(19)
(11)EP 3 547 198 A1

(12)EUROPEAN PATENT APPLICATION
published in accordance with Art. 153(4) EPC

(43)Date of publication:
02.10.2019 Bulletin 2019/40

(21)Application number: 17873246.7

(22)Date of filing:  17.11.2017
(51)International Patent Classification (IPC): 
G06F 21/62(2013.01)
(86)International application number:
PCT/CN2017/111538
(87)International publication number:
WO 2018/095275 (31.05.2018 Gazette  2018/22)
(84)Designated Contracting States:
AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR
Designated Extension States:
BA ME
Designated Validation States:
MA MD

(30)Priority: 24.11.2016 CN 201611050311

(71)Applicant: Alibaba Group Holding Limited
Grand Cayman (KY)

(72)Inventor:
  • TONG, Jun
    Hangzhou, Zhejiang 311121 (CN)

(74)Representative: Conroy, John 
Fish & Richardson P.C. Highlight Business Towers Mies-van-der-Rohe-Straße 8
80807 München
80807 München (DE)

  


(54)DATA ACCESS METHOD, SYSTEM AND APPARATUS


(57) The present application discloses a method, system and apparatus for data access. During a data storage process, a data storage instruction is first determined; then a blockchain and a key pair that correspond to an identifier are determined based on the identifier carried in the data storage instruction; finally, data to be stored is stored in the blockchain based on the key pair. During a data query process, a data query instruction is first determined; then a blockchain and a private key that correspond to an identifier are determined based on the identifier that corresponds to the data query instruction; finally, a query is performed after data in the blockchain is decrypted based on the private key. It can be seen that, according to the method provided in this implementation of the present application, for accessing data that corresponds to the identifier is accessed, there is no need to access a plurality of databases but only the following operation needs to be performed: accessing the blockchain that corresponds to the identifier, and storing data by using a key pair. As such, data security is ensured, operation complexity can be lowered, and data access efficiency can be improved.




Description

TECHNICAL FIELD



[0001] The present application relates to the field of information technologies, and in particular, to a method, system and apparatus for data access.

BACKGROUND



[0002] With the development of information technologies and the widespread popularity of digital office, many industries generate a large amount of data that needs to be stored every day. Therefore, the data storage technology has become one of the public focuses.

[0003] A general solution in the existing data storage technology is to implement data storage by using a database technology. That is, one or more devices that store data are managed by using one database management center, and create, retrieve, update, and delete (CRUD) operations performed on data are managed by using the database management center. With the continuous development of existing data storage technologies, new data storage technologies such as a distributed database technology are gradually developed and perfected. As such, data storage is significantly improved not only in terms of a storage speed, data occupation space, but also in terms of data management convenience, etc., so as to satisfy people's demands for data storage.

[0004] However, in the existing technology, databases used by different enterprises or units usually run independently, and are separately managed by respective database management centers. When data separately stored by a plurality of enterprises or units needs to be obtained, corresponding data needs to be separately obtained from different databases, and a data acquisition process is consequently complex.

[0005] In addition, considering the security of the data, usually, not databases of all enterprises or units are publicly accessible. Consequently, it is difficult to obtain related data successfully over the network. In addition, usually, before obtaining data, an identity needs to be first proved (or a digital certificate needs to be obtained) in a qualified department, so as to obtain the data from the enterprise or the unit by using the identity information (or the digital certificate) that has already been proved. Consequently, it becomes harder to obtain the data.

SUMMARY



[0006] Implementations of the present application provide a data storage and query method, apparatus, and system, to alleviate an issue of complex operations of obtaining data from multiple databases and low efficiency resulting from storing data in different databases that are independent of each other in an existing data storage technology.

[0007] The following technical solutions are adopted in the implementations of the present application.

[0008] A data storage method is provided, including the following: determining a data storage instruction, where the data storage instruction carries an identifier and data to be stored; determining a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier based on the identifier; and storing the data to be stored in the blockchain based on the key pair.

[0009] A data query method is provided, including the following: determining a data query instruction, where the data query instruction carries an identifier; determining a blockchain that corresponds to the identifier and a private key that corresponds to the identifier based on the identifier; and performing a query after decrypting data in the blockchain based on the private key.

[0010] A data access system is provided, including several storage devices, several query devices, and several blockchain network storage nodes, where the blockchain network storage node is configured to store a blockchain that corresponds to an identifier; the storage device is configured to determine a data storage instruction, determine the blockchain that corresponds to the identifier and a key pair that corresponds to the identifier based on the identifier carried in the data storage instruction, and store data to be stored in the blockchain that corresponds to the identifier in the blockchain network storage node based on the key pair; and the query device is configured to determine a data query instruction, determine a blockchain that corresponds to the identifier and a private key that corresponds to the identifier based on an identifier carried in the data query instruction, decrypt data in the blockchain by using the private key, and perform a query.

[0011] A data storage apparatus is provided, including the following: a first determining module, configured to determine a data storage instruction, where the data storage instruction carries an identifier and data to be stored; a second determining module, configured to determine a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier based on the identifier; and a storage module, configured to store the data to be stored in the blockchain based on the key pair.

[0012] A data query apparatus is provided, where the apparatus includes a vibration motor and a sensor, and includes the following: a first determining module, configured to determine a data query instruction, where the data query instruction carries an identifier; a second determining module, configured to determine a blockchain that corresponds to the identifier and a private key that corresponds to the identifier based on the identifier; and a query module, configured to perform a query after decrypting data in the blockchain based on the private key.

[0013] At least one of the previously described technical solutions used in the implementations of the present application can achieve the following beneficial effects:

[0014] During a data storage process, the data storage instruction is first determined; then the blockchain and the key pair that correspond to the identifier are determined based on the identifier carried in the data storage instruction; finally, the data to be stored is stored in the blockchain based on the key pair. During a data query process, the data query instruction is first determined; then the blockchain and the private key that correspond to the identifier are determined based on the identifier that corresponds to the data query instruction; finally, a query is performed after the data in the blockchain is decrypted based on the private key. It can be seen that, according to the method provided in the implementations of the present application, for accessing data that corresponds to the identifier, there is no need to access a plurality of databases but only access the blockchain that corresponds to the identifier. Meanwhile, data can be stored only by using the key pair. As such, data security is ensured, operation complexity can be lowered, and data access efficiency can be improved.

