain can include multiple data modules, and different data modules can be used to register different types of data sources. For example, company A has some user information registered in the user information module, and company B is registered in the financial module. There are some financial financial data. Each module on the chain stores information related to data sources, such as data source keywords, data source names, module names, etc. Based on the above data change scenarios, each module is also configured with a changeable extension field name, which is used To indicate the data change requirements of the data authorizer. The same module can define multiple extension fields, and extension fields represent the field names that can be authorized to be modified by others.

Based on the above data registration scenario, as shown in Figure 3, the summary information of the target data may also include the name information of the module to which the data source belongs on the chain, which is used to indicate the registration information of the data source.

According to an embodiment of the present disclosure, based on the above data change scenario, the above method further includes, in the case of obtaining the data authorizer, the data change party changes the data information of the target data, and sends the changed data information to the blockchain network, so that after the blockchain network pushes the change notification to the data storage party, the data storage party updates the target data according to the changed data information.

Specifically, the data information of the target data includes the value of the extension field associated with the target data, wherein the extension field is used to represent the attribute type of the target data. It should be noted that the meaning of the extension field is not limited to the attribute type of the target data. It is any other meaning related to change requirements. For example, in the scenario where company A authorizes company B to price some personal consumption information data of company A, the extension field is "price"; In the case of data verification for some financial and financial data, the extended field is "Data Verification Result".

According to an embodiment of the present disclosure, on the premise that the abstract information includes the name of the extension field associated with the target data, the data information of the target data changed by the data changer specifically includes:

Read the name of the extension field from the summary information;

According to the name of the extension field, determine the target attribute type that needs to be changed to the target data;

Determine the target attribute value of the target data under the target attribute type;

Change the initial value of the extension field to the target property value.

According to an embodiment of the present disclosure, for example, in the scenario where company A (data authorizer) authorizes company B (data changer) to price some personal consumption information data of company A, the extension field in the on-chain summary information is " Price", the data changer can read the summary information on the chain with the authorization of the data authorizer, and request the C enterprise (the data storage party, the data storage party can also be the A enterprise) through the data access address in the summary information. Data, enterprise C can initiate authentication to the blockchain after accepting the request, and verify the data requester through the authorization record on the chain. After the verification is passed, enterprise C returns the data to enterprise B.

It should be noted that the data requested through the data access address in the summary information can be the sample data of the target data, not the entity data, or just the data introduction of the target data. for flexible settings. Therefore, in the scenario of changing the data price in the above example, the data returned by company C to company B may be sample data of personal consumption information data, rather than real personal information data.

Still taking the above example as an example, after receiving the sample data of personal consumption information data returned by company C, company B can determine the data price by analyzing the sample data, that is, change the value of the corresponding extension field "price", and set the data price. The on-chain update is uploaded to the chain, and the extension field update on the chain will trigger a notification, and the updated extension field will be pushed to the C company for data changes, and the C company will change the specified extension field value according to business needs.

According to the embodiments of the present disclosure, through the above data processing method, data change can be realized on the basis of data sharing, which is different from changing entity data or part of entity data through blockchain in the related art. , only the extended fields of the entity data are changed through the blockchain, and the entity data is not changed through the blockchain, which further ensures the security of the data, and, based on the data change scenario of the embodiment of the present disclosure, because the entity data needs to be changed, It is only the data information of the entity data. Therefore, the target data returned by the data storage direction to the data changer can only be the sample data of the target data, the data introduction of the target data, etc., rather than the entity data, so that the data changer does not contact the entity. Data changes are realized under the premise of data, which improves the security of data.

According to the embodiments of the present disclosure, the above-mentioned data processing method realizes the ability of trusted multi-party expansion (expansion of data sources, expandable business scenarios, and expandable business fields) based on the characteristics of blockchain, and traceability based on blockchain The ability to realize the trace of data every time it is used is convenient for subsequent supervision.

According to an embodiment of the present disclosure, as shown in FIG. 3 , after changing the extension field of the target data, the data changer sends the changed data information to the blockchain network including: changing the initial value of the extension field to obtain the The target attribute value is updated to the target authorization record on the chain. The data changer uses the sub-certificate to access the target authorization record on the chain, in which the target authorization record and the sub-certificate are issued by the data authorizer, the sub-certificate carries keywords, and the sub-certificate is associated with the target authorization record through the keyword. Access to the corresponding authorization record. After updating the changed data information to the blockchain network authorization record, the blockchain network data authorization center pushes the change notification to the data storage party, and the data storage party updates the target data according to the changed data information.

