[go: up one dir, main page]

CN111460400B - Data processing method, device and computer readable storage medium - Google Patents

Data processing method, device and computer readable storage medium Download PDF

Info

Publication number
CN111460400B
CN111460400B CN202010248930.4A CN202010248930A CN111460400B CN 111460400 B CN111460400 B CN 111460400B CN 202010248930 A CN202010248930 A CN 202010248930A CN 111460400 B CN111460400 B CN 111460400B
Authority
CN
China
Prior art keywords
file
user
public key
terminal equipment
downloading
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010248930.4A
Other languages
Chinese (zh)
Other versions
CN111460400A (en
Inventor
李茂材
王宗友
张劲松
黄焕坤
周开班
时一防
刘攀
刘区城
蓝虎
杨常青
朱耿良
孔利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN202010248930.4A priority Critical patent/CN111460400B/en
Publication of CN111460400A publication Critical patent/CN111460400A/en
Application granted granted Critical
Publication of CN111460400B publication Critical patent/CN111460400B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/16Program or content traceability, e.g. by watermarking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a data processing method, a data processing device and a computer readable storage medium. The method comprises the following steps: and receiving an acquisition request sent by the terminal equipment and used for acquiring the digital product, acquiring a first public key of the terminal equipment if the user has the downloading authority of the digital product according to the identity information of the user in the acquisition request, encrypting the digital product through the public key of the trusted execution environment of the terminal equipment if the first public key of the terminal equipment exists in a public key list of the pre-stored trusted execution environment, and sending the encrypted file to the terminal equipment. It can be seen that the encrypted file can only be used on the corresponding terminal device by encrypting the digital product by using the public key of the trusted execution environment of the terminal device. Therefore, the problem that the digital product is illegally forwarded and used is solved, and the legal rights and interests of the owners of the digital product are protected.

Description

Data processing method, device and computer readable storage medium
Technical Field
The present application relates to the field of computer networks, and in particular, to a data processing method, apparatus, and computer readable storage medium.
Background
In many application scenarios, digital product copyright protection is often a problem, for example: user a authored a song. After release in the network, there may be instances where user B makes a song available to unpaid user C after purchasing the song, or resells the song to other users to earn profits. Resulting in the rights of user a being infringed. Therefore, how to effectively protect the copyright of the digital product is a hot problem in the current research.
Disclosure of Invention
The application discloses a data processing method, a data processing device and a computer readable storage medium, which can provide protection for copyright of digital products in a network.
In a first aspect, the present application provides a data processing method, the method comprising:
Receiving a first acquisition request sent by terminal equipment, wherein the first acquisition request is used for acquiring a first file, and the first acquisition request carries identity information of a first user of the terminal equipment;
judging whether the first user has the downloading authority of the first file or not according to the identity information of the first user;
if the first user has the downloading authority of the first file, a first public key of the terminal equipment is obtained;
If the first public key exists in a public key list of a pre-stored trusted execution environment, encrypting the first file through the first public key to obtain a first encrypted file, and sending the first encrypted file to the terminal equipment.
In a second aspect, the present application provides a data processing apparatus comprising:
the terminal equipment comprises a receiving unit, a first acquiring unit and a second acquiring unit, wherein the receiving unit is used for receiving a first acquiring request sent by the terminal equipment, the first acquiring request is used for acquiring a first file, and the first acquiring request carries identity information of a first user of the terminal equipment;
And the processing unit is used for judging whether the first user has the downloading authority of the first file according to the identity information of the first user, acquiring a first public key of the terminal equipment if the first user has the downloading authority of the first file, encrypting the first file through the first public key of the terminal equipment if the first public key of the terminal equipment exists in a public key list of a pre-stored trusted execution environment, obtaining a first encrypted file, and sending the first encrypted file to the terminal equipment.
In a third aspect, the present application provides a data processing apparatus comprising a processor, a memory and a communication interface, the processor, the memory and the communication interface being interconnected, wherein the memory is adapted to store a computer program comprising program instructions, the processor being configured to invoke the program instructions to perform the method according to the first aspect.
In a fourth aspect, the present application provides a computer readable storage medium storing one or more instructions adapted to be loaded by a processor and to perform the method of the first aspect described above.
In the application, equipment used by an owner of a digital product receives an acquisition request sent by terminal equipment for acquiring the digital product, if the user is judged to have the downloading authority of the digital product according to the identity information of the user in the acquisition request, a first public key of the terminal equipment is acquired, if the first public key of the terminal equipment exists in a pre-stored public key list of a trusted execution environment, the digital product is encrypted through the public key of the trusted execution environment of the terminal equipment, and the encrypted file is sent to the terminal equipment. It can be seen that the encrypted file can only be used on the corresponding terminal device by encrypting the digital product by using the public key of the trusted execution environment of the terminal device. Therefore, the problem that the digital product is illegally forwarded and used is solved, and the legal rights and interests of the owners of the digital product are protected.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a scene architecture diagram of a network according to an embodiment of the present application;
FIG. 2 is a flowchart of a data processing method according to an embodiment of the present application;
FIG. 3 is a flowchart of another data processing method according to an embodiment of the present application;
FIG. 4 is a flowchart of another data processing method according to an embodiment of the present application;
FIG. 5 is a flowchart of another data processing method according to an embodiment of the present application;
FIG. 6 is a schematic diagram of a data processing apparatus according to an embodiment of the present application;
Fig. 7 is a schematic structural diagram of another data processing apparatus according to an embodiment of the present application.
Detailed Description
The technical scheme in the embodiment of the application will be described below with reference to the accompanying drawings.
The embodiment of the application relates to a blockchain, a blockchain network and a trusted execution environment, wherein the blockchain (blockchain) is a chained data structure formed by combining data blocks in a sequential connection mode according to time sequence, and the data is ensured to be non-tamperable and non-counterfeitable in a cryptographic mode. The blockchain is essentially a decentralised database, which is a series of data blocks generated by cryptographic methods, each data block containing a batch of information of network transactions for verifying the validity (anti-counterfeiting) of the information and generating the next block. The blockchain may include a blockchain underlying platform, a platform product services layer, and an application services layer.
The blockchain underlying platform may include processing modules such as user management, basic services, and smart contracts. The user management module is responsible for identity information management of all blockchain participants, including maintenance of public and private key generation (account management), key management, maintenance of corresponding relation between the real identity of the user and the blockchain address (authority management) and the like, and under the condition of authorization, supervision and audit of transaction conditions of certain real identities, and provision of rule configuration (wind control audit) of risk control; the basic service module is deployed on all block chain node devices, is used for verifying the validity of a service request, recording the service request on a storage after the effective request is identified, for a new service request, the basic service firstly analyzes interface adaptation and authenticates the interface adaptation, encrypts service information (identification management) through an identification algorithm, and transmits the encrypted service information to a shared account book (network communication) in a complete and consistent manner, and records and stores the service information; the intelligent contract module is responsible for the registration and release of contracts and the triggering and execution of contracts, a developer can define contract logic through a certain programming language, issue the contract logic to a blockchain (contract registration), call keys or other event triggering execution according to the logic of contract clauses, and complete the contract logic.
Blockchain networks are a distributed application architecture that distributes tasks and workloads among peers, a form of networking or networking that peer-to-peer computing models form at the application layer. Typically, a blockchain network includes a plurality of computers connected to each other, which are also referred to as node devices of the blockchain network. In a blockchain network environment, a plurality of computers connected with each other are in a peer-to-peer state, each computer has the same function, and no master-slave division exists, one computer can serve as a server, and shared resources are set for other computers in the network; and can also be used as a workstation, the whole network generally does not depend on a special centralized server, and the whole network also does not have a special workstation. Each computer in the network can serve as a requester of a network service and provide resources, services, and content in response to requests from other computers.
The trusted execution environment (Trusted Execution Environment, TEE) is a running environment that co-exists with the multimedia execution environment (Rich Execution Environment, REE) on the terminal device. The TEE is comprised of trusted software and hardware resources such as a processor, secure memory, trusted user interface (Trusted User Interface, TUI), trusted operating system (Trusted Operating System, TOS), and trusted applications (Trusted Application, TA) on the terminal device to construct a safer operating environment than the re. To secure TEE resources, the resources TEE accessible to the REEs are also accessible, and conversely, trusted resources on the TEE only allow access to other trusted resources unless there is explicit authorization by the TEE.
The TEE generates a public-private key pair in an asymmetric encryption mode, and writes the private key into the chip when the chip is produced, so that a file encrypted by the public key corresponding to the chip can be decrypted only in the chip to obtain information in the file. It should be noted that the private key in each chip is unique and not tamperable. Thus, personal information of the user can be stored and processed more safely in the running environment isolated from the REE, and operations with higher confidentiality requirements such as electronic payment and the like can be performed.
The public key list of the trusted execution environment is issued into the blockchain network by a chip manufacturer after the chip is produced, and an owner of the digital product can acquire the public key list of the trusted execution environment through the blockchain. The public key list of the trusted execution environment comprises public keys of the trusted execution environment corresponding to all the chips which are put into use. In another embodiment, the chip manufacturer produces the corresponding certification information of each chip when producing the chip, the user carries the corresponding certification information when providing the public key of the trusted execution environment, and the owner of the digital product can verify to the chip manufacturer whether the public key of the trusted execution environment provided by the user is true through the certification information.
Fig. 1 is a scene architecture diagram of a network according to an embodiment of the present application. As shown in fig. 1, a terminal device 101, a first node device 102 and a second node device 103 are included in the network. The number of terminal devices and respective node devices in the network shown in fig. 1 is merely an example, and examples are: the number of the terminal device 101, the first node device 102 and the second node device 103 may also be plural, and there may be a third node device, a fourth node device, etc. in the blockchain network, and the present application is not limited to the number of the terminal devices and the respective node devices.