BRIEF DESCRIPTION OF DRAWINGS



[0015] The accompanying drawings described here are intended to provide a further understanding of the present application, and constitute a part of the present application. The illustrative implementations of the present application and descriptions thereof are intended to describe the present application, and do not constitute limitations on the present application. In the accompanying drawings:

FIG. 1 illustrates a data storage process, according to an implementation of the present application;

FIG. 2 illustrates a data query process, according to an implementation of the present application;

FIG. 3 is a schematic structural diagram illustrating a data access system, according to an implementation of the present application;

FIG. 4 is a schematic structural diagram illustrating another data access system, according to an implementation of the present application;

FIG. 5 is a schematic structural diagram illustrating a data storage apparatus, according to an implementation of the present application; and

FIG. 6 is a schematic structural diagram illustrating another data query apparatus, according to an implementation of the present application.


DESCRIPTION OF IMPLEMENTATIONS



[0016] To make the objectives, technical solutions, and advantages of the present application clearer, the following clearly and comprehensively describes the technical solutions of the present application with reference to specific implementations and accompanying drawings of the present application. Apparently, the described implementations are merely some rather than all of the implementations of the present application. All other implementations obtained by a person of ordinary skill in the art based on the implementations of the present application without creative efforts shall fall within the protection scope of the present application.

[0017] The present application relates to a blockchain technology. Before describing the implementations of the present application in detail, a concept of a blockchain is first properly described. A "block" of a "blockchain" is a basic unit that forms a blockchain. The block can include two parts: a block header and a block body. The block header can include at least three types of information, that is, identification information (for example, a hash value) of the current block, identification information of a previous block of the current block, a time stamp, etc. Because one block includes identification information of a previous block, a plurality of blocks can form a chain, and further form a blockchain network. The blockchain has many excellent features as described below. Decentralization: Due to the use of distributed ledger and storage, there is no centralized hardware or management organization, and the rights and obligations of any node are equal; the data blocks in the system are jointly maintained by the nodes with maintenance functions in the entire system. Autonomy: The blockchain adopts consensus-based specifications and protocols (such as a set of open and transparent algorithms) to enable all nodes in the entire system to freely and securely exchange data in an untrusted environment. As such, trust in "people" becomes trust in machines, and there is no human intervention. Non-tampering: Once the information has been verified and added to the blockchain, the information is stored permanently. Unless more than 51% of the nodes in the system can be controlled at the same time, the modification to the database is invalid. Therefore, the data stability and reliability of the blockchain are very high.

[0018] The technical solutions provided in the implementations of the present application are described in detail below with reference to the accompanying drawings.

[0019] FIG. 1 illustrates a data storage process, according to an implementation of the present application. The process includes the following steps.

[0020] S101: Determine a data storage instruction.

[0021] Usually, in a data storage process, a data storage device can store data to be stored in a specified storage device based on a data storage instruction. For example, when storing data in a database, the data storage device can store the data in the device of a database based on a received data storage instruction. The device here can be a separate device, or can be a system that includes a plurality of devices. The device can be a mobile phone, a personal computer, a tablet computer, a server, etc. The device is not limited in the present application. In this implementation of the present application, a data query method and apparatus are further provided. For ease of description (but not for limitation), subsequently, devices that execute a data storage process are referred to as a storage device.

[0022] Because the storage device can be configured to execute a data storage process, the storage device can determine a data storage instruction. The data storage instruction can be generated by the storage device or can be received by the storage device. The source of the data storage instruction is not limited in the present application, provided that the storage device can determine the data storage instruction. In this implementation of the present application, the data storage instruction can carry an identifier and data to be stored. That is, when determining the data storage instruction, the storage device can determine the identifier carried in the data storage instruction and the data that needs to be stored by using the data storage instruction. The identifier can be an identity card number of a citizen, an account identifier, a mailbox identifier, etc. The identifier is not limited in the present application provided that the identifier is a globally unique identifier. Certainly, for ease of subsequent description, the following gives a description by using an example that an identifier is an identity card number of a citizen.

[0023] S102: Determine a blockchain that corresponds to an identifier and a key pair that corresponds to the identifier based on the identifier.

[0024] In this implementation of the present application, after the storage device determines the data storage instruction, because the storage device can further determine the identifier carried in the data storage instruction and the data to be stored, the storage device can further determine the blockchain that corresponds to the identifier and the key pair that corresponds to the identifier based on the identifier. In a subsequent data storage process, the data to be stored determined in step S101 is stored in the blockchain.

[0025] In this implementation of the present application, "a blockchain that corresponds to an identifier" indicates a relationship between an identifier and a blockchain. In an actual application process, the identifier can be classified into at least two types based on a characteristic of the identifier: a subject-specific identifier and a transaction-specific identifier, and different types of identifiers can correspond to different blockchains. For the former, different subjects (for example, person A and person B) can correspond to different blockchains, and for the latter, different transactions (for example, registration transactions for book purchasing and reunion transactions) can correspond to different blockchains. The following separately describes an identifier and a corresponding blockchain by using examples.

[0026] Assume that a blockchain technology is used for personal file storage now. The personal file usually includes a plurality of types of information, and the information comes from records in different government departments or related institutions. For example, for person A, the file information can include household registration information that is recorded by a police department, marital status information that is recorded by a civil affairs department and formed based on a marital status of A, loan information that is recorded by a bank and formed based on a personal loan of A, and employment information that is recorded by an employer and formed based on a personal employment relationship of A. The information is formed in different periods, and can be stored in one blockchain by using the blockchain technology. Therefore, the blockchain is a blockchain dedicated to (corresponding to) person A. Likewise, for person B, there can be a blockchain that stores a personal file of B. Accordingly, there can be massive blockchains that are formed due to different identities of persons. In this way, because a plurality of blockchains can coexist in a network formed by a plurality of blockchain network storage nodes, to write personal file information newly generated by a subject into an existing blockchain of the subject, a blockchain that corresponds to the subject needs to be first determined (identified) based on an identifier of the subject. This type of identifier is a subject-specific identifier.