According to the embodiments of the present disclosure, the above data processing method utilizes certificate characteristics to realize convenient authorization, sharing and interoperability, and the data authorizer only needs to issue authorization records and issue sub-certificates to complete authorization and data changes. The sub-certificates have keywords, which are associated with the authorization records one by one. In this way, differentiated rights management for the owners of different sub-certificates can be realized.

Another aspect of the present disclosure provides a blockchain-based data processing method, the data processing method being performed by a data storage party.

FIG. 4 schematically shows a flowchart of a data processing method according to an embodiment of the present disclosure.

As shown in FIG. 4 , the blockchain-based data processing method of this embodiment includes operations S401 to S404.

In operation S401, a data sharing request initiated by a data requester by accessing a target request address is received, wherein the data sharing request is used for requesting target data, wherein the target request address is included in the summary information associated with the target data, and the summary information passes through The data authorizer publishes to the blockchain network;

In operation S402, from a plurality of authorization records in the blockchain network, determine a target authorization record associated with the data requester and the target data, wherein the target authorization record is issued by the data authorizer;

In operation S403, confirm the right of the data requester according to the target authorization record;

In operation S404, if the right is confirmed, the target data is sent to the data requester.

Based on the description of the data processing method performed by the data requester or the data changer in the above-mentioned embodiments, the data storage party is mainly used for, after receiving the data sharing request initiated by the data requester, to transfer the data requestor or data requester through the blockchain network The data changer performs authentication, and after the authentication is passed, the data is sent off-chain to the data requester or data changer.

According to an embodiment of the present disclosure, as shown in FIG. 3 , the data storage party authenticates the data request, for example, the data requester may be authenticated according to the target authorization record on the chain. The target authorization record is issued by the data authorizer, which can be the data requester or the data change direction. After the data authorizer initiates a data authorization request to request the target data, the data authorizer responds to the data authorization request and generates an association between the data requester and the target data. , and upload the target authorization record to the chain.

When the data storage party authenticates the data requester or data changer, it can access the blockchain to determine whether there is a target authorization record associated with the data requester and the target data in the blockchain network. The information recorded in the target authorization record determines whether the data requester or data changer currently has the data request authority. If the authentication is passed, the data storage party sends the target data to the data requester or data changer through the off-chain.

According to the embodiments of the present disclosure, when the data requester requests data, the data is transmitted off-chain only after being authenticated by the data storage party, which improves the security of the data, and both the authorization and confirmation of the data pass through the zone. The implementation of the blockchain network, specifically, the data authorizer issues the authorization record and uploads it to the chain, and the data storage party authenticates the requester's request according to the authorization record on the chain. It can be seen that through the blockchain, a credible, The multi-participation data sharing method has the characteristics of multi-participation and scalability, and at the same time endows data sharing and interoperability.

According to the embodiments of the present disclosure, when the data storage party authenticates the data requester or the data changer, by accessing the blockchain, it is determined whether there is a target authorization record associated with the data requester and the target data in the blockchain network, Specifically, it can include:

Obtain the sub-certificate of the data requester, wherein the sub-certificate is issued by the data authorizer, the sub-certificate carries a keyword, and the sub-certificate is associated with the target authorization record through the keyword;

Among the multiple authorization records, the authorization record associated with the keyword of the sub-certificate is used as the target authorization record associated with the data requester and the target data.

According to the embodiments of the present disclosure, on the premise that the data authorizer issues the authorization record to the data requester or the data changer, based on the request of the data requester or the data changer, the data requester or the data changer can issue an authorization record to the data requester or the data changer for access. The sub-certificate of the authorization record in the blockchain. The sub-certificate carries a keyword, the sub-certificate is associated with the target authorization record through the keyword, and the corresponding authorization record can be accessed through the sub-certificate.

When the data storage party authenticates the data requester or data changer, it can access the blockchain to determine whether there is a target authorization record associated with the data requester and the target data in the blockchain network. The sub-certificate of the data requester or data changer, based on the keywords in the sub-certificate, finds whether there is a target authorization record associated with the data requester and the target data from the blockchain network. For example, the sub-certificate issued by the data authorizer to the data requester company A contains the keyword "A company", and the authorization record issued by the data authorizer to the data requester company A may include the sub-certificate keyword "A company", The name of the data source: XX data can also be included, so that the sub-certificate can be associated with the authorization record. When the data storage party authenticates the data requester or data changer, it can use the keyword "A company" to find out whether the target authorization record of the keyword "A company" including the sub-certificate exists in the blockchain network.

