CN110209691B - Data processing method and device - Google Patents
Data processing method and device Download PDFInfo
- Publication number
- CN110209691B CN110209691B CN201910501354.7A CN201910501354A CN110209691B CN 110209691 B CN110209691 B CN 110209691B CN 201910501354 A CN201910501354 A CN 201910501354A CN 110209691 B CN110209691 B CN 110209691B
- Authority
- CN
- China
- Prior art keywords
- information
- data
- party
- request
- query
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/242—Query formulation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2455—Query execution
- G06F16/24552—Database cache management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Computational Linguistics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Mathematical Physics (AREA)
- Computing Systems (AREA)
- Medical Informatics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The application provides a data processing method and a data processing device, wherein the method is applied to a first server and comprises the following steps: acquiring an information query request of a query party; under the condition that the information query request comprises preset words, confirming a holder of information to be queried of the information query request based on the information query request, and generating a first authorization request; sending the first authorization request to the holder; receiving the information to be inquired by the information inquiry request sent by the holding party and sending the received information to the inquiring party. According to the method and the device, a block chain technology is adopted, the registration information of the user on the KYC system is stored in the shared database, when the inquiring party needs to inquire the user information, if the information needing to be inquired is the user privacy information, the inquiring party can obtain the privacy information of the corresponding user after the corresponding user is required to verify, and therefore the inquiring efficiency of the inquiring party is improved on the basis of ensuring the privacy security of the user information.
Description
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a data processing method and apparatus.
Background
At present, in a conventional Customer identity authentication (KYC) system applied between a third-party payment company and other trusted financial institutions, after the KYC system is deployed in each trusted financial institution, Customer information registered in the trusted financial institution is stored in a local database.
Customer information stored in the traditional KYC system is in the form of financial institutions awarded with each credit, although the effect of keeping corresponding customer information secret is achieved, the customer information is dispersed and cannot be shared, after a customer registers at a credit awarded financial institution deploying the traditional KYC system, another credit awarded financial institution deploying the traditional KYC system cannot acquire the customer information, inconvenience is caused in an information query process, time cost in the information query process is increased, and query efficiency is reduced.
Disclosure of Invention
In view of this, an object of the embodiments of the present application is to provide a data processing method and apparatus, which can implement sharing of client information on the basis of keeping the client information secret, and improve efficiency of information query.
In a first aspect, an embodiment of the present application provides a data processing method, which is applied to a first server, and the method includes:
acquiring an information query request of a query party;
under the condition that the information query request comprises preset words, confirming a holder of information to be queried of the information query request based on the information query request, and generating a first authorization request;
sending the first authorization request to the holding party, so that the holding party determines whether to send the information to be queried by the information query request to the querying party based on the first authorization request;
and receiving the information to be inquired by the information inquiry request sent by the holding party, and sending the received information to the inquiring party.
With reference to the first aspect, an embodiment of the present application provides a first possible implementation manner of the first aspect, where before determining that the information query request includes a preset vocabulary, the method further includes:
acquiring query condition information in the information query request;
preprocessing the query condition information to obtain query data in a preset format;
and determining whether the query data are stored in a block chain shared database, and determining whether the information query request comprises preset words or not under the condition that the query data are stored in the block chain shared database.
With reference to the first possible implementation manner of the first aspect, an embodiment of the present application provides a second possible implementation manner of the first aspect, where the query data is stored in the block chain shared database, and in a case that the information query request does not include a preset vocabulary, the method further includes:
determining a data storage unit storing the query data; the block chain shared database comprises a plurality of data storage units;
acquiring first data information matched with the query data from the data storage unit;
and sending the first data information acquired from the data storage unit to the inquirer.
With reference to the first possible implementation manner of the first aspect, an embodiment of the present application provides a third possible implementation manner of the first aspect, where the method further includes:
acquiring second data information sent by a holding party;
preprocessing second data information received from the holding party to obtain data to be stored in a preset format;
and storing the obtained data to be stored in the preset format into the block chain shared database.
With reference to the first possible implementation manner of the first aspect, an embodiment of the present application provides a fourth possible implementation manner of the first aspect, where the method further includes:
acquiring a data updating request which is sent by a holding party and carries data to be updated;
preprocessing the data to be updated acquired from the holding party to obtain the data to be updated in a preset format;
when the original data corresponding to the data to be updated in the preset format is stored in the block chain shared database, sending a data updating authentication request to other holders so that the other holders determine whether to send data updating permission information aiming at the data updating authentication request;
and when receiving data updating permission information sent by any other holding party, updating original data corresponding to the data to be updated in the block chain shared database into the data to be updated.
With reference to the fourth possible implementation manner of the first aspect, an embodiment of the present application provides a fifth possible implementation manner of the first aspect, where when original data corresponding to the to-be-updated data in the preset format is not stored in the block chain shared database, the method further includes:
determining a data storage unit storing the data to be updated;
and storing the data to be updated into the data storage unit.