The terminal device 101 is a device used by a user, which may be a person, a company, an organization, or the like. Terminal device 101 may include, but is not limited to: smart phones (e.g., android phones, iOS phones, etc.), tablet computers, portable personal computers, mobile internet devices (Mobile INTERNET DEVICES, MID), etc.
The first node device 102 is a node device corresponding to an owner of the digital product, and the first node device 102 may be a node device in a blockchain network or a terminal device that establishes a communication connection with a node device in the blockchain network. The second node device 103 is a node device in a blockchain network. The first node device 102 and the second node device 103 may be specifically a client or a server, and the embodiment of the present application is not limited. Wherein, the client may be any of the following: a terminal, a stand-alone application, an application programming interface (Application Programming Interface, API), or a software development kit (Software Development Kit, SDK). Wherein, the terminal may include, but is not limited to: the embodiment of the application is not limited by smart phones (such as Android phones, iOS phones, etc.), tablet computers, portable personal computers, MIDs, etc. The types of node devices may include, but are not limited to, full nodes, simple Pay Verification (SPV) nodes, or other node types in a blockchain network.
In the blockchain network shown in fig. 1, a first user sends a first acquisition request to a first node device 102 corresponding to a digital product owner through a terminal device 101. The first retrieval request is for retrieving a first file (i.e., the first user requests to retrieve a digitized file, such as a song, owned by the digitized product owner). The first obtaining request carries identity information of the first user (such as information that can uniquely determine the identity of the user, such as a user identifier). After receiving the first obtaining request, the first node device 102 determines whether the first user has the right to obtain (download) the first file according to the identity information of the first user (for example, by querying the second node device 103 in the blockchain network for the transaction record of the terminal device 101, etc.). If the first node device 102 determines that the first user has the authority to download the first file, the first file is encrypted by using the public key (which may be carried in the first acquisition request or acquired from the blockchain network) of the trusted execution environment of the terminal device 101 used by the first user, to obtain a first encrypted file. The first node device 102 transmits the first encrypted file to the terminal device 101. After receiving the first encrypted file, the terminal device 101 decrypts the first encrypted file in its trusted execution environment, and may use the decrypted first file. It will be appreciated that the first encrypted file can only be decrypted and used in the trusted execution environment of the terminal device 101, and that the first user cannot obtain the decrypted first file from the trusted execution environment of the terminal device 101.
In the data processing method, the digital product owner encrypts the provided digital file through the public key of the trusted execution environment of the terminal equipment used by the first user, so that the encrypted digital file can be decrypted and used only by the terminal equipment used by the first user. Therefore, the problem that the digital product is illegally forwarded and used after being acquired by a user is solved, and the legal rights and interests of the owners of the digital product are protected.
The following describes a data processing method provided by the present application in detail.
Referring to fig. 2, fig. 2 is a flowchart of a data processing method according to an embodiment of the application. The data processing method can be implemented by the terminal equipment 101, the first node equipment 102 and the second node equipment 103 shown in fig. 1 in an interactive way; as shown in fig. 2, the data processing method includes, but is not limited to, the following steps 201 to 205:
201. The first node device receives a first acquisition request sent by the terminal device.
The first node equipment is node equipment corresponding to the digital product owner, and the terminal equipment is equipment used by a first user. The terminal device requests to acquire the first file by sending a first acquisition request to the first node device, wherein the first acquisition request carries identity information (such as an account number and a password of the first user and the like capable of uniquely determining the identity of the first user) of the first user using the terminal device.
In one embodiment, the first public key of the terminal device is also carried in the first acquisition request.
202. The first node device sends acknowledgement information to a second node device in the blockchain network.
Wherein the second node device is a node device in a blockchain network for processing transactions. The confirmation information includes identity information of the first user. The confirmation information is used for confirming whether the first user has the downloading authority of the first file.
In one embodiment, the first node device sends file information (including the associated description information and the download address of the file, etc., but not the file itself) for the transaction to a second node device in the blockchain network in a smart contract manner. After the consensus passes, the second node device publishes the file information for the transaction to the blockchain network by the first node device. If the first user needs to acquire the first file, the first user acquires the downloading permission of the first file through executing transaction between the terminal equipment and the second node equipment. After the transaction is completed, the second node device establishes an authorized relationship of the first user with the first file.
203. The first node device receives the response information sent by the second node device.
The response information is used for indicating whether the first user has the right to download the first file.
In one embodiment, after receiving the confirmation information sent by the first node device, the second node device searches and confirms whether the first user and the first file have an authorized relationship through the identity information of the first user in the confirmation information. And transmitting the confirmed result to the first node device through the response information. If the response information indicates that the first user does not have the authority to download the first file, the first node equipment sends prompt information to the terminal equipment, wherein the prompt information is used for indicating that the first user does not have the authority to download the first file. If the response information indicates that the first user has the authority to download the first file, the first public key of the terminal device is obtained, whether the first public key of the terminal device exists in a public key list of a pre-stored trusted execution environment is judged, if the first public key of the terminal device exists in the public key list of the pre-stored trusted execution environment, the first public key is judged to be truly valid, and step 204 is continuously executed.
In another embodiment, the first user, when performing the transaction, sends the first public key of the terminal device to the second node device. If the second node device searches and confirms that the first user and the first file have an authorized relationship through confirming the identity information of the first user in the information, the response information also comprises a first public key of the terminal device.
204. The first node device encrypts the first file through a first public key of the terminal device to obtain a first encrypted file.
The first public key of the terminal device refers to a public key of a trusted execution environment provided by the first user through the terminal device, and the first public key may correspond to the terminal device or may correspond to other devices used by the first user, which is not limited by the present application.
In one embodiment, the first node device obtains a first public key of the terminal device through a first obtaining request sent by the terminal device, and encrypts the first file by using the first public key to obtain a first encrypted file.
In another embodiment, the first node device obtains a first public key of the terminal device through a response message sent by the second node device, and encrypts the first file by using the first public key to obtain a first encrypted file.
205. The first node device sends a first encrypted file to the terminal device.
In one embodiment, the first node device sends a first encrypted file to the terminal device. After receiving the first encrypted file, the terminal device decrypts and uses the first encrypted file in a device corresponding to the first trusted environment.
A data processing method according to the present application will be further described by way of a complete example. For example, singer a sends an intelligent contract 1 to a second node device in the blockchain network via the first node device, the intelligent contract 1 including album 1 related information published by singer a and an address for downloading album 1. And the user B carries out transaction with a second node device in the blockchain network through the terminal device, so that the downloading authority of the album 1 is obtained. After the second node device in the blockchain network has agreed on this transaction, the transaction record of the downloading rights of the album obtained by the user B (the used terminal device) is stored in the blockchain. After obtaining the downloading right of the album 1, the user B sends an obtaining request 1 to the first node device through the address of downloading the album 1 in the intelligent contract 1 when the album 1 needs to be downloaded. The acquisition request 1 is used to request acquisition of file 1 (album 1). The acquisition request 1 contains the identity information of the user B, trusted execution environment information (public key of the trusted execution environment of the terminal device used by the user B) and the identification of the album 1 requested to be acquired by the user B. After receiving the acquisition request 1 sent by the terminal device, the first node device sends confirmation information to the second node device, where the confirmation information is used to confirm whether the user B has the right to download the album 1 (i.e. determine whether the user B has the right to download the album 1 according to the identity information of the user B). And receiving response information returned by the second node equipment. If the response information indicates that the user B does not have the downloading permission of the album 1, the first node device sends a prompt message 1 to the terminal device, where the prompt message 1 is used to prompt the terminal device to obtain the downloading permission of the album 1 and then download the album. If the response information indicates that the user B has the downloading authority of the album 1, judging whether the public key of the trusted execution environment of the terminal device exists in a pre-stored public key list of the trusted execution environment, and if the public key of the trusted execution environment of the terminal device exists in the pre-stored public key list of the trusted execution environment, encrypting the album 1 by the first node device through the public key of the trusted execution environment of the terminal device to obtain an encrypted file 1. The second node device sends the encrypted file 1 to the terminal device, and after receiving the encrypted file 1, the terminal device decrypts the encrypted file 1 in the trusted execution environment through a private key of the trusted execution environment carried in a chip of the terminal device, so that the album 1 can be played. In the trusted execution environment, the user B can only play the album 1 through the terminal device corresponding to the trusted execution environment, and cannot acquire the decrypted album 1. If the user B sends the encrypted file 1 to the user C, the user C cannot play the album 1 through its own device because the private key in the chip in each device is unique and not tamperable.