According to an embodiment of the present disclosure, as shown in FIG. 3 , the target authorization record may include, in addition to the keywords of the sub-certificate, the name of the data source, the authorization object, the primary key of the abstract of the data source, the operation mode (such as readable or Write), the initial value of the extension field that can be authorized to be changed, the number of times that the authorized data requester can request the target data, the time period that can be requested, the number of times it has been requested, and so on.

According to the embodiments of the present disclosure, if there is a target authorization record associated with the data requester and the target data in the blockchain network, the data requester is further determined according to information such as the number of requests and the requestable time period recorded in the target authorization record. Or whether the data changer currently has the data request permission, for example, based on the target authorization record, when the number of times the data requester has requested the target data is less than the number of requests, and the current request period of the data requester is within the range of the requestable time period In the case of , determine that the data requester currently has the request permission for the target data. In the case of passing the authentication, the data storage party sends the target data to the data requester or data change party through the off-chain.

According to the embodiment of the present disclosure, the data storage party can also determine whether the data requester has the corresponding authority according to the operation mode recorded in the target authorization record, such as readable or writable. Readable means that the data requester has the right to read the data. Permission, writable means that the data requester has the permission to change the data extension field.

Another aspect of the present disclosure provides a blockchain-based authorization method performed by a data authorizer.

FIG. 5 schematically shows a flowchart of an authorization method according to an embodiment of the present disclosure.

As shown in FIG. 5 , the authorization method according to the embodiment of the present disclosure includes operations S501 to S504.

In operation S501, the summary information of the target data is published to the blockchain network, so that the data requester initiates a data sharing request to the data storage party according to the target request address associated with the target data contained in the summary information;

In operation S502, receiving a data authorization request from a data requester;

In operation S503, in response to the data authorization request, generating a target authorization record associated with the data requester and the target data;

In operation S504, the target authorization record is published to the blockchain network, so that the data storage party sends the target data to the data requester after confirming and verifying the data requester according to the target authorization record obtained from the chain.

According to the embodiments of the present disclosure, based on the description of the data processing method performed by the data requester or the data changer and the data storage party in the above-mentioned embodiments, the data authorizer is mainly used to request authorization for the data requester or the data changer , when receiving a data authorization request from the data requester, generate a target authorization record associated with the data requester and the target data, and upload the authorization record to the chain, so that the data storage party can verify the data according to the target authorization record obtained from the chain. The requestor authenticates.

According to the embodiments of the present disclosure, the premise of data sharing between the data requester and the data storage party is based on the authorization of the data authorizer, through which the security of data transmission is guaranteed. It has a multi-party participation data sharing mechanism, and has the characteristics of multi-party participation and scalability. Based on the blockchain network, multiple parties can realize their different functions and achieve orderly and credible data sharing.

According to the embodiments of the present disclosure, on the premise that the data authorizer issues the authorization record to the data requester or the data changer, based on the request of the data requester or the data changer, the data requester or the data changer can issue an authorization record to the data requester or the data changer for access. The sub-certificate of the authorization record in the blockchain. The sub-certificate carries a keyword, the sub-certificate is associated with the target authorization record through the keyword, and the corresponding authorization record can be accessed through the sub-certificate.

In terms of authorization and verification logic, the user system of the blockchain is implemented based on certificates. Organizations participating in the blockchain provide the public key of the root certificate to their respective nodes, and users can access the blockchain through the sub-certificate issued by the root certificate of the organization. network. The data changer fills in the authorization record according to the data summary issued by the data authorizer to apply for authorization, as long as the data authorizer confirms that it has supplemented the "authentication method" (sub-certificate) information and issues an authorization sub-certificate to the data changer.

The issued sub-certificate can be accompanied by "keywords", and the "keywords" can be specified in advance. As shown in Figure 3, on the premise that the data authorizer issues an authorization record (including the certificate "keyword" information) to the data requester or data changer, the data authorizer issues a sub-certificate with the specified "keyword" To the data requester or data changer, the data requester or data changer can access the blockchain to obtain the data access address through the sub-certificate, request data from the data storage party through the data access address, and the data storage party initiates authentication to the blockchain network Obtain the authorization record, verify the sub-certificate and the number of authorization times/time, and return the specific data after the verification is passed.

According to an embodiment of the present disclosure, the sub-certificates are associated with authorization records one by one through keywords, and different authorization records record different permissions that can authorize the request data. The keyword "Company A", the authorization record issued by the data authorizer to Company A may include the keyword "Company A" of the sub-certificate, and the number of times the target data 1 can be requested is recorded 100 times; The sub-certificate issued by Party B company contains the keyword "B company", and the authorization record issued by the data authorizing party to B company may include the sub-certificate keyword "B company", and the number of times the target data 2 can be requested is recorded as 2000 times; in this way, through sub-certificates and authorization records, differentiated management of the permissions of different data requesters is realized, which facilitates refined permission control and effectively ensures data security.

Based on the above data processing method, the present disclosure also provides a data processing apparatus. The device will be described in detail below with reference to FIG. 6 .

FIG. 6 schematically shows a structural block diagram of a data processing apparatus according to an embodiment of the present disclosure.

As shown in FIG. 6 , the blockchain-based data processing apparatus of this embodiment includes an acquisition module 601 , a request module 602 and a first receiving module 603 .

The obtaining module 601 is used to obtain the summary information of the target data from the blockchain network, wherein the summary information is released to the blockchain network through the data authorizer, and the summary information includes the target request address associated with the target data, wherein the target request The address is linked to the data store;

A request module 602, configured to initiate a data sharing request to the data storage party by accessing the target request address;

The first receiving module 603 is configured to receive target data from the data storage party, wherein the target data is sent under the condition that the data storage party confirms and verifies the data requester according to the target authorization record on the chain.

According to the embodiment of the present disclosure, the abstract information of the target data obtained by the obtaining module 601 from the blockchain is different from the related art that multiple parties share entity data through the blockchain network. The blockchain network can only obtain the summary information of the data, not the entity data. Through the request module 602, a data request can be initiated to the data storage party through the request address shared in the summary information, and further through the first receiving module 603 to perform authentication through the blockchain to realize the off-chain transmission of the entity data, which can ensure the security of the data. Further, the entity data is transmitted off-chain only when it is authenticated through the blockchain network, which further improves the security of the data, and multiple parties realize their respective functions through the blockchain (data authorizers perform authorization, data storage, etc.). authentication, data request data), realizes a credible, multi-participation data sharing method, has the characteristics of multi-participation and extensibility, and at the same time endows data sharing and interoperability capabilities, for the credibility of data Circulation provides a reference.

According to an embodiment of the present disclosure, the above-mentioned apparatus further includes a changing module and a first sending module.

The changing module is used to change the data information of the target data; the first sending module is used to send the changed data information to the blockchain network, so that after the blockchain network pushes the change notification to the data storage party, the data The storage party updates the target data according to the changed data information.

According to an embodiment of the present disclosure, the data information of the target data includes a value of an extension field associated with the target data, wherein the extension field is used to represent an attribute type of the target data.

According to an embodiment of the present disclosure, the abstract information further includes the name of the extension field associated with the target data, and the changing module includes a reading unit, a first determining unit, a first determining unit, and a changing unit.

Wherein, the reading unit is used to read the name of the extension field from the summary information; the first determination unit is used to determine the target attribute type that needs to be changed in the target data according to the name of the extension field; the first determination unit is used for It is used to determine the target attribute value of the target data under the target attribute type; the change unit is used to change the initial value of the extension field to the target attribute value.

According to an embodiment of the present disclosure, the first sending module includes an access unit and an update unit.

The access unit is used to use the sub-certificate to access the target authorization record on the chain, wherein the target authorization record and the sub-certificate are issued by the data authorizer, the sub-certificate carries a keyword, and the sub-certificate is associated with the target authorization record through the keyword; the update unit , which is used to update the target attribute value obtained after changing the initial value of the extension field to the target authorization record.

According to an embodiment of the present disclosure, the summary information further includes at least one of the following: a data source name of the target data, a data identifier, a data source hash digest, a data owner, a module on the chain to which the data belongs, and a brief description of the data.

Based on the above data processing method, the present disclosure also provides a data processing apparatus. The device will be described in detail below with reference to FIG. 7 .

FIG. 7 schematically shows a structural block diagram of a data processing apparatus according to an embodiment of the present disclosure.

As shown in FIG. 7 , the blockchain-based data processing apparatus in this embodiment includes a second receiving module 701 , a determining module 702 , a right confirming module 703 , and a second sending module 704 .

The second receiving module 701 is configured to receive a data sharing request initiated by a data requester by accessing the target request address, wherein the data sharing request is used to request target data, and the target request address is included in the abstract associated with the target data In the information, the summary information is released to the blockchain network through the data authorizer;

A determination module 702, configured to determine a target authorization record associated with the data requester and the target data from a plurality of authorization records in the blockchain network, wherein the target authorization record is issued by the data authorizer;

The right confirmation module 703 is used to confirm the right of the data requester according to the target authorization record;

The second sending module 704 is configured to send the target data to the data requester when the right is confirmed.

According to the embodiment of the present disclosure, when the data requester requests data, the determination module 702 and the right confirmation module 703 allow the data to be transmitted off-chain only after being authenticated by the data storage party, which improves the security of the data. And the authorization and confirmation of the data are realized through the blockchain network. Specifically, the data authorizer issues the authorization record and uploads it to the chain. Through the authorization confirmation module 703, the data storage party authenticates the requester's request according to the authorization record on the chain. , it can be seen that through the blockchain, a credible, multi-party data sharing method has been realized, which has the characteristics of multi-party participation and scalability, and at the same time endows data sharing and interoperability.

According to an embodiment of the present disclosure, the determining module includes an acquiring unit and a third determining unit.

Wherein, the obtaining unit is used to obtain the sub-certificate of the data requester, wherein the sub-certificate is issued by the data authorization party, the sub-certificate carries a keyword, and the sub-certificate is associated with the target authorization record through the keyword; the third determining unit is used to Among the multiple authorization records, the authorization record associated with the keyword of the sub-certificate serves as the target authorization record associated with the data requester and the target data.

According to an embodiment of the present disclosure, the target authorization record includes a requestable number of times and a requestable time period for an authorized data requester to request the target data;

The right confirmation module includes a right confirmation unit for, based on the target authorization record, in the case that the number of times the data requester has requested the target data is less than the number of times that can be requested, and the current request period of the data requester is within the range of the time period that can be requested, Determines that the data requester currently has the request permission for the target data.

Based on the above blockchain-based authorization method, the present disclosure also provides a blockchain-based authorization device. The device will be described in detail below with reference to FIG. 8 .

FIG. 8 schematically shows a structural block diagram of an authorization apparatus according to an embodiment of the present disclosure.

As shown in FIG. 8 , the blockchain-based authorization device of this embodiment includes a first issuing module 801 , a third receiving module 802 , a generating module 803 , and a second issuing module 804 .

The first publishing module 801 is configured to publish the summary information of the target data to the blockchain network, so that the data requester initiates a data sharing request to the data storage party according to the target request address associated with the target data contained in the summary information;

A third receiving module 802, configured to receive a data authorization request from a data requester;

A generating module 803, configured to generate a target authorization record associated with the data requester and the target data in response to the data authorization request;

The second publishing module 804 is configured to publish the target authorization record to the blockchain network, so that the data storage party confirms and verifies the data requester according to the target authorization record obtained from the chain, and then sends the data to the data requester. target data.

According to the embodiment of the present disclosure, the premise of data sharing between the data requester and the data storage party is that, based on the authorization of the data authorizer, the third receiving module 802 and the generating module 803 generate a target associated with the data requester and the target data. The authorization record is used for authorization, which ensures the security of data transmission. Further, the target authorization record is released to the blockchain network through the second release module 804, and a multi-party data sharing mechanism is established based on the blockchain network. With the feature of multi-party participation and scalability, multiple parties can realize their different functions based on the blockchain network, and realize orderly and credible data sharing.

According to an embodiment of the present disclosure, the above-mentioned apparatus further includes an issuing module, configured to issue a sub-certificate associated with the target authorization record to the data requester, so that the data requester uses the sub-certificate to access the target authorization record, wherein the sub-certificate carries a keyword , the sub-certificate is associated with the target authorization record by keyword.

According to the embodiment of the present disclosure, the retrieval module 601, the request module 602, the first receiving module 603, the second receiving module 701, the determining module 702, the right confirming module 703, the second sending module 704, the first issuing module 801, the third Any multiple modules among the receiving module 802, the generating module 803, and the second publishing module 804 may be combined into one module for implementation, or any one of the modules may be split into multiple modules. Alternatively, at least part of the functionality of one or more of these modules may be combined with at least part of the functionality of other modules and implemented in one module. According to the embodiment of the present disclosure, the retrieval module 601, the request module 602, the first receiving module 603, the second receiving module 701, the determining module 702, the right confirming module 703, the second sending module 704, the first issuing module 801, the third At least one of the receiving module 802, the generating module 803, and the second issuing module 804 may be implemented at least partially as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system-on-chip, an on-board system, system-on-package, application-specific integrated circuit (ASIC), or any other reasonable way of integrating or packaging the circuit, such as hardware or firmware, or in any of the three implementations of software, hardware, and firmware. One or an appropriate combination of any of them is implemented. Or, the fetching module 601, the requesting module 602, the first receiving module 603, the second receiving module 701, the determining module 702, the right confirming module 703, the second sending module 704, the first issuing module 801, the third receiving module 802, the generating At least one of the module 803 and the second publishing module 804 may be implemented at least in part as a computer program module, and when the computer program module is executed, it may perform corresponding functions.

FIG. 9 schematically shows a block diagram of an electronic device suitable for implementing a data processing method according to an embodiment of the present disclosure.

As shown in FIG. 9 , an electronic device 900 according to an embodiment of the present disclosure includes a processor 901 that can be loaded into a random access memory (RAM) 903 according to a program stored in a read only memory (ROM) 902 or from a storage portion 908 program to perform various appropriate actions and processes. The processor 901 may include, for example, a general-purpose microprocessor (eg, a CPU), an instruction set processor and/or a related chipset, and/or a special-purpose microprocessor (eg, an application-specific integrated circuit (ASIC)), and the like. The processor 901 may also include on-board memory for caching purposes. The processor 901 may include a single processing unit or multiple processing units for performing different actions of the method flow according to the embodiments of the present disclosure.

In the RAM 903, various programs and data necessary for the operation of the electronic device 900 are stored. The processor 901 , the ROM 902 and the RAM 903 are connected to each other through a bus 904 . The processor 901 performs various operations of the method flow according to the embodiment of the present disclosure by executing the programs in the ROM 902 and/or the RAM 903 . Note that the program may also be stored in one or more memories other than the ROM 902 and the RAM 903 . The processor 901 may also perform various operations of the method flow according to the embodiments of the present disclosure by executing programs stored in the one or more memories.

According to an embodiment of the present disclosure, the electronic device 900 may also include an input/output (I/O) interface 905 which is also connected to the bus 904 . Electronic device 900 may also include one or more of the following components connected to I/O interface 905: input portion 906 including keyboard, mouse, etc.; including components such as cathode ray tube (CRT), liquid crystal display (LCD), etc., and An output section 907 of speakers and the like; a storage section 908 including a hard disk and the like; and a communication section 909 including a network interface card such as a LAN card, a modem, and the like. The communication section 909 performs communication processing via a network such as the Internet. A drive 910 is also connected to the I/O interface 905 as needed. A removable medium 911, such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, etc., is mounted on the drive 910 as needed so that a computer program read therefrom is installed into the storage section 908 as needed.

The present disclosure also provides a computer-readable storage medium. The computer-readable storage medium may be included in the device/apparatus/system described in the above embodiments; it may also exist alone without being assembled into the device/system. device/system. The above-mentioned computer-readable storage medium carries one or more programs, and when the above-mentioned one or more programs are executed, implement the method according to the embodiment of the present disclosure.

According to an embodiment of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium, such as, but not limited to, portable computer disks, hard disks, random access memory (RAM), read only memory (ROM) , erasable programmable read only memory (EPROM or flash memory), portable compact disk read only memory (CD-ROM), optical storage devices, magnetic storage devices, or any suitable combination of the foregoing. In this disclosure, a computer-readable storage medium may be any tangible medium that contains or stores a program that can be used by or in conjunction with an instruction execution system, apparatus, or device. For example, according to embodiments of the present disclosure, a computer-readable storage medium may include one or more memories other than ROM 902 and/or RAM 903 and/or ROM 902 and RAM 903 described above.

Embodiments of the present disclosure also include a computer program product comprising a computer program containing program code for performing the method illustrated in the flowchart. When the computer program product runs in the computer system, the program code is used to make the computer system implement the data processing method provided by the embodiments of the present disclosure.

When the computer program is executed by the processor 901, the above-described functions defined in the system/apparatus of the embodiment of the present disclosure are performed. According to embodiments of the present disclosure, the systems, apparatuses, modules, units, etc. described above may be implemented by computer program modules.

In one embodiment, the computer program may rely on a tangible storage medium such as an optical storage device, a magnetic storage device, or the like. In another embodiment, the computer program may also be transmitted, distributed in the form of a signal over a network medium, and downloaded and installed through the communication section 909, and/or installed from a removable medium 911. The program code embodied by the computer program may be transmitted using any suitable network medium, including but not limited to: wireless, wired, etc., or any suitable combination of the foregoing.

In such an embodiment, the computer program may be downloaded and installed from the network via the communication portion 909, and/or installed from the removable medium 911. When the computer program is executed by the processor 901, the above-described functions defined in the system of the embodiment of the present disclosure are performed. According to embodiments of the present disclosure, the above-described systems, apparatuses, apparatuses, modules, units, etc. can be implemented by computer program modules.

According to the embodiments of the present disclosure, the program code for executing the computer program provided by the embodiments of the present disclosure may be written in any combination of one or more programming languages, and specifically, high-level procedures and/or object-oriented programming may be used. programming language, and/or assembly/machine language to implement these computational programs. Programming languages include, but are not limited to, languages such as Java, C++, python, "C" or similar programming languages. The program code may execute entirely on the user computing device, partly on the user device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a local area network (LAN) or a wide area network (WAN), or may be connected to an external computing device (eg, using an Internet service provider business via an Internet connection).

The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code that contains one or more logical functions for implementing the specified functions executable instructions. It should also be noted that, in some alternative implementations, the functions noted in the blocks may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It is also noted that each block of the block diagrams or flowchart illustrations, and combinations of blocks in the block diagrams or flowchart illustrations, can be implemented in special purpose hardware-based systems that perform the specified functions or operations, or can be implemented using A combination of dedicated hardware and computer instructions is implemented.

Those skilled in the art will appreciate that various combinations and/or combinations of features recited in various embodiments and/or claims of the present disclosure are possible, even if such combinations or combinations are not expressly recited in the present disclosure. In particular, various combinations and/or combinations of the features recited in the various embodiments of the present disclosure and/or in the claims may be made without departing from the spirit and teachings of the present disclosure. All such combinations and/or combinations fall within the scope of this disclosure.

Embodiments of the present disclosure have been described above. However, these examples are for illustrative purposes only, and are not intended to limit the scope of the present disclosure. Although the various embodiments are described above separately, this does not mean that the measures in the various embodiments cannot be used in combination to advantage. The scope of the present disclosure is defined by the appended claims and their equivalents. Without departing from the scope of the present disclosure, those skilled in the art can make various substitutions and modifications, and these substitutions and modifications should all fall within the scope of the present disclosure.

Claims (17)

1. A data processing method based on blockchain, comprising: Obtain the summary information of the target data from the blockchain network, wherein the summary information is published to the blockchain network by the data authorizer, and the summary information includes the target request address associated with the target data, wherein, The target request address is linked to the data storage party; Initiating a data sharing request to the data storage party by accessing the target request address; The target data from the data storage party is received, wherein the target data is sent under the condition that the data storage party confirms and verifies the data requester according to the target authorization record on the chain. 2. The method of claim 2, further comprising: Change the data information of the target data; Send the changed data information to the blockchain network, so that after the blockchain network pushes the change notification to the data storage party, the data storage party updates the data according to the changed data information. target data. 3. The method of claim 2, wherein: The data information of the target data includes a value of an extension field associated with the target data, wherein the extension field is used to represent the attribute type of the target data. 4. The method according to claim 3, wherein the summary information further includes the name of the extension field associated with the target data, and the data information of changing the target data comprises: Read the name of the extension field from the summary information; According to the name of the extension field, determine the target attribute type that needs to be changed to the target data; determining the target attribute value of the target data under the target attribute type; The initial value of the extension field is changed to the target attribute value. 5. The method of claim 4, wherein the sending the changed data information to the blockchain network comprises: The target authorization record on the chain is accessed using a sub-certificate, wherein the target authorization record and the sub-certificate are issued by the data authorizer, the sub-certificate carries a keyword, and the sub-certificate passes the keyword associated with the target authorization record; The target attribute value obtained after changing the initial value of the extension field is updated to the target authorization record. 6. The method of claim 1, wherein: The summary information also includes at least one of the following: the name of the data source of the target data, the data identifier, the hash abstract of the data source, the owner of the data, the module to which the data belongs on the chain, and a brief description of the data. 7. A data processing method based on blockchain, comprising: Receive a data sharing request initiated by a data requester by accessing a target request address, wherein the data sharing request is used to request target data, wherein the target request address is included in the summary information associated with the target data, so The above summary information is released to the blockchain network through the data authorizer; from a plurality of authorization records in the blockchain network, determining a target authorization record associated with the data requester and the target data, wherein the target authorization record is issued by the data authorizer; Confirming the right of the data requester according to the target authorization record; If the right is confirmed, the target data is sent to the data requester. 8. The method of claim 7, wherein the determining, from a plurality of authorization records in the blockchain network, a target authorization record associated with the data requester and the target data comprises: obtaining a sub-certificate of the data requester, wherein the sub-certificate is issued by the data authorizer, the sub-certificate carries a keyword, and the sub-certificate is associated with the target authorization record through the keyword; Among the plurality of authorization records, the authorization record associated with the keyword of the sub-certificate is used as the target authorization record associated with the data requester and the target data. 9. The method according to claim 7, wherein the target authorization record comprises a requestable number of times and a requestable time period for authorizing the data requester to request the target data; The confirming the right of the data requester according to the target authorization record includes: Based on the target authorization record, when the number of times the data requester has requested the target data is less than the number of times that can be requested, and the current request period of the data requester is within the range of the requestable time period Next, it is determined that the data requester currently has the request authority for the target data. 10. A blockchain-based authorization method, comprising: Publish the summary information of the target data to the blockchain network, so that the data requester initiates a data sharing request to the data storage party according to the target request address associated with the target data contained in the summary information; receiving a data authorization request from the data requester; in response to the data authorization request, generating a target authorization record associated with the data requester and the target data; Publish the target authorization record to the blockchain network, so that the data storage party confirms and verifies the data requester according to the target authorization record obtained from the chain, and then sends the data to the data requester. The data requester sends the target data. 11. The method of claim 10, further comprising: Issue a sub-certificate associated with the target authorization record to the data requesting party, so that the data requesting party uses the sub-certificate to access the target authorization record, wherein the sub-certificate carries a keyword, and the sub-certificate carries a keyword. The certificate is associated with the target authorization record by the key. 12. A data processing device based on blockchain, comprising: an acquisition module, configured to acquire summary information of the target data from the blockchain network, wherein the summary information is published to the blockchain network by a data authorizer, and the summary information includes the target associated with the target data request address, wherein the target request address is linked to the data storage party; a request module, configured to initiate a data sharing request to the data storage party by accessing the target request address; The first receiving module is used to receive the target data from the data storage party, wherein the target data is verified by the data requester by the data storage party according to the target authorization record on the chain. sent under the circumstances. 13. A data processing device based on blockchain, comprising: The second receiving module is configured to receive a data sharing request initiated by a data requester by accessing a target request address, wherein the data sharing request is used to request target data, wherein the target request address is included in the target data In the associated summary information, the summary information is published to the blockchain network through the data authorizer; A determination module, configured to determine a target authorization record associated with the data requester and the target data from a plurality of authorization records in the blockchain network, wherein the target authorization record is determined by the data authorizer issue; a right confirmation module, configured to confirm the right of the data requester according to the target authorization record; The second sending module is configured to send the target data to the data requester when the right is confirmed. 14. A blockchain-based authorization device, comprising: The first publishing module is used to publish the summary information of the target data to the blockchain network, so that the data requester initiates data to the data storage party according to the target request address associated with the target data contained in the summary information sharing request; a third receiving module, configured to receive a data authorization request from the data requester; a generating module, configured to generate a target authorization record associated with the data requester and the target data in response to the data authorization request; The second publishing module is configured to publish the target authorization record to the blockchain network, so that the data storage party confirms the right of the data requester according to the target authorization record obtained from the chain After the verification is passed, the target data is sent to the data requester. 15. An electronic device comprising: one or more processors; storage means for storing one or more programs, Wherein, when the one or more programs are executed by the one or more processors, the one or more processors are caused to perform the method according to any one of claims 1-6. 16. A computer-readable storage medium having stored thereon executable instructions which, when executed by a processor, cause the processor to perform the method of any one of claims 1-6. 17. A computer program product comprising a computer program which, when executed by a processor, implements the method of any one of claims 1-6.

Images