[0027] Assume that registration transactions for book purchasing need to be performed in a WECHAT group now using the blockchain technology. The first person who initiates a registration activity to book A sends the serial number and name (1, name 1) to the WECHAT group; the second person who also wants to purchase book A adds personal information to the information of the first person and sends the information (1, name 1; 2, name 2) to the WECHAT group; and so on. This entire process forms a blockchain (blockchain A) for purchasing book A. However, in the WECHAT group, there can also be a registration activity to book B (or other transactions such as organizing a dinner party). The first person who initiates a registration activity to book B can send the serial number and name to the WECHAT group, and so on, to form a blockchain (blockchain B) for purchasing book B. When two or more blockchains coexist in one WECHAT group, a person who needs to add information to the chain needs to identify a corresponding blockchain. For example, a person who wants to purchase book A needs to identify blockchain A, and a person who wants to purchase book B needs to identify blockchain B. In this way, because a plurality of blockchains can coexist in a network formed by a plurality of blockchain network storage nodes (similar to a device of a group member in a WECHAT group), to write transaction update information generated for a transaction into an existing blockchain of the transaction, a blockchain that corresponds to the transaction needs to be first determined (identified) based on an identity of the transaction. This type of identifier is a transaction-specific identifier.

[0028] In this implementation of the present application, the blockchain that corresponds to the identifier can be a consortium blockchain, that is, not all end-user devices have permission to perform a data storage operation on the blockchain, and only a specified end-user device has permission to perform a data storage operation on the blockchain, to ensure data security and data authenticity in the blockchain during a data storage process. Certainly, in another implementation of the present application, the blockchain can also be a public blockchain, a private blockchain, etc. It is worthwhile to note that a way of determining the specified end-user device here in an actual process is related to factors such as a characteristic of a blockchain. The way is not limited in the present application. For example, in the previous implementation of the present application, the blockchain is a consortium blockchain, and the specified end-user device can be determined by the consortium. On this basis, in the previous implementation of the present application, a storage device that performs step S101, step S102, and a subsequent data storage process can be the specified end-user device, that is, an end-user device that has permission to store data in the blockchain.

[0029] In this implementation of the present application, the storage device can determine whether a blockchain that corresponds to the identifier exists in the blockchain network storage node based on the identifier determined in step S101 and a pre-stored mapping relationship between the identifier and each of the key pair and the blockchain. If there are a plurality of blockchain network storage nodes, the storage device can determine a blockchain that corresponds to the identifier by searching at least one blockchain network storage node. Here, a mapping relationship between the identifier and the blockchain can be stored in the storage device, or can be stored in each node in a network formed by blockchain network storage nodes, or can even be stored in a third-party device. In practice, a storage location of the mapping relationship can be considered from the perspective of reading convenience, a read speed, security, etc. For example, the mapping relationship between an identifier and a blockchain is stored locally in the storage device, so that it can be more convenient for reading and writing. Likewise, a mapping relationship between the identifier and the key pair can be stored in a place based on an actual situation. In addition, it is worthwhile to further note that the blockchain network storage node and the storage device here can be the same device, or can be different devices. Implementations are not limited in the present application. To ensure data security, usually, there can be a plurality of blockchain network storage nodes in the blockchain technology. As such, the blockchain can be stored in the plurality of blockchain network storage nodes. When one blockchain network storage node is faulty (for example, a breakdown or a data loss occurs), any other blockchain network storage node that is not faulty can replace the node to work, and the faulty blockchain network storage node can be restored based on data stored in the blockchain network storage node that is not faulty (that is, data stored in the blockchain).

[0030] After determining, if a blockchain that corresponds to the identifier exists, the key pair that corresponds to the identifier can be further determined. If the blockchain that corresponds to the identifier does not exist, the blockchain that corresponds to the identifier and the key pair that corresponds to the identifier are generated. Details are as follows.

[0031] When the blockchain exists, in the present application, because the storage device can be specified, the storage device can further pre-store the key pair that corresponds to the identifier, and the storage device can determine the blockchain that corresponds to the identifier and the key pair that corresponds to the identifier. The determined blockchain stores an encrypted data packet that corresponds to the identifier, the key pair can be used to decrypt and encrypt the encrypted data packet that corresponds to the identifier, and the storage device determines the blockchain and the key pair to proceed with a subsequent data storage process. It is worthwhile to note that, when the blockchain that corresponds to the identifier exists, during a process of determining the key pair, the storage device can also send a request for obtaining the key pair that corresponds to the identifier to another specified device, where the request can carry an identifier of the storage device, so that the another specified device determines that the storage device also belongs to the specified device and has permission to obtain the key pair, and the key pair is returned so that the storage device can obtain the key pair. It is worthwhile to note that, when determining the key pair, the storage device can also use different methods based on actual demands in practice. Implementations are not limited in the present application.

[0032] When a blockchain that corresponds to the identifier does not exist, the storage device can generate a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier. The generated blockchain is used to store data that corresponds to the identifier, and to ensure data security, the data can be an encrypted data packet that is obtained after a packaging and encryption operation, that is, the blockchain can store an encrypted data packet that corresponds to the identifier. The key pair can be used to enable a specified device to store data in the blockchain, that is, the key pair can be used to decrypt and encrypt an encrypted data packet that corresponds to the identifier, so that the specified device can store data in the blockchain.

[0033] S103: Store data to be stored in the blockchain based on the key pair.

[0034] In this implementation of the present application, after the storage device determines the blockchain that corresponds to the identifier and the key pair that corresponds to the identifier, the storage device can store the data to be stored carried in the data storage instruction in the blockchain, to complete the data storage process.

[0035] In step S102, a case that the storage device determines the blockchain and a case that the storage device determines the key pair are different, as described below:

Case 1: When determining that a blockchain that corresponds to the identifier exists, the storage device can perform the following steps. The storage device can first retrieve, from the blockchain network storage node, an encrypted data packet that corresponds to the identifier in the blockchain. Next, the storage device can decrypt the encrypted data packet by using a private key in the key pair to obtain all data that corresponds to the identifier in the encrypted data packet. Then, the storage device can update all the data based on the data to be stored, to obtain updated data that corresponds to the identifier. Finally, the storage device can encrypt the updated data as an updated encrypted data packet by using a public key in the key pair, and after adding a time stamp to the updated encrypted data packet, store the updated encrypted data packet and the time stamp in the blockchain, and store, in the blockchain network storage node, the blockchain that stores the updated encrypted data packet and the time stamp. After all the previous data that corresponds to the identifier is updated to obtain the updated data, the updated data becomes all data that corresponds to the identifier. It is worthwhile to note that, because the blockchain technology is used in the present application, when the blockchain is stored in the blockchain network storage node, the blockchain network storage node can broadcast the blockchain to another blockchain network storage node, so that the current blockchain stored in all the blockchain network storage nodes is the same.