In a second aspect, an embodiment of the present application further provides a data processing method, which is applied to a second server, and the method includes:
receiving a first authorization request sent by a first server;
determining a queried user identifier based on the first authorization request;
generating a second authorization request based on the first authorization request, and sending the second authorization request to a corresponding queried user based on the queried user identifier, so that the queried user determines whether to generate corresponding query permission information for the second authorization request;
and acquiring the information to be queried of the information query request of the querying party from a block chain private database based on the received query permission information sent by the queried user, and sending the information to be queried of the information query request to the first server.
In combination with the second aspect, the present application provides a first possible implementation manner of the second aspect, where the method further includes:
acquiring second data information to be stored, which is sent by the inquired user;
preprocessing the second data information to obtain user data information in a preset format;
and storing the obtained user data information in the preset format into the block chain private database.
In a third aspect, an embodiment of the present application further provides a data processing method, which is applied to a terminal device, and the method includes:
receiving a second authorization request sent by a second server;
generating inquiry permission information based on a permission instruction sent by the inquired user for the second authorization request;
and sending the inquiry permission information to the holding party.
In a fourth aspect, an embodiment of the present application provides a data processing apparatus, where the apparatus includes:
the first acquisition module is used for acquiring an information query request of a query party;
the first authorization module is used for confirming a holder of information to be inquired by the information inquiry request based on the information inquiry request and generating a first authorization request under the condition that the information inquiry request comprises preset words;
a first sending module, configured to send the first authorization request to the holder, so that the holder determines, based on the first authorization request, whether to send information to be queried by the information query request to the querying party;
and the first receiving module is used for receiving the information to be inquired by the information inquiry request sent by the holding party and sending the received information to the inquiring party.
According to the data processing method and device, the block chain technology is adopted, the registration information of the user on the KYC system is stored in the shared database, when the inquiring party needs to inquire the user information, if the user information needing to be inquired is non-private user information, the user information can be directly acquired in the shared database, if the information needing to be inquired is the user private information, the inquiring party can acquire the private information of the corresponding user after corresponding user verification is needed, and therefore the inquiring efficiency of the inquiring party is improved on the basis of guaranteeing the privacy safety of the user information.
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.
Fig. 1 shows a flow chart of a data query process of a data processing method provided in an embodiment of the present application.
Fig. 2 is a schematic flow chart illustrating another data processing method according to an embodiment of the present application.
Fig. 3 is a schematic flow chart illustrating another data query process of a data processing method according to an embodiment of the present application.
Fig. 4 shows a schematic flow chart of a data storage process in a data processing method provided by an embodiment of the present application.
Fig. 5 shows a flowchart illustrating a data updating process in a data processing method according to an embodiment of the present application.
Fig. 6 shows a flow chart of a data adding process in a data processing method provided by an embodiment of the present application.
Fig. 7 is a schematic flow chart illustrating another data processing method according to an embodiment of the present application.
Fig. 8 is a schematic flow chart illustrating a data storage process in another data processing method according to an embodiment of the present application.
Fig. 9 is a schematic flow chart illustrating another data processing method according to an embodiment of the present application.
Fig. 10 shows a schematic structural diagram of a data processing apparatus according to an embodiment of the present application.
Fig. 11 is a schematic structural diagram of another data processing apparatus provided in an embodiment of the present application.
Fig. 12 is a schematic structural diagram of another data processing apparatus provided in an embodiment of the present application.
Fig. 13 shows a schematic structural diagram of a computer device provided in an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all the embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present application, presented in the accompanying drawings, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present application without making any creative effort, shall fall within the protection scope of the present application.
As shown in fig. 1, an embodiment of the present application provides a data processing method applied to a first server, where the method includes the following steps of querying data:
s101, acquiring an information inquiry request of an inquirer.
In the embodiment of the application, according to a display prompt of an inquiring party, a user registration name and a corresponding user registration password are firstly input into a user terminal, after a user presses a registration key, the inquiring terminal generates a registration request instruction based on the user registration name and the corresponding user registration password and sends the registration request instruction to a first server, the first server performs reliability verification on the user registration name and the user registration password in the registration request instruction after receiving the registration request instruction, and when the user registration name and the user registration password are verified to be safe and reliable information, the first server allocates a corresponding inquiry authority for the user and sends prompt type information of successful registration to the inquiring terminal.
In the embodiment of the application, after knowing that a client (KYC) system is successfully registered, when logging in the KYC system again for inquiry, an inquiring party inputs identification information of an inquired party to be inquired and information to be inquired according to display of an inquiring terminal, and after the inquiring party presses an inquiry key, the inquiring terminal generates an information inquiry request based on the identification information of the inquired party and the information to be inquired and sends the information inquiry request to a first server; the identification information of the inquired party is the inquiry condition information, for example, if the inquired party wants to inquire about an individual user, the identification information of the inquired party is the name and identification number of the individual user.
The first server receives the information query request, wherein the information query request comprises identification information of a queried party and information to be queried.
S102, under the condition that the information query request comprises the preset vocabulary, confirming the holder of the information to be queried of the information query request based on the information query request, and generating a first authorization request.
In the embodiment of the application, the preset vocabulary includes information that a user is relatively private, such as account balance and an account number. The first server is pre-stored with a preset vocabulary database comprising the preset vocabulary, and the preset vocabulary database is established based on a big data model and on the basis of mass data analysis and data accumulation.