In the data processing method, the first node device determines whether the terminal device used by the first user has the downloading authority of the first file by sending the confirmation information to the second node device. After confirming that the terminal equipment used by the first user has the downloading authority of the first file, encrypting the first file through a first public key provided by the terminal equipment to obtain a first encrypted file. Since the first encrypted file can be decrypted and used only in the device corresponding to the first trusted execution environment. Therefore, the data processing method provided by the embodiment of the application solves the problem that the digital product is illegally forwarded and used after being acquired by a user, and protects the legal rights and interests of the owners of the digital product.
Referring to fig. 3, fig. 3 is a flowchart of another data processing method according to an embodiment of the application. The data processing method may be implemented by the terminal device 101 and the first node device 102 shown in fig. 1; as shown in fig. 3, the data processing method includes, but is not limited to, the following steps 301 to 305:
301. The first node device receives a first acquisition request sent by the terminal device.
The specific implementation of step 301 may refer to the specific implementation of step 201 in fig. 2, and will not be described herein.
302. The first node device searches whether a transaction record exists in the blockchain, wherein the transaction record is used for the first user to acquire the downloading authority of the first file.
In one embodiment, the first node device searches whether a transaction record for obtaining the downloading authority of the first file by the first user exists in the blockchain through the identity information of the first user. If the transaction record that the first user acquires the downloading authority of the first file does not exist in the blockchain, the first node equipment sends first prompt information to the terminal equipment, wherein the first prompt information is used for indicating that the first user does not have the authority of downloading the first file. If a transaction record of the downloading permission of the first file obtained by the first user exists in the blockchain, the first node device checks whether the transaction record contains the downloading permission time range or not. If the transaction record does not include the download permission time range (i.e., the first user has the first file permanent download permission), determining that the first user has the download permission of the first file, and continuing to execute step 303; if the transaction record contains the downloading permission time range, the first node device determines whether the current time is within the downloading permission time range. If the current time is within the download permission time range, it is determined that the first user has the download permission of the first file, and step 303 is continuously performed. If the current time is not in the downloading permission time range, the first node equipment sends second prompt information to the terminal equipment, wherein the second prompt information is used for prompting the first user that the permission of downloading the first file is expired, and the first user does not currently have the permission of downloading the first file.
For example, when the user 1 purchases the time-limited song 1 in the blockchain network through the terminal device, assuming that the download authority time range of the time-limited song 1 is from 1 month in 2018 to 12 months in 2019, after the transaction is completed, the transaction record of the user 1 purchasing the song 1 is recorded in the blockchain, and the download authority time range 2018.1 to 2019.12 is included in the transaction record. Assuming that user 1 needs to download song 1 in 2019, month 11, user 1 sends an acquisition request 1 to the first node device through the terminal device. The first node device searches the transaction record of the user 1 in the blockchain according to the identity information of the user 1 in the acquisition request 1. At this time, there is a transaction record in the blockchain for user 1 to purchase song 1, and the transaction record includes the download authority time range. Since month 11 2019 included the download rights in the transaction record, the first node device determines that user 1 has the download rights for song 1.
303. The first node device obtains a first public key of the terminal device.
In one embodiment, the first node device obtains the first public key of the terminal device through a first obtaining request sent by the terminal device, and after obtaining the first public key of the terminal device, confirms whether the first public key is truly valid through a public key list of a trusted execution environment in a pre-stored blockchain network. If the first public key exists in the public key list of the pre-stored trusted execution environment, it is determined that the first public key is truly valid, and step 304 is continued.
In yet another embodiment, the first node device obtains a first public key of the terminal device corresponding to the first user from the blockchain through a correspondence between user identity information stored in the blockchain and a public key of the trusted execution environment. It will be appreciated that the first public key in the blockchain is verified by the public key list of the trusted execution environment to be truly valid. For example, assuming that the user 1 establishes an association with the trusted execution environment 1 at the time of blockchain registration, the association of the user 1 with the trusted execution environment 1 is recorded in the blockchain. The first node equipment searches the related information of the user 1 in the blockchain through the identity information of the user 1, so that the association relation between the user 1 and the trusted execution environment 1 can be obtained, and further the public key of the trusted execution environment 1 is obtained.
304. The first node device encrypts the first file through a first public key of the terminal device to obtain a first encrypted file.
305. The first node device sends a first encrypted file to the terminal device.
The specific implementation of step 304 and step 305 may refer to the implementation of step 204 and step 205 in fig. 2, and will not be described herein.
In the data processing method, the first node device determines whether the terminal device used by the first user has the downloading authority of the first file by searching the transaction record in the blockchain. After confirming that the terminal equipment used by the first user has the downloading authority of the first file, encrypting the first file through a first public key provided by the terminal equipment to obtain a first encrypted file. Since the first encrypted file can be decrypted and used only in the device corresponding to the first trusted execution environment. Therefore, the data processing method provided by the embodiment of the application solves the problem that the digital product is illegally forwarded and used after being acquired by a user, and protects the legal rights and interests of the owners of the digital product.
Referring to fig. 4, fig. 4 is a flowchart of another data processing method according to an embodiment of the application. The data processing method may be implemented by the terminal device 101 and the first node device 102 shown in fig. 1; as shown in fig. 4, the data processing method includes, but is not limited to, the following steps 401 to 404:
401. the first node device records a first time at which the first encrypted file was generated.
In one embodiment, the first node device records a first time of generating the first encrypted file after generating the first encrypted file or after transmitting the first encrypted file to the terminal device. For example, assuming that the first node device generated encrypted file 1 on day 28 of 3 in 2018, the first time recorded by the first node device is 2018.3.28.
402. The first node device receives a second acquisition request.
In one embodiment, the first user may have a need to replace the terminal device. At this time, the first user sends a second acquisition request to the first node device through the terminal device or other devices. The second obtaining request is used for obtaining the first file, and the second obtaining request carries the second public key and the identity information of the first user.
403. If the interval between the time of receiving the second acquisition request and the first time is greater than the time threshold and the second public key exists in a public key list of a pre-stored trusted environment, the first node device encrypts the first file through the second public key to obtain a second encrypted file.
In one embodiment, the first node device determines whether the interval between the time of receipt of the second acquisition request and the first time is greater than a time threshold. If the interval between the time of receiving the second acquisition request and the first time is not greater than the time threshold, the first node device sends prompt information to the terminal device, wherein the prompt information is used for prompting that the first user cannot download the first file currently. If the interval between the time of receiving the second obtaining request and the first time is greater than the time threshold and the second public key exists in the public key list of the pre-stored trusted environment, the first node device encrypts the first file through the second public key to obtain a second encrypted file, and the specific implementation manner may refer to the implementation manner of step 204 in fig. 2 and will not be described herein.