Case 2: When the storage device determines that a blockchain that corresponds to the identifier does not exist, the storage device can generate a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier, and can perform the following specific steps. The storage device can first generate initial data that corresponds to the identifier based on the identifier; update the initial data based on the data to be stored to updated data; generate the key pair that corresponds to the identifier, and encrypt the updated data as an encrypted data packet that corresponds to the identifier by using a public key in the key pair; generate the blockchain that corresponds to the identifier, and store the encrypted data packet in the blockchain; and store, in the blockchain network storage node, the blockchain that stores the updated encrypted data packet. A specific type of data included in the initial data of the identifier is not limited in the present application, and can be determined based on demands during an actual use process.



[0036] In addition, in the present application, the data to be stored is stored in the most recently generated data block in the blockchain. Further, after determining the blockchain, the storage device can determine the most recently generated data block based on a generation time of each data block in the blockchain. In addition, because one data block can store a plurality of encrypted data packets that correspond to the identifier, in the present application, the storage device can further determine the most recently stored encrypted data packet based on a time stamp carried in each encrypted data packet, as an encrypted data packet that corresponds to the identifier.

[0037] Further, because when the storage device stores the data to be stored, the data is updated after the encrypted data packet that corresponds to the identifier is retrieved, the storage device can add all the data that corresponds to the identifier to the encrypted data packet stored in the blockchain. That is, each updated encrypted data packet includes all data that corresponds to the identifier, so that when retrieving the encrypted data packet based on a time stamp, a device that retrieves the encrypted data packet can obtain all data that corresponds to the identifier, and no other data needs to be retrieved.

[0038] Still further, when generating the key pair that corresponds to the identifier, the storage device can further send the key pair and the identifier to each predetermined device. The storage device can send the key pair and the identifier to each device based on a predetermined address of each device. The predetermined devices can be specified devices, that is, devices that have permission to perform data storage on a blockchain that corresponds to the identifier.

[0039] It is worthwhile to note that, in the present application, the blockchain is stored in the blockchain network storage node, where each blockchain network storage node can be a system that includes one device or a plurality of devices, and is configured to store the blockchain. The blockchain stores an encrypted data packet that corresponds to the identifier, the blockchain can be stored in different blockchain network storage nodes, and the blockchain in the different blockchain network storage nodes is consistent. The blockchain and the blockchain network storage node are different concepts, and need to be understood differently.

[0040] According to the data storage method shown in FIG. 1, the data to be stored is stored in a blockchain that corresponds to the identifier, so that all data that corresponds to the identifier can be stored in the data chain, and when data that corresponds to the identifier are stored in different storage devices, the data does not need to be repeatedly retrieved, thereby improving efficiency of data storage and a data query. In addition, according to the consortium blockchain technology method, only a specified storage device has permission to store data that corresponds to the identifier. In addition, based on a characteristic of the blockchain technology, any operation performed on the data that corresponds to the identifier is recorded in the blockchain, so that security of the data that corresponds to the identifier is ensured, and a possibility of tracing a change of data that corresponds to the identifier is also improved.

[0041] In addition, the storage device can determine the key pair that corresponds to the identifier in step S102, so that the storage device can decrypt the retrieved encrypted data packet that corresponds to the identifier, and obtain all the data that corresponds to the identifier. Then, the storage device further needs to encrypt the updated data based on the key pair to store the encrypted data packet that corresponds to the identifier in the blockchain. As such, only the storage device that has the key pair that corresponds to the identifier can store the data in the blockchain, and in the present application, only the specified device can obtain the key pair, and it ensures security of the data in the blockchain.

[0042] Further, in the present application, to ensure security of storing data in the blockchain, when retrieving the data in the blockchain, the storage device can retrieve only the encrypted data packet in the blockchain, and determine that only data obtained after encryption performed by using the private key in the key pair is credible and secure.

[0043] Still further, in the present application, all data that corresponds to the identifier can be stored in a blockchain that corresponds to the identifier. However, in the consortium blockchain network, different specified devices can be configured to store different data that corresponds to the identifier. For example, the identifier can correspond to basic data (for example, a user attribute or a user type), or can correspond to account data (for example, an account balance or an account type), or can correspond to operation habit information (for example, historical behavior data). It can be seen that the basic data can be maintained by a device responsible for basic information that corresponds to the identifier (for example, a user center), and the account data can be maintained by a device responsible for keeping the accounts, and the operation habit data can be maintained by an advertisement pushing device. That is, in the present application, different devices can maintain data of different types that corresponds to the identifier.

[0044] Different key pairs can be allocated to different specified devices in the consortium blockchain network, where different key pairs include the same private key, used to decrypt encrypted data packets that correspond to the identifier. However, different key pairs include different public keys, and different public keys can be used to encrypt only data of a specified type, so that devices that have different key pairs can store only data of a specified type. The configuration of the key pair can be determined by the staff. A specific configuration method is omitted for simplicity in the present application, provided that the key pair enables different devices to have permission to perform data encryption on data of different types.

[0045] For example, device A, device B, and device C respectively have different key pairs X, Y, and Z, and the key pairs X, Y, and Z can be used to encrypt x-type, y-type, and z-type data in all data that corresponds to identifier a, as shown in Table 1.
Table 1
DeviceKey pairData type
Device A Key pair X x-type data
Device B Key pair Y y-type data
Device C Key pair Z z-type data


[0046] The x-type, y-type, and z-type data include all data that corresponds to identifier a. Therefore, devices A, B, and C can store only a part of the data that corresponds to identifier a by using different key pairs. It improves security during a data storage process and reduces a probability of performing a misoperation on the data that corresponds to the identifier.

[0047] It is worthwhile to note that all the steps of the method provided in the implementations of the present application can be performed by the same device, or the method can be performed by different devices. For example, step S101 and step S102 can be performed by device 1, and step S103 can be performed by device 2. For another example, step S101 can be performed by device 1, and step S102 and step S103 can be performed by device 2.