In this embodiment, the holder of the information is an authenticator that stores the user information in a local database, for example, each bank stores the user information registered in the bank in the local database.
In this embodiment of the application, the first authorization request is generated by the first server based on the information query request, so that the first server obtains the information to be queried from the owner of the information to be queried based on the first authorization request.
In the embodiment of the application, a first server extracts keywords from information to be queried in a received information query request, queries a preset vocabulary database based on the extracted keywords, determines a holder of user information of the information to be queried according to the information query request when the keywords exist in the preset vocabulary database, and generates a first authorization request.
S103, the first authorization request is sent to the holding party, so that the holding party determines whether to send the information to be inquired by the information inquiry request to the inquiring party or not based on the first authorization request.
In the embodiment of the application, the first server sends the first authorization request to an authenticator holding information to be queried, so that the authenticator determines whether to send the information to be queried in the information query request to the querier according to the information to be queried in the first authorization request.
In the embodiment of the application, the authenticator sends a second authorization request to the inquired user based on the first authorization request, and when the inquired user allows the inquirer to inquire, the holder sends the information to be inquired to the first server.
S104, receiving the information to be inquired by the information inquiry request sent by the holding party, and sending the received information to the inquiring party.
In the embodiment of the application, the first server receives information to be queried in an information query request sent by a holding party and sends the information to be queried to a querying party.
According to the data processing method provided by the embodiment of the application, the block chain technology is adopted, the registration information of the user on the KYC system is stored in the shared database, when the inquiring party needs to inquire the user information, if the user information needing to be inquired is non-private user information, the user information can be directly acquired in the shared database, if the information needing to be inquired is user private information, the inquiring party can acquire the private information of the corresponding user after corresponding user verification is needed, and therefore the inquiring efficiency of the inquiring party is improved on the basis of ensuring the privacy security of the user information.
Fig. 2 is a schematic flow chart of another data processing method according to an embodiment of the present application, and as shown in fig. 2, before determining that the information query request includes a preset vocabulary, the method further includes:
s201, acquiring query condition information in the information query request.
In this embodiment of the application, the query condition information is identification information of a queried party, for example, if the queried party wants to query an individual user, the query condition information is a name and an identification number of the individual user.
In the embodiment of the application, after receiving an information query request, a first server acquires identification information of a queried party in the information query request.
S202, preprocessing the query condition information to obtain query data in a preset format.
In this embodiment of the present application, the query data in the preset format is in a format of a field and a hash value.
In this embodiment of the application, the first server performs an encryption operation on the query condition information to generate query data in the form of a field corresponding to the query condition information and a hash value.
S203, determining whether the query data are stored in the block chain shared database, and determining whether the information query request comprises preset vocabulary under the condition that the query data are stored in the block chain shared database.
In the embodiment of the application, the block chain shared database stores security tokens of individual users and company users; the security token is stored in a block chain shared database according to a preset format and is encrypted data of identity data of individual users and company users input by each authenticator in a KYC system; wherein, the fields of the security token of the individual user sequentially comprise: the name, the identification number, the passport, the date of birth, the bad credit record and the like, wherein the hash value of the personal user identity data corresponding to each field is sequentially stored behind each field; the fields of the security token of the company user include in sequence: company information, corporate, registration address, company nature, business license number, registration date, associated company, record of loss of credit, and the like. And the hash value of the company user identity data corresponding to each field is sequentially stored behind each field.
In this embodiment of the present application, a first server queries a block chain shared database according to the query data, and when the query data is stored in the block chain shared database, it needs to determine whether an information query request corresponding to the query data includes a private sensitive vocabulary.
Fig. 3 is a schematic flow chart illustrating another data query process of the data processing method according to the embodiment of the present application, where, as shown in fig. 3, the query data is stored in the block chain shared database, and in a case that the information query request does not include a preset vocabulary, the method includes the following steps:
s301, determining a data storage unit storing the query data; the block chain shared database includes a plurality of data storage units.
In this embodiment, the block chain shared database includes a plurality of data storage units, and each data storage unit stores fields and hash values of identity data corresponding to the fields.
In the embodiment of the application, when the first server queries the query data in the block chain shared database, and the information to be queried of the information query request corresponding to the query data is common information of the user, the first server finds the data storage unit of the query data in the block chain shared database, so as to obtain the storage unit of the information to be queried in the information query request corresponding to the query data in the block chain shared database.
S302, first data information matched with the query data is obtained from the data storage unit.
In this embodiment of the application, the first data information is information to be queried by a querying party, which is extracted from the security token of the user corresponding to the query data; the security token is stored in a block chain shared database according to a preset format and is encrypted data of identity data of the individual user and the company user, which are input by each authenticator in the KYC system.
In the embodiment of the application, the first server finds the security token of the user corresponding to the query data in the block chain shared database according to the query data, and extracts the information to be queried by the querying party from the security token based on the information to be queried in the query request.
S303, sending the first data information acquired from the data storage unit to the inquiring party.
In the embodiment of the application, the first server firstly extracts the information to be queried by the querying party from the user security token based on the information to be queried in the query request of the querying party from the data storage unit where the security token of the user corresponding to the query data queried in the block chain shared database is located, and sends the information to be queried by the querying party to the querying party.
Fig. 4 is a schematic flow chart illustrating a data storage process in the data processing method according to the embodiment of the present application, and as shown in fig. 4, the method further includes the following data storage steps:
s401, second data information sent by the owner is obtained.
In this embodiment of the application, the second data information is user information stored in a local database of the authenticator.
In the embodiment of the application, when the authenticator imports the user identity information in the local database into the KYC system, the first server acquires the user information sent by each authenticator.
S402, preprocessing the second data information received from the holding party to obtain data to be stored in a preset format.
In the embodiment of the present application, the preprocessing is encryption processing; the preset format is a field and hash value format.
In the embodiment of the application, the first server encrypts the received user information to generate the identity data of the field to be stored and the hash value corresponding to the user information.
And S403, storing the obtained data to be stored in the preset format into the block chain shared database.
In the embodiment of the application, the first server stores the identity data in the format of the field to be stored and the hash value into the block chain shared database in sequence according to the preset format requirement in the KYC system.
Fig. 5 is a schematic flow chart illustrating a data updating process in the data processing method according to the embodiment of the present application, where as shown in fig. 5, the data updating process includes the following steps:
s501, a data updating request which is sent by a holding party and carries data to be updated is obtained.
In the embodiment of the application, when the user information locally stored by the authenticator is modified or added, the authenticator generates a data updating request carrying the data to be updated after inputting the data to be updated; and the authenticator sends a data updating request carrying the data to be updated to the first server.
S502, preprocessing the data to be updated acquired from the holding party to obtain the data to be updated in a preset format.
In the embodiment of the application, the first server obtains the user identity information to be updated, which is sent by the authenticator and carries the user identity information to be updated, and encrypts the user identity information to be updated to obtain the data to be updated in the format of the field and the hash value.
S503, when the original data corresponding to the data to be updated in the preset format is stored in the block chain shared database, sending a data updating authentication request to other owners, so that the other owners determine whether to send data updating permission information aiming at the data updating authentication request.
In this embodiment, when the original data corresponding to the data to be updated is stored in the blockchain shared database, the first server indicates that the operation is an update operation, and when the data stored in the blockchain shared database needs to be updated, the first server generates an update authentication request carrying the data to be updated and sends the update authentication request to other authenticators storing the original data corresponding to the data to be updated in the local database, so that the other authenticators holding the original data determine whether to send data update permission information for the data update authentication request.
And when judging that the data updating operation is not the updating operation of the malicious node, other authenticators holding the original data generate data updating permission information corresponding to the data updating authentication request and send the data updating permission information to the first server.
And S504, when data updating permission information sent by any other holding party is received, updating original data corresponding to the data to be updated in the block chain shared database into the data to be updated.
In the embodiment of the application, when the first server receives the data updating permission information sent by all other owners, the data storage unit in which the original data corresponding to the data to be updated is stored in the block chain shared database is updated to the data to be updated.
Fig. 6 is a schematic flow chart illustrating a data adding process in the data processing method according to the embodiment of the present application, where as shown in fig. 6, when original data corresponding to the to-be-updated data in the preset format is not stored in the block chain shared database, the data adding process includes the following steps:
s601, determining a data storage unit storing the data to be updated.
In the embodiment of the application, when the first server searches original data corresponding to the data to be updated in the preset format in the block chain shared database, the data storage unit where the data identifier of the data to be updated is located in the block chain shared database is queried according to the data identifier information of the data to be updated, so that the data storage unit where the data to be updated is stored is determined.
S602, storing the data to be updated into the data storage unit.
In the embodiment of the application, the first server stores the data to be updated in the data storage unit.
Fig. 7 is a schematic flowchart illustrating another data processing method provided in an embodiment of the present application, where the method is applied to a second server, and includes the following steps:
s701, receiving a first authorization request sent by a first server.
In this embodiment, the second server is an authenticator local server; the first authorization request is generated by the first server based on the information inquiry request, so that the first server acquires the information to be inquired from the owner of the information to be inquired based on the first authorization request.
The local server of the authenticator receives a first authorization request sent by the first server.
S702, based on the first authorization request, determining the queried user identification.
In the embodiment of the application, the local server of the authenticator determines the queried user identifier based on the first authorization request, so as to determine the queried user.
S703, generating a second authorization request based on the first authorization request, and sending the second authorization request to a corresponding queried user based on the queried user identifier, so that the queried user determines whether to generate corresponding query permission information for the second authorization request.
In this embodiment of the application, the second authorization request is sent to the user by the authenticator, and is used for requesting the user to agree to send the query information in the information query request to the query party.
In the embodiment of the application, the local server of the authenticator generates a second authorization request based on the first authorization request, sends the second authorization request to the inquired user based on the identification of the inquired user, and the authenticator sends the second authorization request to the inquired user, so that the inquired user can determine whether to approve the inquirer to inquire the sensitive information of the privacy according to the second authorization request.
The inquired party receives the second authorization request and generates inquiry permission information corresponding to the second authorization request according to the content which the inquirer wants to inquire and the identity of the inquirer in the authorization request.
S704, based on the received query permission information sent by the queried user, obtaining information to be queried by the information query request of the querying party from the blockchain private database, and sending the information to be queried by the information query request to the first server.
In the embodiment of the present application, the block chain private database stores user identity data in local databases of various authentication parties.
In the embodiment of the application, the local database of the authenticator receives query permission information sent by a queried user, acquires information to be queried of the information query request from a block chain private database deployed in the local server of the authenticator, and sends the information to be queried of the information query request to the first server.
Further, fig. 8 is a schematic flow chart illustrating a data storage process in a data processing method provided in an embodiment of the present application, and as shown in fig. 8, the method further includes the following steps of storing data of the local server of the authenticator:
s801, acquiring second data information to be stored, which is sent by the inquired user.
In this embodiment of the application, the second data information is identity information of a queried user.
In the embodiment of the application, a local server of an authenticator acquires identity information of a queried user; the above-mentioned obtaining method may be that the identity information of the user is manually input for the staff at the authentication party end, or the identity information of the user is directly obtained by scanning and identifying the identity card of the inquired user.
S802, preprocessing the second data information to obtain user data information in a preset format.
In the embodiment of the present application, the user data information is user data information in the form of a field and a hash value generated for the identity information of the user after being encrypted.
In the embodiment of the present application, the preprocessing is encryption processing; the preset format is a field and hash value format.
In the embodiment of the application, the authenticator server encrypts the acquired identity information of the inquired user to generate the fields and the user data information in the form of the hash value corresponding to each field.
And S803, storing the obtained user data information in the preset format into the private database of the block chain.
In this embodiment of the present application, the blockchain private database is a blockchain distributed account book locally deployed by an individual authenticator, and the blockchain private database only stores user data information stored in the local database of the authenticator.
In the embodiment of the application, the local server of the authenticator stores the encrypted user data information into the block chain private database.
Fig. 9 is a schematic flowchart illustrating another data processing method provided in an embodiment of the present application, and as shown in fig. 9, the method is applied to a terminal device, and the method includes:
s901, receiving a second authorization request sent by a second server.
In this embodiment of the application, the terminal device is a user terminal, and may be a mobile phone terminal or a PC terminal, and the like, which is not limited herein.
In the embodiment of the application, the terminal device of the user receives the second authorization request sent by the local server of the authenticator.
S902, generating inquiry permission information based on a permission instruction sent by the inquired user aiming at the second authorization request.
In the embodiment of the application, after the user terminal receives the second authorization request, whether the user really agrees to the inquiring party to inquire the own identity data or not is determined according to the information to be inquired by the second authorization request and the identity of the inquiring party, and when the user agrees, the terminal equipment generates the inquiry permission information according to the permission instruction of the inquired user.
And S903, sending the inquiry permission information to the holder.
In the embodiment of the application, the user terminal sends the inquiry permission information to the authenticator holding the user information.
Fig. 10 shows a schematic structural diagram of a data processing apparatus provided in an embodiment of the present application, and as shown in fig. 10, the apparatus includes a first obtaining module 1001, a first authorizing module 1002, a first sending module 1003, and a first receiving module 1004.
A first obtaining module 1001, configured to obtain an information query request of a querying party.
The first authorization module 1002 is configured to, when it is determined that the information query request includes a preset vocabulary, determine, based on the information query request, a holder of information to be queried by the information query request, and generate a first authorization request.
A first sending module 1003, configured to send the first authorization request to the holding party, so that the holding party determines, based on the first authorization request, whether to send the information to be queried by the information query request to the querying party.
A first receiving module 1004, configured to receive information to be queried by the information query request sent by the holding party, and send the received information to the querying party.
Further, in the data processing apparatus provided in the embodiment of the present application, the first authorization module 1002 is further configured to:
acquiring query condition information in the information query request;
preprocessing the query condition information to obtain query data in a preset format;
and determining whether the query data are stored in a block chain shared database, and determining whether the information query request comprises preset words or not under the condition that the query data are stored in the block chain shared database.
Further, in the data processing apparatus provided in the embodiment of the present application, the apparatus further includes a first determining module.
The first determining module is used for determining a data storage unit storing the query data; the block chain shared database includes a plurality of data storage units.
The first obtaining module 1001 is further configured to obtain first data information matched with the query data from the data storage unit.
The first sending module 1003 is further configured to send the first data information acquired from the data storage unit to the inquiring party.
Further, in the data processing apparatus provided in the embodiment of the present application, the apparatus further includes: the device comprises a first processing module and a first storage module.
The first obtaining module 1001 is further configured to obtain second data information sent by the holder.
The first processing module is configured to perform preprocessing on the second data information received from the holder to obtain data to be stored in a preset format.
The first storage module is configured to store the obtained data to be stored in the preset format in the block chain shared database.
Further, in the data processing apparatus provided in the embodiment of the present application, the apparatus further includes: the device comprises a first authentication module and an updating module.
The first obtaining module 1001 is further configured to obtain a data update request that is sent by a holding party and carries data to be updated.
The first processing module is further configured to preprocess the data to be updated acquired from the holder, so as to obtain the data to be updated in a preset format.
The first authentication module is configured to send a data update authentication request to other holders when the block chain shared database stores original data corresponding to the data to be updated in the preset format, so that the other holders determine whether to send data update permission information for the data update authentication request.
And the updating module is used for updating original data corresponding to the data to be updated in the block chain shared database into the data to be updated when receiving data updating permission information sent by any other holding party.
Furthermore, in the data processing device provided by the embodiment of the application,
the first determining module is further configured to determine a data storage unit in which the data to be updated is stored.
The first storage module is further configured to store the data to be updated in the data storage unit.
Fig. 11 shows a schematic structural diagram of another data processing apparatus provided in an embodiment of the present application, and as shown in fig. 11, the apparatus includes a second receiving module 1101, a second determining module 1102, a second authorizing module 1103, a second obtaining module 1104, and a second sending module 1105.
A second receiving module 1101, configured to receive the first authorization request sent by the first server.
A second determining module 1102, configured to determine, based on the first authorization request, an identity of a queried user.
A second authorization module 1103, configured to generate a second authorization request based on the first authorization request, and send the second authorization request to a corresponding queried user based on the queried user identifier, so that the queried user determines whether to generate corresponding query permission information for the second authorization request.
A second obtaining module 1104, configured to obtain, from the blockchain private database, information to be queried in an information query request of a querying party based on the received query permission information sent by the queried user;
a second sending module 1105, configured to send the information to be queried by the information query request to the first server.
Further, in the data processing apparatus provided in the embodiment of the present application, the apparatus further includes: the second processing module and the second storage module.
The second obtaining module 1104 is further configured to obtain second data information to be stored, where the second data information is sent by the queried user.
And the second processing module is used for preprocessing the second data information to obtain the user data information in a preset format.
And the second storage module is used for storing the obtained user data information in the preset format into the private database of the block chain.
Fig. 12 shows a schematic structural diagram of another data processing apparatus provided in an embodiment of the present application, and as shown in fig. 12, the apparatus includes a third receiving module 1201, a generating module 1202, and a third sending module 1203.
A third receiving module 1201, configured to receive a second authorization request sent by the second server.
A generating module 1202, configured to generate inquiry permission information based on a permission instruction sent by the inquired user for the second authorization request.
A third sending module 1203, configured to send the query permission information to the holding party.
Corresponding to any one of the data processing methods, an embodiment of the present application further provides a computer device 1300 as shown in fig. 13, where the device includes a memory 1301, a processor 1302, and a computer program stored in the memory 1301 and capable of running on the processor 1302, where the processor 1302 implements the data processing method when executing the computer program.
Specifically, the memory 1301 and the processor 1302 can be general-purpose memory and processor, which are not specifically limited herein, and the processor 1302 can execute the data processing method when executing a computer program stored in the memory 1301.
Corresponding to the data processing method in fig. 1, an embodiment of the present application further provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, performs the steps of the data processing method.
Specifically, the storage medium can be a general storage medium, such as a mobile disk, a hard disk, and the like, when a computer program on the storage medium is executed, the data processing method can be executed, and the problems that in the prior art, after a client registers at a trusted financial institution deploying the conventional KYC system, another trusted financial institution deploying the conventional KYC system cannot acquire information of the client, so that the information query process is inconvenient, the time cost of the information query process is increased, the query efficiency is reduced, and the conventional KYC system cannot query private information of the client are solved, the information inquired by the inquiring party can be directly acquired in the shared database, and if the information inquired by the inquiring party is the user privacy information, the inquiring party can acquire the user privacy information after the user identity authentication is passed, so that the inquiring efficiency of the inquiring party is improved on the basis of ensuring the privacy security of the user information.
The data processing device provided by the embodiment of the present application may be specific hardware on a device, or software or firmware installed on a device, etc. The device provided by the embodiment of the present application has the same implementation principle and technical effect as the foregoing method embodiments, and for the sake of brief description, reference may be made to the corresponding contents in the foregoing method embodiments where no part of the device embodiments is mentioned. It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the foregoing systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions when actually implemented, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments provided in the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus once an item is defined in one figure, it need not be further defined and explained in subsequent figures, and moreover, the terms "first", "second", "third", etc. are used merely to distinguish one description from another and are not to be construed as indicating or implying relative importance.
Finally, it should be noted that: the above-mentioned embodiments are only specific embodiments of the present application, and are used for illustrating the technical solutions of the present application, but not limiting the same, and the scope of the present application is not limited thereto, and although the present application is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that: any person skilled in the art can modify or easily conceive the technical solutions described in the foregoing embodiments or equivalent substitutes for some technical features within the technical scope disclosed in the present application; such modifications, changes or substitutions do not depart from the spirit and scope of the present disclosure, which should be construed in light of the above teachings. Are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A data processing method applied to a first server, the method comprising:
acquiring an information query request of a query party;
under the condition that the information query request comprises preset words, confirming a holder of information to be queried of the information query request based on the information query request, and generating a first authorization request;
sending the first authorization request to the holding party, so that the holding party determines whether to send the information to be inquired by the information inquiry request to the inquiring party based on the first authorization request;
receiving the information to be queried of the information query request sent by the holding party, and sending the received information to the querying party;
the sending the first authorization request to the holding party so that the holding party determines whether to send the information to be queried by the information query request to the querying party based on the first authorization request includes:
the owner sends a second authorization request to the inquired party based on the first authorization request, and when the inquired party allows the inquired party to inquire, the owner acquires the information to be inquired by the information inquiry request of the inquirer from the block chain private database and sends the information to be inquired to the first server; the inquiring party and the inquired party belong to different client identity authentication systems.
2. The data processing method of claim 1, before determining that a preset vocabulary is included in the information query request, further comprising:
acquiring query condition information in the information query request;
preprocessing the query condition information to obtain query data in a preset format;
and determining whether the query data are stored in a block chain shared database, and determining whether the information query request comprises preset words or not under the condition that the query data are stored in the block chain shared database.
3. The data processing method according to claim 2, wherein the query data is stored in the blockchain shared database, and in a case that a preset vocabulary is not included in the information query request, the method further comprises:
determining a data storage unit storing the query data; the block chain shared database comprises a plurality of data storage units;
acquiring first data information matched with the query data from the data storage unit;
and sending the first data information acquired from the data storage unit to the inquirer.
4. The data processing method of claim 2, wherein the method further comprises:
acquiring second data information sent by a holding party;
preprocessing second data information received from the holding party to obtain data to be stored in a preset format;
and storing the obtained data to be stored in the preset format into the block chain shared database.
5. The data processing method of claim 2, wherein the method further comprises:
acquiring a data updating request which is sent by a holding party and carries data to be updated;
preprocessing the data to be updated acquired from the holding party to obtain the data to be updated in a preset format;
when the original data corresponding to the data to be updated in the preset format is stored in the block chain shared database, sending a data updating authentication request to other holders so that the other holders determine whether to send data updating permission information aiming at the data updating authentication request;
and when receiving data updating permission information sent by any other holding party, updating original data corresponding to the data to be updated in the block chain shared database into the data to be updated.
6. The data processing method according to claim 5, wherein when the block chain shared database does not store original data corresponding to the data to be updated in the preset format, the method further comprises:
determining a data storage unit storing the data to be updated;
and storing the data to be updated into the data storage unit.
7. A data processing method applied to a second server, the method comprising:
receiving a first authorization request sent by a first server; the first authorization request is generated after the first server confirms the holder of the information to be inquired by the information inquiry request based on the information inquiry request under the condition that the information inquiry request of the inquirer comprises preset words;
determining an inquired party identification based on the first authorization request;
generating a second authorization request based on the first authorization request, and sending the second authorization request to a corresponding inquired party based on the inquired party identification so that the inquired party determines whether to generate corresponding inquiry permission information for the second authorization request;
and acquiring information to be inquired by an information inquiry request of an inquirer from a block chain private database based on the received inquiry permission information sent by the inquired party, and sending the information to be inquired by the information inquiry request to the first server, wherein the inquirer and the inquired party belong to different client identity authentication systems.
8. The data processing method of claim 7, wherein the method further comprises:
acquiring second data information to be stored, which is sent by the inquired party;
preprocessing the second data information to obtain user data information in a preset format;
and storing the obtained user data information in the preset format into the block chain private database.
9. A data processing method is applied to a terminal device, and the method comprises the following steps:
receiving a second authorization request sent by a second server based on the inquired party identification; wherein the queried party identification is determined by the second server based on the first authorization request; the first authorization request is generated after the first server confirms the holder of the information to be inquired by the information inquiry request based on the information inquiry request under the condition that the information inquiry request of the inquirer comprises a preset vocabulary; the second authorization request is generated by a second server based on the first authorization request;
generating inquiry permission information based on a permission instruction sent by the inquired party for the second authorization request;
and sending the query permission information to the second server, so that the second server obtains information to be queried by an information query request of a query party from a block chain private database based on the received query permission information sent by the queried party, and sends the information to be queried by the information query request to the first server, wherein the query party and the queried party belong to different client identity authentication systems.
10. A data processing apparatus, characterized in that the apparatus comprises:
the first acquisition module is used for acquiring an information query request of a query party;
the first authorization module is used for confirming a holder of information to be inquired by the information inquiry request based on the information inquiry request and generating a first authorization request under the condition that the information inquiry request comprises preset words;
a first sending module, configured to send the first authorization request to the holder, so that the holder determines, based on the first authorization request, whether to send information to be queried by the information query request to the querying party;
the first receiving module is used for receiving the information to be inquired of the information inquiry request sent by the holding party and sending the received information to the inquiring party;
the first sending module, when configured to send the first authorization request to the holder, so that the holder determines, based on the first authorization request, whether to send the information to be queried by the information query request to the querying party, includes:
the owner sends a second authorization request to the inquired party based on the first authorization request, and when the inquired party allows the inquired party to inquire, the owner acquires the information to be inquired by the information inquiry request of the inquirer from the block chain private database and sends the information to be inquired to the first server; the inquiring party and the inquired party belong to different client identity authentication systems.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910501354.7A CN110209691B (en) | 2019-06-11 | 2019-06-11 | Data processing method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910501354.7A CN110209691B (en) | 2019-06-11 | 2019-06-11 | Data processing method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110209691A CN110209691A (en) | 2019-09-06 |
CN110209691B true CN110209691B (en) | 2022-04-05 |
Family
ID=67792004
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910501354.7A Active CN110209691B (en) | 2019-06-11 | 2019-06-11 | Data processing method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110209691B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110505239B (en) * | 2019-09-09 | 2023-03-24 | 腾讯云计算(北京)有限责任公司 | Information processing method and device based on block chain network and electronic equipment |
CN111581656B (en) * | 2020-05-11 | 2023-06-23 | 深圳市洞见智慧科技有限公司 | Data query method and device |
CN112214789A (en) * | 2020-09-03 | 2021-01-12 | 长沙通诺信息科技有限责任公司 | Ethical data processing method, block chain network and electronic equipment |
CN111986764B (en) * | 2020-09-03 | 2023-08-22 | 深圳平安智慧医健科技有限公司 | Medical data sharing method, device, terminal and storage medium based on blockchain |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107196894A (en) * | 2016-03-15 | 2017-09-22 | 阿里巴巴集团控股有限公司 | Obtain the method and device of account authorization message |
CN107274130A (en) * | 2017-06-16 | 2017-10-20 | 合肥维天运通信息科技股份有限公司 | A kind of driver's credit investigation system and method based on block chain technology and Logistics Information Platform |
CN107392602A (en) * | 2017-06-26 | 2017-11-24 | 中国人民银行数字货币研究所 | The method and system of enquiring digital currency wallet |
CN107947922A (en) * | 2017-11-29 | 2018-04-20 | 中国科学院合肥物质科学研究院 | A kind of digital archives management method and system based on block chain technology |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102176709B (en) * | 2010-12-13 | 2013-11-13 | 北京交通大学 | Method and device with privacy protection function for data sharing and publishing |
CN103442061A (en) * | 2013-08-28 | 2013-12-11 | 百度在线网络技术(北京)有限公司 | Method and system for encrypting cloud server files and cloud server |
US11301852B2 (en) * | 2014-11-03 | 2022-04-12 | Visa International Service Association | System and method for updating account information |
TWI644556B (en) * | 2017-05-18 | 2018-12-11 | 富邦金融控股股份有限公司 | Know your customer (kyc) data sharing system with privacy and method thereof |
US10735202B2 (en) * | 2017-07-24 | 2020-08-04 | International Business Machines Corporation | Anonymous consent and data sharing on a blockchain |
CN108133150B (en) * | 2018-02-05 | 2024-01-16 | 北京公共交通控股(集团)有限公司 | Contract data-based security management system, storage medium and electronic terminal |
-
2019
- 2019-06-11 CN CN201910501354.7A patent/CN110209691B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107196894A (en) * | 2016-03-15 | 2017-09-22 | 阿里巴巴集团控股有限公司 | Obtain the method and device of account authorization message |
CN107274130A (en) * | 2017-06-16 | 2017-10-20 | 合肥维天运通信息科技股份有限公司 | A kind of driver's credit investigation system and method based on block chain technology and Logistics Information Platform |
CN107392602A (en) * | 2017-06-26 | 2017-11-24 | 中国人民银行数字货币研究所 | The method and system of enquiring digital currency wallet |
CN107947922A (en) * | 2017-11-29 | 2018-04-20 | 中国科学院合肥物质科学研究院 | A kind of digital archives management method and system based on block chain technology |
Also Published As
Publication number | Publication date |
---|---|
CN110209691A (en) | 2019-09-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20230246842A1 (en) | Compact recordation protocol | |
US20220321359A1 (en) | Methods and systems for ownership verification using blockchain | |
US20210314313A1 (en) | Certificate issuing system based on block chain | |
CN110462658B (en) | System and method for providing digital identity records to verify the identity of a user | |
KR101829729B1 (en) | Method for certifying a user by using mobile id through blockchain and merkle tree structure related thereto, and terminal and server using the same | |
CN110209691B (en) | Data processing method and device | |
US10749681B2 (en) | Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features | |
RU2747947C2 (en) | Systems and methods of personal identification and verification | |
EP3701668B1 (en) | Methods for recording and sharing a digital identity of a user using distributed ledgers | |
AU2011313826B2 (en) | System and method of conducting transactions | |
US20240267230A1 (en) | Verification and encryption scheme in data storage | |
EP3750094B1 (en) | Systems and methods for use in managing digital identities | |
KR101676215B1 (en) | Method for signing electronic documents with an analog-digital signature with additional verification | |
CN112106324A (en) | Methods, computer program products and devices for creating, registering and verifying digitally stamped assets | |
US9230133B2 (en) | Secure access for sensitive digital information | |
US12028458B2 (en) | Systems and methods for user identity | |
EP3731115B1 (en) | Distributed ledger data verification network | |
US11310052B1 (en) | Identity authentication blockchain | |
CN117426073A (en) | Trusted chain of custody for verifiable credentials | |
KR101876672B1 (en) | Digital signature method using block chain and system performing the same | |
CN110032890B (en) | Safety network device and safety access method | |
US20230131095A1 (en) | Computer method and graphical user interface for identity management | |
WO2023217678A1 (en) | Authentication device, method, and computer program | |
CN115310978A (en) | Transaction method and device for digital assets | |
KR101876671B1 (en) | Digital signature method by communicating server-to-server and system performing the same |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |