CN113011960A - Block chain-based data access method, device, medium and electronic equipment - Google Patents

Abstract

The embodiment of the application provides a data access method, a data access device, a data access medium and electronic equipment based on a block chain. The data access method based on the block chain comprises the following steps: generating a data authorization request based on the data directory, wherein the data authorization request is used for applying for authorization of all nodes of the data to acquire target data; if the authorization approval record corresponding to the data authorization request is not found in the blockchain, the data authorization request is uploaded to the blockchain to inform all nodes of data to forward the data authorization request on the blockchain based on the data authorization request on the blockchain or through the data security node, and then the data authorization request is approved and the authorization approval record corresponding to the data authorization request is generated; obtaining authorization approval records uploaded by all nodes of the data from a block chain; and acquiring target data based on the authorization approval record. According to the technical scheme of the embodiment of the application, on the premise of ensuring data security and privacy, the data acquisition efficiency is improved, and the data acquisition cost is saved.

Description

Block chain-based data access method, device, medium and electronic equipment

Technical Field

The present application relates to the field of computer technologies, and in particular, to a data access method and apparatus based on a block chain, a computer-readable medium, and an electronic device.

Background

When the user uses the service provided by the service provider, the data service provider of the third party for service evaluation needs to be provided for the user. For example, a financial institution providing a loan may require a report from the user and bank to be assessed for the loan service, etc., so that the facilitator may invoke the third-party data facilitator interface to obtain the user data upon authorization by the user. In the related technology, an electronic authorization contract is provided by a service provider, a user checks and signs for data authorization when applying for service, and the service provider acquires data from a third-party data provider through a direct connection interface.

In this way, the data source side can only trust the service provider to obtain the user authorization before obtaining the data according to the service agreement with the service provider so as to send the data to the service provider for use. Moreover, authorization forgery can easily occur in the user authorization flow, and authorization verification and early warning cannot be performed after authorization forgery. Therefore, there is a certain risk when the data source provides data to the third-party service provider, and the security of the data cannot be guaranteed. In addition, in the above manner, the third-party service provider needs to acquire the authorization of the user to take the data from the data source every time the data is acquired, which makes the data acquisition process cumbersome, and requires many procedures at the user side and the service provider side, thus resulting in low data acquisition efficiency.

Disclosure of Invention

Embodiments of the present application provide a data access method and apparatus based on a block chain, a computer-readable medium, and an electronic device, so that at least to a certain extent, on the premise of ensuring data security and privacy, data acquisition efficiency is improved, and data acquisition cost is saved.

Other features and advantages of the present application will be apparent from the following detailed description, or may be learned by practice of the application.

According to an aspect of the embodiments of the present application, there is provided a data access method based on a blockchain, where the blockchain includes a data request node, a data all node, and a data custody node, and data stored in the blockchain includes a data directory corresponding to the data stored in the data custody node, the method including: generating a data authorization request based on the data directory, wherein the data authorization request is used for applying for authorization of all nodes of data to acquire target data; if the authorization approval record corresponding to the data authorization request is not found in the block chain, uploading the data authorization request to the block chain to inform all the nodes of the data to approve based on the data authorization request on the block chain and generate the authorization approval record corresponding to the data authorization request, or forwarding the data authorization request on the block chain to all the nodes of the data through the data custody node and generating the authorization approval record corresponding to the data authorization request after all the nodes of the data are approved; obtaining authorization approval records uploaded by all nodes of the data from the block chain; and acquiring the target data based on the authorization approval record.

According to an aspect of the embodiments of the present application, there is provided a data access method based on a blockchain, where the blockchain includes a data request node, a data all node, and a data custody node, and data stored in the blockchain includes a data directory corresponding to the data stored in the data custody node, the method including: acquiring a data authorization request uploaded by the data request node from the block chain, or acquiring a data authorization request in the block chain forwarded by the data custody node; the data authorization request is uploaded to the block chain when the data request node does not find an authorization approval record corresponding to the data authorization request in the block chain; based on the node information of the data request node, the data authorization request is approved, and an authorization approval record is generated; and uploading the authorization approval record to a block chain, so that the data request node acquires the target data based on the authorization approval record in the block chain.

According to an aspect of the embodiments of the present application, there is provided a data access apparatus based on a blockchain, where the blockchain includes a data request node, a data all node, and a data custody node, and data stored in the blockchain includes a data directory corresponding to the data stored in the data custody node, the apparatus including: the generating unit is used for generating a data authorization request based on the data directory, wherein the data authorization request is used for applying for authorization of all nodes of data to obtain target data; a first uploading unit, configured to upload the data authorization request to a block chain if an authorization approval record corresponding to the data authorization request is not found in the block chain, so as to notify all nodes of the data to approve the data authorization request based on the block chain and generate an authorization approval record corresponding to the data authorization request, or forward the data authorization request on the block chain to all nodes of the data through the data storage node, and generate an authorization approval record corresponding to the data authorization request after the data authorization request passes the approval; the first acquisition unit is used for acquiring the authorization approval records uploaded by all the nodes of the data from the block chain; and the second acquisition unit is used for acquiring the target data based on the authorization approval record.

In some embodiments of the present application, based on the foregoing solution, the block chain based data access apparatus is further configured to: after the data authorization request is uploaded to the block chain, if an authorization approval record corresponding to the data authorization request is found in the block chain, verifying the authorization approval record through an intelligent contract; and after the authorization approval record is verified, acquiring target data corresponding to the data authorization request.

In some embodiments of the present application, based on the foregoing solution, the device for accessing data based on a block chain further includes: uploading the acquired target data to the block chain; acquiring a data verification result uploaded by the data keeping node from the block chain, wherein the data verification result is generated by acquiring the target data from the block chain by the data keeping node and verifying the target data based on information of all nodes of the data; and if the data verification result is that the verification is passed, applying the target data.

In some embodiments of the present application, based on the foregoing scheme, the second obtaining unit is configured to: generating a data access request for the target data based on the authorization approval record; uploading the data access request to the blockchain; and acquiring target data corresponding to the data access request from the block chain.

In some embodiments of the present application, based on the foregoing solution, the easy payment verification node includes the data custody node, the data owning node, and a data requesting node requesting to acquire the target data; the block chain comprises a data directory corresponding to data stored in the data keeping node, so that all data nodes and the data request node acquire the data directory from the block chain.