For example, assuming that the user 1 has the download authority of song 1, the time threshold is 3 months, the user 1 sends an acquisition request 1 to the first node device in month 1 in 2019, where the acquisition request 1 is used to acquire song 1, and the acquisition request 1 carries the trusted execution environment 1. After confirming that the user 1 has the downloading authority of the song 1, the first node device encrypts the song 1 by adopting the trusted execution environment 1 to obtain an encrypted file 1. The first node device records the time 1 at which the encrypted file 1 was generated and transmits the encrypted file 1 to the terminal device used by the user 1. User 1 sent an acquisition request 2 to the first node device in 2019 month 2, where the acquisition request 2 is used to acquire song 1, and the acquisition request 2 carries a trusted execution environment 2. Because the interval between the current time and the time 1 is smaller than the time threshold, the first node device sends prompt information 1 to the terminal device, and the prompt information 1 is used for prompting that the user 1 cannot download the song 1 currently. User 1 again sent an acquisition request 2 to the first node device in 2019, 6, where the acquisition request 2 is used to acquire song 1, and the acquisition request 2 carries a trusted execution environment 2. Since the interval between the current time and the time 1 is greater than the time threshold, the first node device encrypts the song 1 by using the trusted execution environment 2 to obtain the encrypted file 2. The first node device records the time 2 at which the encrypted file 2 was generated and transmits the encrypted file 2 to the terminal device used by the user 1.
404. The first node device sends the second encrypted file to the terminal device.
The specific implementation of step 404 may refer to the implementation of step 205 in fig. 2, and will not be described herein.
By the data processing method, the first node equipment not only ensures that the first user can download the first file again after replacing the terminal equipment by controlling the downloading time interval of the first file, but also avoids the condition that the first user downloads the first file by frequently sending acquisition requests, and simultaneously protects the legal rights and interests of owners of digital products.
Referring to fig. 5, fig. 5 is a flowchart of another data processing method according to an embodiment of the application. The data processing method may be implemented by the terminal device 101 and the first node device 102 shown in fig. 1; as shown in fig. 5, the data processing method includes, but is not limited to, the following steps 501 to 504:
501. The first node equipment counts the downloading times of the first file downloaded by the first user.
In one embodiment, the first node device counts the number of downloads of the first file by the first user after generating the first encrypted file or after sending the first encrypted file to the terminal device.
502. The first node device receives a third acquisition request.
The specific implementation of step 502 may refer to the implementation of step 402 in fig. 4, and will not be described herein.
In one embodiment, a first user may have a need to run a first file on multiple devices. For example, user 1 wishes to hear Song 1 on both a cell phone and a computer.
503. If the downloading times of the first file downloaded by the first user is smaller than the quantity threshold value and the third public key exists in a public key list of a pre-stored trusted environment, the first node device encrypts the first file through the third public key to obtain a third encrypted file.
In one embodiment, the first node device determines whether a number of downloads of the first file by the first user providing a public key of a different trusted execution environment is greater than a quantity threshold. If the number of times of downloading the first file by the public key of the different trusted execution environments provided by the first user is greater than or equal to the number threshold, the first node equipment sends prompt information to the terminal equipment, wherein the prompt information is used for prompting that the first user cannot download the first file currently. If the number of times of downloading the first file by the first user providing the public key of the different trusted execution environments is smaller than the number threshold, and the third public key exists in the public key list of the pre-stored trusted environments, the first node device encrypts the first file through the third public key to obtain a third encrypted file, and the specific implementation manner may refer to the implementation manner of step 204 in fig. 2, which is not described herein again.
For example, assume that user 1 has the download authority of song 1, and the number threshold is 5, and at this time, the number of downloads of song 1 by the public key of the different trusted execution environments provided by user 1 counted by the first node device is 2. The user 1 sends an acquisition request 3 to the first node device, where the acquisition request 3 is used to acquire the song 1, and the acquisition request 3 carries the trusted execution environment 3. Since the number of downloads of song 1 by the public key of the user 1 providing different trusted execution environments is smaller than the threshold number of downloads, the first node device encrypts song 1 by using the trusted execution environment 3 to obtain the encrypted file 3. The user 1 counted by the first node device provides 3 download times of the song 1 downloaded by the public keys of different trusted execution environments, and sends the encrypted file 3 to the terminal device used by the user 1.
504. The first node device sends the third encrypted file to the terminal device.
The specific implementation of step 504 may refer to the implementation of step 205 in fig. 2, and will not be described herein.
By the data processing method, the first node equipment not only ensures that the first user can download the first file again after replacing the terminal equipment by controlling the downloading times of the first file, but also avoids the condition that the first user downloads the first file by frequently sending acquisition requests, and simultaneously protects the legal rights and interests of owners of digital products.
The foregoing details of the method of embodiments of the present application are provided for the purpose of better implementing the foregoing aspects of embodiments of the present application, and accordingly, the following provides an apparatus of embodiments of the present application.
Referring to fig. 6, fig. 6 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present application, where the data processing apparatus may be mounted on the second node device in the foregoing method embodiment. The data processing device shown in fig. 6 may be used to perform some or all of the functions of the method embodiments described above with respect to fig. 2,3, 4 and 5. Wherein, the detailed description of each unit is as follows:
An obtaining unit 601, configured to receive a first obtaining request sent by a terminal device, where the first obtaining request is used to obtain a first file, and the first obtaining request carries identity information of a first user of the terminal device;
The processing unit 602 is configured to determine whether the first user has the downloading authority of the first file according to the identity information of the first user, if the first user has the downloading authority of the first file, obtain a first public key of the terminal device, and if the first public key of the terminal device exists in a public key list of a pre-stored trusted execution environment, encrypt the first file through the first public key of the terminal device to obtain a first encrypted file, and send the first encrypted file to the terminal device.
In an embodiment, the processing unit 602 is further configured to determine, according to the identity information of the first user, whether the first user has the downloading authority of the first file, specifically configured to:
Searching whether a transaction record of the downloading authority of the first file obtained by the first user exists in a blockchain;
If a transaction record exists, the first user acquires the downloading permission of the first file, and the first user is determined to have the downloading permission of the first file;
and if the transaction record of the first user for acquiring the downloading authority of the first file does not exist, determining that the first user does not have the downloading authority of the first file.
In an embodiment, the processing unit 602 is further configured to obtain a first public key of the terminal device, specifically configured to:
And acquiring a first public key of the terminal equipment corresponding to the first user from the blockchain according to the corresponding relation between the user identity information stored in the blockchain and the public key of the trusted execution environment.
In an embodiment, the transaction record includes a download authority time range, and the processing unit 602 is further configured to:
Judging whether the current time is within the downloading permission time range or not;
if the current time is within the downloading permission time range, executing the step of determining that the first user has the downloading permission of the first file;
And if the current time is not in the downloading permission time range, determining that the first user does not have the downloading permission of the first file.
In an embodiment, the first public key is carried in a first acquisition request of the terminal device;
the processing unit 602 is further configured to obtain a first public key of the terminal device, specifically configured to:
and acquiring a first public key from the first acquisition request of the terminal equipment.
In an embodiment, after sending the first encrypted file to the terminal device, the processing unit 602 is further configured to:
Recording a first time for generating the first encrypted file;
receiving a second acquisition request sent by the terminal device through an acquisition unit 601, where the second acquisition request is used to acquire the first file, and the second acquisition request carries identity information of a first user of the terminal device and a second public key;
If the interval between the time of receiving the second acquisition request and the first time is greater than a time threshold and the second public key exists in a pre-stored public key list of the trusted environment, encrypting the first file through the second public key to obtain a second encrypted file;
And recording a second time for generating the second encrypted file, and sending the second encrypted file to the terminal equipment.
In an embodiment, after sending the first encrypted file to the terminal device, the processing unit 602 is further configured to:
Counting the downloading times of the first user for downloading the first file;
Receiving a third acquisition request sent by the terminal device through an acquisition unit 601, where the third acquisition request is used to acquire the first file, and the third acquisition request carries identity information of a first user of the terminal device and a third public key;
If the downloading times of the first file downloaded by the first user is smaller than the quantity threshold value and the third public key exists in a pre-stored public key list of the trusted environment, encrypting the first file through the third public key to obtain a third encrypted file;
and sending the third encrypted file to the terminal equipment.
According to one embodiment of the application, the partial steps involved in the data processing method shown in fig. 2,3, 4 and 5 may be performed by the individual units in the data processing apparatus shown in fig. 6. For example, step 201 and step 203 shown in fig. 2 may be performed by the acquisition unit 601 shown in fig. 6, and step 202, step 204, and step 205 may be performed by the processing unit 602 shown in fig. 6. Step 301 shown in fig. 3 may be performed by the acquisition unit 601 shown in fig. 6, and steps 302 to 305 may be performed by the processing unit 602 shown in fig. 6. Step 402 shown in fig. 4 may be performed by the acquisition unit 601 shown in fig. 6, and steps 401, 403, and 404 may be performed by the processing unit 602 shown in fig. 6. The respective units in the data processing apparatus shown in fig. 6 may be individually or collectively combined into one or several other units, or some unit(s) thereof may be further split into a plurality of units smaller in function, which can achieve the same operation without affecting the achievement of the technical effects of the embodiments of the present application. The above units are divided based on logic functions, and in practical applications, the functions of one unit may be implemented by a plurality of units, or the functions of a plurality of units may be implemented by one unit. In other embodiments of the application, the data processing apparatus may also comprise other units, and in practical applications, these functions may also be realized with the assistance of other units, and may be realized by cooperation of a plurality of units.
According to another embodiment of the present application, a data processing apparatus as shown in fig. 6 may be constructed by running a computer program (including program code) capable of executing the steps involved in the respective methods as shown in fig. 2, 3, 4 and 5 on a general-purpose computing apparatus such as a computer including a processing element such as a Central Processing Unit (CPU), a random access storage medium (RAM), a read only storage medium (ROM), and the like, and a storage element, and implementing the data processing method of the embodiment of the present application. The computer program may be recorded on, for example, a computer-readable recording medium, and loaded into and run in the above-described computing device through the computer-readable recording medium.
Based on the same inventive concept, the principle and beneficial effects of the data processing device provided in the embodiments of the present application for solving the problems are similar to those of the data processing device in the embodiments of the method of the present application, and may refer to the principle and beneficial effects of implementation of the method, which are not described herein for brevity.
Referring to fig. 7, fig. 7 is a schematic structural diagram of yet another data processing apparatus according to an embodiment of the present application, where the data processing apparatus includes at least a processor 701, a communication interface 702 and a memory 703. Wherein the processor 701, the communication interface 702 and the memory 703 may be connected by a bus or other means, for example by a bus connection in the embodiments of the present application. The processor 701 (or called central processing unit (Central Processing Unit, CPU)) is a computing core and a control core of the terminal, which can parse various instructions in the terminal and process various data of the terminal, for example: the CPU can be used for analyzing a startup and shutdown instruction sent by a user to the terminal and controlling the terminal to perform startup and shutdown operation; and the following steps: the CPU can transmit various kinds of interactive data between the internal structures of the terminal, and so on. Communication interface 702 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI, mobile communication interface, etc.), and may be controlled by processor 701 to receive and transmit data; the communication interface 702 may also be used for transmission and interaction of data inside the terminal. The Memory 703 (Memory) is a Memory device in the terminal for storing programs and data. It will be appreciated that the memory 703 here may include both the internal memory of the terminal and the expansion memory supported by the terminal. The memory 703 provides a storage space that stores the operating system of the terminal, which may include, but is not limited to: android systems, iOS systems, windows Phone systems, etc., the application is not limited in this regard.
In an embodiment of the present application, the processor 701 performs the following operations by executing executable program code in the memory 703:
Receiving a first acquisition request sent by a terminal device through a communication interface 702, where the first acquisition request is used to acquire a first file, and the first acquisition request carries identity information of a first user of the terminal device;
judging whether the first user has the downloading authority of the first file or not according to the identity information of the first user;
if the first user has the downloading authority of the first file, a first public key of the terminal equipment is obtained;
If the first public key exists in a public key list of a pre-stored trusted execution environment, encrypting the first file through the first public key to obtain a first encrypted file, and sending the first encrypted file to the terminal equipment.
As an optional implementation manner, the processor 701 determines, according to the identity information of the first user, whether the first user has the downloading authority of the first file, which is that:
Searching whether a transaction record of the downloading authority of the first file obtained by the first user exists in a blockchain;
If a transaction record exists, the first user acquires the downloading permission of the first file, and the first user is determined to have the downloading permission of the first file;
and if the transaction record of the first user for acquiring the downloading authority of the first file does not exist, determining that the first user does not have the downloading authority of the first file.
As an optional implementation manner, the processor 701 obtains the first public key of the terminal device is:
And acquiring a first public key of the terminal equipment corresponding to the first user from the blockchain according to the corresponding relation between the user identity information stored in the blockchain and the public key of the trusted execution environment.
As an alternative embodiment, the transaction record includes a download authority time range, and the processor 701 further performs the following operations:
Judging whether the current time is within the downloading permission time range or not;
if the current time is within the downloading permission time range, executing the step of determining that the first user has the downloading permission of the first file;
And if the current time is not in the downloading permission time range, determining that the first user does not have the downloading permission of the first file.
As an optional implementation manner, the first public key is carried in the first acquisition request of the terminal device;
the specific implementation manner of the processor 701 obtaining the first public key of the terminal device is:
and acquiring a first public key from the first acquisition request of the terminal equipment.
As an alternative embodiment, after sending the first encrypted file to the terminal device, the processor 701 further performs the following operations by running executable program code in the memory 703:
Recording a first time for generating the first encrypted file;
Receiving a second acquisition request sent by the terminal device through a communication interface 702, where the second acquisition request is used to acquire the first file, and the second acquisition request carries identity information of a first user of the terminal device and a second public key;
If the interval between the time of receiving the second acquisition request and the first time is greater than a time threshold and the second public key exists in a pre-stored public key list of the trusted environment, encrypting the first file through the second public key to obtain a second encrypted file;
And recording a second time for generating the second encrypted file, and sending the second encrypted file to the terminal equipment.
As an alternative embodiment, after sending the first encrypted file to the terminal device, the processor 701 further performs the following operations by running executable program code in the memory 703:
Counting the downloading times of the first user for downloading the first file;
Receiving a third acquisition request sent by the terminal device through a communication interface 702, where the third acquisition request is used to acquire the first file, and the third acquisition request carries identity information of a first user of the terminal device and a third public key;
If the downloading times of the first file downloaded by the first user is smaller than the quantity threshold value and the third public key exists in a pre-stored public key list of the trusted environment, encrypting the first file through the third public key to obtain a third encrypted file;
and sending the third encrypted file to the terminal equipment.
Based on the same inventive concept, the principle and beneficial effects of the data processing device provided in the embodiments of the present application for solving the problems are similar to those of the data processing device in the embodiments of the method of the present application, and may refer to the principle and beneficial effects of implementation of the method, which are not described herein for brevity.
Embodiments of the present application also provide a computer readable storage medium having one or more instructions stored therein, the one or more instructions being adapted to be loaded by a processor and to perform the data processing method described in the method embodiments above.
The embodiments of the present application also provide a computer program product comprising instructions which, when run on a computer, cause the computer to perform the data processing method described in the method embodiments above.
It should be noted that, for simplicity of description, the foregoing method embodiments are all expressed as a series of action combinations, but it should be understood by those skilled in the art that the present application is not limited by the order of action described, as some steps may be performed in other order or simultaneously according to the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required for the present application.
The steps in the method of the embodiment of the application can be sequentially adjusted, combined and deleted according to actual needs.
The modules in the device of the embodiment of the application can be combined, divided and deleted according to actual needs.
Those of ordinary skill in the art will appreciate that all or part of the steps in the various methods of the above embodiments may be implemented by a program to instruct related hardware, the program may be stored in a computer readable storage medium, and the readable storage medium may include: flash disk, read-Only Memory (ROM), random-access Memory (Random Access Memory, RAM), magnetic disk or optical disk, etc.
The above disclosure is only a preferred embodiment of the present application, and it should be understood that the scope of the application is not limited thereto, and those skilled in the art will appreciate that all or part of the procedures described above can be performed according to the equivalent changes of the claims, and still fall within the scope of the present application.

