Data authorization method of blockchain

Data authorization method of blockchain

Term definitionBlockchain is a decentralized distributed database technology with the characteristics of decentralization, openness, transparency, immutability and trustworthiness. Smart contract is a program described in code that can be triggered by transactions on the blockchain. Authorization transaction is submitted by the privacy computing platform to the blockchain node to query whether the data user has obtained the authorization of the target data held by the data owner. Data authorization smart contract is a smart contract deployed on the blockchain to verify the authorization status of the data user and generate an authorization token. The authorization token is generated by the data authorization smart contract, which instructs the privacy computing platform to obtain the target data and provide the credentials to the data user. The privacy computing platform receives the data acquisition request from the data user and interacts with the blockchain network to obtain data authorization and the platform for target data. The data owner is the entity that holds the target data. The data user requests to obtain the target data. Target data is the data that the data user wants to obtain from the data owner. Off-chain refers to data or operations that are not stored on the blockchain. Transaction log is a log that records transaction information on the blockchain and can be used to monitor events. Event monitoring mechanism is a mechanism that allows entities to monitor specific events on the blockchain, such as authorization status update events. Temporary key is a one-time key generated during the authorization process, which is used to encrypt the target data and transmit it securely between the data user and the privacy computing platform. Trusted Execution Environment (TEE) is a secure extension of CPU hardware, which is completely isolated from the external environment and provides a secure code execution and data storage environment.

Question and answer

What is blockchain-based data authorization and what problems does it solve?

Blockchain-based data authorization refers to the use of blockchain technology to achieve secure and controllable management of data access rights. It solves the problems of centralization risk, data leakage risk, and opaque authorization process in traditional data authorization methods, and can effectively protect data security and user privacy.

What role does the data authorization smart contract play in the data authorization process?

The data authorization smart contract is the core component for implementing data authorization. It is stored on the blockchain and is responsible for verifying the authorization status of the data user. After the authorization is passed, it generates an authorization token to instruct the privacy computing platform to obtain the target data and provide it to the data user.

What information does the authorization token contain and how to ensure its security?

The authorization token can contain user ID, encrypted temporary key, authorization content, data description information, etc. Its security is guaranteed by encryption algorithms and digital signatures, for example, using the public keys of the data user and the privacy computing platform to encrypt temporary keys respectively, and using the keys to generate a message authentication code (MAC) to verify the integrity and authenticity of the token.

How does the privacy computing platform obtain the target data and provide it to the data user?

After obtaining the authorization token, the privacy computing platform can obtain the target data from the blockchain network or off-chain storage space. To ensure data security, the target data is usually stored in encrypted form. The privacy computing platform can use the private key of the data owner to decrypt the data, or perform predetermined operations on the data according to the needs of the data user before providing it to the data user.

How to ensure the security of data with different privacy levels?

Different processing methods can be used for target data with different privacy levels. For example, for data with a low privacy level, it can be directly provided to the data user; for data with a high privacy level, it is necessary to perform predetermined operations first, such as data desensitization or aggregate calculation, and then provide the results to the data user to avoid leakage of the original data.

What role does the event monitoring mechanism play in the data authorization process?

The event monitoring mechanism allows data users and data owners to track key events in the authorization process in real time, such as authorization request events, authorization status update events, etc. This improves the transparency and efficiency of the authorization process.

What is a Trusted Execution Environment (TEE) and what applications does it have in data authorization?

TEE is a hardware-based security extension that provides a code execution and data storage environment that is completely isolated from the external environment. In data authorization, TEE can be used to protect sensitive data and operations, such as private key storage, data decryption, smart contract execution, etc., to prevent malicious attacks and data leakage.

What role does off-chain storage space play in data authorization?

Off-chain storage space can be used to store the target data of the data owner, avoiding storing all data on the blockchain and reducing the storage pressure of the blockchain. The privacy computing platform can access the off-chain storage space to obtain the target data based on the authorization token.

In actual applications, how to choose to store the target data on the blockchain or in the off-chain storage space?

Choosing whether to store the target data on the blockchain or in the off-chain storage space requires comprehensive consideration of factors such as data security, privacy, storage cost, and access efficiency. For example, for data that needs to be open, transparent, and tamper-proof, you can choose to store it on the blockchain; for data with a large amount of data and a high access frequency, you can choose to store it in the off-chain storage space.

In addition to the application scenarios mentioned in the article, what other fields can blockchain-based data authorization technology be applied to?

In addition to the supply chain finance and electronic invoices mentioned in the article, blockchain-based data authorization technology can also be applied to many fields such as medical health, digital identity, Internet of Things, copyright protection, etc. to achieve secure sharing and utilization of data.