In some embodiments of the present application, based on the foregoing scheme, the data-keeping nodes include at least one of the following nodes: the node corresponding to a bank organization, the node corresponding to a social security organization, the node corresponding to a tax institution and the node corresponding to a water, electricity and coal resource institution; the data all nodes comprise at least one of the following nodes: a node corresponding to the resource requester and a node corresponding to the service requester; the data request node for acquiring the target data comprises at least one of the following nodes: the node corresponding to the resource leasing mechanism and the node corresponding to the service providing mechanism.

In some embodiments of the present application, based on the foregoing solution, the block chain based data access apparatus is further configured to: generating a data acquisition record based on the acquisition process of the target data; and uploading the data acquisition record to the block chain.

According to an aspect of the embodiments of the present application, there is provided a data access apparatus based on a blockchain, where the blockchain includes a data request node, a data all node, and a data custody node, and data stored in the blockchain includes a data directory corresponding to the data stored in the data custody node, the apparatus including: a third obtaining unit, configured to obtain, from the block chain, a data authorization request uploaded by the data request node, or obtain a data authorization request in the block chain forwarded by the data custody node; the data authorization request is uploaded to the block chain when the data request node does not find an authorization approval record corresponding to the data authorization request in the block chain; the approval unit is used for approving the data authorization request based on the node information of the data request node and generating an authorization approval record; and the second uploading unit is used for uploading the authorization approval record to a block chain so that the data request node acquires the target data based on the authorization approval record in the block chain.

In some embodiments of the present application, based on the foregoing solution, the approval unit is configured to: determining corresponding data to be accessed from the stored data based on the data authorization request; determining data access authority corresponding to the data request node based on the node information of the data request node; and based on the data access authority and the data to be accessed, the data authorization request is approved, and the authorization approval record is generated.

In some embodiments of the present application, based on the foregoing solution, the block chain based data access apparatus is further configured to: sending the authorization approval record to the data custody node; acquiring a data acquisition receipt returned by the data request node; the data acquisition receipt forwards the authorization approval record to the data request node for the data custody node, and the data request node is generated after acquiring the target data based on the authorization approval record.

In some embodiments of the present application, based on the foregoing solution, the block chain based data access apparatus is further configured to: obtaining a historical authorization approval record from the block chain; generating a new authorization approval record based on the approval result in the historical authorization approval record; and uploading the new authorization approval record to the block chain.

According to an aspect of embodiments of the present application, there is provided a computer-readable medium on which a computer program is stored, the computer program, when executed by a processor, implementing the block chain based data access method as described in the above embodiments.

According to an aspect of an embodiment of the present application, there is provided an electronic device including: one or more processors; a storage device for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement the blockchain based data access method as described in the above embodiments.

According to an aspect of embodiments herein, there is provided a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the computer device to perform the block chain based data access method provided in the various alternative implementations described above.

In the technical solutions provided in some embodiments of the present application, when a data request node does not find an authorization approval record corresponding to a data authorization request in a blockchain, the data authorization request is uploaded to the blockchain, so that all nodes of data obtain the data authorization request through the blockchain, or the data authorization request in the blockchain is forwarded by a data storage node, and a data authorization record is generated based on the data authorization request and uploaded to the blockchain, so that the data request node can obtain target data based on the authorization approval record; when the authorization approval record is found, directly finding the authorization approval record corresponding to the data authorization request from the block chain; the process of applying for authorization to all data nodes through the data security management node every time is avoided, the data acquisition efficiency is improved on the premise of ensuring the data security and privacy, and the data acquisition cost is saved.

It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.

Drawings

The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application. It is obvious that the drawings in the following description are only some embodiments of the application, and that for a person skilled in the art, other drawings can be derived from them without inventive effort. In the drawings:

fig. 1 shows a schematic structural diagram of a blockchain network.

Fig. 2 is a schematic diagram illustrating a connection relationship between blocks in a block chain.

Fig. 3 shows a schematic diagram of a process of generating a tile.

Fig. 4 schematically shows a system of nodes of a blockchain network according to an embodiment of the present application.

Fig. 5 schematically shows a flow chart of a block chain based data access method according to an embodiment of the present application.

Fig. 6 schematically shows a schematic diagram of a blockchain based data access procedure according to an embodiment of the present application.

FIG. 7 schematically shows a schematic diagram of an authorization approval record according to one embodiment of the present application.

FIG. 8 schematically shows a schematic diagram of acquiring target data according to an embodiment of the application.

Fig. 9 schematically shows a schematic diagram of a blockchain network according to an embodiment of the present application.

FIG. 10 schematically shows a flow diagram of a method of block chain based data access according to an embodiment of the present application.

FIG. 11 schematically shows a flow diagram for generating an authorization approval record according to one embodiment of the present application.

FIG. 12 schematically shows a diagram of approving a data authorization request according to an embodiment of the application.

FIG. 13 schematically shows a schematic diagram of a flow data acquisition receipt according to one embodiment of the present application.

FIG. 14 schematically shows a flow diagram for processing an authorization approval record according to one embodiment of the present application.

FIG. 15 schematically shows a block diagram of a blockchain based data access device according to an embodiment of the present application.

FIG. 16 schematically shows a block diagram of a blockchain based data access device according to an embodiment of the present application.

FIG. 17 illustrates a schematic structural diagram of a computer system suitable for use in implementing the electronic device of an embodiment of the present application.

Detailed Description

Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art.

Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the application. One skilled in the relevant art will recognize, however, that the subject matter of the present application can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and so forth. In other instances, well-known methods, devices, implementations, or operations have not been shown or described in detail to avoid obscuring aspects of the application.

The block diagrams shown in the figures are functional entities only and do not necessarily correspond to physically separate entities. I.e. these functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor means and/or microcontroller means.

The flow charts shown in the drawings are merely illustrative and do not necessarily include all of the contents and operations/steps, nor do they necessarily have to be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.

The Blockchain (Blockchain) is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. The blockchain is essentially a decentralized database, which is a series of data blocks (i.e., blocks) associated by using cryptography, each data block containing information of a batch of network transactions for verifying the validity (anti-counterfeiting) of the information and generating the next block. The blockchain may include a blockchain underlying platform, a platform product services layer, and an application services layer.

The block chain underlying platform can comprise processing modules such as user management, basic service, intelligent contract and operation monitoring. The user management module is responsible for identity information management of all blockchain participants, and comprises public and private key generation maintenance (account management), key management, user real identity and blockchain address corresponding relation maintenance (authority management) and the like, and under the authorization condition, the user management module supervises and audits the transaction condition of certain real identities and provides rule configuration (wind control audit) of risk control; the basic service module is deployed on all block chain node equipment and used for verifying the validity of the service request, recording the service request to storage after consensus on the valid request is completed, for a new service request, the basic service firstly performs interface adaptation analysis and authentication processing (interface adaptation), then encrypts service information (consensus management) through a consensus algorithm, transmits the service information to a shared account (network communication) completely and consistently after encryption, and performs recording and storage; the intelligent contract module is responsible for registering and issuing contracts, triggering the contracts and executing the contracts, developers can define contract logics through a certain programming language, issue the contract logics to a block chain (contract registration), call keys or other event triggering and executing according to the logics of contract clauses, complete the contract logics and simultaneously provide the function of upgrading and canceling the contracts; the operation monitoring module is mainly responsible for deployment, configuration modification, contract setting, cloud adaptation in the product release process and visual output of real-time states in product operation, such as: alarm, monitoring network conditions, monitoring node equipment health status, and the like.

The platform product service layer provides basic capability and an implementation framework of typical application, and developers can complete block chain implementation of business logic based on the basic capability and the characteristics of the superposed business. The application service layer provides the application service based on the block chain scheme for the business participants to use.

Referring to the blockchain network shown in fig. 1, a plurality of nodes 101 may be included in the blockchain network, and the plurality of nodes 101 may be respective clients forming the blockchain network. Each node 101 may receive input information and maintain shared data within the blockchain network based on the received input information while operating normally. In order to ensure information intercommunication in the blockchain network, information connection can exist between each node in the blockchain network, and information transmission can be carried out between the nodes through the information connection. For example, when any node in the blockchain network receives input information, other nodes in the blockchain network acquire the input information according to a consensus algorithm, and store the input information as shared data, so that the data stored on all the nodes in the blockchain network are consistent.

Each node in the blockchain network has a corresponding node identifier, and each node in the blockchain network can store the node identifiers of other nodes, so that the generated blocks can be broadcasted to other nodes in the blockchain network according to the node identifiers of other nodes. Each node can maintain a node identification list, and the node name and the node identification are correspondingly stored in the node identification list. The node identifier may be an IP (Internet Protocol) address and any other information that can be used to identify the node.

Each node in the blockchain network stores one identical blockchain. The block chain is composed of a plurality of blocks, as shown in fig. 2, the block chain is composed of a plurality of blocks, the starting block includes a block header and a block main body, the block header stores input information characteristic values, version numbers, timestamps, difficulty values and the like, and the block main body stores input information; the next block of the starting block takes the starting block as a parent block, the next block also comprises a block head and a block main body, the block head stores the input information characteristic value of the current block, the block head characteristic value of the parent block, the version number, the timestamp, the difficulty value and the like, so that the block data stored in each block in the block chain is associated with the block data stored in the parent block, and the safety of the input information in the block is ensured.

When each block in the block chain is generated, referring to fig. 3, when a node where the block chain is located receives input information, the input information is verified, after the verification is completed, the input information is stored in a memory pool, and a hash tree for recording the input information is updated; and then, updating the updating time stamp to the time when the input information is received, trying different random numbers, and calculating the characteristic value for multiple times, so that the calculated characteristic value can meet the following formula:

SHA256(SHA256(version+prev_hash+merkle_root+ntime+nbits+x))＜TARGET

wherein, SHA256 is a characteristic value algorithm used for calculating a characteristic value; version is version information of the relevant block protocol in the block chain; prev _ hash is a block head characteristic value of a parent block of the current block; merkle _ root is a characteristic value of the input information; ntime is the update time of the update timestamp; nbits is the current difficulty, is a fixed value within a period of time, and is determined again after exceeding a fixed time period; x is a random number; TARGET is a feature threshold, which can be determined from nbits.

Therefore, when the random number meeting the formula is obtained through calculation, the information can be correspondingly stored, and the block head and the block main body are generated to obtain the current block. And then, the node where the block chain is located respectively sends the newly generated blocks to other nodes in the data sharing system where the newly generated blocks are located according to the node identifications of the other nodes in the data sharing system, the newly generated blocks are verified by the other nodes, and the newly generated blocks are added to the block chain stored in the newly generated blocks after the verification is completed.

Each node in the blockchain network may be a server or a terminal device. The server may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a Cloud server providing basic Cloud Computing services such as a Cloud service, a Cloud database, Cloud Computing (Cloud Computing), a Cloud function, Cloud storage, a Network service, Cloud communication, a middleware service, a domain name service, a security service, a Content Delivery Network (CDN), a big data and artificial intelligence platform, and the like. The terminal device may be, but is not limited to, a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, and the like. The nodes may be directly or indirectly connected through wired or wireless communication, and the application is not limited herein.

The cloud computing refers to a delivery and use mode of an IT infrastructure, and specifically refers to acquiring required resources in an on-demand and easily-extensible manner through a network; the generalized cloud computing refers to a delivery and use mode of a service, and refers to obtaining a required service in an on-demand and easily-extensible manner through a network. Such services may be IT and software, internet related, or other services. Cloud Computing is a product of development and fusion of traditional computers and Network Technologies, such as Grid Computing (Grid Computing), Distributed Computing (Distributed Computing), Parallel Computing (Parallel Computing), Utility Computing (Utility Computing), Network Storage (Network Storage Technologies), Virtualization (Virtualization), Load balancing (Load Balance), and the like. With the development of diversification of internet, real-time data stream and connecting equipment and the promotion of demands of search service, social network, mobile commerce, open collaboration and the like, cloud computing is rapidly developed. Different from the prior parallel distributed computing, the generation of cloud computing can promote the revolutionary change of the whole internet mode and the enterprise management mode in concept.

In addition to the above embodiment of the block chain, the data access method based on the block chain in this embodiment may be a processing scenario based on aspects such as a cloud platform and a cloud technology. Specifically, Cloud technology (Cloud technology) refers to a hosting technology for unifying serial resources such as hardware, software, and network in a wide area network or a local area network to realize calculation, storage, processing, and sharing of data. Cloud technology (Cloud technology) is based on a general term of network technology, information technology, integration technology, management platform technology, application technology and the like applied in a Cloud computing business model, can form a resource pool, is used as required, and is flexible and convenient. Cloud computing technology will become an important support. Background services of the technical network system require a large amount of computing and storage resources, such as video websites, picture-like websites and more web portals. With the high development and application of the internet industry, each article may have its own identification mark and needs to be transmitted to a background system for logic processing, data in different levels are processed separately, and various industrial data need strong system background support and can only be realized through cloud computing.

