[go: up one dir, main page]

WO2025025431A1 - Data management method and apparatus, and system - Google Patents

Data management method and apparatus, and system Download PDF

Info

Publication number
WO2025025431A1
WO2025025431A1 PCT/CN2023/134859 CN2023134859W WO2025025431A1 WO 2025025431 A1 WO2025025431 A1 WO 2025025431A1 CN 2023134859 W CN2023134859 W CN 2023134859W WO 2025025431 A1 WO2025025431 A1 WO 2025025431A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
acquisition
information
usage
acquirer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/CN2023/134859
Other languages
French (fr)
Chinese (zh)
Inventor
余逸荣
陈杭
张�杰
于杨
魏长征
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ant Blockchain Technology Shanghai Co Ltd
Original Assignee
Ant Blockchain Technology Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ant Blockchain Technology Shanghai Co Ltd filed Critical Ant Blockchain Technology Shanghai Co Ltd
Publication of WO2025025431A1 publication Critical patent/WO2025025431A1/en
Anticipated expiration legal-status Critical
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • G06F16/24564Applying rules; Deductive queries
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • One or more embodiments of the present specification relate to the field of blockchain technology, and in particular, to a data management method, device, and system.
  • the data processor needs to use the data held by the data owner, it needs to initiate a request for the data to the data owner so that the relevant personnel of the data owner can verify one by one whether the data processor meets all the authorization conditions of the requested data, and then decide whether to authorize the data to the data processor for its processing and use.
  • one or more embodiments of the present specification provide a data management method, device, and system.
  • a data management method is proposed, which is applied to a blockchain system in a data management system, wherein the data management system also includes a data owner and a data acquirer, and the data management contract deployed in the blockchain system records the acquisition rules and usage rules of the target data, and the target data belongs to the data owner.
  • the method includes: in response to receiving data acquisition information for the target data submitted by the data acquirer, executing the data management contract, and the data management contract is used to determine whether the data acquisition information satisfies the acquisition rules; determining data usage information for the target data and executing the data management contract, and the data management contract is used to determine whether the data usage information satisfies the usage rules; when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, the credential information for the target data is disclosed to the data acquirer, and the credential information is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data.
  • a data management system including a blockchain system, a data owner and a data acquirer, wherein the data management contract deployed in the blockchain system records the acquisition rules and usage rules of the target data, and the target data belongs to the data owner, wherein the data acquirer is used to submit data acquisition information for the target data to the blockchain system; the blockchain system is used to execute the data management contract, and the data management contract is used to determine whether the data acquisition information satisfies the acquisition rules; determine data usage information for the target data and execute the data management contract, and the data management contract is used to determine whether the data usage information satisfies the usage rules; and, when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, disclose the credential information for the target data to the data acquirer; the data owner is used to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data when receiving the credential information for the target data to the data acquirer; the data owner is used to assist
  • a data management device which is applied to a blockchain system in a data management system, wherein the data management system also includes a data owner and a data acquirer, and the data management contract deployed in the blockchain system records the acquisition rules and usage rules of the target data, and the target data belongs to the data owner.
  • the device includes: a first execution unit, which is used to execute the data management contract in response to receiving data acquisition information for the target data submitted by the data acquirer, and the data management contract is used to determine whether the data acquisition information satisfies the acquisition rules; a second execution unit, which is used to determine data usage information for the target data and execute the data management contract, and the data management contract is used to determine whether the data usage information satisfies the usage rules; an information transmission unit, which is used to transmit the credential information for the target data to the data acquirer when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, and the credential information is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data.
  • an electronic device comprising: a processor; a memory for storing processor-executable instructions; wherein the processor executes the executable instructions to implement Now the method described in the first aspect.
  • a computer-readable storage medium on which computer instructions are stored, and when the instructions are executed by a processor, the steps of the method described in the first aspect are implemented.
  • the data management system described in this specification includes a blockchain system, a data owner and a data acquirer, and a data management contract is deployed in the blockchain system, and the acquisition rules and usage rules of the target data belonging to the data owner are recorded in the contract.
  • the blockchain network executes the data management contract to determine whether the data acquisition information meets the acquisition rules; in addition, the data usage information for the target data is determined and the data management contract is executed to determine whether the data usage information meets the usage rules; and, when the data acquisition information meets the acquisition rules and/or the data usage information meets the usage rules, the credential information for the target data is disclosed to the data acquirer, which is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data.
  • this solution records the acquisition rules and usage rules of the target data in the data management contract deployed by the blockchain system, and the contract verifies whether the data acquisition information submitted by the data acquirer meets the acquisition rules, and verifies whether the corresponding data usage information meets the usage rules, and then determines whether to disclose the credential information used to obtain the target data or its calculation results to the data acquirer based on the verification results, that is, the blockchain system and the data management contract deployed on it are used to realize the on-chain automated and refined authorization for the target data.
  • the acquisition rules and usage rules of the target data are recorded in the data management contract deployed on the chain, and the blockchain system completes the authorization for the target data on the chain based on the contract, which significantly reduces the data management burden of the data owner in the data authorization process and helps to improve the efficiency of data authorization.
  • the acquisition rules and usage rules of the target data are recorded in the data management contract for public disclosure, so that all relevant parties in the data authorization process (such as the data acquirer) can flexibly view the above rules; and the verification of whether the data acquisition information meets the acquisition rules and the verification of whether the data usage information meets the usage rules are completed on the chain by the smart contract, so that the verification process and results can be openly and transparently stored on the chain, which helps to avoid the black box operations that may arise from off-chain verification and improves the transparency and credibility of the data authorization process.
  • FIG. 1 is a schematic diagram of an example environment provided by an exemplary embodiment.
  • FIG. 2 is a schematic diagram of a conceptual architecture provided by an exemplary embodiment.
  • FIG. 3 is a flow chart of a data management method provided by an exemplary embodiment.
  • FIG. 4 is a schematic diagram of the structure of a data management system provided by an exemplary embodiment.
  • FIG. 5 is a schematic structural diagram of a device provided by an exemplary embodiment.
  • FIG. 6 is a block diagram of a data management device provided by an exemplary embodiment.
  • the steps of the corresponding method are not necessarily performed in the order shown and described in this specification. In some other embodiments, the steps included in the method may be more or less than those described in this specification. In addition, a single step described in this specification may be decomposed into multiple steps for description in other embodiments; and multiple steps described in this specification may be combined into a single step for description in other embodiments.
  • FIG. 1 is a schematic diagram of an example environment provided by an exemplary embodiment.
  • the example environment 100 allows entities to participate in a blockchain network 102.
  • the blockchain network 102 may be a public type, a private type, or a consortium type blockchain network.
  • the example environment 100 may include computing devices 104, 106, 108, 110, 112, and a network 114; in one embodiment, the network 114 may include a local area network (LAN), a wide area network (WAN), the Internet, or a combination thereof, and is connected to a website, a user device (e.g., a computing device), and a backend system. In one embodiment, any computing device may access the network 114 via wired and/or wireless communication.
  • LAN local area network
  • WAN wide area network
  • the Internet or a combination thereof
  • any computing device may access the network 114 via wired and/or wireless communication.
  • computing devices 106, 108 may be nodes of a cloud computing system (not shown), or each computing device 106, 108 may be a separate cloud computing system including multiple computers interconnected by a network and operating as a distributed processing system.
  • computing devices 104-108 may run any appropriate computing system to enable them to serve as nodes in blockchain network 102; for example, computing devices 104-108 may include but are not limited to servers, desktop computers, laptop computers, tablet computing devices, smart phones, and wearable devices. In one embodiment, computing devices 104-108 may belong to related entities and be used to implement corresponding services, such as the service that can be used to manage transactions between a certain entity or multiple entities.
  • computing devices 104-108 respectively store blockchain ledgers corresponding to blockchain network 102.
  • Computing device 104 may be (or include) a network server for providing browser functions, which may provide visualization information related to blockchain network 102 based on network 114.
  • computing device 104 may not participate in block verification, but monitor blockchain network 102 to determine when other nodes (such as computing devices 106-108) reach consensus, and generate a corresponding blockchain visualization user interface accordingly.
  • computing device 104 may receive a request for a blockchain visual user interface initiated by a client device (e.g., computing device 110 or computing device 112).
  • a client device e.g., computing device 110 or computing device 112
  • a node of blockchain network 102 may also serve as a client device, such as a user of computing device 108 may use a browser running on computing device 108 to send the above request to computing device 104.
  • the computing device 104 may generate a blockchain visual user interface (such as a web page) based on the stored blockchain ledger, and send the generated blockchain visual user interface to the requesting client device.
  • a blockchain visual user interface such as a web page
  • the request for the blockchain visual user interface may include user authorization information.
  • the computing device 104 may verify the user authorization information and return the corresponding blockchain visual user interface after the verification is passed.
  • the blockchain visualization user interface may be displayed on a client device (e.g., may be displayed in the user interface 116 shown in FIG. 1 ).
  • the display content of the user interface 116 may also be updated accordingly.
  • the user's interaction with the user interface 116 may result in a request for other user interfaces, such as displaying a block list, block details, a transaction list, transaction details, an account list, account details, a contract list, contract details, or a search result page generated by a user's search of the blockchain network.
  • Fig. 2 is a schematic diagram of a conceptual architecture provided by an exemplary embodiment.
  • the conceptual architecture 200 includes an entity layer 202, a hosting service layer 204, and a blockchain network layer 206.
  • the entity layer 202 may include three entities: entity 1, entity 2, and entity 3, each of which has its own transaction management system 208.
  • the hosting service layer 204 may include an interface 210 corresponding to each transaction management system 208.
  • each transaction management system 208 communicates with its respective interface 210 through a network (e.g., network 114 in FIG. 1 ) using a protocol (e.g., Hypertext Transfer Protocol Secure (HTTPS)).
  • HTTPS Hypertext Transfer Protocol Secure
  • each interface 210 may provide a communication connection between the respective transaction management system 208 and the blockchain network layer 206; more specifically, the interface 210 may communicate with the blockchain network 212 of the blockchain network layer 206.
  • the communication between the interface 210 and the blockchain network layer 206 may be implemented using a remote procedure call (RPC).
  • the interface 210 may provide an API interface for accessing the blockchain network 212 to the transaction management system 208.
  • the blockchain network 212 is provided in the form of a peer-to-peer network, which includes multiple nodes 214, and these nodes 214 are respectively used to persist the blockchain ledger 216 formed by the block chain data; wherein, only one blockchain ledger 216 is shown in FIG2, but there may be multiple blockchain ledgers 216 or copies thereof in the blockchain network 212, for example, each node 214 may respectively maintain a blockchain ledger 216 or a copy thereof.
  • transactions in the blockchain can be divided into transactions in a narrow sense and transactions in a broad sense.
  • a transaction in a narrow sense refers to a value transfer published by a user to the blockchain; for example, in a traditional Bitcoin blockchain network, a transaction can be a transfer initiated by a user in the blockchain.
  • a transaction in a broad sense refers to a piece of business data with business intent published by a user to the blockchain; for example, an operator can build a consortium chain based on actual business needs, and rely on the consortium chain to deploy some other types of online services that are not related to value transfer (for example, rental business, vehicle dispatch business, insurance claims business, credit services, medical services, etc.), and in this type of consortium chain, a transaction can be a business message or business request with business intent published by a user in the consortium chain.
  • Blockchain is generally divided into three types: public chain (Public Blockchain), private chain (Private Blockchain) and consortium chain (Consortium Blockchain).
  • Public Blockchain Public Blockchain
  • private chain Private Chain
  • Compute Blockchain consortium chain
  • consortium chain consortium chain
  • combinations such as private chain + consortium chain, consortium chain + public chain and other different combinations.
  • the public chain has the highest degree of decentralization.
  • participants who join the public chain can read data records on the chain, participate in transactions, and compete for the right to record new blocks.
  • each participant ie, node
  • the private chain is the opposite.
  • the write permission of the network is controlled by an organization or institution, and the data reading permission is regulated by the organization.
  • a private chain can be a weakly centralized system with strictly limited and few participating nodes.
  • the alliance chain is a blockchain between the public chain and the private chain, which can achieve "partial decentralization".
  • Each node in the alliance chain usually has a corresponding entity or organization; participants join the network through authorization and form a stakeholder alliance to jointly maintain the operation of the blockchain.
  • Smart contracts on the blockchain are contracts that can be triggered and executed by transactions on the blockchain system. Smart contracts can be defined in the form of code.
  • EVM Ethereum Virtual Machine
  • each Ethereum node can run EVM.
  • EVM is a Turing-complete virtual machine, which means that various complex logics can be implemented through it.
  • the smart contracts published and called by users in the Ethereum network are run on EVM. Among them, after a blockchain node completes the publication of any smart contract on the Ethereum network, it can be regarded as the contract being deployed in the Ethereum network.
  • Ethereum In the field of blockchain, another important concept is account. Taking Ethereum as an example, Ethereum usually divides accounts into two categories: external accounts and contract accounts. External accounts are accounts directly controlled by users, also known as user accounts. Contract accounts are accounts created by users through external accounts and contain contract codes (i.e. smart contracts). Of course, for some blockchain models derived from the Ethereum architecture, the account types supported by the blockchain can be further expanded, which is not specifically limited in this manual.
  • a structure is usually used to maintain the account status.
  • the status of the account related to the transaction in the blockchain will usually change.
  • the structure of an account usually includes fields such as Balance, Nonce, Code, and Storage.
  • the Balance field is used to maintain the current account balance of the account
  • the Nonce field is used to maintain the number of transactions of the account
  • it is a counter used to ensure that each transaction can and can only be processed once, effectively avoiding replay attacks
  • the Code field for a contract account, is usually used to maintain the contract code of the account; in actual applications, the Code field usually only maintains the hash value of the contract code; therefore, the Code field is usually also called the Codehash field. For external accounts, the Code field is usually empty.
  • the Storage field is used to maintain the storage content of the account (the default field value is empty).
  • an independent storage space is usually allocated to store the storage content of the contract account, such as the status data generated by the contract execution. This independent storage space is usually called the account storage of the contract account.
  • the storage content of the contract account is usually constructed into an MPT (Merkle Patricia Trie) tree data structure and stored in the above independent storage space; among them, the MPT tree constructed based on the storage content of the contract account is usually also called the Storage tree.
  • the Storage field usually only maintains the root node of the Storage tree; therefore, the Storage field is usually also called the StorageRoot field.
  • this specification proposes a data management solution.
  • a data management contract is deployed and executed in a blockchain system to verify whether the data acquisition information related to the target data meets the acquisition rules of the target data recorded in the contract and whether the data usage information meets the usage rules of the target data recorded in the contract, so as to decide whether to disclose to the data acquirer the credential information used to instruct the data owner to assist the data acquirer in obtaining the data acquirer and/or its calculation results, thereby realizing the on-chain automation and refined authorization of the target data.
  • the technical solution of this specification is described below in conjunction with an embodiment.
  • FIG3 is a flow chart of a data management method provided by an exemplary embodiment. As shown in FIG3, the method is applied to a blockchain system in a data management system, the data management system also includes a data owner and a data acquirer, and the data management contract deployed in the blockchain system records the acquisition rules and usage rules of the target data, and the target data belongs to the data owner.
  • the method includes steps 302-306.
  • Step 302 in response to receiving the data acquisition information for the target data submitted by the data acquirer, executing the data management contract, wherein the data management contract is used to determine whether the data acquisition information satisfies the acquisition rule.
  • the blockchain system may only include a blockchain network composed of blockchain nodes, or may also include a blockchain network and its associated BaaS (Backend as a Service) platform (composed of computing devices such as a server).
  • a blockchain network composed of blockchain nodes
  • a blockchain network and its associated BaaS (Backend as a Service) platform composed of computing devices such as a server.
  • one or more copies of managed data may constitute a data set (i.e., the managed data is managed in the form of a data set), and multiple copies of managed data belonging to the data owner may constitute one or more data sets, which are also regarded as belonging to the data owner.
  • intersection between any two data sets may be an empty set (i.e., the two data sets contain different managed data respectively), or the intersection may also be a true subset of the two data sets (i.e., the two data sets contain part of the same managed data respectively).
  • the managed data belonging to the data owner can be maintained by the data owner himself, such as storing the managed data in the local storage space of the data owner or in a storage space such as a database that has a network connection with the data owner.
  • it can also be maintained by a preset trustee (such as one designated by the data owner), such as by the trustee.
  • the custodian stores the managed data in a preset storage space associated with the custodian (such as the local storage space of the custodian, or a database managed by the custodian, etc.).
  • the data owner or the custodian can perform appropriate read/write processing on the managed data to implement management operations such as adding, deleting, modifying and querying the data.
  • the data owner can authorize at least part of the managed data to other related parties (such as data acquisition parties) for use.
  • This part of the managed data is called authorized data.
  • the data owner can record the acquisition rules and usage rules of the authorized data in the data management contract maintained by the blockchain system.
  • the related parties such as data acquisition parties
  • the related parties who want to obtain and use the authorized data can submit data acquisition information corresponding to the acquisition rules to the blockchain system (for the target data in the authorized data) in order to obtain the credential information for this part of the target data revealed by the blockchain system (specifically, the following acquisition credentials, usage credentials or comprehensive credentials), and further use the information to obtain the target data and/or its calculation results from the data owner.
  • the data acquisition party can request to obtain authorization for one or more of the authorized data
  • the one or more authorized data requested by the data acquisition party is the target data described in this specification.
  • the target data described in this specification is one or more authorized data belonging to the data owner requested by the data acquisition party (actually also the managed data belonging to the data owner).
  • the managed data belonging to the data owner constitutes a data set
  • the target data contains only one data
  • the data belongs to a certain data set
  • the target data contains multiple data
  • the data may belong to one or more data sets.
  • any of the “managed data”, “authorizable data” and “target data” mentioned in this specification should be understood as a broad concept, such as numbers, text, images, audio, video, code, program, model (such as artificial intelligence model), etc. This specification does not limit this.
  • the data management contract deployed in the blockchain system can record the acquisition rules and usage rules of these authorizable data; given that the target data is at least part of the authorizable data, the acquisition rules and usage rules of the target data can naturally be recorded in the contract. Because the subsequent blockchain system needs to execute the data management contract to determine whether the relevant information of the target data (i.e., the data acquisition information and data usage information) meets the corresponding rules (i.e., the acquisition rules and usage rules), before the blockchain system executes the data management contract, the data owner can pre-configure the corresponding rules for the target data in the data management contract.
  • the rule configuration process for the target data is not essentially different from the rule configuration process for any authorizable data.
  • the rule configuration process for any authorizable data is used as an example for explanation below.
  • the data owner can determine the acquisition rules and usage rules corresponding to any authorizable data according to the preset plan, sharing requirements, authorization intention and/or the data type of the target data.
  • the rules for multiple authorizable data can be determined and configured in batches.
  • the acquisition rules of any authorizable data may include multiple rules.
  • an algorithm list may be included, and the algorithms recorded in the algorithm list are used to characterize the processing algorithms that the data owner allows the data acquirer to implement on the data - that is, the data acquirer (after obtaining the authorization for any of the authorizable data) is authorized to use the processing algorithm to process the any of the authorizable data.
  • the processing algorithm may include but is not limited to a hash algorithm, a privacy intersection algorithm, an encryption/decryption algorithm, etc., and any processing algorithm may specifically be an algorithm formula or an algorithm identifier, which will not be repeated.
  • the acquisition rules may also include a credit score range to ensure that only data acquirers whose credit scores on the preset platform meet the range can be authorized to obtain the data. It can be seen that by setting the credit score range in a higher range, some data acquirers with good credit can be effectively controlled to obtain authorization for any of the authorizable data, so as to ensure that the authorized data can be processed according to the requirements of the data owner as much as possible.
  • the acquisition rules may also include geographical ranges (the corresponding data acquisition information may include the geographical location information of the data acquirer), number segments (the corresponding data acquisition information may include the identity number and network address of the data acquirer), etc.
  • the specific content of the acquisition rules may be reasonably set by the data owner according to its own needs for the target data, and this specification does not limit this.
  • the acquisition rules may include at least one of the above-mentioned multiple rules, such as only one of the algorithm list and the credit score range, or both.
  • the acquisition rule for any authorizable data Di may be "data Di, privacy intersection and hash calculation, credit score not less than 800 points", indicating that data Di can only be authorized to data acquirers with a credit score not less than 800 points for privacy intersection calculation.
  • the usage rules of any authorized data may also include multiple rules. For example, it may include the validity period of the certificate (the corresponding data usage information may include the current time, the time when the data acquisition information is received, and the time when the acquisition certificate is received), the maximum number of uses (the corresponding data usage information may include the total number of times the blockchain system receives the usage certificate or the data acquisition information submitted by the data acquisition party), the effective frequency range (the corresponding data usage information may include the number of times the blockchain system receives the usage certificate or the data acquisition information The current frequency of the data usage information) etc.
  • the validity period of the certificate the corresponding data usage information may include the current time, the time when the data acquisition information is received, and the time when the acquisition certificate is received
  • the maximum number of uses the corresponding data usage information may include the total number of times the blockchain system receives the usage certificate or the data acquisition information submitted by the data acquisition party
  • the effective frequency range the corresponding data usage information may include the number of times the blockchain system receives the usage certificate or the data acquisition information The current frequency of the data usage
  • user information including but not limited to user device information, user personal information, etc.
  • data including but not limited to data used for analysis, stored data, displayed data, etc.
  • user information including but not limited to user device information, user personal information, etc.
  • data including but not limited to data used for analysis, stored data, displayed data, etc.
  • the data owner can configure the corresponding relationship between the data identifier of the authorizable data and the related rules in the data management contract to implement the configuration of the data and its related rules.
  • the data owner may also submit the above-mentioned corresponding relationships of multiple authorizable data in batches so that these corresponding relationships can be configured in batches in the same data management contract.
  • There may be an association relationship between the multiple authorizable data, such as data of the same type, data generated in the same manner, data of the same batch generated within a period of time, etc.
  • the correspondence between the data identifier of any authorizable data and its acquisition rules may be called the first correspondence
  • the correspondence between the data identifier of any authorizable data and its usage rules may be called the second correspondence.
  • the data owner may submit the first correspondence and/or the second correspondence to the blockchain network so that the blockchain network can complete the configuration.
  • the submitted first correspondence includes the data identifier of any authorizable data and the acquisition rules of the data; similarly, the submitted second correspondence includes the data identifier of any authorizable data and the usage rules of the data.
  • the data owner can flexibly adopt the corresponding method to submit the corresponding relationship of any authorized data (i.e., the above-mentioned first corresponding relationship and/or the second corresponding relationship).
  • the data owner can (through the client device used by itself) directly initiate a contract deployment transaction containing the above-mentioned corresponding relationship to the blockchain node in the network, so that each node can deploy the data management contract containing the corresponding relationship in the blockchain system by executing the transaction.
  • the data owner can (through the client device used by itself) initiate a contract deployment request containing the above-mentioned corresponding relationship to the BaaS platform, so that the BaaS platform can respond to the request and initiate a contract deployment transaction containing the corresponding relationship to the blockchain node in the blockchain system, and then each node can deploy the data management contract containing the corresponding relationship in the blockchain system by executing the transaction.
  • the client device used by the data owner can realize different functions.
  • the received acquisition rule can be configured in different ways depending on whether the data management contract is deployed.
  • the blockchain system can deploy the data management contract containing the corresponding relationship on the chain. In this way, the configuration of the acquisition rules can be realized while deploying the data management contract, simplifying the contract processing logic. For another example, if the blockchain system has already deployed a data management contract, the blockchain system can configure the received corresponding relationship in the (already deployed) data management contract.
  • the contract can be pre-deployed by any relevant party (such as the data owner, BaaS platform or other independent third party, etc.), and the pre-deployed contract may not record the corresponding relationship of any data, or the pre-deployed contract may also record the corresponding relationship belonging to any data owner (possibly including the data owner) in advance (before configuring the received corresponding relationship).
  • the data owner can configure the above-mentioned corresponding relationship of any authorizable data in the pre-deployed data management contract, thereby adding a new corresponding relationship in the contract or updating an existing corresponding relationship, realizing flexible configuration and management of rules.
  • any corresponding relationship can be configured in the contract in a corresponding manner according to the record of the data identifier and the rules in the contract.
  • any corresponding relationship is added to the data management contract; if the data identifier of any authorizable data is already recorded in the data management contract, then the rules in any corresponding relationship are used to update the corresponding rules corresponding to the data identifier in the data management contract; if the rules in any corresponding relationship are already recorded in the data management contract, then the data identifier in any corresponding relationship is added to the identifier set corresponding to the rule in the data management contract.
  • any corresponding relationship may be added to the data management contract, that is, the rules corresponding to the data identifier of any authorizable data may be added to the contract, thereby adding the entire corresponding relationship.
  • the rules in any corresponding relationship may be used to update the corresponding rules corresponding to the data identifier in the data management contract, that is, the corresponding rules (corresponding to any authorizable data) already recorded in the data management contract are updated to the rules in any corresponding relationship, thereby updating the existing rules.
  • the data identifier in the corresponding relationship (that is, the data identifier of any authorizable data) may be added to the identifier set corresponding to the rule in the data management contract, thereby adding the data identifier contained in any corresponding relationship to the contract.
  • Table 1 below is a table of correspondence between data identifiers of authorizable data and their corresponding rules recorded in a data management contract provided by an exemplary embodiment.
  • the first correspondence Relation-g is as follows: Relation-g1 is “Data1, Rule-g1”, Relation-g2 is “Data2, Rule-g2", Relation-g3 is “Data3, Rule-g2", Relation-g4 is “Data4, Rule-g3”, and Relation-g5 is "Data5, Rule-g4";
  • the second correspondence Relation-u is as follows: Relation-u1 is “Data1, Rule-u1", Relation-u2 is “Data2, Rule-u1", Relation-u3 is “Data3, Rule-u2”, Relation-u4 is “Data4, Rule-u3", and Relation-u5 is empty (may not be set or cleared after setting). It can be seen that the identifier set corresponding to Rule-g2 includes Data2 and Data3, and the identifier set corresponding to Rule-u1 includes Data1 and Data2.
  • the blockchain system can add Relation-g6 to Table 1. And/or, if the data owner submits Relation-u6 as "Data6, Rule-u5", the blockchain system can also add Relation-u6 to Table 1.
  • the first corresponding relationship and the second corresponding relationship of the same authorizable data can also be submitted together to reduce the number of submissions.
  • the data owner can submit "Data6, Rule-g5, Rule-u5" so that the blockchain network can configure the above Relation-g6 and Relation-u6 respectively.
  • Table 1 the content shown in Table 1 above is only exemplary, and Table 1 can be maintained in the data management contract in any appropriate form, such as in the form of key-value pairs, etc., and this specification does not limit this.
  • smart contracts have corresponding contract accounts in the blockchain system.
  • any of the above correspondences can be recorded in the account storage of its contract account as the state data of the contract, such as stored in the Storage field of the contract account (as the value of the field).
  • the contract account can also contain other fields, such as custom fields, etc.
  • any of the above correspondences can also be stored in the custom fields. This specification does not limit the storage location of the corresponding relationship related to the authorized data in the contract account.
  • the data management system includes the data owner, the data acquirer and the blockchain system.
  • the contract records the data identifiers of the authorizable data (including target data) belonging to the data owner, as well as the first corresponding relationships and the second corresponding relationships related to these authorizable data.
  • These corresponding relationships can be configured by the data owner through the aforementioned embodiments.
  • the data management contract can also record the relevant information of the authorizable data so that the data acquirer with acquisition needs can view it.
  • the relevant information can include meta information, which includes but is not limited to data name, data size, data type, etc.
  • the relevant information can also include exemplary data (or typical data, sample data).
  • the data management contract can also record the exemplary data of each data set, where the exemplary data of any data set is used to reflect the data characteristics of the authorizable data in the data set (the data characteristics can be the common characteristics of each authorizable data in the data set or at least part of the typical characteristics), so that the data acquirer can understand each authorizable data as fully as possible based on this information, so as to more accurately determine the authorizable data that can meet its own needs as the target data for subsequent requests.
  • the data characteristics can be the common characteristics of each authorizable data in the data set or at least part of the typical characteristics
  • the data acquirer can obtain the above-mentioned relevant information through the blockchain client used by itself, and view it in the blockchain visual user interface, so as to select at least part of the authorizable data that meets its own acquisition needs as the target data for the demand request.
  • you can also obtain and view the acquisition rules of the target data to preliminarily determine whether your own conditions (including data acquisition information) meet the acquisition rules of the authorized data and target data, and submit the data acquisition information to the blockchain system if it is determined to be satisfied, so as to avoid the subsequent execution of the data management contract.
  • the contract determines that the data acquisition information does not meet the acquisition rules and causes authorization failures, which to a certain extent improves the probability of successful authorization and authorization efficiency.
  • the data acquirer can also not make the above preliminary judgment, but directly submit the data acquisition information for the target data that it needs to obtain after determining it. I will not go into details.
  • the data acquirer can first determine the corresponding data acquisition information.
  • the data acquisition information of any target data may include: the data identifier of the target data and the information to be verified corresponding to the acquisition rules of the target data, wherein the data identifier is used to indicate to the data management contract: which authorized data is the target data requested by the data acquirer; the information to be verified is used for subsequent judgment on whether the acquisition rules of the target data are met.
  • the subsequent judgment on whether the data acquisition information meets the acquisition rules is to judge whether the information to be verified in the data acquisition information meets the acquisition rules.
  • the information to be verified may include the aforementioned algorithm list, credit score, geographic location information, identity serial number, network address, etc., which will not be repeated here.
  • the data acquisition information of any target data Dj may be "data Dj, privacy intersection, credit score is 900 points", which indicates that the data acquirer declares that it needs to acquire the target data Dj for privacy intersection, and the credit score of the data acquirer itself is 900 points.
  • the data acquisition rule of data Dj also includes a geographical range and a network address
  • the data acquisition information may also include "geographical range is X area, network address is yyy", etc., to declare that it is located in X area and its network address is yyy, which will not be repeated.
  • the data acquisition information may be included in a data acquisition transaction and submitted to the blockchain system, and the transaction is used to call the data management contract.
  • the data acquirer can directly initiate a data acquisition transaction containing data acquisition information to the blockchain node in the network (through its own client device).
  • the data acquirer can initiate a data acquisition request containing data acquisition information to the BaaS platform (through its own client device), so that the BaaS platform can initiate a data acquisition transaction containing the data acquisition information to the blockchain node in the blockchain system in response to the request.
  • the transaction will be synchronized to each blockchain node in the blockchain network and executed separately by each blockchain node.
  • the data management contract records the acquisition rules of the target data. Based on this, after receiving the data acquisition information submitted by the data acquirer, the blockchain system can execute the contract to determine whether the data acquisition information meets the acquisition rules.
  • the blockchain nodes in the blockchain system can use the data acquisition information carried by the transaction as an input parameter to execute the data management contract (the contract code in it) during the execution of the transaction, so that the contract can determine whether the data acquisition information meets the acquisition rules of the target data.
  • the acquisition rules may include an algorithm list
  • the data acquisition information may include a target algorithm.
  • any algorithm in the algorithm list may specifically be an identifier such as the name or number of the algorithm, the algorithm rules of the algorithm, the relevant parameters of the algorithm, etc.
  • the algorithms recorded in the algorithm list are used to characterize the algorithms that the data owner allows the data acquirer to use when processing the target data, and the target algorithm is the algorithm declared by the data acquirer to use when processing the data after obtaining authorization for the target data. Therefore, if the target algorithm in the data acquisition information is recorded in the algorithm list, the data management contract can determine that the data acquisition information satisfies the acquisition rules.
  • the data acquirer can process the target data using the target algorithm.
  • the data acquirer can perform hash operations or encryption processing on the acquired target data; and/or, the target algorithm can be used to perform preset operations on the target data (such as privacy intersection operations involving multiple parties including the data owner, etc.), so that the data acquirer can use the acquisition credentials revealed by the blockchain system to obtain the operation results obtained after executing the preset operation.
  • the acquisition rule may also include a credit score range
  • the data acquisition information may include the credit score of the data acquirer on the preset platform.
  • the credit score may be a specific value, such as 300 points, 500 points, 800 points, etc.
  • the credit score range may be a numerical range; of course, the credit score may also be a rating level, such as A, B, C, or excellent, good, medium, poor, etc., and the credit score range may be a level set including at least one rating level. It can be understood that the credit score can be used to measure the credit status of the data acquirer on the preset platform.
  • the data management contract can determine that the data acquisition information meets the acquisition rule. It can be seen that by setting the credit score range in a higher interval, the data acquirer with good credit can be effectively controlled to obtain the authorization for any authorizable data, while preventing the data acquirer with poor credit from obtaining the authorization, so as to ensure that the authorized data can be processed according to the requirements of the data owner.
  • the acquisition rule of the target data Di is "data Di, privacy intersection, credit score not less than 800 points"
  • the data management contract can determine that the data acquisition information satisfies the acquisition rule of Di; or, if the target algorithm is not privacy intersection, or the credit score of the data acquirer is less than 800 points, the data management contract will determine that the data acquisition information does not satisfy the acquisition rule of Di.
  • the data management contract can call other contracts during the execution process, wherein the data acquisition information submitted by the data acquirer can include the contract address of other contracts, so that the data management contract can call other contracts according to the address.
  • the data acquisition information can also include the storage address of other data, so that the data management contract can obtain necessary data according to the address during the execution process.
  • the storage address can be the access address of the aforementioned credit platform
  • the data acquisition information can include the credit score of the data acquirer on the preset platform, and can also include the credit scores of one or more other participants (except the data owner and the data acquirer) on the preset platform.
  • the data management contract can access the preset platform according to the access address to verify the authenticity of these credit scores, and use the verification (i.e., determining that these credit scores are the real scores of the corresponding parties) as a prerequisite for determining that the data acquisition information meets the acquisition rules, so as to avoid the security risks that may be caused by the data acquirer forging the credit score.
  • the blockchain node can run EVM, which includes a rule execution engine, such as an acquisition rule execution engine and a usage rule execution engine.
  • EVM electronic book
  • the acquisition rule execution engine can be called to determine whether the data acquisition information submitted by the data acquirer meets the acquisition rules of the target data.
  • the usage rule engine can be called to determine whether the subsequently determined data usage information meets the usage rules of the target data. The judgment process can be referred to in the following embodiment, which will not be repeated here.
  • Step 304 determine data usage information for the target data and execute the data management contract, wherein the data management contract is used to determine whether the data usage information satisfies the usage rules.
  • the data management contract described in this specification may include multiple functions, such as an interface function and its corresponding functional function.
  • the blockchain transaction can specify the called interface function (in the contract) and its input parameters, so that in the process of specifying the contract, the functional function corresponding to the interface function processes the input parameters to obtain the corresponding contract execution result.
  • the data management contract is executed respectively in step 302 and step 304.
  • the two steps can respectively call different interface functions of the data management contract, so as to realize different functions by executing the same data management contract: step 302 executes the contract to determine whether the data acquisition information meets the acquisition rules, and step 304 executes the contract to determine whether the data usage information meets the usage rules.
  • Step 306 when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, the credential information for the target data is disclosed to the data acquirer, and the credential information is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the calculation result obtained after performing a preset calculation on the target data.
  • the data management system described in this specification includes a blockchain system, a data owner, and a data acquirer.
  • a data management contract is deployed in the blockchain system, and the contract records the acquisition rules and usage rules of the target data belonging to the data owner.
  • the blockchain network executes the data management contract to determine whether the data acquisition information satisfies the acquisition rules; in addition, it determines the data usage information for the target data and executes the data management contract to determine whether the data usage information satisfies the usage rules; and, in the case where the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, the data acquirer is informed of the data usage information for the target data.
  • the credential information of the target data is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data.
  • this solution records the acquisition rules and usage rules of the target data in the data management contract deployed by the blockchain system, and the contract verifies whether the data acquisition information submitted by the data acquirer meets the acquisition rules, and verifies whether the corresponding data usage information meets the usage rules, and then determines whether to disclose the credential information used to obtain the target data or its calculation results to the data acquirer based on the verification results, that is, the blockchain system and the data management contract deployed on it are used to realize the on-chain automated and refined authorization for the target data.
  • the acquisition rules and usage rules of the target data are recorded in the data management contract deployed on the chain, and the blockchain system completes the authorization for the target data on the chain based on the contract, which significantly reduces the data management burden of the data owner in the data authorization process and helps to improve the efficiency of data authorization.
  • the acquisition rules and usage rules of the target data are recorded in the data management contract for public disclosure, so that all relevant parties in the data authorization process (such as the data acquirer) can flexibly view the above rules; and the verification of whether the data acquisition information meets the acquisition rules and the verification of whether the data usage information meets the usage rules are completed on the chain by the smart contract, so that the verification process and results can be openly and transparently stored on the chain, which helps to avoid the black box operations that may arise from off-chain verification and improves the transparency and credibility of the data authorization process.
  • the data management contract can verify whether the relevant information of the target data meets the corresponding rules.
  • the blockchain network can reveal the credential information for the target data to the data acquirer.
  • the data acquisition information does not meet the acquisition rules, it can avoid revealing the acquisition credentials and reveal the authorization failure message for the target data to the data acquirer, so as to inform the data acquirer that the request for obtaining authorization for the target data from the data owner has failed.
  • the blockchain network can reveal the credential information in a variety of ways.
  • the credential information can be written into the data acquisition event recorded in the receipt generated by the data management contract, and the data acquirer has the right to monitor the receipt.
  • the credential information can also be written into the contract account of the data management contract, and the data acquirer has the right to query the contract account.
  • the revealed credential can be an acquisition credential, a usage credential, or a comprehensive credential.
  • the acquisition credential as an example:
  • the blockchain network can write the acquisition credentials into the data acquisition event recorded in the receipt generated by the data management contract, such as the data field of the event, and the data acquirer has the monitoring permission for the receipt.
  • the data acquirer can monitor the acquisition credentials written into the data acquisition event through the event monitoring callback mechanism, and perform subsequent processing according to the monitoring results.
  • the execution result of the data management contract may include a receipt, which may include events related to the method called to execute the contract, such as a data acquisition event corresponding to a rule judgment method (used to determine whether the data acquisition information satisfies the acquisition rules).
  • the topic of the data acquisition event may contain a predefined authorization event identifier to distinguish it from other events.
  • the content of the topic is the keyword authorization, and this keyword is different from the topic in the event generated by other methods.
  • EVM can determine that it has monitored an event related to the execution of the aforementioned rule judgment method, that is, the data acquisition event, when it monitors a topic containing the keyword authorization.
  • the event in the receipt is as follows:
  • the data acquirer listens to the first event, since the content of the topic contained is other, it can be determined that the event is not related to the rule judgment method.
  • the second event is listened to, since the content of the topic contained is unauthorization, it is determined that the event is related to the rule judgment method, and then the data field corresponding to the event is read.
  • the data field can be empty, or it can also contain the above-mentioned authorization failure message.
  • the third event is listened to, the content of the topic is an authorization event, and its data field can be empty, or it can also record the above-mentioned identifier.
  • the above-mentioned second and third events can be generated by the blockchain network respectively after executing the data management contract twice, and the data owners, data acquirers, target data, etc. corresponding to the two executions can be the same or different, and will not be repeated.
  • the content of the data field of the event in item 3 may include:
  • the acquisition credential ID can be globally unique in the data management system and is used to uniquely identify the acquisition credential generated this time.
  • the data1 identifier, data2 identifier, and data3 identifier are used to represent the target data requested by the data acquirer this time, namely, data1, data2, and data3.
  • the algorithm list 1, algorithm list 2, and algorithm list 3 are used to represent the algorithms used by the data acquirer when processing data1, data2, and data3.
  • the acquisition credential may also be written into the contract account of the data management contract, and the data acquirer may have query rights for the contract account.
  • the acquisition credential may be specifically written into the Storage field of the contract account corresponding to the data management contract (as the value of the field).
  • the acquisition credential may also be written into the custom field. This specification does not limit the storage location of the acquisition credential in the contract account. It can be understood that the acquisition credential written into the above-mentioned field is used as the status data of the contract account corresponding to the data management contract. Based on this, the data acquirer can obtain the acquisition credential by querying the contract account corresponding to the data management contract.
  • the blockchain network can disclose the credential information for the target data to the data acquirer.
  • the disclosed credential information may include the acquisition credential; at the same time, when the data usage information satisfies the usage rules, the disclosed credential information may include the usage credential; specifically, the blockchain network can determine the data usage information for the target data based on the received acquisition credential submitted by the data acquirer; or, it can also determine the data usage information for the target data based on the received data acquisition information and/or the disclosed acquisition credential.
  • the blockchain network can determine the data usage information for the target data based on the received data acquisition information; accordingly, when the data acquisition information satisfies the acquisition rules and the data usage information satisfies the usage rules, the comprehensive credential can be disclosed to the data acquirer.
  • the disclosed credential information may be the acquisition credential, the usage credential or the comprehensive credential.
  • the blockchain network can reveal the acquisition credentials for the target data to the data acquirer, which is used to indicate that the data acquisition information provided by the data acquirer has been verified by the data management contract for the acquisition rules.
  • the data acquirer can submit the credentials to the blockchain network in order to obtain the corresponding usage credentials through the credentials (the usage credentials can be used by the data acquirer to request the data owner to use the target data).
  • the blockchain network can determine the corresponding data usage information based on the credentials, and execute the data management contract again to determine whether the data usage information meets the usage rules of the target data by the contract, and reveal the usage credentials for the target data if it is determined to be satisfied.
  • the data acquirer needs to first submit the data acquisition information to the blockchain network to obtain the acquisition credentials revealed by it, and then submit the acquisition credentials to it to obtain the usage credentials revealed by it-the usage credentials (or the acquisition credentials and usage credentials) can be used by the data acquirer to provide to the data owner to obtain its assistance.
  • the data acquirer can submit the credential immediately after receiving the acquisition credential to obtain the usage credential, or can submit the acquisition credential at some time after receiving the acquisition credential (according to its actual needs) to obtain the usage credential.
  • each submission of the acquisition credential indicates that the data acquirer has the need to re-acquire the target data
  • the usage credential can record the validity information of the credential (such as the validity period of the credential, the maximum number of uses, etc.), so as to accurately limit the data acquirer's behavior of using the credential to request the use of the target data, and realize the refined control of the target data authorization process.
  • the data usage information may include the current time (when the data management contract makes a judgment), and/or, may also include the time when the certificate is received (i.e., the time when the blockchain network receives the certificate submitted by the data acquirer). Accordingly, if the current time is within the validity period of the certificate, the data management contract may determine that the data usage information is sufficient. Sufficient usage rules.
  • the validity period of the credential can be a time interval, or it can also be a deadline. It can be seen that this method essentially sets an "aging" mechanism for the acquisition credential. By reasonably setting the validity period of the credential, flexible control of the "aging" of the acquisition credential can be achieved.
  • the data acquirer can be controlled to obtain the acquisition credential of the target data once and use the credential (obtain the usage credential) indefinitely (through the credential); or the data acquirer can only use the credential arbitrarily within a preset time period (such as one hour, one day, one week, one month, etc.) after obtaining the acquisition credential of any target data. If the time period is exceeded, the acquisition credential will automatically become invalid and cannot be used.
  • the acquisition credential can record its own credential validity period so that the data owner can judge whether the credential is invalid based on this.
  • the data usage information may include the total number of times the blockchain system receives the usage credential and the data acquisition information submitted by the data acquirer, wherein the total number of times the acquisition credential is received is the first total number, and the total number of times the data acquisition information initiated by the data acquirer for the target data (the specific content may be the same or different from the aforementioned data acquisition information) is received is the second total number. Accordingly, if the first total number or the second total number is less than the maximum number of uses, the data management contract may determine that the data usage information satisfies the usage rules.
  • the maximum number of uses may be included in the aforementioned acquisition credential, and the total number may be obtained by the data management contract or the blockchain network querying the execution record of the contract. It can be seen that the first total number of times is essentially a "number of uses limit" mechanism set for the acquisition credential.
  • flexible control of the "number of times the acquisition credential can be used" can be achieved, such as controlling the data acquirer to obtain the acquisition credential of the target data once and then use the credential (through the credential) as many times as desired; or controlling the data acquirer to obtain the acquisition credential of the target data once, so that the credential can only be used within the maximum number of uses.
  • the second total number of times is actually a "number of authorizations limit" mechanism set for the target data by the data acquirer, so that the number of times the data acquirer obtains the use credential does not exceed the maximum number of uses, thereby achieving a precise limit on the number of times the acquisition credential is exposed.
  • the data usage information may include the current frequency of the blockchain system receiving the usage voucher or the data acquisition information; wherein, the frequency of receiving the acquisition voucher is the first current frequency, and the frequency of receiving the data acquisition information initiated by the data acquirer for the target data (the specific content may be the same or different from the aforementioned data acquisition information) is the second current frequency.
  • the data management contract can determine that the data usage information meets the usage rules.
  • a "usage frequency limit” mechanism set for the acquisition voucher is set, which can realize flexible control of the "usage frequency” of the acquisition voucher; and through the above-mentioned second frequency, an "authorized frequency limit” mechanism for the target data is set, so that the frequency of the data acquirer obtaining the usage voucher does not exceed the valid frequency range, realizing accurate restrictions on the frequency of the acquisition voucher exposure, and avoiding the data acquirer from obtaining the usage voucher or using the target data too frequently.
  • the blockchain network when the data management contract determines that the data acquisition information satisfies the acquisition rules, can reveal the acquisition credentials for the target data to the data acquirer, and the credentials are used to indicate that the data acquisition information provided by the data acquirer has passed the verification of the acquisition rules by the data management contract.
  • the blockchain network can determine the data usage information based on the data acquisition information after receiving the data acquisition information, and/or determine the data usage information based on the credentials when the acquisition credentials are revealed, and in the process of executing the data management contract, the contract determines whether the data usage information satisfies the usage rules, and then reveals the usage credentials for the target data when it is judged to be satisfied.
  • the blockchain network can determine the data usage information for the target data based on the received data acquisition information and/or the revealed acquisition credentials.
  • the data acquirer only needs to submit the data acquisition information once (such as issuing a data acquisition transaction) to obtain the acquisition credentials and usage credentials revealed by the blockchain network.
  • the blockchain network can determine the corresponding data usage information after receiving the data acquisition information submitted by the data acquirer. Thereafter, the data management contract can be executed to determine whether the data acquisition information satisfies the acquisition rules and whether the data usage information satisfies the usage rules. If both are satisfied, the comprehensive certificate is revealed.
  • a part of the data usage information can also be determined according to the data acquisition information, and the content of the acquisition certificate is determined when the data acquisition information satisfies the acquisition rules (without generating the acquisition certificate), and then the other part of the data usage information is determined according to the content, and then the data management contract determines whether the above two parts of the data usage information meet the usage rules, and when it is determined that they meet, the comprehensive certificate is revealed, and the certificate can contain the content of the aforementioned (not actually generated) acquisition certificate.
  • the blockchain network can determine the data usage information for the target data according to the received data acquisition information and/or the revealed acquisition certificate. The data acquirer only needs to submit the data acquisition information once (such as issuing a data acquisition transaction) to obtain the comprehensive certificate revealed by the blockchain network.
  • expired 600s
  • limit 2
  • frequency 120s/time
  • the blockchain system can use a key (a symmetric key pre-negotiated by the data owner and the data acquirer, or the public key of the data acquirer, etc.) to encrypt the credential information and transmit the encrypted credential information to the data acquirer; accordingly, the data acquirer holding the key required for decryption (the symmetric key, or the private key of the data acquirer, etc.) can read and decrypt the encrypted credential information to obtain the plaintext credential information, while unrelated users cannot decrypt the encrypted credential information, thereby ensuring that the data acquirer obtains the credential information and preventing the credential information from being obtained by unrelated personnel when it is recorded in plaintext on the chain, that is, preventing the leakage of credential information and protecting the rights and interests of the data owner.
  • a key a symmetric key pre-negotiated by the data owner and the data acquirer, or the public key of the data acquirer, etc.
  • the data acquirer After obtaining the credential information transmitted by the blockchain network, the data acquirer can provide the information to the data owner; accordingly, the data owner can assist the data acquirer in obtaining the target data and/or the calculation results obtained after performing preset calculations on the target data in accordance with the instructions of the information.
  • the data acquirer may initiate a data acquisition request including the credential information to the data owner, and the data owner may determine the corresponding target data in response to the request and return the data directly to the data acquirer for use.
  • the data owner may perform a preset operation on the target data in response to the request and return the corresponding operation result to the data acquirer.
  • the data owner performs a preset operation on the target data and provides the corresponding operation result to the data acquirer.
  • the disclosure of the target data can be limited while meeting the data acquisition needs of the data acquirer, so as to avoid the data acquirer from directly obtaining the target data itself, prevent the data acquirer from leaking the target data and infringing the rights and interests of the data owner, ensure that the target data is always held only by the data owner, and improve the security of the target data.
  • the preset operation performed on the target data should meet the data acquisition party's operation requirements for the target data.
  • the preset operation may include a multi-party operation jointly participated by the data owner and the data acquisition party.
  • the server-side data acquisition party can only obtain the operation results of the multi-party operation, but cannot obtain the target data itself, which not only improves the data security of the target data itself, but also helps to reduce the data acquisition party's use burden on the target data and improve the use efficiency.
  • the operation rules of the preset operation can be predefined in the data management contract, such as as part of the algorithm list in the aforementioned acquisition rules; or it can also be submitted to the blockchain system together with the aforementioned data acquisition information (by the data acquirer) and transmitted to the data management contract, such as the operation rules and the data acquisition information can be included in the aforementioned data acquisition transaction to initiate to the blockchain system; or it can also be provided to the data owner together with the credential information (by the data acquirer), such as the operation rules and the credential information can be included in the aforementioned data acquisition request to initiate to the data owner, which will not be repeated.
  • the data acquirer can flexibly select the above method to specify the operation rules for the target data to the data owner according to the actual situation, so as to instruct the data owner which algorithm to use to process the target data.
  • data of different privacy levels may have differentiated processing methods.
  • the data owner may hold authorizable data with a relatively low privacy level and authorizable data with a relatively high privacy level, that is, authorizable data with a low privacy level and authorizable data with a high privacy level.
  • the target data when the target data belongs to a low privacy level, the target data can be provided to the data acquisition party, that is, the data owner does not care whether the data with a low privacy level will be leaked; and when the target data belongs to a high privacy level, the target data needs to be subjected to a preset operation so that the corresponding operation result is provided to the data acquisition party to ensure that the data with a high privacy level will not be leaked.
  • the target data with a low privacy level can be directly provided to the data acquisition party, and the target data with a high privacy level can be provided to the data acquisition party after the operation result after the preset operation; or, especially when the data acquisition party has specified the operation rules of the preset operation to be adopted in the aforementioned data acquisition transaction or data acquisition request, all target data can be subjected to the preset operation together, and the operation result can be provided to the data acquisition party.
  • the data owner can also verify the authenticity of the credential information it receives.
  • the credential information or data acquisition request carries the relevant information of the aforementioned data acquisition transaction (such as the transaction hash and the block height of the transaction block, etc.) or the relevant information of the data management contract.
  • the data owner can request the blockchain system to query the corresponding credential information according to the above relevant information, and further determine whether the credential information received by itself (submitted by the data acquirer) is consistent with the credential information queried: if the two are consistent, it means that the received credential information has not been tampered with, indicating that the data acquirer provides the real credential information it received; conversely, if the two are inconsistent, it means that the data acquirer does not provide the real credential information it received.
  • the above query process can be implemented through SPV (Simplified Payment Verification) technology; or, the data owner can also obtain the complete block from the blockchain system according to the above block height, and query the corresponding credential information generated by executing the data management contract from it, which will not be repeated.
  • SPV Simple Payment Verification
  • the authenticity of the credential information provided by the data acquirer can also be verified by means of signature verification.
  • the blockchain system transmits the credential information for the target data to the data acquirer, it can also transmit the signature made on the credential information by the public key of the data owner; accordingly, after receiving the credential information and its signature provided by the data acquirer, the data acquirer can use its own private key to verify the signature, and if the verification is passed, then assist the data acquirer in obtaining the target data and/or the calculation result obtained after performing the preset calculation on the target data.
  • the target data and/or the calculation result obtained after performing the preset calculation on the target data can be assisted by the data owner to obtain the target data when the signature verification is passed, that is, the data owner can use the verification of the credential information as a prerequisite for assisting the data acquirer, so as to effectively avoid assisting the data acquirer in obtaining the target data and/or the calculation result when the data acquirer provides false credential information, thereby improving the accuracy and reliability of the authorization of the target data.
  • the credential information disclosed in the above manner can be used to prove that the data acquirer meets the conditions for acquiring the target data, and after obtaining the credential information, the data acquirer can use the credential to acquire the target data and/or calculation results.
  • further restrictions can be placed on the specific process of the data owner assisting the data acquirer in acquiring the target data and/or calculation results through the target data usage rules.
  • the data when assisting the data acquirer to obtain the target data, if the target data is stored locally on the data owner, the data can be directly returned to the data acquirer; or, if the target data is maintained by a preset trustee, the trustee can be instructed to return the data to the data acquirer.
  • the data owner can use the target data to participate in the preset calculation and return the calculation result to the data acquirer; or a trusted related party can be called to use the target data to participate in the preset calculation, and the related party will return the calculation result directly to the data acquirer, or the related party will feed back the calculation result to the data owner, and the data owner will return it to the data acquirer, so as to avoid revealing the related parties directly involved in the preset calculation to the data acquirer.
  • the target data can be obtained from the trustee and a preset operation can be performed, and the operation result can be returned to the data acquirer; the trustee can also be instructed to use the target data to participate in the preset operation, and the trustee returns the operation result directly to the data acquirer, or the trustee feeds back the operation result to the data owner, and the data owner returns it to the data acquirer, so as to avoid revealing the trustee who directly maintains the target data to the data acquirer.
  • the above-mentioned multiple assistance methods can be flexibly selected according to actual needs, and this specification does not limit this.
  • the data acquirer can directly process the data itself; and after obtaining the operation result obtained by performing a preset operation on the target data, the data acquirer can further process the operation result.
  • this specification does not limit it.
  • the data management method includes steps 402-410.
  • step 402 the data owner configures relevant rules for authorizable data including target data in the data management contract deployed in the blockchain system.
  • the data owner can configure the relevant rules in the process of deploying the data management contract, or can add or update the acquisition rules in the pre-deployed data management contract.
  • the configured relevant rules include acquisition rules and/or usage rules.
  • Step 404 The data acquisition direction submits information to the blockchain system.
  • Step 406 The blockchain network reveals the credential information to the data acquirer.
  • steps 404-406 There are multiple implementations of steps 404-406, which are described below.
  • Step 404a-1 the data acquisition direction submits data acquisition for the target data to the blockchain system information.
  • the data acquirer can first obtain and view the acquisition rules from the chain, and when it preliminarily determines that its own conditions (i.e., the data acquisition information it can provide) meet the rules, submit the data acquisition information corresponding to the rules to the blockchain system to improve the authorization probability and processing efficiency.
  • its own conditions i.e., the data acquisition information it can provide
  • the data acquirer can directly or indirectly (by initiating a data acquisition request) initiate a data acquisition transaction containing data acquisition information to the blockchain system.
  • the blockchain system further executes the data management contract called by the transaction, so that the contract can determine whether the data acquisition information submitted by the data acquirer meets the acquisition rules recorded in the contract.
  • Step 406a-1 the blockchain network transmits the acquisition certificate to the data acquirer.
  • the blockchain network will provide the data acquirer with the acquisition credentials.
  • Step 404a-2 The data acquirer submits the acquisition certificate to the blockchain system.
  • the data acquirer After receiving the acquisition certificate, the data acquirer can submit the certificate at an appropriate time.
  • the submission method is similar to the above data acquisition information submission method and will not be repeated here.
  • the blockchain network After receiving the acquisition certificate, the blockchain network can determine the corresponding data usage information and execute the data management contract to determine whether the information meets the usage rules.
  • Step 406a-2 the blockchain network transmits the usage certificate to the data acquirer.
  • the blockchain network will provide the data acquirer with the usage certificate.
  • Step 404b the data acquisition direction submits data acquisition information for the target data to the blockchain system.
  • the blockchain network After receiving the data acquisition information, the blockchain network can determine the corresponding data usage information based on the information.
  • Step 406b-1 the blockchain network transmits the acquisition certificate to the data acquirer.
  • the blockchain network When the data management contract determines that the data acquisition information meets the acquisition rules, the blockchain network will provide the data acquirer with the acquisition certificate. In addition, the blockchain network can also determine the corresponding data usage information based on the certificate after generating or providing the acquisition certificate.
  • Step 406b-2 The blockchain network transmits the usage certificate to the data acquirer.
  • the data management contract is executed based on the determined data usage information.
  • the contract determines whether the information meets the usage rules and, if so, reveals the usage credentials.
  • the above steps 406b-1 and 406b-2 can also be combined into one step 406b, that is, the blockchain network transmits the acquisition certificate and the usage certificate to the data acquirer together to reduce the number of interactions between the two.
  • Step 404c the data acquisition direction submits data acquisition information for the target data to the blockchain system.
  • the blockchain network After receiving the data acquisition information, the blockchain network can determine the corresponding data usage information based on the information, such as the current receiving frequency, the current total number of times, the receiving time, etc.
  • step 406c the blockchain network transmits the acquisition certificate to the data acquirer.
  • the content (which should be included) of the acquisition certificate is determined (but the certificate is not generated or disclosed), such as the data identifier of the target data, the identifier of the data acquirer, the algorithm list declared by the data acquirer, the validity period of the certificate, etc.
  • the blockchain network can also determine the corresponding data usage information based on the certificate, such as the above content of the acquisition certificate.
  • the data management contract is executed based on the determined data usage information.
  • the contract determines whether the information meets the usage rules and, if so, reveals the comprehensive certificate, which includes the above-mentioned content of the acquisition certificate (not actually generated).
  • step 408 the data acquirer provides the received credential information to the data owner (eg, initiates a data acquisition request including the acquisition credential to the data owner) to request the data owner to use the target data.
  • the data owner eg, initiates a data acquisition request including the acquisition credential to the data owner
  • Step 410 The data owner assists the data acquirer in obtaining the target data and/or performs a preset operation on the target data. The result of the calculation.
  • the data owner can verify the authenticity of the acquisition credentials and whether they meet the usage rules at the same time, and assist the data acquirer in obtaining the target data and/or operation results after the verification is passed. Of course, if the verification fails, the data acquirer should avoid assisting the data acquirer in obtaining the target data and/or operation results.
  • a failure reminder message can be returned to the data acquirer to promptly inform the data acquirer of the failure to obtain the target data and/or operation results.
  • the present specification also proposes a data management system, which includes a blockchain system, a data owner and a data acquirer, wherein the data management contract deployed in the blockchain system records the acquisition rules and usage rules of the target data, and the target data belongs to the data owner, wherein the data acquirer is used to submit data acquisition information for the target data to the blockchain system; the blockchain system is used to execute the data management contract, and the data management contract is used to determine whether the data acquisition information satisfies the acquisition rules; determine data usage information for the target data and execute the data management contract, and the data management contract is used to determine whether the data usage information satisfies the usage rules; and, when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, the credential information for the target data is disclosed to the data acquirer; the data owner is used to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data when receiving the credential
  • FIG5 is a schematic structural diagram of a device provided by an exemplary embodiment.
  • the device includes a processor 502, an internal bus 504, a network interface 506, a memory 508, and a non-volatile memory 510, and may also include hardware required for other functions.
  • One or more embodiments of this specification may be implemented based on software, such as the processor 502 reading the corresponding computer program from the non-volatile memory 510 into the memory 508 and then running it.
  • one or more embodiments of this specification do not exclude other implementations, such as logic devices or a combination of software and hardware, etc., that is, the execution subject of the following processing flow is not limited to each logic unit, but may also be hardware or logic devices.
  • FIG. 6 is a block diagram of a data management device provided in this specification according to an exemplary embodiment.
  • the device can be applied to the device shown in FIG. 5 to implement the technical solution of this specification.
  • the data management device is applied to a blockchain system in a data management system, the data management system also includes a data owner and a data acquirer, the data management contract deployed in the blockchain system records the acquisition rules and usage rules of the target data, the target data belongs to the data owner, and the device includes: a first execution unit 601, which is used to execute the data management contract in response to receiving data acquisition information for the target data submitted by the data acquirer, and the data management contract is used to determine whether the data acquisition information meets the acquisition rules; a second execution unit 602, which is used to determine the data usage information for the target data and execute the data management contract, and the data management contract is used to determine whether the data usage information meets the usage rules; a credential transmission unit 603, which is used to transmit the credential information for the target data to the data acquirer when the data acquisition information meets the acquisition rules and/or the data usage information meets the usage rules, and the credential information is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation
  • the transmitted credential information when the data acquisition information satisfies the acquisition rules, includes the acquisition credentials; the second execution unit 602 is specifically used to: determine the data usage information for the target data based on the received acquisition credentials submitted by the data acquirer; or, determine the data usage information for the target data based on the received data acquisition information and/or the transmitted acquisition credentials; wherein, when the data usage information satisfies the usage rules, the transmitted credential information includes the usage credentials.
  • the second execution unit 602 is specifically used to: determine data usage information for the target data based on the received data acquisition information;
  • the credential transmission unit 603 is specifically used to: transmit a comprehensive credential to the data acquisition party when the data acquisition information satisfies the acquisition rules and the data usage information satisfies the usage rules.
  • the data usage information satisfies the usage rules, including at least one of the following: when the usage rules include the validity period of the credential, the data usage information includes the current time, the time of receiving the data acquisition information, and the time of receiving the acquisition credential, the current time, the time of receiving the data acquisition information, and the time of receiving the acquisition credential are within the validity period of the credential; when the usage rules include the maximum number of uses of the target credential, and the data usage information includes the total number of times the blockchain system receives the usage credential or the data acquisition information submitted by the data acquirer, the total number of times is less than the maximum number of uses; when the usage rules include the effective frequency range, and the data usage information includes the number of times the blockchain system receives the usage credential Or in the case of the current frequency of the data acquisition information, the current frequency is within the valid frequency range.
  • the acquisition rules include an algorithm list, and the data acquisition information satisfies the acquisition rules, including: the target algorithm in the data acquisition information is recorded in the algorithm list, wherein the data acquisition party is used to obtain the target data through processing by the target algorithm, and/or the target algorithm is used to perform the preset operation.
  • the preset operation includes a multi-party operation in which the data owner and the data acquirer jointly participate.
  • the acquisition rule includes a credit score range
  • the data acquisition information includes the credit score of the data acquirer on a preset platform
  • the data acquisition information satisfies the acquisition rule, including: the credit score of the data acquirer on the preset platform falls within the credit score range.
  • the credential transmission unit 603 is specifically used to: write the credential information into the data acquisition event recorded by the receipt generated by the data management contract, and the data acquisition party has the right to monitor the receipt; or, write the credential information into the contract account of the data management contract, and the data acquisition party has the right to query the contract account.
  • the credential disclosure unit 603 is specifically used to: disclose the credential information for the target data and the signature of the credential information made with the public key of the data owner to the data acquisition party, and the target data and/or the operation result obtained after performing a preset operation on the target data are obtained by the data owner with the assistance of the data acquisition party when the signature is verified.
  • the device also includes: a credential submission unit 604, which is used by the data owner to submit to the blockchain system a first correspondence between the data identifier of any authorizable data and its acquisition rule, and/or submit a second correspondence between the data identifier of any authorizable data and its usage rule; and a contract deployment unit 605, which is used by the blockchain system to deploy the data management contract containing the first correspondence and/or the second correspondence; or, a relationship configuration unit 606, which is used by the blockchain system to configure the first correspondence and/or the second correspondence in the data management contract when the data management contract has been deployed in the blockchain system.
  • a credential submission unit 604 which is used by the data owner to submit to the blockchain system a first correspondence between the data identifier of any authorizable data and its acquisition rule, and/or submit a second correspondence between the data identifier of any authorizable data and its usage rule
  • a contract deployment unit 605 which is used by the blockchain system to deploy the data management contract containing the first correspondence and/or the second
  • the relationship configuration unit 606 is specifically used for one of the following: if the data identifier of any authorizable data and the rules in any corresponding relationship are not recorded in the data management contract, then any corresponding relationship is added to the data management contract; if the data identifier of any authorizable data is already recorded in the data management contract, then the rules in any corresponding relationship are used to update the corresponding rules corresponding to the data identifier in the data management contract; if the rules in any corresponding relationship are already recorded in the data management contract, then the data identifier in any corresponding relationship is added to the identifier set corresponding to the rule in the data management contract.
  • a typical implementation device is a computer, which may be in the form of a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email transceiver, a game console, a tablet computer, a wearable device or a combination of any of these devices.
  • a computer includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
  • processors CPU
  • input/output interfaces network interfaces
  • memory volatile and non-volatile memory
  • Memory may include non-permanent storage in a computer-readable medium, in the form of random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
  • RAM random access memory
  • ROM read-only memory
  • flash RAM flash memory
  • Computer readable media include permanent and non-permanent, removable and non-removable media that can be implemented by any method or technology to store information.
  • Information can be computer readable instructions, data structures, program modules or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, compact disk read-only memory (CD-ROM), digital versatile disk (DVD) or other optical storage, magnetic cassettes, magnetic disk storage, quantum memory, graphene-based storage media or other magnetic storage devices or any other non-transmission media that can be used to store information that can be accessed by a computing device.
  • computer readable media does not include temporary computer readable media (transitory media), such as modulated data signals and carrier waves.
  • first, second, third, etc. may be used to describe various information in one or more embodiments of this specification, these information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other.
  • the first information may also be referred to as the second information, and similarly, the second information may also be referred to as the first information.
  • the word "if” as used herein may be interpreted as "at the time of” or "when” or "in response to determining”.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Computational Linguistics (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

One or more embodiments of the present description provide a data management method and apparatus, and a system. The method is applied to a block chain system in a data management system, the data management system further comprises a data owner and a data acquirer, and a data management contract deployed in the block chain system records an acquisition rule and a use rule of target data belonging to the data owner. The method comprises: in response to receiving data acquisition information which is for target data and submitted by a data acquirer, executing a data management contract to determine whether the data acquisition information satisfies an acquisition rule; determining data use information for the target data, and executing the data management contract to determine whether the data use information satisfies a use rule; if the data acquisition information satisfies the acquisition rule and/or the data use information satisfies the use rule, transmitting to the data acquirer credential information for the target data, the credential information being used to instruct a data owner to assist the data acquirer in acquiring the target data and/or an operation result thereof.

Description

数据管理方法、装置及系统Data management method, device and system 技术领域Technical Field

本说明书一个或多个实施例涉及区块链技术领域,尤其涉及一种数据管理方法、装置及系统。One or more embodiments of the present specification relate to the field of blockchain technology, and in particular, to a data management method, device, and system.

背景技术Background Art

在相关技术中,数据加工方若需要使用数据所有方所持有的数据,就需要向数据所有方发起针对该数据的请求,以便数据所有方的相关人员逐一验证数据加工方是否满足其所请求数据的所有授权条件,进而决定是否将该数据授权给数据加工方以便其加工使用。In the relevant technology, if the data processor needs to use the data held by the data owner, it needs to initiate a request for the data to the data owner so that the relevant personnel of the data owner can verify one by one whether the data processor meets all the authorization conditions of the requested data, and then decide whether to authorize the data to the data processor for its processing and use.

由于该方式通常需要人工验证数据加工方是否满足其所请求数据的授权条件,一方面,沟通和交互方式繁琐低效,不利于数据所有方所持有数据的高效授权;另一方面,数据所有方往往难以公开数据的使用条件以及具体的验证过程,验证过程存在暗箱操作的可能,导致数据授权的可信度较低。Since this method usually requires manual verification of whether the data processor meets the authorization conditions for the data it requests, on the one hand, the communication and interaction methods are cumbersome and inefficient, which is not conducive to the efficient authorization of the data held by the data owner; on the other hand, it is often difficult for the data owner to disclose the conditions for use of the data and the specific verification process, and there is a possibility of secret operations in the verification process, resulting in low credibility of data authorization.

发明内容Summary of the invention

有鉴于此,本说明书一个或多个实施例提供一种数据管理方法、装置及系统。In view of this, one or more embodiments of the present specification provide a data management method, device, and system.

为实现上述目的,本说明书一个或多个实施例提供技术方案如下:根据本说明书一个或多个实施例的第一方面,提出了一种数据管理方法,应用于数据管理系统中的区块链系统,所述数据管理系统还包括数据所有方和数据获取方,所述区块链系统中部署的数据管理合约记录有目标数据的获取规则和使用规则,所述目标数据归属于所述数据所有方,所述方法包括:响应于接收到所述数据获取方提交的针对所述目标数据的数据获取信息,执行所述数据管理合约,所述数据管理合约用于判断所述数据获取信息是否满足所述获取规则;确定针对所述目标数据的数据使用信息并执行所述数据管理合约,所述数据管理合约用于判断所述数据使用信息是否满足所述使用规则;在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出针对所述目标数据的凭证信息,所述凭证信息用于指示所述数据所有方协助所述数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。To achieve the above-mentioned purpose, one or more embodiments of the present specification provide the following technical solutions: According to the first aspect of one or more embodiments of the present specification, a data management method is proposed, which is applied to a blockchain system in a data management system, wherein the data management system also includes a data owner and a data acquirer, and the data management contract deployed in the blockchain system records the acquisition rules and usage rules of the target data, and the target data belongs to the data owner. The method includes: in response to receiving data acquisition information for the target data submitted by the data acquirer, executing the data management contract, and the data management contract is used to determine whether the data acquisition information satisfies the acquisition rules; determining data usage information for the target data and executing the data management contract, and the data management contract is used to determine whether the data usage information satisfies the usage rules; when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, the credential information for the target data is disclosed to the data acquirer, and the credential information is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data.

根据本说明书一个或多个实施例的第二方面,提出了一种数据管理系统,包括区块链系统、数据所有方和数据获取方,所述区块链系统中部署的数据管理合约记录有目标数据的获取规则和使用规则,所述目标数据归属于所述数据所有方,其中,所述数据获取方,用于向所述区块链系统提交针对所述目标数据的数据获取信息;所述区块链系统,用于执行所述数据管理合约,所述数据管理合约用于判断所述数据获取信息是否满足所述获取规则;确定针对所述目标数据的数据使用信息并执行所述数据管理合约,所述数据管理合约用于判断所述数据使用信息是否满足所述使用规则;以及,在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出针对所述目标数据的凭证信息;所述数据所有方,用于在接收到所述数据获取方提供的所述凭证信息的情况下,协助所述数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。According to a second aspect of one or more embodiments of the present specification, a data management system is proposed, including a blockchain system, a data owner and a data acquirer, wherein the data management contract deployed in the blockchain system records the acquisition rules and usage rules of the target data, and the target data belongs to the data owner, wherein the data acquirer is used to submit data acquisition information for the target data to the blockchain system; the blockchain system is used to execute the data management contract, and the data management contract is used to determine whether the data acquisition information satisfies the acquisition rules; determine data usage information for the target data and execute the data management contract, and the data management contract is used to determine whether the data usage information satisfies the usage rules; and, when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, disclose the credential information for the target data to the data acquirer; the data owner is used to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data when receiving the credential information provided by the data acquirer.

根据本说明书一个或多个实施例的第三方面,提出了一种数据管理装置,应用于数据管理系统中的区块链系统,所述数据管理系统还包括数据所有方和数据获取方,所述区块链系统中部署的数据管理合约记录有目标数据的获取规则和使用规则,所述目标数据归属于所述数据所有方,所述装置包括:第一执行单元,用于响应于接收到所述数据获取方提交的针对所述目标数据的数据获取信息,执行所述数据管理合约,所述数据管理合约用于判断所述数据获取信息是否满足所述获取规则;第二执行单元,用于确定针对所述目标数据的数据使用信息并执行所述数据管理合约,所述数据管理合约用于判断所述数据使用信息是否满足所述使用规则;信息透出单元,用于在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出针对所述目标数据的凭证信息,所述凭证信息用于指示所述数据所有方协助所述数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。According to a third aspect of one or more embodiments of the present specification, a data management device is proposed, which is applied to a blockchain system in a data management system, wherein the data management system also includes a data owner and a data acquirer, and the data management contract deployed in the blockchain system records the acquisition rules and usage rules of the target data, and the target data belongs to the data owner. The device includes: a first execution unit, which is used to execute the data management contract in response to receiving data acquisition information for the target data submitted by the data acquirer, and the data management contract is used to determine whether the data acquisition information satisfies the acquisition rules; a second execution unit, which is used to determine data usage information for the target data and execute the data management contract, and the data management contract is used to determine whether the data usage information satisfies the usage rules; an information transmission unit, which is used to transmit the credential information for the target data to the data acquirer when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, and the credential information is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data.

根据本说明书一个或多个实施例的第四方面,提出了一种电子设备,包括:处理器;用于存储处理器可执行指令的存储器;其中,所述处理器通过运行所述可执行指令以实 现如第一方面所述的方法。According to a fourth aspect of one or more embodiments of this specification, an electronic device is provided, comprising: a processor; a memory for storing processor-executable instructions; wherein the processor executes the executable instructions to implement Now the method described in the first aspect.

根据本说明书一个或多个实施例的第五方面,提出了一种计算机可读存储介质,其上存储有计算机指令,该指令被处理器执行时实现如第一方面所述方法的步骤。According to a fifth aspect of one or more embodiments of the present specification, a computer-readable storage medium is provided, on which computer instructions are stored, and when the instructions are executed by a processor, the steps of the method described in the first aspect are implemented.

在本说明书所述数据管理系统包括区块链系统、数据所有方和数据获取方,所述区块链系统中部署有数据管理合约,该合约中记录有归属于数据所有方的目标数据的获取规则和使用规则。区块链网络响应于接收到所述数据获取方提交的针对所述目标数据的数据获取信息,执行所述数据管理合约以用于判断所述数据获取信息是否满足所述获取规则;另外,确定针对所述目标数据的数据使用信息并执行所述数据管理合约以用于判断所述数据使用信息是否满足所述使用规则;以及,在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出针对所述目标数据的凭证信息,该信息即用于指示数据所有方协助数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。The data management system described in this specification includes a blockchain system, a data owner and a data acquirer, and a data management contract is deployed in the blockchain system, and the acquisition rules and usage rules of the target data belonging to the data owner are recorded in the contract. In response to receiving the data acquisition information for the target data submitted by the data acquirer, the blockchain network executes the data management contract to determine whether the data acquisition information meets the acquisition rules; in addition, the data usage information for the target data is determined and the data management contract is executed to determine whether the data usage information meets the usage rules; and, when the data acquisition information meets the acquisition rules and/or the data usage information meets the usage rules, the credential information for the target data is disclosed to the data acquirer, which is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data.

可见,本方案将目标数据的获取规则和使用规则记录在区块链系统部署的数据管理合约中,并由该合约验证数据获取方提交的数据获取信息是否满足所述获取规则,并验证相应的数据使用信息是否满足所述使用规则,进而根据验证结果确定是否向数据获取方透出用于获取目标数据或其计算结果的凭证信息,即利用区块链系统及其上部署的数据管理合约实现了针对目标数据的链上自动化、精细化授权。一方面,将目标数据的获取规则和使用规则记录在链上部署的数据管理合约中,并由区块链系统基于该合约在链上完成针对目标数据的授权,显著减轻了数据所有方在数据授权过程中的数据管理负担,有助于提升数据授权效率。另一方面,将目标数据的获取规则和使用规则记录在数据管理合约中以实现公开,使得数据授权过程的各相关方(如数据获取方)可以灵活查看上述规则;而且验证数据获取信息是否满足获取规则以及验证数据使用信息是否满足使用规则等均由智能合约在链上完成,使得验证过程及结果可以被公开透明地存证在链上,有助于避免链下验证可能产生的暗箱操作,提升了数据授权过程的透明度和可信度。It can be seen that this solution records the acquisition rules and usage rules of the target data in the data management contract deployed by the blockchain system, and the contract verifies whether the data acquisition information submitted by the data acquirer meets the acquisition rules, and verifies whether the corresponding data usage information meets the usage rules, and then determines whether to disclose the credential information used to obtain the target data or its calculation results to the data acquirer based on the verification results, that is, the blockchain system and the data management contract deployed on it are used to realize the on-chain automated and refined authorization for the target data. On the one hand, the acquisition rules and usage rules of the target data are recorded in the data management contract deployed on the chain, and the blockchain system completes the authorization for the target data on the chain based on the contract, which significantly reduces the data management burden of the data owner in the data authorization process and helps to improve the efficiency of data authorization. On the other hand, the acquisition rules and usage rules of the target data are recorded in the data management contract for public disclosure, so that all relevant parties in the data authorization process (such as the data acquirer) can flexibly view the above rules; and the verification of whether the data acquisition information meets the acquisition rules and the verification of whether the data usage information meets the usage rules are completed on the chain by the smart contract, so that the verification process and results can be openly and transparently stored on the chain, which helps to avoid the black box operations that may arise from off-chain verification and improves the transparency and credibility of the data authorization process.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

图1是一示例性实施例提供的一种示例环境的示意图。FIG. 1 is a schematic diagram of an example environment provided by an exemplary embodiment.

图2是一示例性实施例提供的一种概念架构的示意图。FIG. 2 is a schematic diagram of a conceptual architecture provided by an exemplary embodiment.

图3是一示例性实施例提供的一种数据管理方法的流程图。FIG. 3 is a flow chart of a data management method provided by an exemplary embodiment.

图4是一示例性实施例提供的一种数据管理系统的结构示意图。FIG. 4 is a schematic diagram of the structure of a data management system provided by an exemplary embodiment.

图5是一示例性实施例提供的一种设备的结构示意图。FIG. 5 is a schematic structural diagram of a device provided by an exemplary embodiment.

图6是一示例性实施例提供的一种数据管理装置的框图。FIG. 6 is a block diagram of a data management device provided by an exemplary embodiment.

具体实施方式DETAILED DESCRIPTION

这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本说明书一个或多个实施例相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本说明书一个或多个实施例的一些方面相一致的装置和方法的例子。Exemplary embodiments will be described in detail herein, examples of which are shown in the accompanying drawings. When the following description refers to the drawings, the same numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with one or more embodiments of this specification. Instead, they are merely examples of devices and methods consistent with some aspects of one or more embodiments of this specification as detailed in the appended claims.

需要说明的是:在其他实施例中并不一定按照本说明书示出和描述的顺序来执行相应方法的步骤。在一些其他实施例中,其方法所包括的步骤可以比本说明书所描述的更多或更少。此外,本说明书中所描述的单个步骤,在其他实施例中可能被分解为多个步骤进行描述;而本说明书中所描述的多个步骤,在其他实施例中也可能被合并为单个步骤进行描述。It should be noted that: in other embodiments, the steps of the corresponding method are not necessarily performed in the order shown and described in this specification. In some other embodiments, the steps included in the method may be more or less than those described in this specification. In addition, a single step described in this specification may be decomposed into multiple steps for description in other embodiments; and multiple steps described in this specification may be combined into a single step for description in other embodiments.

图1是一示例性实施例提供的一种示例环境的示意图。如图1所示,示例环境100允许实体参与区块链网络102。区块链网络102可以为公有类型、私有类型或联盟类型的区块链网络。示例环境100可以包括计算设备104、106、108、110、112和网络114;在一实施例中,网络114可以包括局域网(Local Area Network,LAN)、广域网(Wide Area Network,WAN)、因特网或其组合,并连接至网站、用户设备(例如计算设备)和后端系统。在一实施例中,任一计算设备可以通过有线和/或无线通信方式访问网络114。FIG. 1 is a schematic diagram of an example environment provided by an exemplary embodiment. As shown in FIG. 1 , the example environment 100 allows entities to participate in a blockchain network 102. The blockchain network 102 may be a public type, a private type, or a consortium type blockchain network. The example environment 100 may include computing devices 104, 106, 108, 110, 112, and a network 114; in one embodiment, the network 114 may include a local area network (LAN), a wide area network (WAN), the Internet, or a combination thereof, and is connected to a website, a user device (e.g., a computing device), and a backend system. In one embodiment, any computing device may access the network 114 via wired and/or wireless communication.

在某些情况下,计算设备106、108可以是云计算系统的节点(图中未示出),或者每个计算设备106、108也可以是单独的云计算系统,包括由网络互连并作为分布式处理系统工作的多台计算机。 In some cases, computing devices 106, 108 may be nodes of a cloud computing system (not shown), or each computing device 106, 108 may be a separate cloud computing system including multiple computers interconnected by a network and operating as a distributed processing system.

在一实施例中,计算设备104~108可以运行任何适当的计算系统,使其能够作为区块链网络102中的节点;例如,计算设备104~108可以包括但不限于服务器、台式计算机、笔记本电脑、平板电脑计算设备、智能手机和可穿戴设备等。在一实施例中,计算设备104~108可以归属于相关实体并用于实现相应的服务,例如该服务可以用于对某一实体或多个实体之间的交易进行管理。In one embodiment, computing devices 104-108 may run any appropriate computing system to enable them to serve as nodes in blockchain network 102; for example, computing devices 104-108 may include but are not limited to servers, desktop computers, laptop computers, tablet computing devices, smart phones, and wearable devices. In one embodiment, computing devices 104-108 may belong to related entities and be used to implement corresponding services, such as the service that can be used to manage transactions between a certain entity or multiple entities.

在一实施例中,计算设备104~108分别存储有区块链网络102对应的区块链账本。计算设备104可以是(或包含)用于提供浏览器功能的网络服务器,该网络服务器可基于网络114提供与区块链网络102相关的可视化信息。在一些情况下,计算设备104可以不参与区块验证,而是监控区块链网络102以确定其他节点(譬如可以包括计算设备106-108)何时达成共识,并据此生成相应的区块链可视化用户界面。In one embodiment, computing devices 104-108 respectively store blockchain ledgers corresponding to blockchain network 102. Computing device 104 may be (or include) a network server for providing browser functions, which may provide visualization information related to blockchain network 102 based on network 114. In some cases, computing device 104 may not participate in block verification, but monitor blockchain network 102 to determine when other nodes (such as computing devices 106-108) reach consensus, and generate a corresponding blockchain visualization user interface accordingly.

在一实施例中,计算设备104可接收客户端设备(例如计算设备110或计算设备112)针对区块链可视化用户界面发起的请求。在一些情况下,区块链网络102的节点也可以作为客户端设备,比如计算设备108的用户可以使用运行在计算设备108上的浏览器向计算设备104发送上述请求。In one embodiment, computing device 104 may receive a request for a blockchain visual user interface initiated by a client device (e.g., computing device 110 or computing device 112). In some cases, a node of blockchain network 102 may also serve as a client device, such as a user of computing device 108 may use a browser running on computing device 108 to send the above request to computing device 104.

响应于上述请求,计算设备104可以基于存储的区块链账本生成区块链可视化用户界面(如网页),并将生成的区块链可视化用户界面发送给请求的客户端设备。如果区块链网络102是私有类型或联盟类型的区块链网络,对区块链可视化用户界面的请求可以包括用户授权信息,在生成区块链可视化用户界面并发送给请求的客户端设备之前,可以由计算设备104对该用户授权信息进行验证,并在验证通过后返回相应的区块链可视化用户界面。In response to the above request, the computing device 104 may generate a blockchain visual user interface (such as a web page) based on the stored blockchain ledger, and send the generated blockchain visual user interface to the requesting client device. If the blockchain network 102 is a private type or a consortium type blockchain network, the request for the blockchain visual user interface may include user authorization information. Before the blockchain visual user interface is generated and sent to the requesting client device, the computing device 104 may verify the user authorization information and return the corresponding blockchain visual user interface after the verification is passed.

区块链可视化用户界面可以显示在客户端设备上(例如可显示在图1所示的用户界面116中)。当区块链账本发生更新时,用户界面116的显示内容也可以随之发生更新。此外,用户与用户界面116的交互可能导致对其他用户界面的请求,例如显示区块列表、区块详情、交易列表、交易详情、账户列表、账户详情、合约列表、合约详情或者用户对区块链网络实施搜索而产生的搜索结果页面等。The blockchain visualization user interface may be displayed on a client device (e.g., may be displayed in the user interface 116 shown in FIG. 1 ). When the blockchain ledger is updated, the display content of the user interface 116 may also be updated accordingly. In addition, the user's interaction with the user interface 116 may result in a request for other user interfaces, such as displaying a block list, block details, a transaction list, transaction details, an account list, account details, a contract list, contract details, or a search result page generated by a user's search of the blockchain network.

图2是一示例性实施例提供的一种概念架构的示意图。如图2所示,该概念架构200包括实体层202、托管服务层204和区块链网络层206。例如,实体层202可以包括三个实体:实体1、实体2和实体3,每个实体都有各自的交易管理系统208。Fig. 2 is a schematic diagram of a conceptual architecture provided by an exemplary embodiment. As shown in Fig. 2, the conceptual architecture 200 includes an entity layer 202, a hosting service layer 204, and a blockchain network layer 206. For example, the entity layer 202 may include three entities: entity 1, entity 2, and entity 3, each of which has its own transaction management system 208.

在一实施例中,托管服务层204可以包括每个事务管理系统208对应的接口210。例如,各个事务管理系统208使用协议(例如超文本传输协议安全(HTTPS)等)通过网络(例如图1中的网络114)与各自的接口210通信。在一些例子中,每个接口210可以提供各自对应的交易管理系统208与区块链网络层206之间的通信连接;更具体地,接口210可与区块链网络层206的区块链网络212通信。在一些例子中,接口210和区块链网络层206之间的通信可以使用远程过程调用(Remote Procedure Call,RPC)而实现。在一些例子中,接口210可以向交易管理系统208提供用于访问区块链网络212的API接口。In one embodiment, the hosting service layer 204 may include an interface 210 corresponding to each transaction management system 208. For example, each transaction management system 208 communicates with its respective interface 210 through a network (e.g., network 114 in FIG. 1 ) using a protocol (e.g., Hypertext Transfer Protocol Secure (HTTPS)). In some examples, each interface 210 may provide a communication connection between the respective transaction management system 208 and the blockchain network layer 206; more specifically, the interface 210 may communicate with the blockchain network 212 of the blockchain network layer 206. In some examples, the communication between the interface 210 and the blockchain network layer 206 may be implemented using a remote procedure call (RPC). In some examples, the interface 210 may provide an API interface for accessing the blockchain network 212 to the transaction management system 208.

在一实施例中,区块链网络212以对等网络的形式提供,该对等网络包括多个节点214,这些节点214分别用于对块链数据所形成的区块链账本216进行持久化;其中,图2中仅示出了一份区块链账本216,但区块链网络212中可以存在多份区块链账本216或其副本,比如每一节点214可以分别维护一份区块链账本216或其副本。In one embodiment, the blockchain network 212 is provided in the form of a peer-to-peer network, which includes multiple nodes 214, and these nodes 214 are respectively used to persist the blockchain ledger 216 formed by the block chain data; wherein, only one blockchain ledger 216 is shown in FIG2, but there may be multiple blockchain ledgers 216 or copies thereof in the blockchain network 212, for example, each node 214 may respectively maintain a blockchain ledger 216 or a copy thereof.

需要指出的是:在本说明书中所描述的交易(transaction),是指用户通过区块链的客户端创建,并需要最终发布至区块链的分布式数据库中的一笔数据。其中,区块链中的交易,存在狭义的交易以及广义的交易之分。狭义的交易是指用户向区块链发布的一笔价值转移;例如,在传统的比特币区块链网络中,交易可以是用户在区块链中发起的一笔转账。而广义的交易是指用户向区块链发布的一笔具有业务意图的业务数据;例如,运营方可以基于实际的业务需求搭建一个联盟链,依托于联盟链部署一些与价值转移无关的其它类型的在线业务(比如,租房业务、车辆调度业务、保险理赔业务、信用服务、医疗服务等),而在这类联盟链中,交易可以是用户在联盟链中发布的一笔具有业务意图的业务消息或者业务请求。It should be pointed out that the transaction described in this specification refers to a piece of data created by a user through a blockchain client and ultimately published to the distributed database of the blockchain. Among them, transactions in the blockchain can be divided into transactions in a narrow sense and transactions in a broad sense. A transaction in a narrow sense refers to a value transfer published by a user to the blockchain; for example, in a traditional Bitcoin blockchain network, a transaction can be a transfer initiated by a user in the blockchain. A transaction in a broad sense refers to a piece of business data with business intent published by a user to the blockchain; for example, an operator can build a consortium chain based on actual business needs, and rely on the consortium chain to deploy some other types of online services that are not related to value transfer (for example, rental business, vehicle dispatch business, insurance claims business, credit services, medical services, etc.), and in this type of consortium chain, a transaction can be a business message or business request with business intent published by a user in the consortium chain.

区块链一般被划分为三种类型:公有链(Public Blockchain),私有链(Private Blockchain)和联盟链(Consortium Blockchain)。此外,还有多种类型的结合,比如私有链+联盟链、联盟链+公有链等不同组合形式。其中去中心化程度最高的是公有链。其中,加入公有链的参与者可以读取链上的数据记录、参与交易以及竞争新区块的记账权等。而且,各参与者(即节点)可自由加入以及退出网络,并进行相关操作。私有链则相反,该网络的写入权限由某个组织或者机构控制,数据读取权限受组织规定。简单来说,私有链可以为一个弱中心化系统,参与节点具有严格限制且少。这种类型的区块链 更适合于特定机构内部使用。联盟链则是介于公有链以及私有链之间的区块链,可实现“部分去中心化”。联盟链中各个节点通常有与之相对应的实体机构或者组织;参与者通过授权加入网络并组成利益相关联盟,共同维护区块链运行。Blockchain is generally divided into three types: public chain (Public Blockchain), private chain (Private Blockchain) and consortium chain (Consortium Blockchain). In addition, there are many types of combinations, such as private chain + consortium chain, consortium chain + public chain and other different combinations. Among them, the public chain has the highest degree of decentralization. Among them, participants who join the public chain can read data records on the chain, participate in transactions, and compete for the right to record new blocks. Moreover, each participant (ie, node) can freely join and exit the network and perform related operations. The private chain is the opposite. The write permission of the network is controlled by an organization or institution, and the data reading permission is regulated by the organization. Simply put, a private chain can be a weakly centralized system with strictly limited and few participating nodes. This type of blockchain It is more suitable for use within a specific organization. The alliance chain is a blockchain between the public chain and the private chain, which can achieve "partial decentralization". Each node in the alliance chain usually has a corresponding entity or organization; participants join the network through authorization and form a stakeholder alliance to jointly maintain the operation of the blockchain.

不论是公有链、私有链或是联盟链,都可能提供智能合约的功能。区块链上的智能合约是在区块链系统上可以被交易触发执行的合约。智能合约可以通过代码的形式定义。Whether it is a public chain, a private chain or a consortium chain, it may provide the function of smart contracts. Smart contracts on the blockchain are contracts that can be triggered and executed by transactions on the blockchain system. Smart contracts can be defined in the form of code.

以以太坊为例,支持用户在以太坊网络中创建并调用一些复杂的逻辑。以太坊作为一个可编程区块链的核心是以太坊虚拟机(EVM),每个以太坊节点都可以运行EVM。EVM是一个图灵完备的虚拟机,这意味着可以通过它实现各种复杂的逻辑。用户在以太坊网络中发布和调用的智能合约就是在EVM上运行的。其中,区块链节点在将任一智能合约发布在以太坊网络上完成后,即可视为该合约被部署在以太坊网络中。Taking Ethereum as an example, it supports users to create and call some complex logic in the Ethereum network. The core of Ethereum as a programmable blockchain is the Ethereum Virtual Machine (EVM), and each Ethereum node can run EVM. EVM is a Turing-complete virtual machine, which means that various complex logics can be implemented through it. The smart contracts published and called by users in the Ethereum network are run on EVM. Among them, after a blockchain node completes the publication of any smart contract on the Ethereum network, it can be regarded as the contract being deployed in the Ethereum network.

在区块链领域,还有一个重要的概念就是账户(Account);以以太坊为例,以太坊通常将账户划分为外部账户和合约账户两类;外部账户就是由用户直接控制的账户,也称之为用户账户;而合约账户则是由用户通过外部账户创建的,包含合约代码的账户(即智能合约)。当然,对于一些基于以太坊的架构而衍生出的区块链模型,还可以对区块链支持的账户类型,进行进一步的扩展,在本说明书中不进行特别限定。In the field of blockchain, another important concept is account. Taking Ethereum as an example, Ethereum usually divides accounts into two categories: external accounts and contract accounts. External accounts are accounts directly controlled by users, also known as user accounts. Contract accounts are accounts created by users through external accounts and contain contract codes (i.e. smart contracts). Of course, for some blockchain models derived from the Ethereum architecture, the account types supported by the blockchain can be further expanded, which is not specifically limited in this manual.

对于区块链中的账户而言,通常会通过一个结构体,来维护账户的账户状态。当区块中的交易被执行后,区块链中与该交易相关的账户的状态通常也会发生变化。For accounts in the blockchain, a structure is usually used to maintain the account status. When a transaction in a block is executed, the status of the account related to the transaction in the blockchain will usually change.

在一个例子中,账户的结构体通常包括Balance,Nonce,Code和Storage等字段。其中:Balance字段,用于维护账户目前的账户余额;Nonce字段,用于维护该账户的交易次数;它是用于保障每笔交易能且只能被处理一次的计数器,有效避免重放攻击;In an example, the structure of an account usually includes fields such as Balance, Nonce, Code, and Storage. Among them: the Balance field is used to maintain the current account balance of the account; the Nonce field is used to maintain the number of transactions of the account; it is a counter used to ensure that each transaction can and can only be processed once, effectively avoiding replay attacks;

Code字段,对于合约账户,通常用于维护该账户的合约代码;在实际应用中,Code字段中通常仅维护合约代码的hash值;因而,Code字段通常也称之为Codehash字段。而对于外部账户,Code字段通常为空。The Code field, for a contract account, is usually used to maintain the contract code of the account; in actual applications, the Code field usually only maintains the hash value of the contract code; therefore, the Code field is usually also called the Codehash field. For external accounts, the Code field is usually empty.

Storage字段,用于维护该账户的存储内容(默认字段值为空);对于合约账户而言,通常会分配一个独立的存储空间,用以存储该合约账户的存储内容,如合约执行产生的状态数据等;该独立的存储空间通常称之为该合约账户的账户存储。The Storage field is used to maintain the storage content of the account (the default field value is empty). For a contract account, an independent storage space is usually allocated to store the storage content of the contract account, such as the status data generated by the contract execution. This independent storage space is usually called the account storage of the contract account.

合约账户的存储内容通常会构建成MPT(Merkle Patricia Trie)树的数据结构存储在上述独立的存储空间之中;其中,基于合约账户的存储内容构建成的MPT树,通常也称之为Storage(存储)树。而Storage字段通常仅维护该Storage树的根节点;因此,Storage字段通常也称之为StorageRoot字段。The storage content of the contract account is usually constructed into an MPT (Merkle Patricia Trie) tree data structure and stored in the above independent storage space; among them, the MPT tree constructed based on the storage content of the contract account is usually also called the Storage tree. The Storage field usually only maintains the root node of the Storage tree; therefore, the Storage field is usually also called the StorageRoot field.

针对前述相关技术中存在的技术问题,本说明书提出一种数据管理方案。在本方案中,采用在区块链系统中部署并执行数据管理合约的方式,验证目标数据相关的数据获取信息是否满足合约中记录的目标数据的获取规则以及数据使用信息是否满足合约中记录的目标数据的使用规则,以决定是否向数据获取方透出用于指示数据所有方协助数据获取方获得数据获取方和/或其运算结果的凭证信息,从而实现对目标数据的链上自动化、精细化授权。下面结合实施例对本说明书的技术方案进行描述。In view of the technical problems existing in the aforementioned related technologies, this specification proposes a data management solution. In this solution, a data management contract is deployed and executed in a blockchain system to verify whether the data acquisition information related to the target data meets the acquisition rules of the target data recorded in the contract and whether the data usage information meets the usage rules of the target data recorded in the contract, so as to decide whether to disclose to the data acquirer the credential information used to instruct the data owner to assist the data acquirer in obtaining the data acquirer and/or its calculation results, thereby realizing the on-chain automation and refined authorization of the target data. The technical solution of this specification is described below in conjunction with an embodiment.

图3是一示例性实施例提供的一种数据管理方法的流程图。如图3所示,该方法应用于数据管理系统中的区块链系统,所述数据管理系统还包括数据所有方和数据获取方,所述区块链系统中部署的数据管理合约记录有目标数据的获取规则和使用规则,所述目标数据归属于所述数据所有方。所述方法包括步骤302-306。FIG3 is a flow chart of a data management method provided by an exemplary embodiment. As shown in FIG3, the method is applied to a blockchain system in a data management system, the data management system also includes a data owner and a data acquirer, and the data management contract deployed in the blockchain system records the acquisition rules and usage rules of the target data, and the target data belongs to the data owner. The method includes steps 302-306.

步骤302,响应于接收到所述数据获取方提交的针对所述目标数据的数据获取信息,执行所述数据管理合约,所述数据管理合约用于判断所述数据获取信息是否满足所述获取规则。Step 302: in response to receiving the data acquisition information for the target data submitted by the data acquirer, executing the data management contract, wherein the data management contract is used to determine whether the data acquisition information satisfies the acquisition rule.

在一实施例中,所述区块链系统可以仅包含区块链节点构成的区块链网络,或者,也可以包含区块链网络及其关联的BaaS(Backend as a Service,后端即服务)平台(由服务端等计算设备构成)。可以存在一份或多份归属于数据所有方的被管理数据,其中,在存在多份的情况下,这多份被管理数据之间可以互相独立,也可以存在任意形式的关联关系,本说明书并不对此进行限制。另外,一份或多份被管理数据可以构成一个数据集(即被管理数据被以数据集的方式管理),归属于数据所有方的多份被管理数据可以构成一个或多个数据集,这些数据集也被视为归属于数据所有方。在构成多个数据集的情况下,其中任意两个数据集之间的交集可以为空集(即这两个数据集分别包含互不相同的被管理数据),或者该交集也可以分别为这两个数据集的真子集(即这两个数据集分别包含部分相同的被管理数据)。In one embodiment, the blockchain system may only include a blockchain network composed of blockchain nodes, or may also include a blockchain network and its associated BaaS (Backend as a Service) platform (composed of computing devices such as a server). There may be one or more copies of managed data belonging to the data owner, wherein, in the case of multiple copies, the multiple copies of managed data may be independent of each other, or there may be any form of association relationship, and this specification does not limit this. In addition, one or more copies of managed data may constitute a data set (i.e., the managed data is managed in the form of a data set), and multiple copies of managed data belonging to the data owner may constitute one or more data sets, which are also regarded as belonging to the data owner. In the case of constituting multiple data sets, the intersection between any two data sets may be an empty set (i.e., the two data sets contain different managed data respectively), or the intersection may also be a true subset of the two data sets (i.e., the two data sets contain part of the same managed data respectively).

在一实施例中,归属于数据所有方的被管理数据可以由数据所有方自行维护,如将被管理数据保存在数据所有方的本地存储空间或者与数据所有方建立有网络连接的数据库等存储空间。或者,也可以由预设的(如数据所有方指定的)托管方维护,如由该 托管方将这些被管理数据保存在与该托管方关联的预设存储空间(如该托管方的本地存储空间,或者其管理的数据库等)。作为所述被管理数据的管理方,数据所有方或者所述托管方可以对被管理数据进行适当的读/写处理,以实现对这些数据的增加、删除、修改和查询等管理操作。In one embodiment, the managed data belonging to the data owner can be maintained by the data owner himself, such as storing the managed data in the local storage space of the data owner or in a storage space such as a database that has a network connection with the data owner. Alternatively, it can also be maintained by a preset trustee (such as one designated by the data owner), such as by the trustee. The custodian stores the managed data in a preset storage space associated with the custodian (such as the local storage space of the custodian, or a database managed by the custodian, etc.). As the manager of the managed data, the data owner or the custodian can perform appropriate read/write processing on the managed data to implement management operations such as adding, deleting, modifying and querying the data.

对于归属于数据所有方的全部被管理数据,数据所有方可以将其中至少部分被管理数据授权给其他相关方(如数据获取方)使用,这部分被管理数据被称为可授权数据。在本方案中,数据所有方可以将所述可授权数据的获取规则和使用规则记录在区块链系统维护的数据管理合约中,基于此,想要获取并使用所述可授权数据的相关方(如数据获取方)可以(针对所述可授权数据中的目标数据)向区块链系统提交与所述获取规则对应的数据获取信息,以期获取区块链系统透出的针对这部分目标数据的凭证信息(具体可以为下述获取凭证、使用凭证或综合凭证),并进一步使用该信息从数据所有方处获取目标数据和/或其计算结果。可见,数据获取方可以请求获取针对所述可授权数据中的一个或多个的授权,数据获取方请求的这一个或多个可授权数据即为本说明书所述的目标数据。换言之,本说明书所述目标数据即为数据获取方请求获取的、归属于数据所有方的一个或多个可授权数据(实际也是归属于数据所有方的被管理数据)。在归属于数据所有方的被管理数据构成数据集的情况下,若所述目标数据仅包含一个数据,则该数据属于某一个数据集;而若所述目标数据包含多个数据,则这些数据可以属于一个或多个数据集。For all managed data belonging to the data owner, the data owner can authorize at least part of the managed data to other related parties (such as data acquisition parties) for use. This part of the managed data is called authorized data. In this solution, the data owner can record the acquisition rules and usage rules of the authorized data in the data management contract maintained by the blockchain system. Based on this, the related parties (such as data acquisition parties) who want to obtain and use the authorized data can submit data acquisition information corresponding to the acquisition rules to the blockchain system (for the target data in the authorized data) in order to obtain the credential information for this part of the target data revealed by the blockchain system (specifically, the following acquisition credentials, usage credentials or comprehensive credentials), and further use the information to obtain the target data and/or its calculation results from the data owner. It can be seen that the data acquisition party can request to obtain authorization for one or more of the authorized data, and the one or more authorized data requested by the data acquisition party is the target data described in this specification. In other words, the target data described in this specification is one or more authorized data belonging to the data owner requested by the data acquisition party (actually also the managed data belonging to the data owner). In the case where the managed data belonging to the data owner constitutes a data set, if the target data contains only one data, the data belongs to a certain data set; and if the target data contains multiple data, the data may belong to one or more data sets.

需要指出的是:本说明书所述“被管理数据”、“可授权数据”和“目标数据”中的任一数据,均应当理解为一种广义概念,比如数值、文字、图像、音频、视频、代码、程序、模型(如人工智能模型)等,本说明书并不对此进行限制。It should be pointed out that any of the "managed data", "authorizable data" and "target data" mentioned in this specification should be understood as a broad concept, such as numbers, text, images, audio, video, code, program, model (such as artificial intelligence model), etc. This specification does not limit this.

对于归属于数据所有方的可授权数据,区块链系统中部署的数据管理合约中可以记录有这些可授权数据的获取规则和使用规则;鉴于目标数据是所述可授权数据中的至少部分,目标数据的获取规则和使用规则自然也可以被记录在该合约中。因为后续区块链系统需要执行数据管理合约以确定目标数据的相关信息(即所述数据获取信息和数据使用信息)是否满足相应的规则(即所述获取规则和使用规则),所以在区块链系统执行数据管理合约之前,数据所有方可以预先在数据管理合约中为所述目标数据配置相应的规则。其中,针对目标数据的规则配置过程与针对任一可授权数据的规则配置过程并无本质区别,下面以任一可授权数据的规则配置过程为例进行说明。For the authorizable data belonging to the data owner, the data management contract deployed in the blockchain system can record the acquisition rules and usage rules of these authorizable data; given that the target data is at least part of the authorizable data, the acquisition rules and usage rules of the target data can naturally be recorded in the contract. Because the subsequent blockchain system needs to execute the data management contract to determine whether the relevant information of the target data (i.e., the data acquisition information and data usage information) meets the corresponding rules (i.e., the acquisition rules and usage rules), before the blockchain system executes the data management contract, the data owner can pre-configure the corresponding rules for the target data in the data management contract. Among them, the rule configuration process for the target data is not essentially different from the rule configuration process for any authorizable data. The rule configuration process for any authorizable data is used as an example for explanation below.

在决定可以将归属于自身的被管理数据授权给其他相关方使用(即确定该数据为可授权数据)的情况下,数据所有方可以按照预设规划、分享需求、授权意愿和/或目标数据的数据类型等,确定所述任一可授权数据对应的获取规则和使用规则。当然,可以批量确定并配置多个可授权数据的规则。When deciding that the managed data belonging to itself can be authorized to other related parties for use (i.e., determining that the data is authorizable data), the data owner can determine the acquisition rules and usage rules corresponding to any authorizable data according to the preset plan, sharing requirements, authorization intention and/or the data type of the target data. Of course, the rules for multiple authorizable data can be determined and configured in batches.

任一可授权数据的获取规则可以包括多个规则。例如,可以包括算法列表,该算法列表中记录的算法用于表征数据所有方允许数据获取方对该数据实施的加工算法——即数据获取方(在获取到针对所述任一可授权数据的授权之后),被授权使用该加工算法对所述任一可授权数据进行加工处理。其中,所述加工算法可以包括但不限于哈希算法、隐私求交算法、加/解密算法等,任一加工算法具体可以为算法公式或者算法标识,不再赘述。再例如,所述获取规则也可以包括信用评分范围,以确保仅有在预设平台的信用评分满足该范围的数据获取方才能够被授权获取该数据。可见,可以通过将所述信用评分范围设置在较高的区间,有效控制某些信用优良的数据获取方获取到针对所述任一可授权数据的授权,以尽量确保授权后的该数据能够被按照数据所有方的要求进行加工处理。The acquisition rules of any authorizable data may include multiple rules. For example, an algorithm list may be included, and the algorithms recorded in the algorithm list are used to characterize the processing algorithms that the data owner allows the data acquirer to implement on the data - that is, the data acquirer (after obtaining the authorization for any of the authorizable data) is authorized to use the processing algorithm to process the any of the authorizable data. Among them, the processing algorithm may include but is not limited to a hash algorithm, a privacy intersection algorithm, an encryption/decryption algorithm, etc., and any processing algorithm may specifically be an algorithm formula or an algorithm identifier, which will not be repeated. For another example, the acquisition rules may also include a credit score range to ensure that only data acquirers whose credit scores on the preset platform meet the range can be authorized to obtain the data. It can be seen that by setting the credit score range in a higher range, some data acquirers with good credit can be effectively controlled to obtain authorization for any of the authorizable data, so as to ensure that the authorized data can be processed according to the requirements of the data owner as much as possible.

除了上述算法列表和信用评分范围之外,获取规则还可以包含地域范围(相应的数据获取信息可以包括数据获取方的地理位置信息)、号码段(相应的数据获取信息可以包括数据获取方的身份序号、网络地址)等,获取规则的具体内容可以由数据所有方根据自身针对目标数据的需求进行合理设置,本说明书并不对此进行限制。当然,所述获取规则可以包含上述多种规则中的至少之一,如可以仅包含所述算法列表和信用评分范围之一,也可以同时包含二者。示例性的,任一可授权数据Di的获取规则可以为“数据Di,隐私求交和哈希计算,信用评分不低于800分”,表明数据Di仅能够被授权给信用评分不低于800分的数据获取方用于隐私求交计算。In addition to the above-mentioned algorithm list and credit score range, the acquisition rules may also include geographical ranges (the corresponding data acquisition information may include the geographical location information of the data acquirer), number segments (the corresponding data acquisition information may include the identity number and network address of the data acquirer), etc. The specific content of the acquisition rules may be reasonably set by the data owner according to its own needs for the target data, and this specification does not limit this. Of course, the acquisition rules may include at least one of the above-mentioned multiple rules, such as only one of the algorithm list and the credit score range, or both. Exemplarily, the acquisition rule for any authorizable data Di may be "data Di, privacy intersection and hash calculation, credit score not less than 800 points", indicating that data Di can only be authorized to data acquirers with a credit score not less than 800 points for privacy intersection calculation.

类似的,任一可授权数据的使用规则也可以包括多个规则。例如,可以包括凭证有效期(相应的数据使用信息可以包括当前时刻、所述数据获取信息的接收时刻所述获取凭证的接收时刻)、最大使用次数(相应的数据使用信息可以包括区块链系统接收到所述数据获取方提交的所述使用凭证或者所述数据获取信息的总次数)、有效频次范围(相应的数据使用信息可以包括所述区块链系统接收所述使用凭证或者所述数据获取信息 的当前频次)等。具体信息可以参见下文判断数据使用信息是否满足使用规则的相关实施例,此处暂不赘述。Similarly, the usage rules of any authorized data may also include multiple rules. For example, it may include the validity period of the certificate (the corresponding data usage information may include the current time, the time when the data acquisition information is received, and the time when the acquisition certificate is received), the maximum number of uses (the corresponding data usage information may include the total number of times the blockchain system receives the usage certificate or the data acquisition information submitted by the data acquisition party), the effective frequency range (the corresponding data usage information may include the number of times the blockchain system receives the usage certificate or the data acquisition information The current frequency of the data usage information) etc. For specific information, please refer to the following relevant embodiments for determining whether the data usage information satisfies the usage rules, which will not be described here.

需要说明的是,本申请所涉及的用户信息(包括但不限于用户设备信息、用户个人信息等)和数据(包括但不限于用于分析的数据、存储的数据、展示的数据等),均为经用户授权或者经过各方充分授权的信息和数据,并且相关数据的收集、使用和处理需要遵守相关国家和地区的相关法律法规和标准,并提供有相应的操作入口,供用户选择授权或者拒绝。It should be noted that the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data used for analysis, stored data, displayed data, etc.) involved in this application are all information and data authorized by the user or fully authorized by all parties, and the collection, use and processing of relevant data must comply with the relevant laws, regulations and standards of the relevant countries and regions, and provide corresponding operation entrances for users to choose to authorize or refuse.

鉴于数据获取方请求获取授权的目标数据的数量可能是多个(即目标数据可能包括多个可授权数据),所以为了便于准确地确定被请求的目标数据及其相关规则,数据所有方可以通过在数据管理合约中配置可授权数据的数据标识与相关规则之间的对应关系,实现对该数据及其相关规则的配置。其中,数据所有方也可以批量提交多个可授权数据的上述对应关系,以便将这些对应关系批量配置在同一数据管理合约中。其中,所述多个可授权数据之间可以存在关联关系,如同类型的数据、相同方式产生的数据、一段时间内产生的同批次数据等,通过将这些具有关联关系的(相似)数据对应的获取规则部署在同一数据管理合约中,可以实现对这些数据的批量管理和批量授权,有助于提升数据管理和授权效率。Given that the number of target data that the data acquirer requests to obtain authorization for may be multiple (i.e., the target data may include multiple authorizable data), in order to accurately determine the requested target data and its related rules, the data owner can configure the corresponding relationship between the data identifier of the authorizable data and the related rules in the data management contract to implement the configuration of the data and its related rules. The data owner may also submit the above-mentioned corresponding relationships of multiple authorizable data in batches so that these corresponding relationships can be configured in batches in the same data management contract. There may be an association relationship between the multiple authorizable data, such as data of the same type, data generated in the same manner, data of the same batch generated within a period of time, etc. By deploying the acquisition rules corresponding to these associated (similar) data in the same data management contract, batch management and batch authorization of these data can be implemented, which helps to improve data management and authorization efficiency.

以任一可授权数据为例,不妨将任一可授权数据的数据标识与其获取规则之间的对应关系称为第一对应关系,将任一可授权数据的数据标识与其使用规则之间的对应关系称为第二对应关系。其中,数据所有方可以向区块链网络提交所述第一对应关系和/或第二对应关系,以便区块链网络完成配置。例如,上述第一对应关系和第二对应关系可以仅提交其中之一,也可以同时提交二者,本说明书并不对此进行限制。提交的第一对应关系即包含所述任一可授权数据的数据标识和该数据的获取规则;类似的,提交的第二对应关系即包含所述任一可授权数据的数据标识和该数据的使用规则。Taking any authorizable data as an example, the correspondence between the data identifier of any authorizable data and its acquisition rules may be called the first correspondence, and the correspondence between the data identifier of any authorizable data and its usage rules may be called the second correspondence. Among them, the data owner may submit the first correspondence and/or the second correspondence to the blockchain network so that the blockchain network can complete the configuration. For example, only one of the above-mentioned first correspondence and second correspondence may be submitted, or both may be submitted at the same time, and this specification does not limit this. The submitted first correspondence includes the data identifier of any authorizable data and the acquisition rules of the data; similarly, the submitted second correspondence includes the data identifier of any authorizable data and the usage rules of the data.

根据区块链系统的结构不同,数据所有方可以灵活采用相应的方式提交任一可授权数据的对应关系(即上述第一对应关系和/或第二对应关系)。例如,在区块链系统仅包括区块链网络的情况下,数据所有方可以(通过自身使用的客户端设备)直接向网络中的区块链节点发起包含上述对应关系的合约部署交易,从而各个节点通过执行该交易即可在区块链系统中部署包含该对应关系的数据管理合约。再例如,在区块链系统包含区块链网络和BaaS平台的情况下,数据所有方可以(通过自身使用的客户端设备)向BaaS平台发起包含上述对应关系的合约部署请求,以由BaaS平台响应于该请求向区块链系统中的区块链节点发起包含该对应关系的合约部署交易,进而各个节点通过执行该交易在区块链系统中部署包含该对应关系的数据管理合约。可见,而在不同的提交方式中,数据所有方所使用的客户端设备可以实现不同的功能。According to the different structures of the blockchain system, the data owner can flexibly adopt the corresponding method to submit the corresponding relationship of any authorized data (i.e., the above-mentioned first corresponding relationship and/or the second corresponding relationship). For example, in the case where the blockchain system only includes the blockchain network, the data owner can (through the client device used by itself) directly initiate a contract deployment transaction containing the above-mentioned corresponding relationship to the blockchain node in the network, so that each node can deploy the data management contract containing the corresponding relationship in the blockchain system by executing the transaction. For another example, in the case where the blockchain system includes the blockchain network and the BaaS platform, the data owner can (through the client device used by itself) initiate a contract deployment request containing the above-mentioned corresponding relationship to the BaaS platform, so that the BaaS platform can respond to the request and initiate a contract deployment transaction containing the corresponding relationship to the blockchain node in the blockchain system, and then each node can deploy the data management contract containing the corresponding relationship in the blockchain system by executing the transaction. It can be seen that in different submission methods, the client device used by the data owner can realize different functions.

由于在接收到对应关系时区块链系统可能已经部署有数据管理合约,所以可以根据是否部署有数据管理合约,采用不同的方式配置接收到的该获取规则。Since the blockchain system may have deployed a data management contract when the corresponding relationship is received, the received acquisition rule can be configured in different ways depending on whether the data management contract is deployed.

例如,若区块链系统中尚未部署数据管理合约,则区块链系统可以在链上部署包含该对应关系的所述数据管理合约。通过该方式,可以在部署数据管理合约的同时实现对获取规则的配置,简化合约处理逻辑。再例如,若区块链系统已经部署有数据管理合约,则区块链系统可以在(已经部署的)该数据管理合约中配置接收到的所述对应关系。其中,该合约可以由任意相关方(如数据所有方、BaaS平台或者其他独立第三方等)预先部署,预先部署的该合约中可以未记录任何数据的对应关系,或者,预先部署的该合约中也可以预先(在配置接收到的所述对应关系之前)记录有归属于任意数据所有方(可能包括所述数据所有方)的对应关系。通过该方式,数据所有方可以将任一可授权数据的上述对应关系配置在预先部署的数据管理合约中,从而在该合约中新增对应关系或者更新已有对应关系,实现了规则的灵活配置和管理。For example, if the data management contract has not been deployed in the blockchain system, the blockchain system can deploy the data management contract containing the corresponding relationship on the chain. In this way, the configuration of the acquisition rules can be realized while deploying the data management contract, simplifying the contract processing logic. For another example, if the blockchain system has already deployed a data management contract, the blockchain system can configure the received corresponding relationship in the (already deployed) data management contract. Among them, the contract can be pre-deployed by any relevant party (such as the data owner, BaaS platform or other independent third party, etc.), and the pre-deployed contract may not record the corresponding relationship of any data, or the pre-deployed contract may also record the corresponding relationship belonging to any data owner (possibly including the data owner) in advance (before configuring the received corresponding relationship). In this way, the data owner can configure the above-mentioned corresponding relationship of any authorizable data in the pre-deployed data management contract, thereby adding a new corresponding relationship in the contract or updating an existing corresponding relationship, realizing flexible configuration and management of rules.

其中,在区块链系统中已经部署有数据管理合约的情况下,针对接收到的任一对应关系中包含的任一可授权数据的数据标识及其相应的规则(在所述任一对应关系为第一对应关系的情况下,该规则为获取规则;在所述任一对应关系为第二对应关系的情况下,该规则为使用规则),可以根据该数据标识和规则在该合约中的记录情况,采用相应方式在该合约中配置所述任一对应关系。Among them, when a data management contract has been deployed in the blockchain system, for any data identifier of any authorized data contained in any received corresponding relationship and its corresponding rules (when any corresponding relationship is a first corresponding relationship, the rule is an acquisition rule; when any corresponding relationship is a second corresponding relationship, the rule is a usage rule), any corresponding relationship can be configured in the contract in a corresponding manner according to the record of the data identifier and the rules in the contract.

若所述数据管理合约中未记录所述任一可授权数据的数据标识和所述任一对应关系中的规则,则在所述数据管理合约中新增所述任一对应关系;若所述数据管理合约中已记录有所述任一可授权数据的数据标识,则使用所述任一对应关系中的规则更新所述数据管理合约中该数据标识对应的相应规则;若所述数据管理合约中已记录有所述任一对应关系中的规则,则将所述任一对应关系中的数据标识添加至所述数据管理合约中该规则对应的标识集合内。 If the data identifier of any authorizable data and the rules in any corresponding relationship are not recorded in the data management contract, then any corresponding relationship is added to the data management contract; if the data identifier of any authorizable data is already recorded in the data management contract, then the rules in any corresponding relationship are used to update the corresponding rules corresponding to the data identifier in the data management contract; if the rules in any corresponding relationship are already recorded in the data management contract, then the data identifier in any corresponding relationship is added to the identifier set corresponding to the rule in the data management contract.

例如,若所述数据管理合约中未记录所述任一可授权数据的数据标识和所述任一对应关系中的规则,则可以在所述数据管理合约中新增所述任一对应关系,即在该合约中新增所述任一可授权数据的数据标识相应的规则,从而新增所述任一对应关系这一整体。再例如,若所述数据管理合约中已记录有所述任一可授权数据的数据标识,则可以使用所述任一对应关系中的规则更新所述数据管理合约中该数据标识对应的相应规则,即将数据管理合约中已经记录的(所述任一可授权数据对应的)相应规则更新为所述任一对应关系中的规则,从而实现对已有规则的更新。又例如,若所述数据管理合约中已记录有所述任一对应关系中的规则,则可以将该对应关系中的数据标识(即所述任一可授权数据的数据标识)添加至所述数据管理合约中该规则对应的标识集合内,从而在该合约中添加所述任一对应关系包含的数据标识。For example, if the data identifier of any authorizable data and the rules in any corresponding relationship are not recorded in the data management contract, then any corresponding relationship may be added to the data management contract, that is, the rules corresponding to the data identifier of any authorizable data may be added to the contract, thereby adding the entire corresponding relationship. For another example, if the data identifier of any authorizable data has been recorded in the data management contract, the rules in any corresponding relationship may be used to update the corresponding rules corresponding to the data identifier in the data management contract, that is, the corresponding rules (corresponding to any authorizable data) already recorded in the data management contract are updated to the rules in any corresponding relationship, thereby updating the existing rules. For another example, if the rules in any corresponding relationship have been recorded in the data management contract, the data identifier in the corresponding relationship (that is, the data identifier of any authorizable data) may be added to the identifier set corresponding to the rule in the data management contract, thereby adding the data identifier contained in any corresponding relationship to the contract.

下表1为一示例性实施例提供的一种数据管理合约中记录的、可授权数据的数据标识与其相应规则的对应关系表。在表1所示记录的对应关系中,第一对应关系Relation-g如下:Relation-g1为“Data1,Rule-g1”、Relation-g2为“Data2,Rule-g2”、Relation-g3为“Data3,Rule-g2”、Relation-g4为“Data4,Rule-g3”、Relation-g5为“Data5,Rule-g4”;第二对应关系Relation-u如下:Relation-u1为“Data1,Rule-u1”、Relation-u2为“Data2,Rule-u1”、Relation-u3为“Data3,Rule-u2”、Relation-u4为“Data4,Rule-u3”、Relation-u5为空(可能并未设置或者设置后被清空)。可见,Rule-g2对应的标识集合包括Data2和Data3,Rule-u1对应的标识集合包括Data1和Data2。Table 1 below is a table of correspondence between data identifiers of authorizable data and their corresponding rules recorded in a data management contract provided by an exemplary embodiment. In the correspondence recorded in Table 1, the first correspondence Relation-g is as follows: Relation-g1 is "Data1, Rule-g1", Relation-g2 is "Data2, Rule-g2", Relation-g3 is "Data3, Rule-g2", Relation-g4 is "Data4, Rule-g3", and Relation-g5 is "Data5, Rule-g4"; the second correspondence Relation-u is as follows: Relation-u1 is "Data1, Rule-u1", Relation-u2 is "Data2, Rule-u1", Relation-u3 is "Data3, Rule-u2", Relation-u4 is "Data4, Rule-u3", and Relation-u5 is empty (may not be set or cleared after setting). It can be seen that the identifier set corresponding to Rule-g2 includes Data2 and Data3, and the identifier set corresponding to Rule-u1 includes Data1 and Data2.

表1
Table 1

例如,若当前表1中不存在可授权数据6及其获取规则的对应关系,则在数据所有方向区块链系统提交的第一对应关系Relation-g6为“Data6,Rule-g5”的情况下,区块链系统可以在表1中新增Relation-g6。和/或,若数据所有方提交Relation-u6为“Data6,Rule-u5”的情况下,区块链系统也可以在表1中新增Relation-u6。当然,同一可授权数据的第一对应关系和第二对应关系也可以一并提交,以减少提交次数,如数据所有方可以提交“Data6,Rule-g5,Rule-u5”,以便区块链网络分别配置上述Relation-g6和Relation-u6。再例如,对于表1中已经存在的对应关系Relation-g1,若数据所有方提交Relation1’为“Data1,Rule4”,则可以将表1中Data1对应的Rule1更新为Rule4。又例如,对于表1中已经存在的获取规则Rule2,若数据所有方提交Relation6为“Data6,Rule2”,则可以将Data6添加至表1中Rule2对应的标记集合内,更新后,Rule2对应的新的标记集合包括Data2、Data3和(新添加的)Data6。For example, if the corresponding relationship between the authorizable data 6 and its acquisition rule does not exist in the current Table 1, then when the first corresponding relationship Relation-g6 submitted by the data owner to the blockchain system is "Data6, Rule-g5", the blockchain system can add Relation-g6 to Table 1. And/or, if the data owner submits Relation-u6 as "Data6, Rule-u5", the blockchain system can also add Relation-u6 to Table 1. Of course, the first corresponding relationship and the second corresponding relationship of the same authorizable data can also be submitted together to reduce the number of submissions. For example, the data owner can submit "Data6, Rule-g5, Rule-u5" so that the blockchain network can configure the above Relation-g6 and Relation-u6 respectively. For another example, for the corresponding relationship Relation-g1 that already exists in Table 1, if the data owner submits Relation1' as "Data1, Rule4", Rule1 corresponding to Data1 in Table 1 can be updated to Rule4. For another example, for the existing acquisition rule Rule2 in Table 1, if the data owner submits Relation6 as "Data6, Rule2", Data6 can be added to the tag set corresponding to Rule2 in Table 1. After the update, the new tag set corresponding to Rule2 includes Data2, Data3 and (newly added) Data6.

需要说明的是,上述表1所示的内容仅是示例性的,而且表1可以以任意适当的形式维护在数据管理合约中,如以key-vule(键值)对的形式维护等,本说明书对此并不进行限制。It should be noted that the content shown in Table 1 above is only exemplary, and Table 1 can be maintained in the data management contract in any appropriate form, such as in the form of key-value pairs, etc., and this specification does not limit this.

如前所述,智能合约在区块链系统中存在相应的合约账户。对于数据管理合约而言,前述任一对应关系可以被记录在其合约账户的账户存储中作为合约的状态数据,如存储在该合约账户的Storage字段中(作为该字段的取值)。实际上,除了前述Balance,Nonce,Code和Storage等字段之外,合约账户还可以包含其他字段,如自定义字段等,此时也可以将前述任一对应关系存储在该自定义字段中,本说明书对于可授权数据相关的对应关系在合约账户中的存储位置并不进行限制。As mentioned above, smart contracts have corresponding contract accounts in the blockchain system. For data management contracts, any of the above correspondences can be recorded in the account storage of its contract account as the state data of the contract, such as stored in the Storage field of the contract account (as the value of the field). In fact, in addition to the aforementioned fields such as Balance, Nonce, Code and Storage, the contract account can also contain other fields, such as custom fields, etc. At this time, any of the above correspondences can also be stored in the custom fields. This specification does not limit the storage location of the corresponding relationship related to the authorized data in the contract account.

至此,对任一可授权数据相关的对应关系的配置过程介绍完毕。如图4所示的数据管理系统,包括数据所有方、数据获取方和区块链系统。其中,区块链系统中部署有数 据管理合约,该合约记录有归属于数据所有方的可授权数据(包括目标数据)的数据标识,以及这些可授权数据相关的第一对应关系和第二对应关系,这些对应关系可以由数据所有方通过前述实施例的方式进行配置。So far, the configuration process of the corresponding relationship related to any authorized data has been introduced. As shown in Figure 4, the data management system includes the data owner, the data acquirer and the blockchain system. According to the management contract, the contract records the data identifiers of the authorizable data (including target data) belonging to the data owner, as well as the first corresponding relationships and the second corresponding relationships related to these authorizable data. These corresponding relationships can be configured by the data owner through the aforementioned embodiments.

除了可授权数据的数据标识及其相关的对应关系之外,数据管理合约中还可以记录可授权数据的相关信息,以便有获取需求的数据获取方查看。其中,所述相关信息可以包括元信息,所述元信息包括但不限于数据名称、数据大小、数据类型等。另外,所述相关信息还可以包括示例性数据(或称典型数据、样本数据),如对于可授权数据构成的多个数据集,数据管理合约中还可以记录各个数据集的示例性数据,其中任一数据集的示例性数据用于体现该数据集中可授权数据的数据特征(该数据特征可以是该数据集中各个可授权数据的共同特征或至少部分典型特征),以便数据获取方根据这些信息尽可能充分地了解各个可授权数据,从而更准确地判断出可以满足自身需求的可授权数据作为后续请求获取的目标数据。例如,数据获取方可以通过自身使用的区块链客户端获取上述相关信息,并在区块链可视化用户界面中查看,以便从中选取满足自身获取需求的至少部分可授权数据作为需求请求获取的目标数据。另外,还可以获取并查看目标数据的获取规则,以便初步判断自身条件(包括数据获取信息)是否满足可授权数据和目标数据的获取规则,并在判断满足的情况下再向区块链系统提交数据获取信息,以尽量避免后续执行数据管理合约时合约判断数据获取信息不满足获取规则而导致的授权失败,一定程度上提升授权成功概率和授权效率。当然,数据获取方也可以不进行上述初步判断,而是在确定自身需要获取的目标数据后直接针对该数据提交数据获取信息,不再赘述。In addition to the data identifier of the authorizable data and its related corresponding relationship, the data management contract can also record the relevant information of the authorizable data so that the data acquirer with acquisition needs can view it. Among them, the relevant information can include meta information, which includes but is not limited to data name, data size, data type, etc. In addition, the relevant information can also include exemplary data (or typical data, sample data). For example, for multiple data sets consisting of authorizable data, the data management contract can also record the exemplary data of each data set, where the exemplary data of any data set is used to reflect the data characteristics of the authorizable data in the data set (the data characteristics can be the common characteristics of each authorizable data in the data set or at least part of the typical characteristics), so that the data acquirer can understand each authorizable data as fully as possible based on this information, so as to more accurately determine the authorizable data that can meet its own needs as the target data for subsequent requests. For example, the data acquirer can obtain the above-mentioned relevant information through the blockchain client used by itself, and view it in the blockchain visual user interface, so as to select at least part of the authorizable data that meets its own acquisition needs as the target data for the demand request. In addition, you can also obtain and view the acquisition rules of the target data to preliminarily determine whether your own conditions (including data acquisition information) meet the acquisition rules of the authorized data and target data, and submit the data acquisition information to the blockchain system if it is determined to be satisfied, so as to avoid the subsequent execution of the data management contract. The contract determines that the data acquisition information does not meet the acquisition rules and causes authorization failures, which to a certain extent improves the probability of successful authorization and authorization efficiency. Of course, the data acquirer can also not make the above preliminary judgment, but directly submit the data acquisition information for the target data that it needs to obtain after determining it. I will not go into details.

其中,对于欲请求获取(即欲取得数据所有方授权)的目标数据,数据获取方可以先确定相应的数据获取信息。任一目标数据的数据获取信息可以包括:该目标数据的数据标识以及与目标数据的获取规则对应的待验证信息,其中,该数据标识用于向数据管理合约指示:数据获取方请求获取的目标数据具体是哪个可授权数据;所述待验证信息用于后续判断是否满足目标数据的获取规则,换言之,后续判断数据获取信息是否满足获取规则,即为判断数据获取信息中的待验证信息是否满足获取规则。所述待验证信息即可以包括前述算法列表、信用评分、地理位置信息、身份序号、网络地址等,不再赘述。Among them, for the target data that is to be requested (i.e., the data owner wants to obtain authorization), the data acquirer can first determine the corresponding data acquisition information. The data acquisition information of any target data may include: the data identifier of the target data and the information to be verified corresponding to the acquisition rules of the target data, wherein the data identifier is used to indicate to the data management contract: which authorized data is the target data requested by the data acquirer; the information to be verified is used for subsequent judgment on whether the acquisition rules of the target data are met. In other words, the subsequent judgment on whether the data acquisition information meets the acquisition rules is to judge whether the information to be verified in the data acquisition information meets the acquisition rules. The information to be verified may include the aforementioned algorithm list, credit score, geographic location information, identity serial number, network address, etc., which will not be repeated here.

示例性的,任一目标数据Dj的数据获取信息可以为“数据Dj,隐私求交,信用评分为900分”,该信息表明:数据获取方声明自身需要获取目标数据Dj用于隐私求交、数据获取方自身的信用评分为900分。当然,在数据Dj的数据获取规则还包含地理范围和网络地址的情况下,所述数据获取信息中还可以包括“地理范围为X区域,网络地址为yyy”等,以声明自身位于X区域、自身的网络地址为yyy,不再赘述。For example, the data acquisition information of any target data Dj may be "data Dj, privacy intersection, credit score is 900 points", which indicates that the data acquirer declares that it needs to acquire the target data Dj for privacy intersection, and the credit score of the data acquirer itself is 900 points. Of course, in the case where the data acquisition rule of data Dj also includes a geographical range and a network address, the data acquisition information may also include "geographical range is X area, network address is yyy", etc., to declare that it is located in X area and its network address is yyy, which will not be repeated.

在一实施例中,所述数据获取信息可以被包含在数据获取交易中提交至区块链系统,该交易即用于调用所述数据管理合约。例如,在区块链系统仅包括区块链网络的情况下,数据获取方可以(通过自身使用的客户端设备)直接向网络中的区块链节点发起包含数据获取信息的数据获取交易。再例如,在区块链系统包含区块链网络和BaaS平台的情况下,数据获取方可以(通过自身使用的客户端设备)向BaaS平台发起包含数据获取信息的数据获取请求,以由BaaS平台响应于该请求向区块链系统中的区块链节点发起包含该数据获取信息的数据获取交易。在上述数据获取交易通过共识后,该交易会被同步至区块链网络中的各个区块链节点,并由各个区块链节点分别执行。In one embodiment, the data acquisition information may be included in a data acquisition transaction and submitted to the blockchain system, and the transaction is used to call the data management contract. For example, in the case where the blockchain system only includes a blockchain network, the data acquirer can directly initiate a data acquisition transaction containing data acquisition information to the blockchain node in the network (through its own client device). For another example, in the case where the blockchain system includes a blockchain network and a BaaS platform, the data acquirer can initiate a data acquisition request containing data acquisition information to the BaaS platform (through its own client device), so that the BaaS platform can initiate a data acquisition transaction containing the data acquisition information to the blockchain node in the blockchain system in response to the request. After the above data acquisition transaction passes consensus, the transaction will be synchronized to each blockchain node in the blockchain network and executed separately by each blockchain node.

如前所述,数据管理合约中记录有目标数据的获取规则,基于此,在接收到数据获取方提交的数据获取信息后,区块链系统可以执行该合约,以由该合约判断所述数据获取信息是否满足所述获取规则。承接于前述实施例,在所述数据获取信息被包含在调用所述数据管理合约的数据获取交易中提交至区块链系统的情况下,区块链系统中的区块链节点可以在执行该交易的过程中将该交易携带的所述数据获取信息作为入参执行所述数据管理合约(中的合约代码),以由该合约判断所述数据获取信息是否满足目标数据的获取规则。As mentioned above, the data management contract records the acquisition rules of the target data. Based on this, after receiving the data acquisition information submitted by the data acquirer, the blockchain system can execute the contract to determine whether the data acquisition information meets the acquisition rules. Continuing from the above embodiment, when the data acquisition information is included in the data acquisition transaction that calls the data management contract and submitted to the blockchain system, the blockchain nodes in the blockchain system can use the data acquisition information carried by the transaction as an input parameter to execute the data management contract (the contract code in it) during the execution of the transaction, so that the contract can determine whether the data acquisition information meets the acquisition rules of the target data.

在一实施例中,所述获取规则可以包括算法列表,而所述数据获取信息中可以包含目标算法。其中,所述算法列表中的任一算法,具体可以为该算法的名称或编号等标识、该算法的算法规则、该算法的相关参数等。如前所述,算法列表中记录的算法用于表征数据所有方允许数据获取方对目标数据进行加工处理时采用的算法,而所述目标算法即为数据获取方声明的、自身在获取到针对目标数据的授权后对该数据进行加工处理时采用的算法,因此,若所述数据获取信息中的目标算法被记录在所述算法列表中,则数据管理合约可以判定数据获取信息满足所述获取规则。相应的,若利用区块链系统透出的获取凭证获取到所述目标数据,则数据获取方可以通过所述目标算法加工该目标数据, 如数据获取方可以对获取到的目标数据进行哈希运算或者加密处理等;和/或,所述目标算法可以被用于对所述目标数据执行预设运算(如包括数据所有方在内的多方参与的隐私求交运算等),以便数据获取方利用区块链系统透出的获取凭证获取到执行该预设运算后得到的运算结果。In one embodiment, the acquisition rules may include an algorithm list, and the data acquisition information may include a target algorithm. Among them, any algorithm in the algorithm list may specifically be an identifier such as the name or number of the algorithm, the algorithm rules of the algorithm, the relevant parameters of the algorithm, etc. As mentioned above, the algorithms recorded in the algorithm list are used to characterize the algorithms that the data owner allows the data acquirer to use when processing the target data, and the target algorithm is the algorithm declared by the data acquirer to use when processing the data after obtaining authorization for the target data. Therefore, if the target algorithm in the data acquisition information is recorded in the algorithm list, the data management contract can determine that the data acquisition information satisfies the acquisition rules. Correspondingly, if the target data is obtained using the acquisition credentials revealed by the blockchain system, the data acquirer can process the target data using the target algorithm. For example, the data acquirer can perform hash operations or encryption processing on the acquired target data; and/or, the target algorithm can be used to perform preset operations on the target data (such as privacy intersection operations involving multiple parties including the data owner, etc.), so that the data acquirer can use the acquisition credentials revealed by the blockchain system to obtain the operation results obtained after executing the preset operation.

在另一实施例中,所述获取规则也可以包括信用评分范围,而所述数据获取信息中可以包含数据获取方在预设平台的信用评分。其中,所述信用评分可以为具体数值,如300分、500分、800分等,此时所述信用评分范围可以为数值范围;当然,所述信用评分也可以为评分等级,如A级、B级、C级,或者优、良、中、差等,此时所述信用评分范围可以为包括至少一个评分等级的等级集合。可以理解的是,所述信用评分的高低可以用于衡量数据获取方在所述预设平台信用情况的优劣。基于此,若所述数据获取方在预设平台的信用评分属于所述信用评分范围,则数据管理合约可以判定数据获取信息满足所述获取规则。可见,可以通过将所述信用评分范围设置在较高的区间,有效控制信用优良的数据获取方获取到针对所述任一可授权数据的授权,同时避免信用不良的数据获取方获取到该授权,以尽量确保授权后的该数据能够被按照数据所有方的要求进行加工处理。承接于前述实施例,在目标数据Di的获取规则为“数据Di,隐私求交,信用评分不低于800分”的情况下,若数据获取方提交的数据获取信息中的目标算法为隐私求交、数据获取方的信用评分为900分,则数据管理合约可以判定该数据获取信息满足Di的获取规则;或者,若目标算法并非隐私求交,或者数据获取方的信用评分低于800分,则数据管理合约将判定该数据获取信息不满足Di的获取规则。In another embodiment, the acquisition rule may also include a credit score range, and the data acquisition information may include the credit score of the data acquirer on the preset platform. The credit score may be a specific value, such as 300 points, 500 points, 800 points, etc., and the credit score range may be a numerical range; of course, the credit score may also be a rating level, such as A, B, C, or excellent, good, medium, poor, etc., and the credit score range may be a level set including at least one rating level. It can be understood that the credit score can be used to measure the credit status of the data acquirer on the preset platform. Based on this, if the credit score of the data acquirer on the preset platform belongs to the credit score range, the data management contract can determine that the data acquisition information meets the acquisition rule. It can be seen that by setting the credit score range in a higher interval, the data acquirer with good credit can be effectively controlled to obtain the authorization for any authorizable data, while preventing the data acquirer with poor credit from obtaining the authorization, so as to ensure that the authorized data can be processed according to the requirements of the data owner. Continuing from the above embodiment, when the acquisition rule of the target data Di is "data Di, privacy intersection, credit score not less than 800 points", if the target algorithm in the data acquisition information submitted by the data acquirer is privacy intersection and the credit score of the data acquirer is 900 points, the data management contract can determine that the data acquisition information satisfies the acquisition rule of Di; or, if the target algorithm is not privacy intersection, or the credit score of the data acquirer is less than 800 points, the data management contract will determine that the data acquisition information does not satisfy the acquisition rule of Di.

另外,所述数据管理合约在执行过程中可以调用其他合约,其中数据获取方提交的数据获取信息中可以包含其他合约的合约地址,以便数据管理合约根据该地址调用其他合约。和/或,所述数据获取信息中还可以包含其他数据的存储地址,以便数据管理合约在执行过程中根据该地址获取必要的数据。如在前述目标算法为多方运算的算法的情况下,所述存储地址可以为前述信用平台的访问地址,所述数据获取信息中可以包含数据获取方在预设平台的信用评分,还可以包含一个或多个(除数据所有方和数据获取方之外的)其他参与方在预设平台的信用评分,对此,数据管理合约可以按照所述访问地址访问所述预设平台以验证这些信用评分的真实性,并将验证通过(即确定这些信用评分为相应相关方的真实评分)作为判定数据获取信息满足获取规则的前提条件,以避免数据获取方伪造所述信用评分可能带来的安全隐患。In addition, the data management contract can call other contracts during the execution process, wherein the data acquisition information submitted by the data acquirer can include the contract address of other contracts, so that the data management contract can call other contracts according to the address. And/or, the data acquisition information can also include the storage address of other data, so that the data management contract can obtain necessary data according to the address during the execution process. For example, in the case where the aforementioned target algorithm is a multi-party operation algorithm, the storage address can be the access address of the aforementioned credit platform, and the data acquisition information can include the credit score of the data acquirer on the preset platform, and can also include the credit scores of one or more other participants (except the data owner and the data acquirer) on the preset platform. In this regard, the data management contract can access the preset platform according to the access address to verify the authenticity of these credit scores, and use the verification (i.e., determining that these credit scores are the real scores of the corresponding parties) as a prerequisite for determining that the data acquisition information meets the acquisition rules, so as to avoid the security risks that may be caused by the data acquirer forging the credit score.

如图4所示,在以太坊场景下,区块链节点可以运行EVM,该虚拟机中包含规则执行引擎,如获取规则执行引擎和使用规则执行引擎。在执行所述数据管理合约的过程中,可以调用所述获取规则执行引擎判断数据获取方提交的数据获取信息是否满足目标数据的获取规则。另外,可以调用使用规则引擎判断后续确定的数据使用信息是否满足目标数据的使用规则,该判断过程可参见下文实施例,此处暂不赘述。As shown in FIG4 , in the Ethereum scenario, the blockchain node can run EVM, which includes a rule execution engine, such as an acquisition rule execution engine and a usage rule execution engine. In the process of executing the data management contract, the acquisition rule execution engine can be called to determine whether the data acquisition information submitted by the data acquirer meets the acquisition rules of the target data. In addition, the usage rule engine can be called to determine whether the subsequently determined data usage information meets the usage rules of the target data. The judgment process can be referred to in the following embodiment, which will not be repeated here.

步骤304,确定针对所述目标数据的数据使用信息并执行所述数据管理合约,所述数据管理合约用于判断所述数据使用信息是否满足所述使用规则。Step 304: determine data usage information for the target data and execute the data management contract, wherein the data management contract is used to determine whether the data usage information satisfies the usage rules.

在一实施例中,本说明书所述的数据管理合约中可以包含多个函数,例如接口函数及其对应的功能函数等。其中,区块链交易在调用该合约时可以指定所调用的(该合约中的)接口函数及其入参,以便在指定该合约的过程中由该接口函数对应的功能函数处理入参得到相应的合约执行结果。如前所述,步骤302与步骤304中分别执行数据管理合约,在具体实现中,两步骤可以分别调用数据管理合约的不同接口函数,从而通过执行同一数据管理合约分别实现不同的功能:步骤302执行该合约用于判断数据获取信息是否满足所述获取规则,步骤304执行该合约用于判断数据使用信息是否满足所述使用规则。In one embodiment, the data management contract described in this specification may include multiple functions, such as an interface function and its corresponding functional function. Among them, when calling the contract, the blockchain transaction can specify the called interface function (in the contract) and its input parameters, so that in the process of specifying the contract, the functional function corresponding to the interface function processes the input parameters to obtain the corresponding contract execution result. As mentioned above, the data management contract is executed respectively in step 302 and step 304. In the specific implementation, the two steps can respectively call different interface functions of the data management contract, so as to realize different functions by executing the same data management contract: step 302 executes the contract to determine whether the data acquisition information meets the acquisition rules, and step 304 executes the contract to determine whether the data usage information meets the usage rules.

步骤306,在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出针对所述目标数据的凭证信息,所述凭证信息用于指示所述数据所有方协助所述数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。Step 306, when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, the credential information for the target data is disclosed to the data acquirer, and the credential information is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the calculation result obtained after performing a preset calculation on the target data.

在本说明书所述数据管理系统包括区块链系统、数据所有方和数据获取方,所述区块链系统中部署有数据管理合约,该合约中记录有归属于数据所有方的目标数据的获取规则和使用规则。区块链网络响应于接收到所述数据获取方提交的针对所述目标数据的数据获取信息,执行所述数据管理合约以用于判断所述数据获取信息是否满足所述获取规则;另外,确定针对所述目标数据的数据使用信息并执行所述数据管理合约以用于判断所述数据使用信息是否满足所述使用规则;以及,在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出针对所 述目标数据的凭证信息,该信息即用于指示数据所有方协助数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。The data management system described in this specification includes a blockchain system, a data owner, and a data acquirer. A data management contract is deployed in the blockchain system, and the contract records the acquisition rules and usage rules of the target data belonging to the data owner. In response to receiving the data acquisition information for the target data submitted by the data acquirer, the blockchain network executes the data management contract to determine whether the data acquisition information satisfies the acquisition rules; in addition, it determines the data usage information for the target data and executes the data management contract to determine whether the data usage information satisfies the usage rules; and, in the case where the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, the data acquirer is informed of the data usage information for the target data. The credential information of the target data is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data.

可见,本方案将目标数据的获取规则和使用规则记录在区块链系统部署的数据管理合约中,并由该合约验证数据获取方提交的数据获取信息是否满足所述获取规则,并验证相应的数据使用信息是否满足所述使用规则,进而根据验证结果确定是否向数据获取方透出用于获取目标数据或其计算结果的凭证信息,即利用区块链系统及其上部署的数据管理合约实现了针对目标数据的链上自动化、精细化授权。一方面,将目标数据的获取规则和使用规则记录在链上部署的数据管理合约中,并由区块链系统基于该合约在链上完成针对目标数据的授权,显著减轻了数据所有方在数据授权过程中的数据管理负担,有助于提升数据授权效率。另一方面,将目标数据的获取规则和使用规则记录在数据管理合约中以实现公开,使得数据授权过程的各相关方(如数据获取方)可以灵活查看上述规则;而且验证数据获取信息是否满足获取规则以及验证数据使用信息是否满足使用规则等均由智能合约在链上完成,使得验证过程及结果可以被公开透明地存证在链上,有助于避免链下验证可能产生的暗箱操作,提升了数据授权过程的透明度和可信度。It can be seen that this solution records the acquisition rules and usage rules of the target data in the data management contract deployed by the blockchain system, and the contract verifies whether the data acquisition information submitted by the data acquirer meets the acquisition rules, and verifies whether the corresponding data usage information meets the usage rules, and then determines whether to disclose the credential information used to obtain the target data or its calculation results to the data acquirer based on the verification results, that is, the blockchain system and the data management contract deployed on it are used to realize the on-chain automated and refined authorization for the target data. On the one hand, the acquisition rules and usage rules of the target data are recorded in the data management contract deployed on the chain, and the blockchain system completes the authorization for the target data on the chain based on the contract, which significantly reduces the data management burden of the data owner in the data authorization process and helps to improve the efficiency of data authorization. On the other hand, the acquisition rules and usage rules of the target data are recorded in the data management contract for public disclosure, so that all relevant parties in the data authorization process (such as the data acquirer) can flexibly view the above rules; and the verification of whether the data acquisition information meets the acquisition rules and the verification of whether the data usage information meets the usage rules are completed on the chain by the smart contract, so that the verification process and results can be openly and transparently stored on the chain, which helps to avoid the black box operations that may arise from off-chain verification and improves the transparency and credibility of the data authorization process.

通过前述方式,数据管理合约可以验证目标数据的相关信息是否满足相应的规则,在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,区块链网络可以向所述数据获取方透出针对所述目标数据的凭证信息。反之,在所述数据获取信息不满足获取规则的情况下,可以避免透出所述获取凭证,并向数据获取方透出针对目标数据的授权失败消息,以向数据获取方告知:本次从数据所有方处请求获取针对目标数据授权的请求结果为失败。Through the above-mentioned method, the data management contract can verify whether the relevant information of the target data meets the corresponding rules. When the data acquisition information meets the acquisition rules and/or the data usage information meets the usage rules, the blockchain network can reveal the credential information for the target data to the data acquirer. On the contrary, when the data acquisition information does not meet the acquisition rules, it can avoid revealing the acquisition credentials and reveal the authorization failure message for the target data to the data acquirer, so as to inform the data acquirer that the request for obtaining authorization for the target data from the data owner has failed.

区块链网络可以按照多种方式透出所述凭证信息。例如,可以将所述凭证信息写入所述数据管理合约产生的收据所记录的数据获取事件中,所述数据获取方具有针对所述收据的监听权限。再例如,也可以将所述凭证信息写入所述数据管理合约的合约账户中,所述数据获取方具有针对所述合约账户的查询权限。其中,被透出的凭证可以为获取凭证、使用凭证或者综合凭证。鉴于各个凭证均可以按照上述方式透出,下面以获取凭证为例进行说明:The blockchain network can reveal the credential information in a variety of ways. For example, the credential information can be written into the data acquisition event recorded in the receipt generated by the data management contract, and the data acquirer has the right to monitor the receipt. For another example, the credential information can also be written into the contract account of the data management contract, and the data acquirer has the right to query the contract account. Among them, the revealed credential can be an acquisition credential, a usage credential, or a comprehensive credential. In view of the fact that each credential can be revealed in the above manner, the following is an explanation using the acquisition credential as an example:

例如,区块链网络可以将所述获取凭证写入所述数据管理合约产生的收据(receipt)所记录的数据获取事件中,如写入事件(event)的data字段,所述数据获取方具有针对所述收据的监听权限。通过该方式,数据获取方可以通过事件监听回调机制监听被写入数据获取事件中的获取凭证,并根据监听结果进行后续处理。For example, the blockchain network can write the acquisition credentials into the data acquisition event recorded in the receipt generated by the data management contract, such as the data field of the event, and the data acquirer has the monitoring permission for the receipt. In this way, the data acquirer can monitor the acquisition credentials written into the data acquisition event through the event monitoring callback mechanism, and perform subsequent processing according to the monitoring results.

具体而言,数据管理合约的执行结果可以包括收据,该收据中可以包含与执行该合约所调用的方法相关的事件,如(用于判断数据获取信息是否满足获取规则的)规则判断方法对应的数据获取事件。数据获取事件的topic可以包含预定义的授权事件标识,以区别于其他的事件。譬如在event中,topic的内容为关键词authorization,且该关键词区别于其他方法所产生event中的topic。那么,EVM通过监听生成的收据中各个event所含的topic,可以在监听到包含关键词authorization的topic的情况下,确定监听到与执行前述规则判断方法相关的event,即所述数据获取事件。例如,收据中的event如下:
Specifically, the execution result of the data management contract may include a receipt, which may include events related to the method called to execute the contract, such as a data acquisition event corresponding to a rule judgment method (used to determine whether the data acquisition information satisfies the acquisition rules). The topic of the data acquisition event may contain a predefined authorization event identifier to distinguish it from other events. For example, in the event, the content of the topic is the keyword authorization, and this keyword is different from the topic in the event generated by other methods. Then, by monitoring the topics contained in each event in the generated receipt, EVM can determine that it has monitored an event related to the execution of the aforementioned rule judgment method, that is, the data acquisition event, when it monitors a topic containing the keyword authorization. For example, the event in the receipt is as follows:

那么,数据获取方在监听到第1条event时,由于所含topic的内容为other,可以确定该event与规则判断方法无关。在监听到第2条event时,由于所含topic的内容为unauthorization,确定该event与规则判断方法相关,进而读取该event对应的data字段,此时该data字段可以为空,或者也可以包含上述授权失败消息。进而,在监听到第3条event时,所述topic的内容为authorization的事件,其data字段可以为空,或者也可以记录上述标识。可以理解的是,上述第2条和第3条event可以由区块链网络在两次执行数据管理合约后分别生成,而这两次执行对应的数据所有方、数据获取方、目标数据等均可以相同或不同,不再赘述。 Then, when the data acquirer listens to the first event, since the content of the topic contained is other, it can be determined that the event is not related to the rule judgment method. When the second event is listened to, since the content of the topic contained is unauthorization, it is determined that the event is related to the rule judgment method, and then the data field corresponding to the event is read. At this time, the data field can be empty, or it can also contain the above-mentioned authorization failure message. Furthermore, when the third event is listened to, the content of the topic is an authorization event, and its data field can be empty, or it can also record the above-mentioned identifier. It can be understood that the above-mentioned second and third events can be generated by the blockchain network respectively after executing the data management contract twice, and the data owners, data acquirers, target data, etc. corresponding to the two executions can be the same or different, and will not be repeated.

示例性的,上述第3条event的data字段的内容例如可以包括:
For example, the content of the data field of the event in item 3 may include:

其中,获取凭证ID可以在数据管理系统中全局唯一,用于唯一标识本次生成的获取凭证。所述data1标识、data2标识和data3标识分别用于表示数据获取方本次请求获取的目标数据,即data1、data2和data3。所述算法列表1、算法列表2和算法列表3分别用于表示数据获取方针对data1、data2和data3进行加工处理时采用的算法。The acquisition credential ID can be globally unique in the data management system and is used to uniquely identify the acquisition credential generated this time. The data1 identifier, data2 identifier, and data3 identifier are used to represent the target data requested by the data acquirer this time, namely, data1, data2, and data3. The algorithm list 1, algorithm list 2, and algorithm list 3 are used to represent the algorithms used by the data acquirer when processing data1, data2, and data3.

再例如,也可以将所述获取凭证写入所述数据管理合约的合约账户中,而所述数据获取方可以具有针对该合约账户的查询权限。其中。所述获取凭证具体可以写入数据管理合约所对应合约账户的Storage字段中(作为该字段的取值)。或者,在合约账户中还可以包含自定义字段的情况下,也可以将所述获取凭证写入该自定义字段。本说明书对于获取凭证在合约账户中的存储位置并不进行限制。可以理解的是,被写入上述字段的获取凭证,即被作为数据管理合约所对应合约账户的状态数据,基于此,数据获取方可以通过查询数据管理合约对应的合约账户获取到所述获取凭证。For another example, the acquisition credential may also be written into the contract account of the data management contract, and the data acquirer may have query rights for the contract account. Among them. The acquisition credential may be specifically written into the Storage field of the contract account corresponding to the data management contract (as the value of the field). Alternatively, in the case where the contract account may also contain a custom field, the acquisition credential may also be written into the custom field. This specification does not limit the storage location of the acquisition credential in the contract account. It can be understood that the acquisition credential written into the above-mentioned field is used as the status data of the contract account corresponding to the data management contract. Based on this, the data acquirer can obtain the acquisition credential by querying the contract account corresponding to the data management contract.

如前所述,在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,区块链网络可以向所述数据获取方透出针对所述目标数据的凭证信息。例如,在所述数据获取信息满足所述获取规则的情况下,透出的所述凭证信息可以包括获取凭证;同时,在所述数据使用信息满足所述使用规则的情况下,透出的所述凭证信息可以包括使用凭证;具体而言,区块链网络可以根据接收到的所述数据获取方提交的所述获取凭证,确定针对所述目标数据的数据使用信息;或者,也可以根据接收到的所述数据获取信息和/或透出的所述获取凭证,确定针对所述目标数据的数据使用信息。再例如,区块链网络可以根据接收到的所述数据获取信息,确定针对所述目标数据的数据使用信息;相应的,可以在所述数据获取信息满足所述获取规则且所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出综合凭证。可见,被透出的凭证信息可能为获取凭证、使用凭证或者综合凭证,对此,验证信息前述信息是否满足相应规则以及透出相应凭证信息的过程,可能存在多种情况,下面分别进行说明。As mentioned above, when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, the blockchain network can disclose the credential information for the target data to the data acquirer. For example, when the data acquisition information satisfies the acquisition rules, the disclosed credential information may include the acquisition credential; at the same time, when the data usage information satisfies the usage rules, the disclosed credential information may include the usage credential; specifically, the blockchain network can determine the data usage information for the target data based on the received acquisition credential submitted by the data acquirer; or, it can also determine the data usage information for the target data based on the received data acquisition information and/or the disclosed acquisition credential. For another example, the blockchain network can determine the data usage information for the target data based on the received data acquisition information; accordingly, when the data acquisition information satisfies the acquisition rules and the data usage information satisfies the usage rules, the comprehensive credential can be disclosed to the data acquirer. It can be seen that the disclosed credential information may be the acquisition credential, the usage credential or the comprehensive credential. In this regard, there may be multiple situations in the process of verifying whether the aforementioned information satisfies the corresponding rules and disclosing the corresponding credential information, which are described below.

在一实施例中,在数据管理合约判定所述数据获取信息满足获取规则的情况下,区块链网络可以向所述数据获取方透出针对所述目标数据的获取凭证,该凭证用于表明数据获取方提供的数据获取信息已经通过数据管理合约对获取规则的验证。在接收到区块链网络透出的获取凭证后,数据获取方可以向区块链网络提交该凭证,以期通过该凭证获取相应的使用凭证(使用凭证可以被数据获取方用于向数据所有方请求使用目标数据)。在接收到数据获取方提交的凭证的情况下,区块链网络可以根据该凭证确定相应的数据使用信息,并再次执行数据管理合约以由该合约判断数据使用信息是否满足目标数据的使用规则,并在判断满足的情况下透出针对目标数据的使用凭证。通过该方式,数据获取方需要先向区块链网络提交数据获取信息以获取其透出的获取凭证,进而再向其提交该获取凭证以获取其透出的使用凭证——该使用凭证(或者所述获取凭证和使用凭证)即可被数据获取方用于提供至数据所有方以获得其协助。In one embodiment, when the data management contract determines that the data acquisition information satisfies the acquisition rules, the blockchain network can reveal the acquisition credentials for the target data to the data acquirer, which is used to indicate that the data acquisition information provided by the data acquirer has been verified by the data management contract for the acquisition rules. After receiving the acquisition credentials revealed by the blockchain network, the data acquirer can submit the credentials to the blockchain network in order to obtain the corresponding usage credentials through the credentials (the usage credentials can be used by the data acquirer to request the data owner to use the target data). In the case of receiving the credentials submitted by the data acquirer, the blockchain network can determine the corresponding data usage information based on the credentials, and execute the data management contract again to determine whether the data usage information meets the usage rules of the target data by the contract, and reveal the usage credentials for the target data if it is determined to be satisfied. In this way, the data acquirer needs to first submit the data acquisition information to the blockchain network to obtain the acquisition credentials revealed by it, and then submit the acquisition credentials to it to obtain the usage credentials revealed by it-the usage credentials (or the acquisition credentials and usage credentials) can be used by the data acquirer to provide to the data owner to obtain its assistance.

其中,数据获取方可以在接收到获取凭证之后立即提交该凭证以得到使用凭证,或者,也可以在接收到获取凭证之后(按照自身实际需求)的某些时刻提交获取凭证以得到使用凭证。可以理解的是,每提交一次获取凭证,即表明数据获取方具有重新获取目标数据的需求,而所述使用凭证中可以记录该凭证的有效性信息(如凭证有效期、最大使用次数等),以便准确限制数据获取方利用该凭证请求使用目标数据的行为,实现对目标数据授权过程的精细化控制。Among them, the data acquirer can submit the credential immediately after receiving the acquisition credential to obtain the usage credential, or can submit the acquisition credential at some time after receiving the acquisition credential (according to its actual needs) to obtain the usage credential. It can be understood that each submission of the acquisition credential indicates that the data acquirer has the need to re-acquire the target data, and the usage credential can record the validity information of the credential (such as the validity period of the credential, the maximum number of uses, etc.), so as to accurately limit the data acquirer's behavior of using the credential to request the use of the target data, and realize the refined control of the target data authorization process.

例如,在所述使用规则包括凭证有效期的情况下,所述数据使用信息可以包括(数据管理合约做出判断的)当前时刻,和/或,也可以包括获取凭证的接收时刻(即区块链网络接收数据获取方提交的所述获取凭证的时刻),相应的,若所述当前时刻所述获取凭证的接收时刻处于所述凭证有效期内,则数据管理合约可以判定所述数据使用信息满 足使用规则。其中,所述凭证有效期可以为时间区间,或者也可以为截止时刻。可见,该方式本质上是为获取凭证设置了“老化”机制,通过合理设置所述凭证有效期,可以实现对获取凭证“老化”的灵活控制,如可以控制数据获取方获取一次目标数据的获取凭证即可(通过该凭证)无限期任意使用该凭证(获取使用凭证);或者控制数据获取方仅能够在获取任一目标数据的获取凭证后的预设时间段内(如一小时、一天、一星期、一月等)任意使用该凭证,超出该时间段则获取凭证自动失效而无法使用。与此对应的,所述获取凭证中可以记录自身的凭证有效期,以便数据所有方据此判断凭证是否失效。For example, in the case where the usage rules include the validity period of the certificate, the data usage information may include the current time (when the data management contract makes a judgment), and/or, may also include the time when the certificate is received (i.e., the time when the blockchain network receives the certificate submitted by the data acquirer). Accordingly, if the current time is within the validity period of the certificate, the data management contract may determine that the data usage information is sufficient. Sufficient usage rules. Among them, the validity period of the credential can be a time interval, or it can also be a deadline. It can be seen that this method essentially sets an "aging" mechanism for the acquisition credential. By reasonably setting the validity period of the credential, flexible control of the "aging" of the acquisition credential can be achieved. For example, the data acquirer can be controlled to obtain the acquisition credential of the target data once and use the credential (obtain the usage credential) indefinitely (through the credential); or the data acquirer can only use the credential arbitrarily within a preset time period (such as one hour, one day, one week, one month, etc.) after obtaining the acquisition credential of any target data. If the time period is exceeded, the acquisition credential will automatically become invalid and cannot be used. Correspondingly, the acquisition credential can record its own credential validity period so that the data owner can judge whether the credential is invalid based on this.

再例如,在所述使用规则包括所述目标凭证的最大使用次数的情况下,所述数据使用信息可以包括区块链系统接收到所述数据获取方提交的所述使用凭证和所述数据获取信息的总次数,其中,接收到所述获取凭证的总次数为第一总次数,接收到数据获取方针对目标数据发起的数据获取信息(具体内容可能与前述数据获取信息相同或不同)的总次数为第二总次数。相应的,若所述第一总次数或者第二总次数小于所述最大使用次数,则数据管理合约可以判定所述数据使用信息满足使用规则。其中,所述最大使用次数可以包含在前述获取凭证中,而所述总次数可以由数据管理合约或者区块链网络查询该合约的执行记录得到。可见,通过所述第一总次数,本质上是设置了针对该获取凭证设置的“使用次数限制”机制,通过合理设置所述最大使用次数,可以实现对获取凭证“可使用次数”的灵活控制,如可以控制数据获取方获取一次目标数据的获取凭证即可(通过该凭证)无限次任意使用该凭证;或者控制数据获取方获取一次目标数据的获取凭证后,该凭证仅能够被使用不超出所述最大使用次数,达到该最大使用次数则获取凭证自动失效而无法再次使用。而通过所述第二次总次数,实际上是为所述数据获取方设置了针对目标数据的“授权次数限制”机制,使得数据获取方获取使用凭证的次数不超出所述最大使用次数,实现对获取凭证透出次数的精准限制。For another example, in the case where the usage rules include the maximum number of uses of the target credential, the data usage information may include the total number of times the blockchain system receives the usage credential and the data acquisition information submitted by the data acquirer, wherein the total number of times the acquisition credential is received is the first total number, and the total number of times the data acquisition information initiated by the data acquirer for the target data (the specific content may be the same or different from the aforementioned data acquisition information) is received is the second total number. Accordingly, if the first total number or the second total number is less than the maximum number of uses, the data management contract may determine that the data usage information satisfies the usage rules. Among them, the maximum number of uses may be included in the aforementioned acquisition credential, and the total number may be obtained by the data management contract or the blockchain network querying the execution record of the contract. It can be seen that the first total number of times is essentially a "number of uses limit" mechanism set for the acquisition credential. By reasonably setting the maximum number of uses, flexible control of the "number of times the acquisition credential can be used" can be achieved, such as controlling the data acquirer to obtain the acquisition credential of the target data once and then use the credential (through the credential) as many times as desired; or controlling the data acquirer to obtain the acquisition credential of the target data once, so that the credential can only be used within the maximum number of uses. When the maximum number of uses is reached, the acquisition credential automatically becomes invalid and cannot be used again. The second total number of times is actually a "number of authorizations limit" mechanism set for the target data by the data acquirer, so that the number of times the data acquirer obtains the use credential does not exceed the maximum number of uses, thereby achieving a precise limit on the number of times the acquisition credential is exposed.

又例如,在所述使用规则包括有效频次范围的情况下,所述数据使用信息可以包括所述区块链系统接收所述使用凭证或者所述数据获取信息的当前频次;其中,接收到所述获取凭证的频次为第一当前频次,接收到数据获取方针对目标数据发起的数据获取信息(具体内容可能与前述数据获取信息相同或不同)的频次为第二当前频次。相应的,若所述当前频次处于所述有效频次范围内,则数据管理合约可以判定所述数据使用信息满足使用规则。可见,通过上述第一当前频次,设置了针对该获取凭证设置的“使用频次限制”机制,可以实现对获取凭证“使用频次”的灵活控制;而通过上述第二频次,设置了针对目标数据的“授权频次限制”机制,使得数据获取方获取使用凭证的频次不超出所述有效频次范围,实现对获取凭证透出频率的精准限制,避免数据获取方过于频繁的获取使用凭证或使用目标数据。For another example, when the usage rules include a valid frequency range, the data usage information may include the current frequency of the blockchain system receiving the usage voucher or the data acquisition information; wherein, the frequency of receiving the acquisition voucher is the first current frequency, and the frequency of receiving the data acquisition information initiated by the data acquirer for the target data (the specific content may be the same or different from the aforementioned data acquisition information) is the second current frequency. Correspondingly, if the current frequency is within the valid frequency range, the data management contract can determine that the data usage information meets the usage rules. It can be seen that through the above-mentioned first current frequency, a "usage frequency limit" mechanism set for the acquisition voucher is set, which can realize flexible control of the "usage frequency" of the acquisition voucher; and through the above-mentioned second frequency, an "authorized frequency limit" mechanism for the target data is set, so that the frequency of the data acquirer obtaining the usage voucher does not exceed the valid frequency range, realizing accurate restrictions on the frequency of the acquisition voucher exposure, and avoiding the data acquirer from obtaining the usage voucher or using the target data too frequently.

在另一实施例中,在数据管理合约判定所述数据获取信息满足获取规则的情况下,区块链网络可以向所述数据获取方透出针对所述目标数据的获取凭证,该凭证用于表明数据获取方提供的数据获取信息已经通过数据管理合约对获取规则的验证。另外,区块链网络可以在接收到数据获取信息后根据该信息确定数据使用信息,和/或在透出获取凭证的情况下根据该凭证确定数据使用信息,并在执行数据管理合约的过程中由该合约判断数据使用信息是否满足使用规则,进而在判断满足的情况下透出针对目标数据的使用凭证。可见,所述区块链网络可以根据接收到的所述数据获取信息和/或透出的所述获取凭证,确定针对所述目标数据的数据使用信息。而数据获取方只需要提交一次数据获取信息(如发布一笔数据获取交易),即可得到区块链网络透出的获取凭证和使用凭证。In another embodiment, when the data management contract determines that the data acquisition information satisfies the acquisition rules, the blockchain network can reveal the acquisition credentials for the target data to the data acquirer, and the credentials are used to indicate that the data acquisition information provided by the data acquirer has passed the verification of the acquisition rules by the data management contract. In addition, the blockchain network can determine the data usage information based on the data acquisition information after receiving the data acquisition information, and/or determine the data usage information based on the credentials when the acquisition credentials are revealed, and in the process of executing the data management contract, the contract determines whether the data usage information satisfies the usage rules, and then reveals the usage credentials for the target data when it is judged to be satisfied. It can be seen that the blockchain network can determine the data usage information for the target data based on the received data acquisition information and/or the revealed acquisition credentials. The data acquirer only needs to submit the data acquisition information once (such as issuing a data acquisition transaction) to obtain the acquisition credentials and usage credentials revealed by the blockchain network.

在又一实施例中,区块链网络可以在接收到数据获取方提交的数据获取信息后即确定相应的数据使用信息,此后,可以执行数据管理合约以由该合约判断数据获取信息是否满足获取规则、数据使用信息是否满足使用规则,若均满足,则透出综合凭证。其中,也可以根据数据获取信息确定一部分数据使用信息,并在判定数据获取信息满足获取规则的情况下确定获取凭证的内容(而无需生成获取凭证),进而根据该内容确定另一部分数据使用信息,进而由数据管理合约判断上述两部分数据使用信息是否满足使用规则,并在判定满足的情况下透出综合凭证,该凭证中可以包含前述(并未实际生成的)获取凭证的内容。可见,所述区块链网络可以根据接收到的所述数据获取信息和/或透出的所述获取凭证,确定针对所述目标数据的数据使用信息。而数据获取方只需要提交一次数据获取信息(如发布一笔数据获取交易),即可得到区块链网络透出的综合凭证。In another embodiment, the blockchain network can determine the corresponding data usage information after receiving the data acquisition information submitted by the data acquirer. Thereafter, the data management contract can be executed to determine whether the data acquisition information satisfies the acquisition rules and whether the data usage information satisfies the usage rules. If both are satisfied, the comprehensive certificate is revealed. Among them, a part of the data usage information can also be determined according to the data acquisition information, and the content of the acquisition certificate is determined when the data acquisition information satisfies the acquisition rules (without generating the acquisition certificate), and then the other part of the data usage information is determined according to the content, and then the data management contract determines whether the above two parts of the data usage information meet the usage rules, and when it is determined that they meet, the comprehensive certificate is revealed, and the certificate can contain the content of the aforementioned (not actually generated) acquisition certificate. It can be seen that the blockchain network can determine the data usage information for the target data according to the received data acquisition information and/or the revealed acquisition certificate. The data acquirer only needs to submit the data acquisition information once (such as issuing a data acquisition transaction) to obtain the comprehensive certificate revealed by the blockchain network.

示例性的,在数据获取方为U1的情况下,任一目标数据Di的使用规则可以为{Di,U1,隐私求交,expired=600s,limit=2,frequency=120s/次,…}。其中,“expired=600s” 表示凭证有效期为600s(即10分钟),“limit=2”表示凭证的最大使用次数为2次,“frequency=200s/次”表示凭证连续两次提交间隔时长应不小于120s,即最快可以2分钟请求使用一次目标数据Di。For example, when the data acquirer is U1, the usage rule of any target data Di can be {Di, U1, privacy intersection, expired = 600s, limit = 2, frequency = 120s/time, ...}. Among them, "expired = 600s" It indicates that the validity period of the certificate is 600s (i.e. 10 minutes), "limit=2" indicates that the maximum number of times the certificate can be used is 2 times, and "frequency=200s/time" indicates that the interval between two consecutive submissions of the certificate should be no less than 120s, that is, the target data Di can be requested to be used once every 2 minutes at the fastest.

另外,区块链系统可以使用密钥(数据所有方和数据获取方预先协商的对称密钥,或者数据获取方的公钥等)对凭证信息进行加密,并向数据获取方透出加密后凭证信息;相应的,持有解密所需密钥(所述对称密钥,或者数据获取方的私钥等)的数据获取方可以对加密后凭证信息进行读取和解密、得到明文的凭证信息,而无关用户则无法对加密后凭证信息进行解密,从而既可以确保数据获取方获得凭证信息,又可以避免凭证信息以明文形式记入记在链上时被无关人员获得,即避免凭证信息发生外泄,保障了数据所有方的权益。In addition, the blockchain system can use a key (a symmetric key pre-negotiated by the data owner and the data acquirer, or the public key of the data acquirer, etc.) to encrypt the credential information and transmit the encrypted credential information to the data acquirer; accordingly, the data acquirer holding the key required for decryption (the symmetric key, or the private key of the data acquirer, etc.) can read and decrypt the encrypted credential information to obtain the plaintext credential information, while unrelated users cannot decrypt the encrypted credential information, thereby ensuring that the data acquirer obtains the credential information and preventing the credential information from being obtained by unrelated personnel when it is recorded in plaintext on the chain, that is, preventing the leakage of credential information and protecting the rights and interests of the data owner.

在获取到区块链网络透出的凭证信息后,数据获取方可以将该信息提供至数据所有方;相应的,数据所有方可以按照该信息的指示,协助所述数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。After obtaining the credential information transmitted by the blockchain network, the data acquirer can provide the information to the data owner; accordingly, the data owner can assist the data acquirer in obtaining the target data and/or the calculation results obtained after performing preset calculations on the target data in accordance with the instructions of the information.

在一实施例中,数据获取方可以向数据所有方发起包含所述凭证信息的数据获取请求,而数据所有方可以响应于该请求确定相应的目标数据,并将该数据直接返回至数据获取方供其使用。或者也可以响应于该请求对目标数据进行预设运算,并将相应的运算结果返回至数据获取方。显然,相对于向数据获取方直接提供目标数据,数据所有方对目标数据进行预设运算并向数据获取方提供相应的运算结果的方式,当目标数据经由上述的预设运算得到相应的运算结果时,如果数据获取方无法由运算结果反推出目标数据的取值,就可以在满足数据获取方的数据获取需求的情况下对目标数据的公开程度进行限制,避免数据获取方直接获得目标数据本身,防止数据获取方对该目标数据造成外泄而侵犯数据所有方的权益,确保目标数据始终仅由数据所有方持有,提升目标数据的安全性。In one embodiment, the data acquirer may initiate a data acquisition request including the credential information to the data owner, and the data owner may determine the corresponding target data in response to the request and return the data directly to the data acquirer for use. Alternatively, the data owner may perform a preset operation on the target data in response to the request and return the corresponding operation result to the data acquirer. Obviously, compared with directly providing the target data to the data acquirer, the data owner performs a preset operation on the target data and provides the corresponding operation result to the data acquirer. When the target data obtains the corresponding operation result through the above-mentioned preset operation, if the data acquirer cannot infer the value of the target data from the operation result, the disclosure of the target data can be limited while meeting the data acquisition needs of the data acquirer, so as to avoid the data acquirer from directly obtaining the target data itself, prevent the data acquirer from leaking the target data and infringing the rights and interests of the data owner, ensure that the target data is always held only by the data owner, and improve the security of the target data.

针对目标数据进行的预设运算应当满足数据获取方针对目标数据的运算需求。在一实施例中,所述预设运算可以包括所述数据所有方和数据获取方共同参与的多方运算。此时,服务端数据获取方仅能够获得所述多方运算的运算结果,而无法获取所述目标数据本身,不仅提升了目标数据本身的数据安全性,也有助于减轻数据获取方对目标数据的使用负担并提升使用效率。The preset operation performed on the target data should meet the data acquisition party's operation requirements for the target data. In one embodiment, the preset operation may include a multi-party operation jointly participated by the data owner and the data acquisition party. In this case, the server-side data acquisition party can only obtain the operation results of the multi-party operation, but cannot obtain the target data itself, which not only improves the data security of the target data itself, but also helps to reduce the data acquisition party's use burden on the target data and improve the use efficiency.

其中,所述预设运算的运算规则可以被预定义于所述数据管理合约中,如作为前述获取规则中算法列表的一部分;或者也可以(由数据获取方)与前述数据获取信息一并提交至区块链系统并传入所述数据管理合约,如该运算规则和所述数据获取信息可以包含在前述数据获取交易中向区块链系统发起;再或者还可以(由数据获取方)与所述凭证信息一并提供至数据所有方,如该运算规则和所述凭证信息可以包含在前述数据获取请求中向数据所有方发起,不再赘述。数据获取方可以根据实际情况灵活选取上述方式向数据所有方指定针对目标数据的运算规则,以便指示数据所有方采用何种算法对目标数据进行加工处理。Among them, the operation rules of the preset operation can be predefined in the data management contract, such as as part of the algorithm list in the aforementioned acquisition rules; or it can also be submitted to the blockchain system together with the aforementioned data acquisition information (by the data acquirer) and transmitted to the data management contract, such as the operation rules and the data acquisition information can be included in the aforementioned data acquisition transaction to initiate to the blockchain system; or it can also be provided to the data owner together with the credential information (by the data acquirer), such as the operation rules and the credential information can be included in the aforementioned data acquisition request to initiate to the data owner, which will not be repeated. The data acquirer can flexibly select the above method to specify the operation rules for the target data to the data owner according to the actual situation, so as to instruct the data owner which algorithm to use to process the target data.

另外,数据所有方持有的各个可授权数据之间,可以存在不同的隐私级别;相应地,不同隐私级别的数据可以具有差异化的处理方式。例如,数据所有方可以分别持有隐私级别相对较低的可授权数据和隐私级别相对较高的可授权数据,即低隐私级别的可授权数据和高隐私级别的可授权数据。相应地,当目标数据属于低隐私级别时,该目标数据可以被提供至数据获取方,即数据所有方不关注低隐私级别的数据是否会发生外泄;而当目标数据属于高隐私级别时,目标数据需要被执行预设运算,以使相应的运算结果被提供至数据获取方,以确保高隐私级别的数据不会发生外泄。如果目标数据同时包含低隐私级别和高隐私级别的可授权数据时,可以将低隐私级别的目标数据直接提供至数据获取方、并将高隐私级别的目标数据经由预设运算后将运算结果提供至数据获取方;或者,尤其是在数据获取方已经在前述数据获取交易或者数据获取请求中指明所需采用的预设运算的运算规则的情况下,可以将所有目标数据一并实施预设运算后,将运算结果提供至数据获取方。In addition, there may be different privacy levels between the various authorizable data held by the data owner; accordingly, data of different privacy levels may have differentiated processing methods. For example, the data owner may hold authorizable data with a relatively low privacy level and authorizable data with a relatively high privacy level, that is, authorizable data with a low privacy level and authorizable data with a high privacy level. Accordingly, when the target data belongs to a low privacy level, the target data can be provided to the data acquisition party, that is, the data owner does not care whether the data with a low privacy level will be leaked; and when the target data belongs to a high privacy level, the target data needs to be subjected to a preset operation so that the corresponding operation result is provided to the data acquisition party to ensure that the data with a high privacy level will not be leaked. If the target data contains authorizable data with a low privacy level and a high privacy level at the same time, the target data with a low privacy level can be directly provided to the data acquisition party, and the target data with a high privacy level can be provided to the data acquisition party after the operation result after the preset operation; or, especially when the data acquisition party has specified the operation rules of the preset operation to be adopted in the aforementioned data acquisition transaction or data acquisition request, all target data can be subjected to the preset operation together, and the operation result can be provided to the data acquisition party.

在接收到数据获取方提供的凭证信息的情况下,为了避免数据获取方可能存在的篡改凭证等欺骗行为可能引发的数据授权及价值损失,数据所有方也可以对其接收到的凭证信息的真实性进行验证。例如,在所述凭证信息或数据获取请求中携带有前述数据获取交易的相关信息(如交易哈希和交易所在区块的区块高度等)或者数据管理合约的相 关信息(如合约地址等)的情况下,数据所有方可以向区块链系统请求按照上述相关信息查询相应的凭证信息,并进一步确定自身接收到的(数据获取方提交的)凭证信息与查询到的凭证信息是否一致:若二者一致,即表明接收到的凭证信息未遭到篡改,说明数据获取方提供的是其接收到的真实凭证信息;反之,若二者不一致,即说明数据获取方提供的并非其接收到的真实凭证信息。其中,上述查询过程可以通过SPV(Simplified Payment Verification,简单支付验证)技术实现;或者,数据所有方也可以按照上述区块高度从区块链系统处获取完整区块,并从中查询执行数据管理合约生成的相应凭证信息,不再赘述。In the case of receiving the credential information provided by the data acquirer, in order to avoid the data authorization and value loss caused by the possible fraudulent behavior of the data acquirer such as tampering with the credentials, the data owner can also verify the authenticity of the credential information it receives. For example, the credential information or data acquisition request carries the relevant information of the aforementioned data acquisition transaction (such as the transaction hash and the block height of the transaction block, etc.) or the relevant information of the data management contract. In the case of relevant information (such as contract address, etc.), the data owner can request the blockchain system to query the corresponding credential information according to the above relevant information, and further determine whether the credential information received by itself (submitted by the data acquirer) is consistent with the credential information queried: if the two are consistent, it means that the received credential information has not been tampered with, indicating that the data acquirer provides the real credential information it received; conversely, if the two are inconsistent, it means that the data acquirer does not provide the real credential information it received. Among them, the above query process can be implemented through SPV (Simplified Payment Verification) technology; or, the data owner can also obtain the complete block from the blockchain system according to the above block height, and query the corresponding credential information generated by executing the data management contract from it, which will not be repeated.

再例如,也可以通过验签的方式验证数据获取方提供的凭证信息的真实性。如所述区块链系统在向所述数据获取方透出针对所述目标数据的凭证信息时,可以同时透出通过所述数据所有方的公钥对所述凭证信息作出的签名;相应的,数据获取方在接收到数据获取方提供的所述凭证信息及其签名后,可以使用自身私钥进行验签,并在验证通过的情况下,再协助所述数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。换言之,所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果,可以被所述数据所有方在对所述签名验证通过的情况下协助所述数据获取方获得,即数据所有方可以将对凭证信息验签通过作为协助数据获取方的前提条件,从而在数据获取方提供虚假凭证信息的情况下,有效避免协助其获取所述目标数据和/或运算结果,提升对目标数据授权的准确性和可靠性。For another example, the authenticity of the credential information provided by the data acquirer can also be verified by means of signature verification. For example, when the blockchain system transmits the credential information for the target data to the data acquirer, it can also transmit the signature made on the credential information by the public key of the data owner; accordingly, after receiving the credential information and its signature provided by the data acquirer, the data acquirer can use its own private key to verify the signature, and if the verification is passed, then assist the data acquirer in obtaining the target data and/or the calculation result obtained after performing the preset calculation on the target data. In other words, the target data and/or the calculation result obtained after performing the preset calculation on the target data can be assisted by the data owner to obtain the target data when the signature verification is passed, that is, the data owner can use the verification of the credential information as a prerequisite for assisting the data acquirer, so as to effectively avoid assisting the data acquirer in obtaining the target data and/or the calculation result when the data acquirer provides false credential information, thereby improving the accuracy and reliability of the authorization of the target data.

可以理解的是,通过前述方式透出的凭证信息可以用于证明数据获取方符合获取目标数据的条件,而在获取到的该凭证信息之后,数据获取方即可利用该凭证获取目标数据和/或计算结果。对此,还可以通过目标数据的使用规则,对数据所有方协助数据获取方从获取目标数据和/或计算结果的具体过程做出进一步的限制。It is understandable that the credential information disclosed in the above manner can be used to prove that the data acquirer meets the conditions for acquiring the target data, and after obtaining the credential information, the data acquirer can use the credential to acquire the target data and/or calculation results. In this regard, further restrictions can be placed on the specific process of the data owner assisting the data acquirer in acquiring the target data and/or calculation results through the target data usage rules.

另外,在协助数据获取方获得目标数据时,若目标数据被保存在数据所有方本地,则可以直接向数据获取方返回该数据;或者,若目标数据由预设的托管方所维护,则可以指示所述托管方向数据获取方返回该数据。而在协助数据获取方获得对目标数据执行预设运算后得到的运算结果时,若目标数据被保存在本地,则数据所有方可以利用所述目标数据参与所述预设运算,并将运算结果返回至数据获取方;也可以调用可信的相关方利用所述目标数据参与所述预设运算,并由该相关方将运算结果直接返回至数据获取方,或者由该相关方将运算结果反馈至数据所有方,并由数据所有方返回至数据获取方,以避免向数据获取方透露直接参与预设运算的相关方。类似的,若目标数据由预设的托管方所维护,则可以从所述托管方处获取目标数据并执行预设运算,进而将运算结果返回至数据获取方;也可以指示所述托管方利用所述目标数据参与所述预设运算,并由该托管方将运算结果直接返回至数据获取方,或者由该托管方将运算结果反馈至数据所有方,并由数据所有方返回至数据获取方,以避免向数据获取方透露直接维护目标数据的托管方。上述多种协助方式可以根据实际需求灵活选取,本说明书并不对此进行限制。In addition, when assisting the data acquirer to obtain the target data, if the target data is stored locally on the data owner, the data can be directly returned to the data acquirer; or, if the target data is maintained by a preset trustee, the trustee can be instructed to return the data to the data acquirer. When assisting the data acquirer to obtain the calculation result obtained after performing a preset calculation on the target data, if the target data is stored locally, the data owner can use the target data to participate in the preset calculation and return the calculation result to the data acquirer; or a trusted related party can be called to use the target data to participate in the preset calculation, and the related party will return the calculation result directly to the data acquirer, or the related party will feed back the calculation result to the data owner, and the data owner will return it to the data acquirer, so as to avoid revealing the related parties directly involved in the preset calculation to the data acquirer. Similarly, if the target data is maintained by a preset trustee, the target data can be obtained from the trustee and a preset operation can be performed, and the operation result can be returned to the data acquirer; the trustee can also be instructed to use the target data to participate in the preset operation, and the trustee returns the operation result directly to the data acquirer, or the trustee feeds back the operation result to the data owner, and the data owner returns it to the data acquirer, so as to avoid revealing the trustee who directly maintains the target data to the data acquirer. The above-mentioned multiple assistance methods can be flexibly selected according to actual needs, and this specification does not limit this.

进一步的,在通过所述凭证信息获得目标数据后,数据获取方可以直接对该数据本身进行加工处理;而在获得对所述目标数据进行预设运算得到的运算结果后,数据获取方可以对该运算结果进行进一步的加工处理。至于数据获取方针对获得的目标数据或运算结果进行加工处理的方式,本说明书并不进行限制。Furthermore, after obtaining the target data through the credential information, the data acquirer can directly process the data itself; and after obtaining the operation result obtained by performing a preset operation on the target data, the data acquirer can further process the operation result. As for the way in which the data acquirer processes the obtained target data or the operation result, this specification does not limit it.

至此,对前述数据管理方案介绍完毕,下面结合图4对数据管理方法的主要步骤进行简要、直观的介绍。如图4所示,所述数据管理方法包括步骤402-410。At this point, the introduction to the aforementioned data management solution is complete, and the main steps of the data management method are briefly and intuitively introduced below in conjunction with Figure 4. As shown in Figure 4, the data management method includes steps 402-410.

步骤402,数据所有方在区块链系统中部署的数据管理合约内配置包括目标数据在内的可授权数据的相关规则。In step 402, the data owner configures relevant rules for authorizable data including target data in the data management contract deployed in the blockchain system.

其中,数据所有方可以在部署数据管理合约的过程中配置所述相关规则;或者,也可以在预先部署的数据管理合约中新增或更新该获取规则。对于任一可授权数据而言,被配置的所述相关规则包括获取规则和/或使用规则。The data owner can configure the relevant rules in the process of deploying the data management contract, or can add or update the acquisition rules in the pre-deployed data management contract. For any authorizable data, the configured relevant rules include acquisition rules and/or usage rules.

步骤404,数据获取方向区块链系统提交信息。Step 404: The data acquisition direction submits information to the blockchain system.

步骤406,区块链网络向数据获取方透出凭证信息。Step 406: The blockchain network reveals the credential information to the data acquirer.

其中,步骤404-406存在多种实现方式,下面分别说明。There are multiple implementations of steps 404-406, which are described below.

实现方式A:步骤404a-1,数据获取方向区块链系统提交针对目标数据的数据获取 信息。Implementation A: Step 404a-1, the data acquisition direction submits data acquisition for the target data to the blockchain system information.

例如,数据获取方可以先从链上获取并查看所述获取规则,并在初步判断自身条件(即自身能够提供的数据获取信息)满足该规则的情况下,向区块链系统提交与该规则对应的数据获取信息,以提升授权概率和处理效率。For example, the data acquirer can first obtain and view the acquisition rules from the chain, and when it preliminarily determines that its own conditions (i.e., the data acquisition information it can provide) meet the rules, submit the data acquisition information corresponding to the rules to the blockchain system to improve the authorization probability and processing efficiency.

其中,数据获取方可以直接或间接(通过发起数据获取请求的方式)向区块链系统发起包含数据获取信息的数据获取交易,区块链系统在执行该交易过程中进一步执行该交易所调用的数据管理合约,以由该合约判断数据获取方提交的数据获取信息是否满足合约中记录的获取规则。Among them, the data acquirer can directly or indirectly (by initiating a data acquisition request) initiate a data acquisition transaction containing data acquisition information to the blockchain system. During the execution of the transaction, the blockchain system further executes the data management contract called by the transaction, so that the contract can determine whether the data acquisition information submitted by the data acquirer meets the acquisition rules recorded in the contract.

步骤406a-1,区块链网络向数据获取方透出获取凭证。Step 406a-1, the blockchain network transmits the acquisition certificate to the data acquirer.

在数据管理合约判定数据获取信息满足获取规则的情况下,区块链网络向数据获取方透出获取凭证。When the data management contract determines that the data acquisition information meets the acquisition rules, the blockchain network will provide the data acquirer with the acquisition credentials.

步骤404a-2,数据获取方向区块链系统提交获取凭证。Step 404a-2: The data acquirer submits the acquisition certificate to the blockchain system.

在接收到获取凭证后,数据获取方可以在适当时刻提交该凭证,提交方式与上述数据获取信息提交方式类似,不再赘述。接收到获取凭证后,区块链网络可以确定相应的数据使用信息,并执行数据管理合约以由该合约判断该信息是否满足使用规则。After receiving the acquisition certificate, the data acquirer can submit the certificate at an appropriate time. The submission method is similar to the above data acquisition information submission method and will not be repeated here. After receiving the acquisition certificate, the blockchain network can determine the corresponding data usage information and execute the data management contract to determine whether the information meets the usage rules.

步骤406a-2,区块链网络向数据获取方透出使用凭证。Step 406a-2, the blockchain network transmits the usage certificate to the data acquirer.

在数据管理合约判定数据使用信息满足使用规则的情况下,区块链网络向数据获取方透出使用凭证。When the data management contract determines that the data usage information meets the usage rules, the blockchain network will provide the data acquirer with the usage certificate.

实现方式B:步骤404b,数据获取方向区块链系统提交针对目标数据的数据获取信息。Implementation method B: Step 404b, the data acquisition direction submits data acquisition information for the target data to the blockchain system.

区块链网络可以在接收到数据获取信息后,根据该信息确定相应的数据使用信息。After receiving the data acquisition information, the blockchain network can determine the corresponding data usage information based on the information.

步骤406b-1,区块链网络向数据获取方透出获取凭证。Step 406b-1, the blockchain network transmits the acquisition certificate to the data acquirer.

在数据管理合约判定数据获取信息满足获取规则的情况下,区块链网络向数据获取方透出获取凭证。另外,区块链网络也可以在生成或透出获取凭证后,根据该凭证确定相应的数据使用信息。When the data management contract determines that the data acquisition information meets the acquisition rules, the blockchain network will provide the data acquirer with the acquisition certificate. In addition, the blockchain network can also determine the corresponding data usage information based on the certificate after generating or providing the acquisition certificate.

步骤406b-2,区块链网络向数据获取方透出使用凭证。Step 406b-2: The blockchain network transmits the usage certificate to the data acquirer.

根据确定出的数据使用信息执行数据管理合约,由该合约判断该信息是否满足使用规则,并满足的情况下透出使用凭证。The data management contract is executed based on the determined data usage information. The contract determines whether the information meets the usage rules and, if so, reveals the usage credentials.

其中,上述步骤406b-1和步骤406b-2也可以合并为一个步骤406b,即区块链网络将获取凭证和使用凭证一并透出至数据获取方,以减少二者的交互次数。Among them, the above steps 406b-1 and 406b-2 can also be combined into one step 406b, that is, the blockchain network transmits the acquisition certificate and the usage certificate to the data acquirer together to reduce the number of interactions between the two.

实现方式C:步骤404c,数据获取方向区块链系统提交针对目标数据的数据获取信息。Implementation method C: Step 404c, the data acquisition direction submits data acquisition information for the target data to the blockchain system.

区块链网络可以在接收到数据获取信息后,根据该信息确定相应的数据使用信息,如当前接收频次、当前总次数、接收时刻等。After receiving the data acquisition information, the blockchain network can determine the corresponding data usage information based on the information, such as the current receiving frequency, the current total number of times, the receiving time, etc.

步骤406c,区块链网络向数据获取方透出获取凭证。In step 406c, the blockchain network transmits the acquisition certificate to the data acquirer.

在数据管理合约判定数据获取信息满足获取规则的情况下,确定获取凭证的(应当包含的)内容(但并不生成或透出该凭证),如目标数据的数据标识、数据获取方的标识、数据获取方声明的算法列表、凭证有效期等。另外,区块链网络也可以在确定获取凭证的上述内容后,根据该凭证确定相应的数据使用信息,如获取凭证的上述内容等。When the data management contract determines that the data acquisition information meets the acquisition rules, the content (which should be included) of the acquisition certificate is determined (but the certificate is not generated or disclosed), such as the data identifier of the target data, the identifier of the data acquirer, the algorithm list declared by the data acquirer, the validity period of the certificate, etc. In addition, after determining the above content of the acquisition certificate, the blockchain network can also determine the corresponding data usage information based on the certificate, such as the above content of the acquisition certificate.

根据确定出的数据使用信息执行数据管理合约,由该合约判断该信息是否满足使用规则,并满足的情况下透出综合凭证,该凭证即包含(并未实际生成的)获取凭证的上述内容。The data management contract is executed based on the determined data usage information. The contract determines whether the information meets the usage rules and, if so, reveals the comprehensive certificate, which includes the above-mentioned content of the acquisition certificate (not actually generated).

步骤408,数据获取方将接收到的上述凭证信息提供至数据所有方(如向数据所有方发起包含所述获取凭证的数据获取请求),以向数据所有方请求使用目标数据。In step 408, the data acquirer provides the received credential information to the data owner (eg, initiates a data acquisition request including the acquisition credential to the data owner) to request the data owner to use the target data.

步骤410,数据所有方协助数据获取方获得目标数据和/或针对目标数据进行预设运 算后的运算结果。Step 410: The data owner assists the data acquirer in obtaining the target data and/or performs a preset operation on the target data. The result of the calculation.

数据所有方可以验证所述获取凭证的真实性及其是否同时满足使用规则,并在验证通过后协助数据获取方获得所述目标数据和/或运算结果。当然,在验证不通过的情况下,应当避免协助数据获取方获得所述目标数据和/或运算结果,另外可以向数据获取方返回失败提醒消息,以便及时告知数据获取方获取所述目标数据和/或运算结果失败。The data owner can verify the authenticity of the acquisition credentials and whether they meet the usage rules at the same time, and assist the data acquirer in obtaining the target data and/or operation results after the verification is passed. Of course, if the verification fails, the data acquirer should avoid assisting the data acquirer in obtaining the target data and/or operation results. In addition, a failure reminder message can be returned to the data acquirer to promptly inform the data acquirer of the failure to obtain the target data and/or operation results.

对应于前述实施例,本说明书还提出一种数据管理系统,该系统包括区块链系统、数据所有方和数据获取方,所述区块链系统中部署的数据管理合约记录有目标数据的获取规则和使用规则,所述目标数据归属于所述数据所有方,其中,所述数据获取方,用于向所述区块链系统提交针对所述目标数据的数据获取信息;所述区块链系统,用于执行所述数据管理合约,所述数据管理合约用于判断所述数据获取信息是否满足所述获取规则;确定针对所述目标数据的数据使用信息并执行所述数据管理合约,所述数据管理合约用于判断所述数据使用信息是否满足所述使用规则;以及,在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出针对所述目标数据的凭证信息;所述数据所有方,用于在接收到所述数据获取方提供的所述凭证信息的情况下,协助所述数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。Corresponding to the aforementioned embodiment, the present specification also proposes a data management system, which includes a blockchain system, a data owner and a data acquirer, wherein the data management contract deployed in the blockchain system records the acquisition rules and usage rules of the target data, and the target data belongs to the data owner, wherein the data acquirer is used to submit data acquisition information for the target data to the blockchain system; the blockchain system is used to execute the data management contract, and the data management contract is used to determine whether the data acquisition information satisfies the acquisition rules; determine data usage information for the target data and execute the data management contract, and the data management contract is used to determine whether the data usage information satisfies the usage rules; and, when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, the credential information for the target data is disclosed to the data acquirer; the data owner is used to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data when receiving the credential information provided by the data acquirer.

图5是一示例性实施例提供的一种设备的示意结构图。请参考图5,在硬件层面,该设备包括处理器502、内部总线504、网络接口506、内存508以及非易失性存储器510,当然还可能包括其他功能所需要的硬件。本说明书一个或多个实施例可以基于软件方式来实现,比如由处理器502从非易失性存储器510中读取对应的计算机程序到内存508中然后运行。当然,除了软件实现方式之外,本说明书一个或多个实施例并不排除其他实现方式,比如逻辑器件抑或软硬件结合的方式等等,也就是说以下处理流程的执行主体并不限定于各个逻辑单元,也可以是硬件或逻辑器件。FIG5 is a schematic structural diagram of a device provided by an exemplary embodiment. Please refer to FIG5. At the hardware level, the device includes a processor 502, an internal bus 504, a network interface 506, a memory 508, and a non-volatile memory 510, and may also include hardware required for other functions. One or more embodiments of this specification may be implemented based on software, such as the processor 502 reading the corresponding computer program from the non-volatile memory 510 into the memory 508 and then running it. Of course, in addition to the software implementation, one or more embodiments of this specification do not exclude other implementations, such as logic devices or a combination of software and hardware, etc., that is, the execution subject of the following processing flow is not limited to each logic unit, but may also be hardware or logic devices.

如图6所示,图6是本说明书根据一示例性实施例提供的一种数据管理装置的框图,该装置可以应用于如图5所示的设备中,以实现本说明书的技术方案。As shown in FIG. 6 , FIG. 6 is a block diagram of a data management device provided in this specification according to an exemplary embodiment. The device can be applied to the device shown in FIG. 5 to implement the technical solution of this specification.

所述数据管理装置应用于数据管理系统中的区块链系统,所述数据管理系统还包括数据所有方和数据获取方,所述区块链系统中部署的数据管理合约记录有目标数据的获取规则和使用规则,所述目标数据归属于所述数据所有方,所述装置包括:第一执行单元601,用于响应于接收到所述数据获取方提交的针对所述目标数据的数据获取信息,执行所述数据管理合约,所述数据管理合约用于判断所述数据获取信息是否满足所述获取规则;第二执行单元602,用于确定针对所述目标数据的数据使用信息并执行所述数据管理合约,所述数据管理合约用于判断所述数据使用信息是否满足所述使用规则;凭证透出单元603,用于在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出针对所述目标数据的凭证信息,所述凭证信息用于指示所述数据所有方协助所述数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。The data management device is applied to a blockchain system in a data management system, the data management system also includes a data owner and a data acquirer, the data management contract deployed in the blockchain system records the acquisition rules and usage rules of the target data, the target data belongs to the data owner, and the device includes: a first execution unit 601, which is used to execute the data management contract in response to receiving data acquisition information for the target data submitted by the data acquirer, and the data management contract is used to determine whether the data acquisition information meets the acquisition rules; a second execution unit 602, which is used to determine the data usage information for the target data and execute the data management contract, and the data management contract is used to determine whether the data usage information meets the usage rules; a credential transmission unit 603, which is used to transmit the credential information for the target data to the data acquirer when the data acquisition information meets the acquisition rules and/or the data usage information meets the usage rules, and the credential information is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data.

可选的,在所述数据获取信息满足所述获取规则的情况下,透出的所述凭证信息包括获取凭证;所述第二执行单元602具体用于:根据接收到的所述数据获取方提交的所述获取凭证,确定针对所述目标数据的数据使用信息;或者,根据接收到的所述数据获取信息和/或透出的所述获取凭证,确定针对所述目标数据的数据使用信息;其中,在所述数据使用信息满足所述使用规则的情况下,透出的所述凭证信息包括使用凭证。Optionally, when the data acquisition information satisfies the acquisition rules, the transmitted credential information includes the acquisition credentials; the second execution unit 602 is specifically used to: determine the data usage information for the target data based on the received acquisition credentials submitted by the data acquirer; or, determine the data usage information for the target data based on the received data acquisition information and/or the transmitted acquisition credentials; wherein, when the data usage information satisfies the usage rules, the transmitted credential information includes the usage credentials.

可选的,所述第二执行单元602具体用于:根据接收到的所述数据获取信息,确定针对所述目标数据的数据使用信息;所述凭证透出单元603具体用于:在所述数据获取信息满足所述获取规则且所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出综合凭证。Optionally, the second execution unit 602 is specifically used to: determine data usage information for the target data based on the received data acquisition information; the credential transmission unit 603 is specifically used to: transmit a comprehensive credential to the data acquisition party when the data acquisition information satisfies the acquisition rules and the data usage information satisfies the usage rules.

可选的,所述数据使用信息满足所述使用规则,包括下述至少之一:在所述使用规则包括凭证有效期、所述数据使用信息包括当前时刻、所述数据获取信息的接收时刻所述获取凭证的接收时刻的情况下,所述当前时刻、所述数据获取信息的接收时刻所述获取凭证的接收时刻处于所述凭证有效期内;在所述使用规则包括所述目标凭证的最大使用次数、所述数据使用信息包括区块链系统接收到所述数据获取方提交的所述使用凭证或者所述数据获取信息的总次数的情况下,所述总次数小于所述最大使用次数;在所述使用规则包括有效频次范围、所述数据使用信息包括所述区块链系统接收所述使用凭证 或者所述数据获取信息的当前频次的情况下,所述当前频次处于所述有效频次范围内。Optionally, the data usage information satisfies the usage rules, including at least one of the following: when the usage rules include the validity period of the credential, the data usage information includes the current time, the time of receiving the data acquisition information, and the time of receiving the acquisition credential, the current time, the time of receiving the data acquisition information, and the time of receiving the acquisition credential are within the validity period of the credential; when the usage rules include the maximum number of uses of the target credential, and the data usage information includes the total number of times the blockchain system receives the usage credential or the data acquisition information submitted by the data acquirer, the total number of times is less than the maximum number of uses; when the usage rules include the effective frequency range, and the data usage information includes the number of times the blockchain system receives the usage credential Or in the case of the current frequency of the data acquisition information, the current frequency is within the valid frequency range.

可选的,所述获取规则包括算法列表,所述数据获取信息满足所述获取规则,包括:所述数据获取信息中的目标算法被记录在所述算法列表中,其中,所述数据获取方用于通过所述目标算法加工获得的所述目标数据,和/或,所述目标算法被用于执行所述预设运算。Optionally, the acquisition rules include an algorithm list, and the data acquisition information satisfies the acquisition rules, including: the target algorithm in the data acquisition information is recorded in the algorithm list, wherein the data acquisition party is used to obtain the target data through processing by the target algorithm, and/or the target algorithm is used to perform the preset operation.

可选的,所述预设运算包括所述数据所有方和所述数据获取方共同参与的多方运算。Optionally, the preset operation includes a multi-party operation in which the data owner and the data acquirer jointly participate.

可选的,所述获取规则包括信用评分范围,所述数据获取信息包括所述数据获取方在预设平台的信用评分,所述数据获取信息满足所述获取规则,包括:所述数据获取方在预设平台的信用评分属于所述信用评分范围。Optionally, the acquisition rule includes a credit score range, the data acquisition information includes the credit score of the data acquirer on a preset platform, and the data acquisition information satisfies the acquisition rule, including: the credit score of the data acquirer on the preset platform falls within the credit score range.

可选的,所述凭证透出单元603具体用于:将所述凭证信息写入所述数据管理合约产生的收据所记录的数据获取事件中,所述数据获取方具有针对所述收据的监听权限;或者,将所述凭证信息写入所述数据管理合约的合约账户中,所述数据获取方具有针对所述合约账户的查询权限。Optionally, the credential transmission unit 603 is specifically used to: write the credential information into the data acquisition event recorded by the receipt generated by the data management contract, and the data acquisition party has the right to monitor the receipt; or, write the credential information into the contract account of the data management contract, and the data acquisition party has the right to query the contract account.

可选的,所述凭证透出单元603具体用于:向所述数据获取方透出针对所述目标数据的凭证信息以及通过所述数据所有方的公钥对所述凭证信息作出的签名,所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果被所述数据所有方在对所述签名验证通过的情况下协助所述数据获取方获得。Optionally, the credential disclosure unit 603 is specifically used to: disclose the credential information for the target data and the signature of the credential information made with the public key of the data owner to the data acquisition party, and the target data and/or the operation result obtained after performing a preset operation on the target data are obtained by the data owner with the assistance of the data acquisition party when the signature is verified.

可选的,存在归属于数据所有方的可授权数据,所述目标数据包括至少部分所述可授权数据,所述装置还包括:凭证提交单元604,用于所述数据所有方向所述区块链系统提交任一可授权数据的数据标识与其获取规则之间的第一对应关系,和/或提交所述任一可授权数据的数据标识与其使用规则之间的第二对应关系;以及,合约部署单元605,用于所述区块链系统部署包含第一对应关系和/或第二对应关系的所述数据管理合约;或者,关系配置单元606,用于在所述区块链系统中已经部署有所述数据管理合约的情况下,所述区块链系统在所述数据管理合约中配置第一对应关系和/或第二对应关系。Optionally, there is authorizable data belonging to the data owner, and the target data includes at least part of the authorizable data. The device also includes: a credential submission unit 604, which is used by the data owner to submit to the blockchain system a first correspondence between the data identifier of any authorizable data and its acquisition rule, and/or submit a second correspondence between the data identifier of any authorizable data and its usage rule; and a contract deployment unit 605, which is used by the blockchain system to deploy the data management contract containing the first correspondence and/or the second correspondence; or, a relationship configuration unit 606, which is used by the blockchain system to configure the first correspondence and/or the second correspondence in the data management contract when the data management contract has been deployed in the blockchain system.

可选的,所述关系配置单元606具体用于下述之一:若所述数据管理合约中未记录所述任一可授权数据的数据标识和所述任一对应关系中的规则,则在所述数据管理合约中新增所述任一对应关系;若所述数据管理合约中已记录有所述任一可授权数据的数据标识,则使用所述任一对应关系中的规则更新所述数据管理合约中该数据标识对应的相应规则;若所述数据管理合约中已记录有所述任一对应关系中的规则,则将所述任一对应关系中的数据标识添加至所述数据管理合约中该规则对应的标识集合内。Optionally, the relationship configuration unit 606 is specifically used for one of the following: if the data identifier of any authorizable data and the rules in any corresponding relationship are not recorded in the data management contract, then any corresponding relationship is added to the data management contract; if the data identifier of any authorizable data is already recorded in the data management contract, then the rules in any corresponding relationship are used to update the corresponding rules corresponding to the data identifier in the data management contract; if the rules in any corresponding relationship are already recorded in the data management contract, then the data identifier in any corresponding relationship is added to the identifier set corresponding to the rule in the data management contract.

上述实施例阐明的系统、装置、模块或单元,具体可以由计算机芯片或实体实现,或者由具有某种功能的产品来实现。一种典型的实现设备为计算机,计算机的具体形式可以是个人计算机、膝上型计算机、蜂窝电话、相机电话、智能电话、个人数字助理、媒体播放器、导航设备、电子邮件收发设备、游戏控制台、平板计算机、可穿戴设备或者这些设备中的任意几种设备的组合。The systems, devices, modules or units described in the above embodiments may be implemented by computer chips or entities, or by products with certain functions. A typical implementation device is a computer, which may be in the form of a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email transceiver, a game console, a tablet computer, a wearable device or a combination of any of these devices.

在一个典型的配置中,计算机包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。In a typical configuration, a computer includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.

内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机可读介质的示例。Memory may include non-permanent storage in a computer-readable medium, in the form of random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带、磁盘存储、量子存储器、基于石墨烯的存储介质或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括暂存电脑可读媒体(transitory media),如调制的数据信号和载波。Computer readable media include permanent and non-permanent, removable and non-removable media that can be implemented by any method or technology to store information. Information can be computer readable instructions, data structures, program modules or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, compact disk read-only memory (CD-ROM), digital versatile disk (DVD) or other optical storage, magnetic cassettes, magnetic disk storage, quantum memory, graphene-based storage media or other magnetic storage devices or any other non-transmission media that can be used to store information that can be accessed by a computing device. As defined in this article, computer readable media does not include temporary computer readable media (transitory media), such as modulated data signals and carrier waves.

还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性 的包含,从而使得包括一系列要素的过程、方法、商品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、商品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、商品或者设备中还存在另外的相同要素。It should also be noted that the terms "include", "comprises" or any other variations thereof are intended to cover non-exclusive The term "comprising a set of elements" refers to the inclusion of a set of elements, such that a process, method, commodity, or device including a set of elements includes not only those elements, but also other elements not explicitly listed, or also includes elements inherent to such process, method, commodity, or device. In the absence of further restrictions, an element defined by the phrase "comprising a ..." does not exclude the existence of other identical elements in the process, method, commodity, or device including the element.

上述对本说明书特定实施例进行了描述。其它实施例在所附权利要求书的范围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施例中的顺序来执行并且仍然可以实现期望的结果。另外,在附图中描绘的过程不一定要求示出的特定顺序或者连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。The above is a description of a specific embodiment of the present specification. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps recorded in the claims can be performed in an order different from that in the embodiments and still achieve the desired results. In addition, the processes depicted in the drawings do not necessarily require the specific order or continuous order shown to achieve the desired results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.

在本说明书一个或多个实施例使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本说明书一个或多个实施例。在本说明书一个或多个实施例和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。还应当理解,本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能组合。The terms used in one or more embodiments of this specification are only for the purpose of describing specific embodiments, and are not intended to limit one or more embodiments of this specification. The singular forms of "a", "said" and "the" used in one or more embodiments of this specification and the appended claims are also intended to include plural forms, unless the context clearly indicates other meanings. It should also be understood that the term "and/or" used herein refers to and includes any or all possible combinations of one or more associated listed items.

应当理解,尽管在本说明书一个或多个实施例可能采用术语第一、第二、第三等来描述各种信息,但这些信息不应限于这些术语。这些术语仅用来将同一类型的信息彼此区分开。例如,在不脱离本说明书一个或多个实施例范围的情况下,第一信息也可以被称为第二信息,类似地,第二信息也可以被称为第一信息。取决于语境,如在此所使用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”。It should be understood that although the terms first, second, third, etc. may be used to describe various information in one or more embodiments of this specification, these information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other. For example, without departing from the scope of one or more embodiments of this specification, the first information may also be referred to as the second information, and similarly, the second information may also be referred to as the first information. Depending on the context, the word "if" as used herein may be interpreted as "at the time of" or "when" or "in response to determining".

以上所述仅为本说明书一个或多个实施例的较佳实施例而已,并不用以限制本说明书一个或多个实施例,凡在本说明书一个或多个实施例的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本说明书一个或多个实施例保护的范围之内。 The above description is merely a preferred embodiment of one or more embodiments of the present specification and is not intended to limit one or more embodiments of the present specification. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and principles of one or more embodiments of the present specification shall be included in the scope of protection of one or more embodiments of the present specification.

Claims (15)

一种数据管理方法,应用于数据管理系统中的区块链系统,所述数据管理系统还包括数据所有方和数据获取方,所述区块链系统中部署的数据管理合约记录有目标数据的获取规则和使用规则,所述目标数据归属于所述数据所有方,所述方法包括:A data management method is applied to a blockchain system in a data management system, wherein the data management system also includes a data owner and a data acquirer, and the data management contract deployed in the blockchain system records acquisition rules and usage rules of target data, and the target data belongs to the data owner. The method includes: 响应于接收到所述数据获取方提交的针对所述目标数据的数据获取信息,执行所述数据管理合约,所述数据管理合约用于判断所述数据获取信息是否满足所述获取规则;In response to receiving data acquisition information for the target data submitted by the data acquirer, executing the data management contract, wherein the data management contract is used to determine whether the data acquisition information satisfies the acquisition rule; 确定针对所述目标数据的数据使用信息并执行所述数据管理合约,所述数据管理合约用于判断所述数据使用信息是否满足所述使用规则;Determine data usage information for the target data and execute the data management contract, wherein the data management contract is used to determine whether the data usage information satisfies the usage rules; 在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出针对所述目标数据的凭证信息,所述凭证信息用于指示所述数据所有方协助所述数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。In the case where the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, the credential information for the target data is disclosed to the data acquirer, and the credential information is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the calculation result obtained after performing a preset calculation on the target data. 根据权利要求1所述的方法,在所述数据获取信息满足所述获取规则的情况下,透出的所述凭证信息包括获取凭证;所述确定针对所述目标数据的数据使用信息,包括:According to the method of claim 1, when the data acquisition information satisfies the acquisition rule, the credential information transmitted includes an acquisition credential; and the determining of data usage information for the target data includes: 根据接收到的所述数据获取方提交的所述获取凭证,确定针对所述目标数据的数据使用信息;或者,Determine data usage information for the target data according to the acquisition credential submitted by the data acquirer; or, 根据接收到的所述数据获取信息和/或透出的所述获取凭证,确定针对所述目标数据的数据使用信息;Determine data usage information for the target data according to the received data acquisition information and/or the disclosed acquisition credential; 其中,在所述数据使用信息满足所述使用规则的情况下,透出的所述凭证信息包括使用凭证。Wherein, when the data usage information satisfies the usage rules, the disclosed credential information includes a usage credential. 根据权利要求1所述的方法,The method according to claim 1, 所述确定针对所述目标数据的数据使用信息,包括:根据接收到的所述数据获取信息,确定针对所述目标数据的数据使用信息;The determining of the data usage information for the target data includes: determining the data usage information for the target data according to the received data acquisition information; 所述在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出针对所述目标数据的凭证信息,包括:在所述数据获取信息满足所述获取规则且所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出综合凭证。The step of transmitting credential information for the target data to the data acquirer when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules comprises: transmitting comprehensive credentials to the data acquirer when the data acquisition information satisfies the acquisition rules and the data usage information satisfies the usage rules. 根据权利要求2或3所述的方法,所述数据使用信息满足所述使用规则,包括下述至少之一:According to the method of claim 2 or 3, the data usage information satisfies the usage rules, including at least one of the following: 在所述使用规则包括凭证有效期、所述数据使用信息包括当前时刻、所述数据获取信息的接收时刻所述获取凭证的接收时刻的情况下,所述当前时刻、所述数据获取信息的接收时刻所述获取凭证的接收时刻处于所述凭证有效期内;In the case where the usage rule includes a validity period of the credential, and the data usage information includes a current time, a receiving time of the data acquisition information, and a receiving time of the acquired credential, the current time, the receiving time of the data acquisition information, and the receiving time of the acquired credential are within the validity period of the credential; 在所述使用规则包括所述目标凭证的最大使用次数、所述数据使用信息包括区块链系统接收到所述数据获取方提交的所述使用凭证或者所述数据获取信息的总次数的情况下,所述总次数小于所述最大使用次数;In the case where the usage rule includes the maximum number of uses of the target credential, and the data usage information includes the total number of times the blockchain system receives the usage credential or the data acquisition information submitted by the data acquirer, the total number of times is less than the maximum number of uses; 在所述使用规则包括有效频次范围、所述数据使用信息包括所述区块链系统接收所述使用凭证或者所述数据获取信息的当前频次的情况下,所述当前频次处于所述有效频次范围内。In a case where the usage rules include a valid frequency range and the data usage information includes a current frequency at which the blockchain system receives the usage credential or the data acquisition information, the current frequency is within the valid frequency range. 根据权利要求1所述的方法,所述获取规则包括算法列表,所述数据获取信息满足所述获取规则,包括:According to the method of claim 1, the acquisition rule includes an algorithm list, and the data acquisition information satisfies the acquisition rule, including: 所述数据获取信息中的目标算法被记录在所述算法列表中,其中,所述数据获取方用于通过所述目标算法加工获得的所述目标数据,和/或,所述目标算法被用于执行所述预设运算。The target algorithm in the data acquisition information is recorded in the algorithm list, wherein the data acquisition party is used to obtain the target data through processing by the target algorithm, and/or the target algorithm is used to perform the preset operation. 根据权利要求1所述的方法,所述预设运算包括所述数据所有方和所述数据获取方共同参与的多方运算。According to the method of claim 1, the preset operation includes a multi-party operation jointly participated by the data owner and the data acquirer. 根据权利要求1所述的方法,所述获取规则包括信用评分范围,所述数据获取信息包括所述数据获取方在预设平台的信用评分,所述数据获取信息满足所述获取规则,包括:According to the method of claim 1, the acquisition rule includes a credit score range, the data acquisition information includes the credit score of the data acquirer on a preset platform, and the data acquisition information satisfies the acquisition rule, including: 所述数据获取方在预设平台的信用评分属于所述信用评分范围。The credit score of the data acquirer on the preset platform falls within the credit score range. 根据权利要求1所述的方法,所述区块链系统向所述数据获取方透出针对所述目标数据的凭证信息,包括:According to the method of claim 1, the blockchain system discloses credential information for the target data to the data acquirer, including: 将所述凭证信息写入所述数据管理合约产生的收据所记录的数据获取事件中,所述数据获取方具有针对所述收据的监听权限;或者,Writing the credential information into the data acquisition event recorded in the receipt generated by the data management contract, and the data acquisition party has the monitoring authority for the receipt; or 将所述凭证信息写入所述数据管理合约的合约账户中,所述数据获取方具有针对所述合约账户的查询权限。 The credential information is written into the contract account of the data management contract, and the data acquirer has query authority for the contract account. 根据权利要求1所述的方法,所述区块链系统向所述数据获取方透出针对所述目标数据的凭证信息,包括:According to the method of claim 1, the blockchain system discloses credential information for the target data to the data acquirer, including: 向所述数据获取方透出针对所述目标数据的凭证信息以及通过所述数据所有方的公钥对所述凭证信息作出的签名,所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果被所述数据所有方在对所述签名验证通过的情况下协助所述数据获取方获得。The credential information of the target data and the signature of the credential information made by the public key of the data owner are disclosed to the data acquisition party, and the target data and/or the operation result obtained after performing a preset operation on the target data are obtained by the data owner with the assistance of the data acquisition party when the signature is verified. 根据权利要求1所述的方法,存在归属于数据所有方的可授权数据,所述目标数据包括至少部分所述可授权数据,所述方法还包括:According to the method of claim 1, there is authenticatable data belonging to the data owner, the target data includes at least part of the authenticatable data, and the method further comprises: 所述数据所有方向所述区块链系统提交任一可授权数据的数据标识与其获取规则之间的第一对应关系,和/或提交所述任一可授权数据的数据标识与其使用规则之间的第二对应关系;以及,The data owner submits to the blockchain system a first correspondence between the data identifier of any authorizable data and its acquisition rules, and/or submits a second correspondence between the data identifier of any authorizable data and its usage rules; and 所述区块链系统部署包含第一对应关系和/或第二对应关系的所述数据管理合约;或者,The blockchain system deploys the data management contract including the first corresponding relationship and/or the second corresponding relationship; or, 在所述区块链系统中已经部署有所述数据管理合约的情况下,所述区块链系统在所述数据管理合约中配置第一对应关系和/或第二对应关系。In a case where the data management contract has been deployed in the blockchain system, the blockchain system configures the first corresponding relationship and/or the second corresponding relationship in the data management contract. 根据权利要求10所述的方法,所述区块链系统在所述数据管理合约中配置第一对应关系和第二对应关系中的任一对应关系,包括下述之一:According to the method of claim 10, the blockchain system configures any one of the first correspondence and the second correspondence in the data management contract, including one of the following: 若所述数据管理合约中未记录所述任一可授权数据的数据标识和所述任一对应关系中的规则,则在所述数据管理合约中新增所述任一对应关系;If the data identifier of any authorizable data and the rule in any corresponding relationship are not recorded in the data management contract, then any corresponding relationship is added to the data management contract; 若所述数据管理合约中已记录有所述任一可授权数据的数据标识,则使用所述任一对应关系中的规则更新所述数据管理合约中该数据标识对应的相应规则;If the data identifier of any authorizable data has been recorded in the data management contract, then the corresponding rule corresponding to the data identifier in the data management contract is updated using the rule in any corresponding relationship; 若所述数据管理合约中已记录有所述任一对应关系中的规则,则将所述任一对应关系中的数据标识添加至所述数据管理合约中该规则对应的标识集合内。If the data management contract has recorded a rule in any of the corresponding relationships, the data identifier in any of the corresponding relationships is added to the identifier set corresponding to the rule in the data management contract. 一种数据管理系统,包括区块链系统、数据所有方和数据获取方,所述区块链系统中部署的数据管理合约记录有目标数据的获取规则和使用规则,所述目标数据归属于所述数据所有方,其中,A data management system includes a blockchain system, a data owner and a data acquirer. The data management contract deployed in the blockchain system records the acquisition rules and usage rules of target data. The target data belongs to the data owner. 所述数据获取方,用于向所述区块链系统提交针对所述目标数据的数据获取信息;The data acquisition party is used to submit data acquisition information for the target data to the blockchain system; 所述区块链系统,用于执行所述数据管理合约,所述数据管理合约用于判断所述数据获取信息是否满足所述获取规则;确定针对所述目标数据的数据使用信息并执行所述数据管理合约,所述数据管理合约用于判断所述数据使用信息是否满足所述使用规则;以及,在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出针对所述目标数据的凭证信息;The blockchain system is used to execute the data management contract, the data management contract is used to determine whether the data acquisition information satisfies the acquisition rules; determine data usage information for the target data and execute the data management contract, the data management contract is used to determine whether the data usage information satisfies the usage rules; and, when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, disclose the credential information for the target data to the data acquirer; 所述数据所有方,用于在接收到所述数据获取方提供的所述凭证信息的情况下,协助所述数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。The data owner is used to assist the data acquirer in obtaining the target data and/or the operation result obtained after performing a preset operation on the target data, upon receiving the credential information provided by the data acquirer. 一种数据管理装置,应用于数据管理系统中的区块链系统,所述数据管理系统还包括数据所有方和数据获取方,所述区块链系统中部署的数据管理合约记录有目标数据的获取规则和使用规则,所述目标数据归属于所述数据所有方,所述装置包括:A data management device is applied to a blockchain system in a data management system, wherein the data management system also includes a data owner and a data acquirer, and the data management contract deployed in the blockchain system records acquisition rules and usage rules of target data, and the target data belongs to the data owner. The device includes: 第一执行单元,用于响应于接收到所述数据获取方提交的针对所述目标数据的数据获取信息,执行所述数据管理合约,所述数据管理合约用于判断所述数据获取信息是否满足所述获取规则;A first execution unit, configured to execute the data management contract in response to receiving data acquisition information for the target data submitted by the data acquirer, wherein the data management contract is configured to determine whether the data acquisition information satisfies the acquisition rule; 第二执行单元,用于确定针对所述目标数据的数据使用信息并执行所述数据管理合约,所述数据管理合约用于判断所述数据使用信息是否满足所述使用规则;a second execution unit, configured to determine data usage information for the target data and execute the data management contract, wherein the data management contract is configured to determine whether the data usage information satisfies the usage rules; 信息透出单元,用于在所述数据获取信息满足所述获取规则和/或所述数据使用信息满足所述使用规则的情况下,向所述数据获取方透出针对所述目标数据的凭证信息,所述凭证信息用于指示所述数据所有方协助所述数据获取方获得所述目标数据和/或对所述目标数据执行预设运算后得到的运算结果。An information disclosure unit is used to disclose credential information for the target data to the data acquirer when the data acquisition information satisfies the acquisition rules and/or the data usage information satisfies the usage rules, wherein the credential information is used to instruct the data owner to assist the data acquirer in obtaining the target data and/or the calculation result obtained after performing a preset calculation on the target data. 一种电子设备,包括:An electronic device, comprising: 处理器;processor; 用于存储处理器可执行指令的存储器;a memory for storing processor-executable instructions; 其中,所述处理器通过运行所述可执行指令以实现如权利要求1-11中任一项所述的方法。The processor implements the method according to any one of claims 1 to 11 by running the executable instructions. 一种计算机可读存储介质,其上存储有计算机指令,该指令被处理器执行时实现如权利要求1-11中任一项所述的方法。 A computer-readable storage medium stores computer instructions, which, when executed by a processor, implement the method according to any one of claims 1 to 11.
PCT/CN2023/134859 2023-07-31 2023-11-28 Data management method and apparatus, and system Pending WO2025025431A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202310957164.2 2023-07-31
CN202310957164.2A CN117112693A (en) 2023-07-31 2023-07-31 Data management method, device and system

Publications (1)

Publication Number Publication Date
WO2025025431A1 true WO2025025431A1 (en) 2025-02-06

Family

ID=88806546

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/134859 Pending WO2025025431A1 (en) 2023-07-31 2023-11-28 Data management method and apparatus, and system

Country Status (2)

Country Link
CN (1) CN117112693A (en)
WO (1) WO2025025431A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117112693A (en) * 2023-07-31 2023-11-24 蚂蚁区块链科技(上海)有限公司 Data management method, device and system
CN116975153A (en) * 2023-07-31 2023-10-31 蚂蚁区块链科技(上海)有限公司 Data management method, device and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190012695A1 (en) * 2017-07-06 2019-01-10 Mastercard International Incorporated Method and system for electronic vouchers via blockchain
CN111767097A (en) * 2020-08-31 2020-10-13 支付宝(杭州)信息技术有限公司 Method and device for calling smart contract, electronic device, storage medium
CN113746640A (en) * 2021-09-26 2021-12-03 网易(杭州)网络有限公司 Digital certificate using method and device, computer equipment and storage medium
CN117112693A (en) * 2023-07-31 2023-11-24 蚂蚁区块链科技(上海)有限公司 Data management method, device and system

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110457875B (en) * 2019-07-31 2021-04-27 创新先进技术有限公司 Blockchain-based data authorization method and device
CN110473094B (en) * 2019-07-31 2021-05-18 创新先进技术有限公司 Blockchain-based data authorization method and device
CN110473096A (en) * 2019-07-31 2019-11-19 阿里巴巴集团控股有限公司 Data grant method and device based on intelligent contract
CN112463843A (en) * 2020-11-27 2021-03-09 国家电网有限公司大数据中心 Power grid data sharing method and system based on block chain and data resource catalog
CN113468586B (en) * 2021-09-02 2021-11-26 支付宝(杭州)信息技术有限公司 Authority management method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190012695A1 (en) * 2017-07-06 2019-01-10 Mastercard International Incorporated Method and system for electronic vouchers via blockchain
CN111767097A (en) * 2020-08-31 2020-10-13 支付宝(杭州)信息技术有限公司 Method and device for calling smart contract, electronic device, storage medium
CN113746640A (en) * 2021-09-26 2021-12-03 网易(杭州)网络有限公司 Digital certificate using method and device, computer equipment and storage medium
CN117112693A (en) * 2023-07-31 2023-11-24 蚂蚁区块链科技(上海)有限公司 Data management method, device and system

Also Published As

Publication number Publication date
CN117112693A (en) 2023-11-24

Similar Documents

Publication Publication Date Title
US11611560B2 (en) Systems, methods, and apparatuses for implementing consensus on read via a consensus on write smart contract trigger for a distributed ledger technology (DLT) platform
CN110457875B (en) Blockchain-based data authorization method and device
TWI737200B (en) Data authorization method and device based on smart contract
TWI729719B (en) Block chain-based data authorization method and device, electronic equipment and computer readable storage medium
KR102785070B1 (en) Low-trust privilege access management
CN113297625B (en) Data sharing system and method based on block chain and electronic equipment
US11841960B1 (en) Systems and processes for providing secure client controlled and managed exchange of data between parties
US11057188B2 (en) Database service token
US20200242595A1 (en) Systems, methods, and apparatuses utilizing a blended blockchain ledger in a cloud service to address local storage
JP2022533770A (en) A system or method for enforcing the right to be forgotten on a metadata-driven blockchain using shared secrets and read agreements
CN110009349B (en) Method and device for generating and verifying linkable ring signature in block chain
JP2021512416A (en) Systems, methods, and devices that enable intelligent consensus, smart consensus, and weighted consensus models for distributed ledger technology in a cloud-based computing environment.
JP2022504348A (en) Blockchain notification board to store blockchain resources
US11240003B2 (en) Consent-based data management
US20190392407A1 (en) Encrypted asset transfer system and method for facilitating transfer of digital assets
US11374755B1 (en) Entangled token structure for blockchain networks
US12010226B2 (en) Blockchain data segregation
WO2025025431A1 (en) Data management method and apparatus, and system
WO2025025432A1 (en) Data management method, apparatus and system
CN114756903A (en) Homote advice processing method and device based on block chain intelligent contract and computing equipment
US20230394481A1 (en) Authorizing public trust ledger actions via a database system
US20220399988A1 (en) Linking blockchain operations
HK40040424B (en) Method and device for generating and verifying linkable ring signature in block chain
CN120974532A (en) Methods, apparatus, devices, media, and products for uniformly processing data requests.
HK40018147A (en) Data authorization method and device based on smart contract

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23947369

Country of ref document: EP

Kind code of ref document: A1