[0048] Based on the data storage process shown in FIG. 1, correspondingly, an implementation of the present application further provides a data query method, as shown in FIG. 2.

[0049] FIG. 2 illustrates a data query process, according to an implementation of the present application. The process includes the following steps:
S201: Determine a data query instruction.

[0050] In this implementation of the present application, an end-user device can determine a data query instruction, and proceed with a subsequent data query process. The end-user device can be a mobile phone, a tablet computer, a personal computer, a server, etc. and the end-user device can be a separate device, or can be a system that includes a plurality of devices. Implementations are not limited in the present application.

[0051] The data query instruction can carry an identifier, and is used to subsequently determine a blockchain for querying data. The data query instruction can be generated and determined by the end-user device. Certainly, in this implementation of the present application, the end-user device can also receive the data query instruction and determine the data query instruction. There is no limitation on a way to generating the data query instruction in the present application, provided that the end-user device can determine the data query instruction.

[0052] It is worthwhile to note that, in the present application, an execution body (that is, the end-user device) in the data query process shown in FIG. 2 can be different from an execution body in the data storage process shown in FIG 1. For distinguishing, in the subsequent description, a query device represents an end-user device that executes the data query process, and a storage device represents an end-user device that executes the data storage process.

[0053] S202: Determine a blockchain that corresponds to an identifier and a private key that corresponds to the identifier based on the identifier.

[0054] In this implementation of the present application, because the query device only needs to query the data that corresponds to the identifier, the query device can determine the blockchain that corresponds to the identifier and the private key that corresponds to the identifier based on the identifier.

[0055] In this implementation of the present application, the query device can determine the private key based on the pre-stored mapping relationship between the identifier and the private key in the key pair. Alternatively, when the private key that corresponds to the identifier is not pre-stored in the query device, the query device can further send a private key acquisition request to the specified end-user device (that is, the storage device) in FIG. 1, and receive the returned private key. The private key acquisition request can carry the device identifier of the query device and the identifier, so that the storage device can determine the private key in the key pair based on the identifier, and determine to return the private key to the query device by using the device identifier.

[0056] In addition, data that corresponds to the identifier is stored in a blockchain that corresponds to the identifier. Therefore, in the present application, the query device can further determine the blockchain that corresponds to the identifier in the blockchain network storage node based on the identifier, to proceed with a subsequent data query operation.

[0057] The query device can search the blockchain network storage node based on the identifier for the blockchain that corresponds to the identifier, and determine the blockchain. Certainly, if a blockchain that corresponds to the identifier is not identified in the blockchain network storage node, the query device can indicate an error and display query error information.

[0058] S203: Perform a query after decrypting data in the blockchain based on the private key.

[0059] In this implementation of the present application, after determining the private key, the query device can query the data based on the determined blockchain and the private key that correspond to the identifier.

[0060] The query device can first determine, from a blockchain network storage node, each encrypted data packet that corresponds to the identifier in the blockchain, determine the recently stored encrypted data packet as the encrypted data packet that corresponds to the identifier based on a time sequence of storing each encrypted data packet (that is, based on a time sequence of time stamps carried in encrypted data packets), decrypt the encrypted data packet based on the private key after retrieving the encrypted data packet that corresponds to the identifier, to obtain all data that corresponds to the identifier, and finally query all the data based on the data query instruction.

[0061] Because the query device only has a private key that corresponds to the identifier, the query device can only decrypt an encrypted data packet that corresponds to the identifier, but cannot encrypt the encrypted data packet. As such, the query device cannot store the data in the blockchain after updating the data that corresponds to the identifier, thereby ensuring security of storing the data in the blockchain.

[0062] In addition, when determining each encrypted data packet that corresponds to the identifier from the blockchain network storage node, the end-user device can first determine a generation time of each data block in the blockchain, and determine each encrypted data packet from the most recently generated data block, that is, determine that each encrypted data packet is stored in the most recently generated data block in the blockchain, and proceed with a subsequent operation.

[0063] It is worthwhile to note that all the steps of the method provided in the implementations of the present application can be performed by the same device, or the method can be performed by different devices. For example, step S201 and step S202 can be performed by device 1, and step S203 can be performed by device 2. For another example, step S201 can be performed by device 1, and step S202 and step S203 can be performed by device 2.

[0064] Based on the data storage process shown in FIG. 1 and the data query process shown in FIG. 2, correspondingly, a data access system is further provided in this implementation of the present application, as shown in FIG. 3.

[0065] FIG. 3 is a schematic structural diagram illustrating a data access system, according to an implementation of the present application. The data access system includes several storage devices, several query devices, and several blockchain network storage nodes.

[0066] The blockchain network storage node is configured to store a blockchain that corresponds to an identifier.

[0067] The storage device (that is, the storage device shown in FIG. 1 in this implementation of the present application) is configured to determine a data storage instruction, determine the blockchain that corresponds to the identifier and a key pair that corresponds to the identifier based on the identifier carried in the data storage instruction, and store data to be stored in the blockchain that corresponds to the identifier in the blockchain network storage node based on the key pair.

[0068] The query device (that is, the query device shown in FIG. 2 in this implementation of the present application) is configured to determine a data query instruction, determine a blockchain that corresponds to the identifier and a private key that corresponds to the identifier based on an identifier carried in the data query instruction, decrypt data in the blockchain by using the private key, and perform a query.

[0069] When any storage device in the data access system generates a blockchain that corresponds to the identifier, the storage device that generates the identifier can send the identifier and the key pair that corresponds to the identifier to another specified storage device. In addition, the storage device that generates the identifier can generate the blockchain only in one blockchain network storage node, and the blockchain network storage node can broadcast the blockchain network to another blockchain network storage node in the data access system, so that data in all blockchain network storage nodes in the data access system is consistent.

[0070] In addition, when determining the private key that corresponds to the identifier, the data query device can send a private key acquisition request to any storage device, to obtain the private key and perform a subsequent data query operation.

[0071] Further, in different storage devices in the data access system, pre-stored key pairs that correspond to the identifier can be different from each other, and different key pairs can be used to encrypt data of different types.

[0072] Still further, in the data access system, any device can obtain an encrypted data packet that corresponds to the identifier, and perform decryption to obtain data that corresponds to the identifier. Therefore, to ensure security and credibility of data in the blockchain, only the storage device (that is, the device specified by the consortium blockchain network) can encrypt the data that corresponds to the identifier. Therefore, in the data access system, only the encrypted data stored in the blockchain network storage node is credible data. As such, when obtaining the data that corresponds to the identifier by using the blockchain network storage node, the data query device and the storage device can obtain only the encrypted data packet in the blockchain network storage node.

[0073] In addition, because there are a plurality of blockchain network storage nodes in the data access system, to facilitate consistency of stored data, only one of the blockchain network storage nodes can be accessed by each storage device and each data query device. Another blockchain network storage node can be a secondary node. When the blockchain network storage node cannot work normally, the any secondary blockchain network storage node is selected to continue to work, and the blockchain network storage node that cannot work normally is restored by using the any secondary blockchain network storage node. Certainly, how to enable the secondary blockchain network storage node and how to determine that the working blockchain network storage node cannot work normally can be set by a staff based on a situation in practice. Implementations are not limited in the present application. In addition, for preventing a case that a service cannot be normally executed when the primary device stops working, a technical solution for using the secondary device to replace the primary device is quite mature. Therefore, details are omitted for simplicity in the present application.

[0074] Further, in the data access system, the blockchain network storage node and the storage device can be the same. That is, each blockchain network storage node is also a storage device. Alternatively, when a quantity of blockchain network storage nodes in the data access system is inconsistent with a quantity of storage devices, some of the blockchain network storage nodes are also storage devices, and the remaining blockchain network storage nodes are merely blockchain network storage nodes, or some of the storage devices are also blockchain network storage nodes, and the remaining storage devices are merely storage devices.

[0075] According to the data access system provided in FIG. 3 in this implementation of the present application, it can be seen that different storage devices can store data of different types that corresponds to the identifier, and data that corresponds to the identifier is stored in a blockchain that corresponds to the identifier. In addition, any data query device can access and retrieve data from the blockchain network storage node so that the data access system in the present application can effectively alleviate an issue of low efficiency and complex operations resulting from storing data in multiple devices.

[0076] In addition, in another implementation of the present application, the identifier can be an identity card number of a citizen, the storage device can be a data storage device of a credible unit such as a government department or a government unit, and the data query device can be any device in the society that needs to perform a data query, as shown in FIG. 4. In the present application, the data access can be shown in FIG. 4. The blockchain network storage node can be a data storage node provided by the government, and all data that corresponds to the citizen identity card number can be file data, credit data, bank account data, etc. of the citizen. Certainly, any data related to the citizen can be written into a blockchain that corresponds to the citizen identity card number.

[0077] Further, data storage devices of credible units such as different government departments or government units can be used to store data of different types in a blockchain that corresponds to the citizen identity card number. For example, a police department can perform a data storage operation on the crime record, household information, etc. of the citizen, a civil affairs department can perform a data storage operation on the marital status of the citizen, and a bank can perform a data storage operation on the account data and the credit data of the citizen. A specific process can be implemented by using different key pairs in step S102 and FIG. 1.

[0078] Still further, the data query device can be a device held by the citizen, or can be a data query device of another government department or company. For example, a visa approval department can send a private key retrieving request to the previous government department or the previous government unit, to obtain the private key that corresponds to the identity card of the citizen, and to query the information about the citizen. Alternatively, an employment unit can send a private key retrieving request to the previous government department or the previous government unit, to obtain the private key that corresponds to the identity card of the citizen, and to query the information about the citizen.

[0079] In addition, in another implementation of the present application, the storage device can be storage devices that separately correspond to a plurality of companies or units that have a consortium relationship, for example, a storage device that corresponds to a car rental company, a bank, or a transportation management authority. The query device can be an end-user device held by a driver or an end-user device held by a traffic policeman. As such, because all data that corresponds to the citizen can be stored in the blockchain, there is no need to create a special query system, and according to the data access system described in FIG. 4, it can be convenient to check a vehicle and a driver on the road.

[0080] Based on the data storage process shown in FIG. 1, correspondingly, an implementation of the present application further provides a data storage apparatus, as shown in FIG. 5.

[0081] FIG. 5 is a schematic structural diagram illustrating a data storage apparatus, according to an implementation of the present application. The apparatus includes the following: a first determining module 301, configured to determine a data storage instruction, where the data storage instruction carries an identifier and data to be stored; a second determining module 302, configured to determine a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier based on the identifier; and a storage module 303, configured to store the data to be stored in the blockchain based on the key pair.

[0082] The storage module 303 stores the data to be stored in the most recently generated data block in the blockchain.

[0083] The second determining module 302 determines whether a blockchain that corresponds to the identifier exists in a blockchain network storage node based on a pre-stored mapping relationship between the identifier and each of the key pair and the blockchain; in response to determining that the blockchain that corresponds to the identifier exists in the blockchain network storage node, determines a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier in the blockchain network storage node; and in response to determining that the blockchain that corresponds to the identifier does not exist in the blockchain network storage node, generates a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier.

[0084] When the second determining module 302 determines that a blockchain that corresponds to the identifier exists, the storage module 303 retrieves, from the blockchain network storage node, an encrypted data packet that corresponds to the identifier in the blockchain; decrypts the encrypted data packet by using a private key in the key pair to obtain all data that corresponds to the identifier in the encrypted data packet; updates all the data that corresponds to the identifier in the encrypted data packet based on the data to be stored, to obtain updated data; encrypts the updated data as an updated encrypted data packet by using a public key in the key pair; adds a time stamp to the updated encrypted data packet and stores the updated encrypted data packet and the time stamp in the blockchain; and stores, in the blockchain network storage node, the blockchain that stores the updated encrypted data packet and the time stamp.

[0085] When the second determining module 302 determines that a blockchain that corresponds to the identifier does not exist, the storage module 303 generates initial data that corresponds to the identifier based on the identifier; updates the initial data based on the data to be stored to updated data; generates the key pair that corresponds to the identifier, and encrypts the updated data as an encrypted data packet that corresponds to the identifier by using a public key in the key pair; generates the blockchain that corresponds to the identifier, and stores the encrypted data packet in the blockchain; and stores, in the blockchain network storage node, the blockchain that stores the updated encrypted data packet.

[0086] The second determining module 302 sends the generated key pair that corresponds to the identifier and the identifier to each predetermined device.

[0087] The previous data storage apparatus shown in FIG. 5 can be located in an end-user device. The end-user device can be a mobile phone, a tablet computer, etc., or the data storage apparatus can be located in a server. The server can be a separate device or a system that includes a plurality of devices, that is, a distributed server.

[0088] Based on the data query process shown in FIG. 2, correspondingly, an implementation of the present application further provides a data query apparatus, as shown in FIG. 6.

[0089] FIG. 6 is a schematic structural diagram illustrating another data query apparatus, according to an implementation of the present application. The apparatus includes the following: a first determining module 401, configured to determine a data query instruction, where the data query instruction carries an identifier; a second determining module 402, configured to determine a blockchain that corresponds to the identifier and a private key that corresponds to the identifier based on the identifier; and a query module 403, configured to perform a query after decrypting data in the blockchain based on the private key.

[0090] The second determining module 402 determines the private key based on a pre-stored mapping relationship between the identifier and a private key in a key pair, or sends a private key acquisition request to a specified device based on the identifier, and receives the returned private key.

[0091] The query module 403 determines, from a blockchain network storage node, each encrypted data packet that corresponds to the identifier in the blockchain; determines a most recently stored encrypted data packet based on a time sequence of storing the encrypted data packets, as an encrypted data packet that corresponds to the identifier; and performs a query after decrypting the encrypted data packet based on the private key.

[0092] The previous data query apparatus shown in FIG. 6 can be located in an end-user device. The end-user device can be a mobile phone, a tablet computer, etc., or the data storage apparatus can be located in a server. The server can be a separate device or a system that includes a plurality of devices, that is, a distributed server.

[0093] A person skilled in the art should understand that an implementation of the present invention can be provided as a method, a system, or a computer program product. Therefore, the present invention can use a form of hardware only implementations, software only implementations, or implementations with a combination of software and hardware. Moreover, the present invention can use a form of a computer program product that is implemented on one or more computer-usable storage media (including but not limited to a disk memory, a CD-ROM, an optical memory, etc.) that include computer-usable program code.

[0094] The present invention is described with reference to the flowcharts and/or block diagrams of the method, the device (system), and the computer program product based on the implementations of the present invention. It is worthwhile to note that computer program instructions can be used to implement each process and/or each block in the flowcharts and/or the block diagrams and a combination of a process and/or a block in the flowcharts and/or the block diagrams. These computer program instructions can be provided for a general-purpose computer, a dedicated computer, an embedded processor, or a processor of another programmable data processing device to generate a machine, so that the instructions executed by the computer or the processor of the another programmable data processing device generate a device for implementing a specific function in one or more processes in the flowcharts and/or in one or more blocks in the block diagrams.

[0095] These computer program instructions can be stored in a computer readable memory that can instruct the computer or the another programmable data processing device to work in a specific way, so that the instructions stored in the computer readable memory generate an artifact that includes an instruction apparatus. The instruction apparatus implements a specific function in one or more processes in the flowcharts and/or in one or more blocks in the block diagrams.

[0096] These computer program instructions can be loaded onto the computer or another programmable data processing device, so that a series of operations and steps are performed on the computer or the another programmable device, thereby generating computer-implemented processing. Therefore, the instructions executed on the computer or the another programmable device provide steps for implementing a specific function in one or more processes in the flowcharts and/or in one or more blocks in the block diagrams.

[0097] In a typical configuration, a computing device includes one or more processors (CPU), one or more input/output interfaces, one or more network interfaces, and one or more memories.

[0098] The memory can include a non-persistent memory, a random access memory (RAM), a non-volatile memory, and/or another form that are in a computer readable medium, for example, a read-only memory (ROM) or a flash memory (flash RAM). The memory is an example of the computer readable medium.

[0099] The computer readable medium includes persistent, non-persistent, movable, and unmovable media that can store information by using any method or technology. The information can be a computer readable instruction, a data structure, a program module, or other data. Examples of a computer storage medium include but are not limited to a phase-change random access memory (PRAM), a static random access memory (SRAM), a dynamic random access memory (DRAM), another type of random access memory (RAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a flash memory or another memory technology, a compact disc read-only memory (CD-ROM), a digital versatile disc (DVD) or another optical storage, a cassette magnetic tape, a magnetic tape/magnetic disk storage or another magnetic storage device. The computer storage medium can be used to store information accessible by the calculating device. Based on the definition in the present specification, the computer readable medium does not include transitory computer readable media (transitory media) such as a modulated data signal and carrier.

[0100] It is worthwhile to further note that, the terms "include", "contain", or their any other variants are intended to cover a non-exclusive inclusion, so a process, a method, a product or a device that includes a list of elements not only includes those elements but also includes other elements which are not expressly listed, or further includes elements inherent to such a process, method, product or device. Without more constraints, an element preceded by "includes a ..." does not preclude the existence of additional identical elements in the process, method, product or device that includes the element.

[0101] A person skilled in the art should understand that an implementation of the present application can be provided as a method, a system, or a computer program product. Therefore, the present application can use a form of hardware only implementations, software only implementations, or implementations with a combination of software and hardware. In addition, the present application can use a form of a computer program product that is implemented on one or more computer-usable storage media (including but not limited to a disk memory, a CD-ROM, an optical memory, etc.) that include computer-usable program code.

[0102] The previous implementations are implementations of the present application, and are not intended to limit the present application. A person skilled in the art can make various modifications and changes to the present application. Any modification, equivalent replacement, or improvement made without departing from the spirit and principle of the present application shall fall within the scope of the claims in the present application.


Claims

1. A data storage method, wherein the method comprises:

determining a data storage instruction, wherein the data storage instruction carries an identifier and data to be stored;

determining a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier based on the identifier; and

storing the data to be stored in the blockchain based on the key pair.


 
2. The method according to claim 1, wherein the storing the data to be stored in the blockchain comprises:
storing the data to be stored in the most recently generated data block in the blockchain.
 
3. The method according to claim 1, wherein the determining a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier comprises:

determining whether a blockchain that corresponds to the identifier exists in a blockchain network storage node based on a pre-stored mapping relationship between the identifier and each of the key pair and the blockchain;

in response to determining that the blockchain that corresponds to the identifier exists in the blockchain network storage node, determining a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier in the blockchain network storage node; and

in response to determining that the blockchain that corresponds to the identifier does not exist in the blockchain network storage node, generating a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier.


 
4. The method according to claim 3, wherein when it is determined that a blockchain that corresponds to the identifier exists, the storing the data to be stored in the blockchain based on the key pair comprises:

retrieving, from the blockchain network storage node, an encrypted data packet that corresponds to the identifier in the blockchain;

decrypting the encrypted data packet by using a private key in the key pair to obtain all data that corresponds to the identifier in the encrypted data packet;

updating all the data that corresponds to the identifier in the encrypted data packet based on the data to be stored, to obtain updated data;

encrypting the updated data as an updated encrypted data packet by using a public key in the key pair;

adding a time stamp to the updated encrypted data packet and storing the updated encrypted data packet and the time stamp in the blockchain; and

storing, in the blockchain network storage node, the blockchain that stores the updated encrypted data packet and the time stamp.


 
5. The method according to claim 3, wherein when it is determined that a blockchain that corresponds to the identifier does not exist, the storing the data to be stored in the blockchain based on the key pair comprises:

generating initial data that corresponds to the identifier based on the identifier;

updating the initial data based on the data to be stored to updated data;

generating the key pair that corresponds to the identifier, and encrypting the updated data as an encrypted data packet that corresponds to the identifier by using a public key in the key pair;

generating the blockchain that corresponds to the identifier, and storing the encrypted data packet in the blockchain; and

storing, in the blockchain network storage node, the blockchain that stores the updated encrypted data packet.


 
6. The method according to claim 5, wherein the generating the key pair that corresponds to the identifier comprises:
sending the generated key pair that corresponds to the identifier and the identifier to each predetermined device.
 
7. A data query method, comprising:

determining a data query instruction, wherein the data query instruction carries an identifier;

determining a blockchain that corresponds to the identifier and a private key that corresponds to the identifier based on the identifier; and

performing a query after decrypting data in the blockchain based on the private key.


 
8. The method according to claim 7, wherein the determining a private key that corresponds to the identifier based on the identifier comprises:

determining the private key based on a pre-stored mapping relationship between the identifier and a private key in a key pair; or

sending a private key acquisition request to a specified device based on the identifier, and receiving the returned private key.


 
9. The method according to claim 7, wherein the performing a query after decrypting data in the blockchain based on the private key comprises:

determining, from a blockchain network storage node, each encrypted data packet that corresponds to the identifier in the blockchain;

determining a most recently stored encrypted data packet based on a time sequence of storing the encrypted data packets, as an encrypted data packet that corresponds to the identifier; and

performing a query after decrypting the encrypted data packet based on the private key.


 
10. A data access system, wherein the system comprises several storage devices, several query devices, and several blockchain network storage nodes, wherein
the blockchain network storage node is configured to store a blockchain that corresponds to an identifier;
the storage device is configured to determine a data storage instruction, determine the blockchain that corresponds to the identifier and a key pair that corresponds to the identifier based on the identifier carried in the data storage instruction, and store data to be stored in the blockchain that corresponds to the identifier in the blockchain network storage node based on the key pair; and
the query device is configured to determine a data query instruction, determine a blockchain that corresponds to the identifier and a private key that corresponds to the identifier based on an identifier carried in the data query instruction, decrypt data in the blockchain by using the private key, and perform a query.
 
11. The system according to claim 10, wherein when generating the blockchain that corresponds to the identifier, one of the storage devices sends the generated key pair that corresponds to the identifier and the identifier to each specified storage device.
 
12. The system according to claim 11, wherein one of the storage devices determines the private key based on a pre-stored mapping relationship between the identifier and the private key in the key pair; or sending a private key acquisition request to the storage device based on the identifier, and receiving the returned private key.
 
13. A data storage apparatus, comprising:

a first determining module, configured to determine a data storage instruction, wherein the data storage instruction carries an identifier and data to be stored;

a second determining module, configured to determine a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier based on the identifier; and

a storage module, configured to store the data to be stored in the blockchain based on the key pair.


 
14. The apparatus according to claim 13, wherein the storage module stores the data to be stored in the most recently generated data block in the blockchain.
 
15. The apparatus according to claim 13, wherein the second determining module determines whether a blockchain that corresponds to the identifier exists in a blockchain network storage node based on a pre-stored mapping relationship between the identifier and each of the key pair and the blockchain; in response to determining that the blockchain that corresponds to the identifier exists in the blockchain network storage node, determines a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier in the blockchain network storage node; and in response to determining that the blockchain that corresponds to the identifier does not exist in the blockchain network storage node, generates a blockchain that corresponds to the identifier and a key pair that corresponds to the identifier.
 
16. The apparatus according to claim 15, wherein when the second determining module determines that a blockchain that corresponds to the identifier does not exist, the storage module generates initial data that corresponds to the identifier based on the identifier; updates the initial data based on the data to be stored to updated data; generates the key pair that corresponds to the identifier, and encrypts the updated data as an encrypted data packet that corresponds to the identifier by using a public key in the key pair; generates the blockchain that corresponds to the identifier, and stores the encrypted data packet in the blockchain; and stores, in the blockchain network storage node, the blockchain that stores the updated encrypted data packet.
 
17. The apparatus according to claim 16, wherein the second determining module sends the generated key pair that corresponds to the identifier and the identifier to each predetermined device.
 
18. A data query apparatus, comprising:

a first determining module, configured to determine a data query instruction, wherein the data query instruction carries an identifier;

a second determining module, configured to determine a blockchain that corresponds to the identifier and a private key that corresponds to the identifier based on the identifier; and

a query module, configured to perform a query after decrypting data in the blockchain based on the private key.


 
19. The apparatus according to claim 18, wherein the second determining module determines the private key based on a pre-stored mapping relationship between the identifier and a private key in a key pair, or sends a private key acquisition request to a specified device based on the identifier, and receives the returned private key.
 
20. The apparatus according to claim 18, wherein the query module determines, from a blockchain network storage node, each encrypted data packet that corresponds to the identifier in the blockchain; determines a most recently stored encrypted data packet based on a time sequence of storing the encrypted data packets, as an encrypted data packet that corresponds to the identifier; and performs a query after decrypting the encrypted data packet based on the private key.
 




Drawing
















Search report