A distributed cloud storage system (hereinafter, referred to as a storage system) refers to a storage system that integrates a large number of storage devices (storage devices are also referred to as storage nodes) of different types in a network through application software or application interfaces to cooperatively work by using functions such as cluster application, grid technology, and a distributed storage file system, and provides a data storage function and a service access function to the outside. At present, a storage method of a storage system is as follows: logical volumes are created, and when created, each logical volume is allocated physical storage space, which may be the disk composition of a certain storage device or of several storage devices. The client stores data on a certain logical volume, that is, the data is stored on a file system, the file system divides the data into a plurality of parts, each part is an object, the object not only contains the data but also contains additional information such as data identification (ID, ID entry), the file system writes each object into a physical storage space of the logical volume, and the file system records storage location information of each object, so that when the client requests to access the data, the file system can allow the client to access the data according to the storage location information of each object. The process of allocating physical storage space for the logical volume by the storage system specifically includes: physical storage space is divided in advance into stripes according to a group of capacity measures of objects stored in a logical volume (the measures often have a large margin with respect to the capacity of the actual objects to be stored) and Redundant Array of Independent Disks (RAID), and one logical volume can be understood as one stripe, thereby allocating physical storage space to the logical volume.

Based on the cloud storage technology, the data of all the nodes of the data can be stored in the cloud end in a cloud storage mode, the data of all the nodes of the data can be conveniently stored by the data storage nodes, the data storage efficiency can be improved, the data storage cost can be saved, and the data storage safety is improved.

Database (Database), which can be regarded as an electronic file cabinet in short, a place for storing electronic files, a user can add, query, update, delete, etc. to data in files. A "database" is a collection of data that is stored together in a manner that can be shared by multiple users, has as little redundancy as possible, and is independent of the application. A Database Management System (DBMS) is a computer software System designed for managing a Database, and generally has basic functions of storage, interception, security assurance, backup, and the like. The database management system may classify the database according to the database model it supports, such as relational, XML (Extensible Markup Language); or classified according to the type of computer supported, e.g., server cluster, mobile phone; or sorted according to the Query Language used, such as SQL (Structured Query Language), XQuery, or sorted according to performance impulse emphasis, such as max size, maximum operating speed, or other sorting.

Big data (Big data) refers to a data set which cannot be captured, managed and processed by a conventional software tool within a certain time range, and is a massive, high-growth-rate and diversified information asset which can have stronger decision-making power, insight discovery power and flow optimization capability only by a new processing mode. With the advent of the cloud era, big data has attracted more and more attention, and the big data needs special technology to effectively process a large amount of data within a tolerance elapsed time. The method is suitable for the technology of big data, and comprises a large-scale parallel processing database, data mining, a distributed file system, a distributed database, a cloud computing platform, the Internet and an extensible storage system.

In this embodiment, by using the database technology and the big data technology, data of a data owner can be managed in storage spaces of a data keeper and a consensus node, and the management efficiency of the data is improved by managing and maintaining the data, thereby enhancing the overall arrangement and security of the data.

It should be noted that the server for processing data in this embodiment may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server that provides basic cloud computing services such as cloud service, a cloud database, cloud computing, a cloud function, cloud storage, network service, cloud communication, middleware service, domain name service, security service, big data, and an artificial intelligence platform. The terminal may be, but is not limited to, a smart phone, a tablet computer, a laptop computer, a desktop computer, a smart speaker, a smart watch, and the like. The terminal and the server may be directly or indirectly connected through wired or wireless communication, and the application is not limited herein.

Fig. 4 is a schematic diagram of a node system based on a blockchain network according to an embodiment of the present disclosure.

As shown in fig. 4, the blockchain network in the present embodiment includes four types of network nodes. Including a data owning node 41, a data requesting node 42, a data custody node 43, and a consensus node 44. Specifically, the data owner node 41 in this embodiment is a terminal device corresponding to a data owner, such as a mobile phone, a computer, and the like of a user; the data request node 42 is a computer device corresponding to a data request end, where the data request end may be a third party server end, an organization requesting to obtain data, and the like; the data custody node 43 is a computer device corresponding to a data custody, wherein the data custody may be a third party entity, such as a tax authority, a banking authority, and the like. In addition, the consensus node 44 in this embodiment is used to obtain data in each node, perform consensus, verification, and the like on the data.

The implementation details of the technical solution of the embodiment of the present application are set forth in detail below:

fig. 5 is a flowchart illustrating a blockchain-based data access method according to an embodiment of the present application, where the blockchain-based data access method is performed by a data requesting node corresponding to a data requesting end, and the data requesting node may be the data requesting node 42 shown in fig. 4. In practical applications, the device implementing the technical solution of the present embodiment may be a computer device corresponding to a service provider, a computer device used by an organization that needs to verify the identity of a user, and the like.

Referring to fig. 5, the block chain based data access method at least includes steps S510 to S540, which are described in detail as follows:

in step S510, a data authorization request is generated based on the data directory, and the data authorization request is used to apply for authorization of all nodes of data to obtain target data.

In this embodiment, the data request node is a node corresponding to a data user, and in practical application, the data request node may be a computer device corresponding to the data user. Where the data requestor may be a financial institution providing the loan, a service provider, or the like.

In this embodiment, the data storage node corresponds to various official institutions and is used to store data of the data owner. Illustratively, the data storage node in this embodiment includes at least one of the following nodes: the node corresponding to a bank organization, the node corresponding to a social security organization, the node corresponding to a tax administration, the node corresponding to a water, electricity and coal resource organization and the like.

In this embodiment, the data owner node is used to represent a user who owns data processing right, and the user may be a resource requester, a service requester, or the like. Therefore, all the nodes of the data in this embodiment may include at least one of the following nodes: a node corresponding to the resource requester and a node corresponding to the service requester.

In one embodiment of the application, the data request node generates a data authorization request to apply for authorization of all nodes of the data through the data authorization request to obtain target data, and processes the identity of the data owner based on the target data.

In step S520, if the authorization approval record corresponding to the data authorization request is not found in the block chain, the data authorization request is uploaded to the block chain to notify all the nodes of the data to approve based on the data authorization request on the block chain and generate the authorization approval record corresponding to the data authorization request, or the data authorization request on the block chain is forwarded to all the nodes of the data through the data storage node, and the authorization approval record corresponding to the data authorization request is generated after all the nodes of the data are approved.

In an embodiment of the present application, after the data request node generates the data authorization request, the authorization approval record corresponding to the data authorization request is searched in the blockchain, and if the authorization approval record corresponding to the data authorization request is not found in the blockchain, the data authorization request is uploaded to the blockchain in the blockchain system, so as to ensure traceability of the data authorization request and integrity of the data acquisition process.

The data authorization request is uploaded to a block chain in a block chain system to inform all nodes of data to acquire the data authorization request from the block chain, and the data authorization request is approved to generate an authorization approval record corresponding to the data authorization request. In addition, a data authorization request on a block chain can be forwarded to all the nodes of the data through the data protection and management node, and an authorization approval record corresponding to the data authorization request is generated after all the nodes of the data are approved. By the two modes, all the nodes of the data can acquire the data authorization request based on various modes, and the efficiency and the reliability of acquiring the data authorization request are improved. And the data authorization request is acquired in a block chain mode, so that the irrevocability of the data request node to the data authorization request is ensured.

In addition, in the embodiment of the application, after the data authorization request is uploaded to the block chain, if the authorization approval record corresponding to the data authorization request is not found in the block chain, the data authorization request can be directly sent to a preset data storage node.

In an embodiment of the application, after the data authorization request is uploaded to the block chain, an authorization approval record corresponding to the data authorization request is searched in the block chain, and if the authorization approval record is not found, the data authorization request is sent to a preset data storage node, so that the authorization approval records of all the nodes of the data are obtained through the data storage node.

It should be noted that, in the embodiment of the present application, an authorization approval record is generated in advance for a previous data authorization request by all nodes of data, and the authorization approval record corresponding to the data authorization request is uploaded to a block chain, so that when a subsequent data request node requests to acquire data again, an authorization approval record corresponding to the data authorization request is directly searched from the block chain, and after the authorization approval record is found, target data corresponding to the data authorization request is acquired from the block chain based on the authorization approval record.

In the embodiment, the efficiency of data acquisition is improved by generating the authorization approval record corresponding to the data authorization request in advance and storing the authorization approval record into the block chain. Particularly, under the condition of obtaining the same target data for multiple times, the data request end can directly obtain the target data based on the authorization approval records generated by history, the process of applying authorization to all nodes of the data through the data management node every time is avoided, the data obtaining efficiency is improved, and the data obtaining cost is saved.

In step S530, authorization approval records uploaded by all nodes of the data are obtained from the blockchain.

In an embodiment of the application, after the data authorization request is sent to the data storage nodes, the data authorization request is forwarded to all the data nodes through the data storage nodes to indicate that all the data nodes perform examination and approval based on the data authorization request, and after the examination and approval pass, authorization examination and approval records are generated and are uploaded to a block chain. So that the data requesting node can obtain the authorization approval record uploaded by all the nodes of the data from the blockchain.

Further, in this embodiment, when the data request node needs to acquire the target data again, the authorization approval record corresponding to the data request may be searched from the blockchain, so as to directly acquire the target data.

In step S540, the target data is acquired based on the authorized approval record.

In one embodiment of the application, after the authorization approval record is obtained, the target data is obtained based on the authorization approval record. Specifically, the method for acquiring the target data in this embodiment may be a method for directly acquiring the target data from all nodes of the data based on the authorized approval record, or a method for acquiring the target data from the blockchain based on the authorized approval record.

As shown in fig. 6, in this embodiment, in S610, a data request node firstly queries whether an authorization approval record corresponding to a data authorization request exists in a block chain, and if no authorization approval record exists, in S620, the data authorization request is sent to a data storage node, and then the data storage node forwards the data authorization request to all data nodes in S630, and after all data nodes are approved based on the data authorization request, the generated authorization approval record is uploaded to a block chain network in S640. And finally, acquiring the target data based on the authorization approval record by the data request node in S650.

In an embodiment of the present application, the method for a data access method based on a block chain further includes:

after the data authorization request is uploaded to the block chain, if the authorization approval record corresponding to the data authorization request is found in the block chain, the authorization approval record is verified through an intelligent contract;

and after the authorization approval record is verified, acquiring target data corresponding to the data authorization request.

As shown in fig. 7, in this embodiment, after the data authorization request is uploaded to the block chain, in S710, an authorization approval record corresponding to the data authorization request is searched in the block chain; if the authorization approval record corresponding to the data authorization request is found in the blockchain, the authorization approval record is verified through the intelligent contract in S720; after the authorization approval record is verified, the target data corresponding to the data authorization request is acquired in S730.

In an embodiment of the present application, in the process of acquiring the target data based on the authorization approval record in step S540, the following steps are specifically included: generating a data access request aiming at the target data based on the authorization approval record; uploading a data access request to a blockchain; and acquiring target data corresponding to the data access request from the block chain.

As shown in fig. 8, in this embodiment, when obtaining the target data, a data access request of the target data is first generated based on the authorization approval record, and the data access request is uploaded to the block chain in S810. After the blockchain passes the consensus, the target data corresponding to the data access request is obtained from the blockchain in S820. By the mode of generating the access request and acquiring the data, the security and confidentiality of data acquisition are improved.

In an embodiment of the present application, after obtaining the target data based on the authorization approval record, the method further includes: uploading the acquired target data to a block chain; acquiring a data verification result uploaded by the data keeping node from the blockchain, wherein the data verification result is generated by acquiring target data from the blockchain by the data keeping node and verifying the target data based on information of all nodes of the data; and if the data verification result is that the verification is passed, applying the target data.

Specifically, the present embodiment can verify the authenticity of the target data when the target data is acquired. Specifically, when the authenticity of the target data is verified, the target data is uploaded to the block chain, and the original target data on the block chain is compared with the target data acquired by the data request node, so that the correctness of the target data can be determined. In this embodiment, when the data verification result is that the verification passes, the target data may be applied. By the method, the situation that all nodes of the data are fake is avoided, and the authority and the safety of data acquisition are improved.

As shown in fig. 9, the blockchain network in the present embodiment includes: a consensus node and a Simple Payment Verification node (SPV). The simple payment verification node comprises a data storage node, all data nodes and a data request node for requesting to acquire target data; besides, a business system, a trusted exchange process and the like are respectively included in the data keeper, the data owner and the data requester.

In this embodiment, the blockchain includes a data directory corresponding to the data stored in the data keeping node, so that all the nodes of the data and the data requesting node acquire the data directory from the blockchain. The data custody nodes include at least one of: the node corresponding to a bank organization, the node corresponding to a social security organization, the node corresponding to a tax administration, the node corresponding to a water, electricity and coal resource organization and the like.

In this embodiment, the data nodes include at least one of the following nodes: a node corresponding to a resource requestor, a node corresponding to a service requestor, and so on.

In this embodiment, the data request node for acquiring the target data includes at least one of the following nodes: a node corresponding to a resource leasing agency, a node corresponding to a service providing agency, and the like.

The embodiment generates the data acquisition record based on the acquisition process of the target data, and uploads the data acquisition record to the block chain, so as to improve the safety and accuracy of the data acquisition process in this way.

Fig. 10 shows a flowchart of a blockchain-based data access method according to an embodiment of the present application, where the blockchain-based data access method is performed by a data owner node corresponding to a data owner node, which may be the data owner node 41 shown in fig. 4. In practical applications, the device for executing the technical solution of the present embodiment may be a computer device used by a user, and the like.

Referring to fig. 10, the block chain based data access method at least includes steps S1010 to S1030, which are described in detail as follows:

step S1010, obtaining a data authorization request uploaded by a data request node from a block chain, or obtaining a data authorization request in the block chain forwarded by a data custody node; the data authorization request is uploaded to the block chain when the data request node does not find the authorization approval record corresponding to the data authorization request in the block chain.

In an embodiment of the present application, after the data request node generates the data authorization request, the authorization approval record corresponding to the data authorization request is searched in the blockchain, and if the authorization approval record corresponding to the data authorization request is not found in the blockchain, the data authorization request is uploaded to the blockchain in the blockchain system, so as to ensure traceability of the data authorization request and integrity of the data acquisition process.

The data authorization request is uploaded to a block chain in a block chain system to inform all nodes of data to acquire the data authorization request from the block chain, and the data authorization request is approved to generate an authorization approval record corresponding to the data authorization request. In addition, a data authorization request on a block chain can be forwarded to all the nodes of the data through the data protection and management node, and an authorization approval record corresponding to the data authorization request is generated after all the nodes of the data are approved.

By the two modes, all the nodes of the data can acquire the data authorization request based on various modes, and the efficiency and the reliability of acquiring the data authorization request are improved. And the data authorization request is acquired in a block chain mode, so that the irrevocability of the data request node to the data authorization request is ensured.

In addition, in an embodiment of the present application, a data authorization request is generated and sent to the data custody node by the data request node, and the data authorization request is forwarded to the data owning node by the data custody node to notify the data owning node of the data requirement of the data request node.

Step S1020, based on the node information of the data request node, approves the data authorization request, and generates an authorization approval record.

In one embodiment of the present application, after acquiring the data authorization request, the data retention node determines its corresponding target data based on the data authorization request. And then, the data authorization request is approved based on the node information of the data request node and the target data, and an authorization approval record is generated.

Specifically, in this embodiment, when the data authorization request is approved, the corresponding data access permission is determined based on the identity information of the data request node, the data access permission is compared with the target data, and an authorization approval record is generated based on the comparison result.

As shown in fig. 11, in an embodiment of the present application, a process of examining and approving a data authorization request based on node information of a data request node and generating an authorization examination and approval record specifically includes steps S1021 to S1023:

step S1021, determining corresponding data to be accessed from the stored data based on the data authorization request;

step S1022, determining a data access right corresponding to the data request node based on the node information of the data request node;

and S1023, examining and approving the data authorization request based on the data access authority and the data to be accessed, and generating an authorization examination and approval record.

As shown in fig. 12, in the process of approving the data authorization request in this embodiment, first, based on the data authorization request 1210, the corresponding data to be accessed 1220 is determined from the locally stored data. Determining a data access authority 1240 corresponding to the data request node based on the node information 1230 of the data request node; based on the data access authority and the data to be accessed, the data authorization request is approved and verified, and an authorization approval record 1250 is generated.

Step S1030, the authorization approval record is uploaded to the block chain, so that the data request node obtains the target data based on the authorization approval record in the block chain.

In one embodiment of the present application, after the authorization approval record is generated, the authorization approval record is uploaded into the blockchain. So that the data requesting node can obtain the target data based on the authorization approval record in the blockchain.

In the embodiment, the authorization approval record is uploaded to the block chain, so that the data request can be used for a subsequent data request, a data request node can acquire target data directly based on the authorization approval record, and the data acquisition efficiency is improved.

In an embodiment of the present application, after the process of examining and approving the data authorization request and generating an authorization examination and approval record based on the node information of the data request node in step S1023, the method further includes: sending the authorization approval record to a data storage node; acquiring a data acquisition receipt returned by the data request node; the data acquisition receipt is generated after the data storage node forwards the authorization and approval record to the data request node, and the data request node acquires the target data based on the authorization and approval record.

As shown in fig. 13, in the present embodiment, after the authorization approval record 1250 of all the nodes of the data is generated, the authorization approval record 1250 is sent to the data storage node; the data storage node forwards the authorization and approval record to the data request node, and after the data request node acquires the target data 1260 based on the authorization and approval record, the data request node generates a data acquisition receipt 1270 to indicate that the target data is successfully acquired, and returns the data acquisition receipt to all the nodes of the data.

In an embodiment of the present application, during the data transmission and authorization process, all nodes of the data will continuously perform the approval and verification of the data request, so that the authorization approval record generated each time will be uploaded to the block chain. In practical application, all nodes of data may modify or delete their own authorization. Therefore, when the authorization record is modified, as shown in fig. 14, the method includes steps S1410 to S1430:

step S1410, obtaining a historical authorization approval record from the block chain;

step S1420, generating a new authorization approval record based on the approval result in the historical authorization approval record;

and step S1430, uploading the new authorization approval record to the block chain.

Specifically, when all nodes of the data process the historical authorization approval record, the historical authorization approval record is obtained from the block chain, then a new authorization approval record is generated based on the approval result in the historical authorization approval record, and finally the new authorization approval record is uploaded to the block chain. The flexibility of data authorization of all nodes of the data can be increased by the method.

The following describes an embodiment of an apparatus of the present application, which may be used to perform the block chain based data access method in the above embodiment of the present application. It will be appreciated that the apparatus may be a computer program (comprising program code) running on a computer device, for example an application software; the apparatus may be used to perform the corresponding steps in the methods provided by the embodiments of the present application. For details that are not disclosed in the embodiments of the apparatus of the present application, please refer to the embodiments of the data access method based on blockchains described above in the present application.

FIG. 15 shows a block diagram of a blockchain based data access device according to an embodiment of the present application.

Referring to fig. 15, a block chain based data access apparatus 1500 according to an embodiment of the present application includes: a generating unit 1510, configured to generate a data authorization request based on the data directory, where the data authorization request is used to apply for authorization of all nodes of data to obtain target data; a first uploading unit 1520, configured to upload the data authorization request to a blockchain if an authorization approval record corresponding to the data authorization request is not found in the blockchain, so as to notify all nodes of the data to approve based on the data authorization request on the blockchain and generate an authorization approval record corresponding to the data authorization request, or forward the data authorization request on the blockchain to all nodes of the data through the data storage node, and generate an authorization approval record corresponding to the data authorization request after the all nodes of the data have approved; a first obtaining unit 1530, configured to obtain, from the blockchain, authorization approval records uploaded by all nodes of the data; a second obtaining unit 1540, configured to obtain the target data based on the authorization approval record.

In some embodiments of the present application, based on the foregoing solution, the block chain based data access apparatus is further configured to: after the data authorization request is uploaded to the block chain, if an authorization approval record corresponding to the data authorization request is found in the block chain, verifying the authorization approval record through an intelligent contract; and after the authorization approval record is verified, acquiring target data corresponding to the data authorization request.

In some embodiments of the present application, based on the foregoing solution, the device for accessing data based on a block chain further includes: uploading the acquired target data to the block chain; acquiring a data verification result uploaded by the data keeping node from the block chain, wherein the data verification result is generated by acquiring the target data from the block chain by the data keeping node and verifying the target data based on information of all nodes of the data; and if the data verification result is that the verification is passed, applying the target data.

In some embodiments of the present application, based on the foregoing scheme, the second obtaining unit is configured to: generating a data access request for the target data based on the authorization approval record; uploading the data access request to the blockchain; and acquiring target data corresponding to the data access request from the block chain.

In some embodiments of the present application, based on the foregoing solution, the easy payment verification node includes the data custody node, the data owning node, and a data requesting node requesting to acquire the target data; the block chain comprises a data directory corresponding to data stored in the data keeping node, so that all data nodes and the data request node acquire the data directory from the block chain.

In some embodiments of the present application, based on the foregoing scheme, the data-keeping nodes include at least one of the following nodes: the node corresponding to a bank organization, the node corresponding to a social security organization, the node corresponding to a tax institution and the node corresponding to a water, electricity and coal resource institution; the data all nodes comprise at least one of the following nodes: a node corresponding to the resource requester and a node corresponding to the service requester; the data request node for acquiring the target data comprises at least one of the following nodes: the node corresponding to the resource leasing mechanism and the node corresponding to the service providing mechanism.

In some embodiments of the present application, based on the foregoing solution, the block chain based data access apparatus is further configured to: generating a data acquisition record based on the acquisition process of the target data; and uploading the data acquisition record to the block chain.

FIG. 16 shows a block diagram of a blockchain based data access device according to an embodiment of the present application.

Referring to fig. 16, a block chain based data access apparatus 1600 according to an embodiment of the present application includes: a third obtaining unit 1610, configured to obtain, from the block chain, a data authorization request uploaded by the data requesting node or obtain a data authorization request in the block chain forwarded by the data custody node; the data authorization request is uploaded to the block chain when the data request node does not find an authorization approval record corresponding to the data authorization request in the block chain; an approval unit 1620, configured to approve the data authorization request based on the node information of the data request node, and generate an authorization approval record; a second uploading unit 1630, configured to upload the authorization approval record to a block chain, so that the data request node obtains the target data based on the authorization approval record in the block chain.

In some embodiments of the present application, based on the foregoing solution, the approval unit is configured to: determining corresponding data to be accessed from the stored data based on the data authorization request; determining data access authority corresponding to the data request node based on the node information of the data request node; and based on the data access authority and the data to be accessed, the data authorization request is approved, and the authorization approval record is generated.

In some embodiments of the present application, based on the foregoing solution, the block chain based data access apparatus is further configured to: sending the authorization approval record to the data custody node; acquiring a data acquisition receipt returned by the data request node; the data acquisition receipt forwards the authorization approval record to the data request node for the data custody node, and the data request node is generated after acquiring the target data based on the authorization approval record.

In some embodiments of the present application, based on the foregoing solution, the block chain based data access apparatus is further configured to: obtaining a historical authorization approval record from the block chain; generating a new authorization approval record based on the approval result in the historical authorization approval record; and uploading the new authorization approval record to the block chain.

FIG. 17 illustrates a schematic structural diagram of a computer system suitable for use in implementing the electronic device of an embodiment of the present application.

It should be noted that the computer system 1700 of the electronic device shown in fig. 17 is only an example, and should not bring any limitation to the functions and the scope of the application of the embodiments.

As shown in fig. 17, the computer system 1700 includes a Central Processing Unit (CPU)1701 that can perform various appropriate actions and processes, such as executing the methods described in the above embodiments, according to a program stored in a Read-Only Memory (ROM) 1702 or a program loaded from a storage portion 1708 into a Random Access Memory (RAM) 1703. In the RAM 1703, various programs and data necessary for system operation are also stored. The CPU 1701, ROM 1702, and RAM 1703 are connected to each other through a bus 1704. An Input/Output (I/O) interface 1705 is also connected to the bus 1704.

The following components are connected to the I/O interface 1705: an input section 1706 including a keyboard, a mouse, and the like; an output section 1707 including a Display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and a speaker; a storage portion 1708 including a hard disk and the like; and a communication section 1709 including a Network interface card such as a LAN (Local Area Network) card, a modem, or the like. The communication section 1709 performs communication processing via a network such as the internet. A driver 1710 is also connected to the I/O interface 1705 as necessary. A removable medium 1711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 1710 as necessary, so that a computer program read out therefrom is mounted into the storage portion 1708 as necessary.

In particular, according to embodiments of the application, the processes described above with reference to the flow diagrams may be implemented as computer software programs. For example, embodiments of the present application include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising a computer program for performing the method illustrated by the flow chart. In such embodiments, the computer program may be downloaded and installed from a network via the communication portion 1709, and/or installed from the removable media 1711. When the computer program is executed by a Central Processing Unit (CPU)1701, various functions defined in the system of the present application are executed.

It should be noted that the computer readable medium shown in the embodiments of the present application may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a Read-Only Memory (ROM), an Erasable Programmable Read-Only Memory (EPROM), a flash Memory, an optical fiber, a portable Compact Disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with a computer program embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. The computer program embodied on the computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wired, etc., or any suitable combination of the foregoing.

The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. Each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.

The units described in the embodiments of the present application may be implemented by software, or may be implemented by hardware, and the described units may also be disposed in a processor. Wherein the names of the elements do not in some way constitute a limitation on the elements themselves.

According to an aspect of the application, a computer program product or computer program is provided, comprising computer instructions, the computer instructions being stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the computer device to perform the method provided in the various alternative implementations described above.

As another aspect, the present application also provides a computer-readable medium, which may be contained in the electronic device described in the above embodiments; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by an electronic device, cause the electronic device to implement the method described in the above embodiments.

It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the application. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.

Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present application can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which can be a personal computer, a server, a touch terminal, or a network device, etc.) to execute the method according to the embodiments of the present application.

Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the embodiments disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains.

It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.

Claims (15)

1. A data access method based on a blockchain is characterized in that the blockchain comprises a data request node, a data all node and a data keeping node, the data stored in the blockchain comprises a data directory corresponding to the data stored in the data keeping node, and the method comprises the following steps:

generating a data authorization request based on the data directory, wherein the data authorization request is used for applying for authorization of all nodes of data to acquire target data;

if the authorization approval record corresponding to the data authorization request is not found in the block chain, uploading the data authorization request to the block chain to inform all the nodes of the data to approve based on the data authorization request on the block chain and generate the authorization approval record corresponding to the data authorization request, or forwarding the data authorization request on the block chain to all the nodes of the data through the data custody node and generating the authorization approval record corresponding to the data authorization request after all the nodes of the data are approved;

obtaining authorization approval records uploaded by all nodes of the data from the block chain;

and acquiring the target data based on the authorization approval record.

2. The method of claim 1, further comprising:

after the data authorization request is uploaded to the block chain, if an authorization approval record corresponding to the data authorization request is found in the block chain, verifying the authorization approval record through an intelligent contract;

and after the authorization approval record is verified, acquiring target data corresponding to the data authorization request.

3. The method of claim 1, wherein after obtaining the target data based on the authorization approval record, further comprising:

uploading the acquired target data to the block chain;

acquiring a data verification result uploaded by the data keeping node from the block chain, wherein the data verification result is generated by acquiring the target data from the block chain by the data keeping node and verifying the target data based on information of all nodes of the data;

and if the data verification result is that the verification is passed, applying the target data.

4. The method of claim 1, wherein obtaining the target data based on the authorization approval record comprises:

generating a data access request for the target data based on the authorization approval record;

uploading the data access request to the blockchain;

and acquiring target data corresponding to the data access request from the block chain.

5. The method of claim 1,

the block chain network comprises a common identification node and a simple payment verification node, wherein the simple payment verification node comprises the data keeping node, all the data nodes and a data request node for requesting to acquire the target data;

the block chain comprises a data directory corresponding to data stored in the data keeping node, so that all data nodes and the data request node acquire the data directory from the block chain.

6. The method of claim 1,

the data custody nodes include at least one of: the node corresponding to a bank organization, the node corresponding to a social security organization, the node corresponding to a tax institution and the node corresponding to a water, electricity and coal resource institution;

the data all nodes comprise at least one of the following nodes: a node corresponding to the resource requester and a node corresponding to the service requester;

the data request node for acquiring the target data comprises at least one of the following nodes: the node corresponding to the resource leasing mechanism and the node corresponding to the service providing mechanism.

7. The method of claim 1, further comprising:

generating a data acquisition record based on the acquisition process of the target data;

and uploading the data acquisition record to the block chain.

8. A data access method based on a blockchain is characterized in that the blockchain comprises a data request node, a data all node and a data keeping node, the data stored in the blockchain comprises a data directory corresponding to the data stored in the data keeping node, and the method comprises the following steps:

acquiring a data authorization request uploaded by the data request node from the block chain, or acquiring a data authorization request in the block chain forwarded by the data custody node; the data authorization request is uploaded to the block chain when the data request node does not find an authorization approval record corresponding to the data authorization request in the block chain;

based on the node information of the data request node, the data authorization request is approved, and an authorization approval record is generated;

and uploading the authorization approval record to a block chain, so that the data request node acquires the target data based on the authorization approval record in the block chain.

9. The method of claim 8, wherein approving the data authorization request based on the node information of the data request node to generate an authorization approval record comprises:

determining corresponding data to be accessed from the stored data based on the data authorization request;

determining data access authority corresponding to the data request node based on the node information of the data request node;

and based on the data access authority and the data to be accessed, the data authorization request is approved, and the authorization approval record is generated.

10. The method of claim 8, wherein the data authorization request is approved based on node information of the data request node, and after an authorization approval record is generated, the method further comprises:

sending the authorization approval record to the data custody node;

acquiring a data acquisition receipt returned by the data request node; the data acquisition receipt forwards the authorization approval record to the data request node for the data custody node, and the data request node is generated after acquiring the target data based on the authorization approval record.

11. The method of claim 8, further comprising:

obtaining a historical authorization approval record from the block chain;

generating a new authorization approval record based on the approval result in the historical authorization approval record;

and uploading the new authorization approval record to the block chain.

12. A data access apparatus based on a blockchain, wherein the blockchain includes a data request node, a data all node, and a data custody node, and data stored in the blockchain includes a data directory corresponding to the data stored in the data custody node, the apparatus comprising:

the generating unit is used for generating a data authorization request based on the data directory, wherein the data authorization request is used for applying for authorization of all nodes of data to obtain target data;

a first uploading unit, configured to upload the data authorization request to a block chain if an authorization approval record corresponding to the data authorization request is not found in the block chain, so as to notify all nodes of the data to approve the data authorization request based on the block chain and generate an authorization approval record corresponding to the data authorization request, or forward the data authorization request on the block chain to all nodes of the data through the data storage node, and generate an authorization approval record corresponding to the data authorization request after the data authorization request passes the approval;

the first acquisition unit is used for acquiring the authorization approval records uploaded by all the nodes of the data from the block chain;

and the second acquisition unit is used for acquiring the target data based on the authorization approval record.

13. A data access apparatus based on a blockchain, wherein the blockchain includes a data request node, a data all node, and a data custody node, and data stored in the blockchain includes a data directory corresponding to the data stored in the data custody node, the apparatus comprising:

a third obtaining unit, configured to obtain, from the block chain, a data authorization request uploaded by the data request node, or obtain a data authorization request in the block chain forwarded by the data custody node; the data authorization request is uploaded to the block chain when the data request node does not find an authorization approval record corresponding to the data authorization request in the block chain;

the approval unit is used for approving the data authorization request based on the node information of the data request node and generating an authorization approval record;

and the second uploading unit is used for uploading the authorization approval record to a block chain so that the data request node acquires the target data based on the authorization approval record in the block chain.

14. A computer-readable medium, on which a computer program is stored which, when being executed by a processor, carries out a method for blockchain-based data access according to any one of claims 1 to 11.

15. An electronic device, comprising:

one or more processors;

storage means for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement a blockchain based data access method according to any one of claims 1 to 11.

Images