Claims (9)

1. A method of data processing, the method comprising:
Receiving a first acquisition request sent by terminal equipment, wherein the first acquisition request is used for acquiring a first file, and the first acquisition request carries identity information of a first user of the terminal equipment;
judging whether the first user has the downloading authority of the first file or not according to the identity information of the first user;
if the first user has the downloading authority of the first file, a first public key of the terminal equipment is obtained;
If the first public key exists in a public key list of a pre-stored trusted execution environment, encrypting the first file through the first public key to obtain a first encrypted file, and sending the first encrypted file to the terminal equipment;
Recording a first time for generating the first encrypted file;
receiving a second acquisition request sent by the terminal equipment, wherein the second acquisition request is used for acquiring the first file, and the second acquisition request carries the identity information of the first user of the terminal equipment and a second public key;
If the interval between the time of receiving the second acquisition request and the first time is greater than a time threshold and the second public key exists in a pre-stored public key list of the trusted execution environment, encrypting the first file through the second public key to obtain a second encrypted file;
And recording a second time for generating the second encrypted file, and sending the second encrypted file to the terminal equipment.
2. The method of claim 1, wherein the determining whether the first user has the download authority of the first file according to the identity information of the first user comprises:
Searching whether a transaction record of the downloading authority of the first file obtained by the first user exists in a blockchain;
If a transaction record exists, the first user acquires the downloading permission of the first file, and the first user is determined to have the downloading permission of the first file;
and if the transaction record of the first user for acquiring the downloading authority of the first file does not exist, determining that the first user does not have the downloading authority of the first file.
3. The method according to claim 1, wherein said obtaining the first public key of the terminal device comprises:
and acquiring a first public key of the terminal equipment corresponding to the first user from the blockchain according to the corresponding relation between the user identity information stored in the blockchain and the public key of the trusted execution environment.
4. The method of claim 2, wherein the transaction record includes a download authority time range; the method further comprises the steps of:
Judging whether the current time is within the downloading permission time range or not;
if the current time is within the downloading permission time range, executing the step of determining that the first user has the downloading permission of the first file;
And if the current time is not in the downloading permission time range, determining that the first user does not have the downloading permission of the first file.
5. The method according to claim 1 or 2, wherein the first obtaining request of the terminal device carries a first public key;
acquiring a first public key of the terminal equipment, including:
and acquiring a first public key from the first acquisition request of the terminal equipment.
6. The method of claim 5, wherein after the sending the first encrypted file to the terminal device, the method further comprises:
Counting the downloading times of the first user for downloading the first file;
Receiving a third acquisition request sent by the terminal equipment, wherein the third acquisition request is used for acquiring the first file, and the third acquisition request carries the identity information of the first user of the terminal equipment and a third public key;
if the downloading times of the first file downloaded by the first user is smaller than the quantity threshold value and the third public key exists in a pre-stored public key list of the trusted execution environment, encrypting the first file through the third public key to obtain a third encrypted file;
and sending the third encrypted file to the terminal equipment.
7.A data processing apparatus, comprising:
the terminal equipment comprises a receiving unit, a first acquiring unit and a second acquiring unit, wherein the receiving unit is used for receiving a first acquiring request sent by the terminal equipment, the first acquiring request is used for acquiring a first file, and the first acquiring request carries identity information of a first user of the terminal equipment;
The processing unit is used for judging whether the first user has the downloading authority of the first file according to the identity information of the first user, if the first user has the downloading authority of the first file, acquiring a first public key of the terminal equipment, and if the first public key of the terminal equipment exists in a public key list of a pre-stored trusted execution environment, encrypting the first file through the first public key of the terminal equipment to obtain a first encrypted file, and sending the first encrypted file to the terminal equipment;
The processing unit is further used for recording a first time for generating the first encrypted file; receiving a second acquisition request sent by the terminal equipment, wherein the second acquisition request is used for acquiring the first file, and the second acquisition request carries the identity information of the first user of the terminal equipment and a second public key; if the interval between the time of receiving the second acquisition request and the first time is greater than a time threshold and the second public key exists in a pre-stored public key list of the trusted execution environment, encrypting the first file through the second public key to obtain a second encrypted file; and recording a second time for generating the second encrypted file, and sending the second encrypted file to the terminal equipment.
8. A data processing apparatus comprising a processor, a memory and a communication interface, the processor, the memory and the communication interface being interconnected, wherein the memory is adapted to store a computer program comprising program instructions, the processor being configured to invoke the program instructions to perform the data processing method of any of claims 1 to 6.
9. A computer readable storage medium storing one or more instructions adapted to be loaded by a processor and to perform a data processing method according to any one of claims 1 to 6.
CN202010248930.4A 2020-03-31 2020-03-31 Data processing method, device and computer readable storage medium Active CN111460400B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010248930.4A CN111460400B (en) 2020-03-31 2020-03-31 Data processing method, device and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010248930.4A CN111460400B (en) 2020-03-31 2020-03-31 Data processing method, device and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN111460400A CN111460400A (en) 2020-07-28
CN111460400B true CN111460400B (en) 2024-06-18

Family

ID=71681602

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010248930.4A Active CN111460400B (en) 2020-03-31 2020-03-31 Data processing method, device and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN111460400B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112187742A (en) * 2020-09-14 2021-01-05 绿瘦健康产业集团有限公司 Information security transmission method, device, medium and terminal equipment
CN112492035B (en) * 2020-11-30 2023-10-27 维沃移动通信有限公司 File transfer method, device and electronic equipment
CN112532646B (en) * 2020-12-09 2022-08-16 杭州趣链科技有限公司 Data sharing method, system, device, equipment and storage medium
CN112507369B (en) * 2021-01-29 2021-05-25 腾讯科技(深圳)有限公司 Service processing method and device based on block chain, readable medium and electronic equipment
CN115423126B (en) * 2022-08-30 2023-05-12 昆明华龙智腾科技股份有限公司 Fire control maintenance management system based on big data

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107241364A (en) * 2017-08-10 2017-10-10 广州杰之良软件有限公司 Document down loading method and device
CN109768865A (en) * 2019-01-18 2019-05-17 深圳市威赫科技有限公司 Block chain upper body part under credible performing environment digitizes realization method and system

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106845160B (en) * 2015-12-03 2018-04-20 国家新闻出版广电总局广播科学研究院 A kind of digital copyright management for intelligent operating system(DRM)Method and system
CN105743903B (en) * 2016-03-07 2019-06-21 读者出版传媒股份有限公司 Digital audio copyright managing method, intelligent terminal, certificate server and system
CN107995230B (en) * 2016-10-26 2019-10-18 中国移动通信有限公司研究院 A kind of method for down loading and terminal
US10769252B2 (en) * 2018-03-20 2020-09-08 Markany Inc. Method and apparatus for watermarking of digital content, method for extracting information
KR102153845B1 (en) * 2018-12-21 2020-09-09 알리바바 그룹 홀딩 리미티드 Verification of the integrity of data stored in the consortium blockchain using public sidechains
CN109885988A (en) * 2019-02-18 2019-06-14 四川迪佳通电子有限公司 Method for broadcasting multimedia file, multimedia equipment based on credible performing environment
CN110110548B (en) * 2019-04-12 2022-11-11 深圳市中易通安全芯科技有限公司 Method for storing files in trusted execution environment in encrypted manner based on encryption chip
CN110519049A (en) * 2019-08-07 2019-11-29 赤峰学院 A kind of cloud data protection system based on credible performing environment

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107241364A (en) * 2017-08-10 2017-10-10 广州杰之良软件有限公司 Document down loading method and device
CN109768865A (en) * 2019-01-18 2019-05-17 深圳市威赫科技有限公司 Block chain upper body part under credible performing environment digitizes realization method and system

Also Published As

Publication number Publication date
CN111460400A (en) 2020-07-28

Similar Documents

Publication Publication Date Title
JP7436568B2 (en) Methods and systems realized by blockchain
CN111460400B (en) Data processing method, device and computer readable storage medium
Hasan et al. Trustworthy IoT data streaming using blockchain and IPFS
CN109144961B (en) Authorization file sharing method and device
CN101872399B (en) Dynamic digital copyright protection method based on dual identity authentication
CN101682501B (en) For performing method and the portable memory apparatus of authentication protocol
CN101390104B (en) Methods and apparatus for protected distribution of applications and media content
EP3404891A1 (en) Method and system for distributing digital content in peer-to-peer network
WO2018024061A1 (en) Method, device and system for licensing shared digital content
JP5626816B2 (en) Method and apparatus for partial encryption of digital content
CN109740384A (en) Data based on block chain deposit card method and apparatus
CN107483509A (en) A kind of auth method, server and readable storage medium storing program for executing
CN113704210A (en) Data sharing method and electronic equipment
JP6543743B1 (en) Management program
US11610012B1 (en) Systems and processes for providing secure client controlled and managed exchange of data between parties
JP2008539503A (en) Supplemental trust model for software licensing / commercial digital delivery policies
KR20230063640A (en) Method and system for managing decentralized data using attribute-based encryption
CN111814173B (en) Work file storage method, copyright confirmation method and device
CN113486122A (en) Data sharing method and electronic equipment
CN108846671B (en) Online secure transaction method and system based on block chain
CN111199486B (en) Data processing method, device and storage medium based on blockchain network
CN111680013A (en) Data sharing method based on block chain, electronic equipment and device
EP3975015B1 (en) Applet package sending method and device and computer readable medium
CN115048672A (en) Data auditing method and device based on block chain, processor and electronic equipment
KR100706085B1 (en) DDR method applicable to multiple devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant