Data validation method and apparatus

By matching the generation time of the data to be verified with a preset data table and verifying the generation time using a trusted timestamp, the reliability problem of the operation of changing the relationship between data in the prior art is solved, and the reliability verification of the data is realized.

CN114254337BActive Publication Date: 2026-06-23ALIBABA CLOUD COMPUTING CO LTD +1

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
ALIBABA CLOUD COMPUTING CO LTD
Filing Date
2021-11-09
Publication Date
2026-06-23

Smart Images

  • Figure CN114254337B_ABST
    Figure CN114254337B_ABST
Patent Text Reader

Abstract

Embodiments of the present specification provide a data verification method and device, wherein the data verification method comprises: obtaining to-be-verified data, a generation time of the to-be-verified data and a preset data table; performing data matching on the to-be-verified data by using the preset data table, and if the data matching is successful, determining that the existence verification of the to-be-verified data is successful; obtaining a target trusted timestamp from a time ledger, and if it is determined by using the target trusted timestamp that the generation time meets a preset trusted condition, determining that the timeliness of the to-be-verified data is successful. The present scheme can realize more reliable data verification.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] The embodiments in this specification relate to the field of data verification technology, and in particular to a data verification method. Background Technology

[0002] To ensure data reliability, data management requires verifying data credibility. Specifically, this involves verifying the existence and timeliness of the data. Existence refers to the credibility of the content the data represents, while timeliness refers to the credibility of when the data was generated.

[0003] In related technologies, the above verification typically only applies to operations that generate new data. For example, adding a new piece of data or updating one piece of data to another. However, for data management purposes, operations may also change the relationships between data points, such as merging multiple data points into a new table or changing the order of different data. Therefore, the above verification scheme cannot guarantee the reliability of data obtained through operations that change the relationships between data points, such as the aforementioned new data table. Therefore, a more reliable solution is needed. Summary of the Invention

[0004] In view of this, embodiments of this specification provide a data verification method. One or more embodiments of this specification also relate to a data verification apparatus, a computing device, a computer-readable storage medium, and a computer program, to address the technical deficiencies existing in the prior art.

[0005] According to a first aspect of the embodiments of this specification, a data verification method is provided, comprising:

[0006] Acquire the data to be verified, the generation time of the data to be verified, and a preset data table, wherein the preset data table is pre-established based on the relationship between the data.

[0007] Based on the data to be verified, data matching is performed using the preset data table. If the matching is successful, the existence verification of the data to be verified is successful.

[0008] The target trusted timestamp is obtained from the time ledger. If the generation time is determined to meet the preset trusted conditions using the target trusted timestamp, then the timeliness verification of the data to be verified is successful. The time ledger records multiple trusted timestamps that have been certified by the trusted time synchronization center.

[0009] Optionally, the step of performing data matching based on the data to be verified using the preset data table includes:

[0010] Determine the target source information of the data to be verified;

[0011] Based on the target tracing information, determine the target original data that makes up the data to be verified;

[0012] The target raw data and the preset data table are matched. If the match is successful, the existence of the data to be verified is confirmed to be successfully verified.

[0013] Optionally, the preset data table stores a reference summary;

[0014] The determination of the target source information for the data to be verified includes:

[0015] Obtain the target summary of the data to be verified;

[0016] The reference digest is matched with the target digest. If the match is successful, the target data identifier of the data to be verified is determined. The target traceability information corresponding to the target data identifier is searched from the pre-stored correspondence between traceability information and data identifier.

[0017] Optionally, the preset data table is a tree structure, the root node of the preset data table stores a reference summary obtained based on the data corresponding to all child nodes of the root node, and each child node of the preset data table stores a reference summary of the data corresponding to the child node.

[0018] The matching of the reference digest with the target digest includes:

[0019] Starting from the layer where the child node storing the target summary is located, the preset data table is traversed to the root node to obtain the sibling reference summary stored by the sibling node of the specified node in each layer;

[0020] The target digest and the obtained sibling reference digests are used as the digests to be matched. The digests to be matched are compared with the reference digests stored in the root node. If they are the same, it is determined that the preset data table and the target digest are successfully matched.

[0021] Optionally, the target trusted timestamp includes a first target trusted timestamp and a second target trusted timestamp;

[0022] Obtaining the target trusted timestamp from the time ledger includes:

[0023] Find the first and second target trusted timestamps in the time ledger that match the specified conditions of the relationship between the data to be verified;

[0024] If the generation time is determined to meet the preset trust conditions using the target trusted timestamp, then the timeliness verification of the data to be verified is successful, including:

[0025] Determine whether the generation time is greater than the first target trusted timestamp and whether the generation time is less than the second target trusted timestamp;

[0026] If so, then the timeliness verification of the data to be verified is confirmed to be successful.

[0027] Optionally, determining the target original data constituting the data to be verified based on the target tracing information includes:

[0028] The target tracing information is parsed to obtain candidate original data of the data to be verified.

[0029] Determine whether the candidate original data contains traceability information;

[0030] If it does not exist, then the candidate original data is determined to be the target original data;

[0031] If it exists, the source data information of the candidate original data is parsed to obtain the candidate original data of the data to be verified, and the process is returned to determine whether the candidate original data has source information based on the above.

[0032] Optionally, the step of performing data matching based on the data to be verified using the preset data table includes:

[0033] The preset data table is matched with the data to be verified. If the match is successful, the existence of the data to be verified is confirmed to be successfully verified.

[0034] Optionally, the preset data table is a tree structure, the root node of the preset data table stores a reference summary obtained based on the data corresponding to all child nodes of the root node, and each child node of the preset data table stores a reference summary of the data corresponding to the child node.

[0035] The matching of the preset data table with the data to be verified includes:

[0036] Obtain the target summary of the data to be verified;

[0037] Starting from the layer where the child node storing the target summary is located, the preset data table is traversed to the root node to obtain the sibling reference summary stored by the sibling node of the specified node in each layer;

[0038] The target digest and the obtained sibling reference digests are used as the digests to be matched. The digests to be matched are compared with the reference digests stored in the root node. If they are the same, it is determined that the preset data table and the data to be verified are successfully matched.

[0039] Optionally, obtaining the data to be verified includes:

[0040] Obtain the target's raw data within a Trusted Execution Environment (TEE);

[0041] Perform target operations corresponding to the target association on the original target data to obtain the data to be verified.

[0042] According to a second aspect of the embodiments of this specification, a data verification apparatus is provided, comprising:

[0043] The data acquisition module is configured to acquire the data to be verified, the generation time of the data to be verified, and a preset data table, wherein the preset data table is pre-established based on the relationship between the data.

[0044] The existence verification module is configured to perform data matching based on the data to be verified using the preset data table. If the matching is successful, the existence verification of the data to be verified is determined to be successful.

[0045] The time-based verification module is configured to obtain a target trusted timestamp from the time ledger. If the generation time is determined to meet the preset trusted conditions using the target trusted timestamp, then the time-based verification of the data to be verified is successful. The time ledger records multiple trusted timestamps that have been certified by a trusted time synchronization center.

[0046] Optionally, the existence verification module is further configured to:

[0047] Determine the target source information of the data to be verified;

[0048] Based on the target tracing information, determine the target original data that makes up the data to be verified;

[0049] The target raw data and the preset data table are matched. If the match is successful, the existence of the data to be verified is confirmed to be successfully verified.

[0050] Optionally, the target trusted timestamp includes a first target trusted timestamp and a second target trusted timestamp;

[0051] The time-based verification module is further configured as follows:

[0052] Find the first and second target trusted timestamps in the time ledger that match the specified conditions of the relationship between the data to be verified;

[0053] Determine whether the generation time is greater than the first target trusted timestamp and whether the generation time is less than the second target trusted timestamp;

[0054] If so, then the timeliness verification of the data to be verified is confirmed to be successful.

[0055] Optionally, the existence verification module is further configured to...

[0056] The preset data table is matched with the data to be verified. If the match is successful, the existence of the data to be verified is confirmed to be successfully verified.

[0057] Optionally, the data acquisition module is further configured to:

[0058] Obtain the target's raw data within a Trusted Execution Environment (TEE);

[0059] Perform target operations corresponding to the target association on the original target data to obtain the data to be verified.

[0060] According to a third aspect of the embodiments of this specification, a computing device is provided, comprising:

[0061] Memory and processor;

[0062] The memory is used to store computer-executable instructions, and the processor is used to implement any of the steps of the data verification method when executing the computer-executable instructions.

[0063] According to a fourth aspect of the embodiments of this specification, a computer-readable storage medium is provided that stores computer-executable instructions, which, when executed by a processor, implement the steps of any one of the data verification methods described herein.

[0064] According to a fifth aspect of the embodiments of this specification, a computer program is provided, wherein when the computer program is executed in a computer, it causes the computer to perform the steps of the above-described data verification method.

[0065] One embodiment of this specification implements the following: obtaining data to be verified, the generation time of the data to be verified, and a preset data table; based on the data to be verified, data matching is performed using the preset data table; if the matching is successful, the existence verification of the data to be verified is confirmed; a target trusted timestamp is obtained from the time ledger; if the generation time is determined to meet the preset trusted conditions using the target trusted timestamp, the timeliness verification of the data to be verified is confirmed. The preset data table is a data table pre-established based on the relationships between data. Therefore, for data to be verified obtained by operations that change the relationships between data, data matching is performed using the preset data table based on the data to be verified. If the matching is successful, it indicates that the operations used to obtain the relationships between the changed data to obtain the data to be verified exist and are reliable; correspondingly, the data to be verified obtained through this operation is reliable. Therefore, the existence verification of the data to be verified can be confirmed. Furthermore, the time ledger records multiple trusted timestamps certified by a trusted time synchronization center; therefore, a target trusted timestamp can be obtained from the time ledger. If the generation time is determined to meet the preset trusted conditions using the target trusted timestamp, it indicates that the generation time of the data to be verified is reliable; therefore, the timeliness verification of the data to be verified can be confirmed. As can be seen, this solution can verify the existence and timeliness of data obtained by changing the relationships between data, thus improving the reliability of data verification. Attached Figure Description

[0066] Figure 1 This is a flowchart of a data verification method provided in one embodiment of this specification;

[0067] Figure 2 This is an example diagram illustrating the relationship between the target raw data and the data to be verified in a data verification method provided in one embodiment of this specification.

[0068] Figure 3 This is an example diagram of sibling nodes in a data verification method provided in one embodiment of this specification;

[0069] Figure 4 This is an example diagram illustrating a data verification method provided in one embodiment of this specification, showing a processing scenario.

[0070] Figure 5 This is a flowchart illustrating a data verification method provided in one embodiment of this specification;

[0071] Figure 6 This is a schematic diagram of the structure of a data verification device provided in one embodiment of this specification;

[0072] Figure 7 This is a structural block diagram of a computing device provided in one embodiment of this specification. Detailed Implementation

[0073] Many specific details are set forth in the following description to provide a full understanding of this specification. However, this specification can be implemented in many other ways than those described herein, and those skilled in the art can make similar extensions without departing from the spirit of this specification. Therefore, this specification is not limited to the specific implementations disclosed below.

[0074] The terminology used in one or more embodiments of this specification is for the purpose of describing particular embodiments only and is not intended to be limiting of the one or more embodiments of this specification. The singular forms “a,” “described,” and “the” as used in one or more embodiments of this specification and the appended claims are also intended to include the plural forms unless the context clearly indicates otherwise. It should also be understood that the term “and / or” as used in one or more embodiments of this specification refers to and includes any or all possible combinations of one or more associated listed items.

[0075] It should be understood that although the terms first, second, etc., may be used to describe various information in one or more embodiments of this specification, such information should not be limited to these terms. These terms are only used to distinguish information of the same type from one another. For example, first may also be referred to as second without departing from the scope of one or more embodiments of this specification, and similarly, second may also be referred to as first. Depending on the context, the word "if" as used herein may be interpreted as "when," "when," or "in response to a determination."

[0076] First, the terms and concepts used in one or more embodiments of this specification will be explained.

[0077] Tuple: A fundamental concept in relational databases. A relation is a table, and each row in the table is a tuple; that is, a single record in the database is a tuple.

[0078] Trusted Execution Environment (TEE): A secure execution environment isolated from the outside world, which can protect the code and data within the environment from being leaked or maliciously tampered with.

[0079] Software Guard Extensions (SGX): A set of security instructions provided by the processor (CPU, Intel Central Processing Unit) that provides a secure, isolated execution environment for applications. It is a technical implementation of TEE.

[0080] Field Programmable Gate Array (FPGA): A type of custom programmable circuit that can implement a TEE environment by programming on the FPGA.

[0081] Trusted timestamps: These are designated times for electronic data that have been certified by a trusted time service center, such as generation time, signing time, submission time, etc. Each certified trusted timestamp corresponds to a trusted time certificate. Trusted timestamps prevent the forgery and alteration of the authentication time of electronic data, effectively addressing the question of how electronic data can be equated with traditional written evidence, and complying with the relevant provisions of the Electronic Signature Law.

[0082] Blockchain, also known as a distributed ledger, is a decentralized distributed database characterized by decentralization, transparency, immutability, and trustworthiness. Every piece of data in a blockchain is broadcast to all blockchain nodes, and each node has complete and consistent data.

[0083] Block: Each block records the hash value of the previous block (e.g., a hash value), as well as the set of transactions in the current block and its hash value, among other basic data. Each block has the hash value of the previous block, and blocks can be linked together pairwise using these hash values ​​to form a blockchain. Transactions in the blockchain are the data received by the blockchain.

[0084] Data content: refers to the data itself, which can specifically be a string of binary data.

[0085] Merkle tree: A type of binary tree where the leaf nodes typically store hash values ​​of the data; therefore, Merkle trees are sometimes also referred to as hash trees.

[0086] SS-table: A data structure used to handle large amounts of sorted data. Use cases include: needing to efficiently store large amounts of key-value pairs; data being written sequentially; requiring efficient sequential read / write operations; and where random access is not required or its performance is not critical.

[0087] This specification provides a data verification method, and also relates to a data verification device, a computing device, and a computer-readable storage medium, which will be described in detail in the following embodiments.

[0088] Figure 1 A flowchart of a data verification method according to an embodiment of this specification is shown, which specifically includes the following steps.

[0089] S102, obtain the data to be verified, the generation time of the data to be verified, and a preset data table. The preset data table is pre-established based on the relationship between the data.

[0090] In practical applications, the data to be verified can be of various types. For example, the data to be verified can be data from a data table obtained by merging different data tables, such as SStable, or data from a data table that stores data in the form of tables. Each data table stores tuples, and the number of stored tuples can be one or more. Furthermore, there are various ways to obtain the data to be verified, which are described in detail below using optional embodiments.

[0091] In one optional implementation, the process of obtaining the data to be verified may specifically include the following steps:

[0092] Read the data to be verified from the specified storage area.

[0093] The designated storage area may include: a storage area within the computing device executing the data verification method provided in this specification, where the data to be verified received by the computing device is stored; or data generated by the computing device itself. The received data may be sent by a client, another computing device, a management server, or other devices.

[0094] In another optional implementation, the acquisition of the data to be verified described above may specifically include the following steps:

[0095] Obtain the target's raw data within a Trusted Execution Environment (TEE);

[0096] Perform target operations on the original target data that correspond to the target's relationship to obtain the data to be verified.

[0097] In practical applications, SGX instructions can be executed on a computing device. Upon successful execution of the SGX instructions, a Trusted Execution Environment (TEE) can be obtained on that computing device, allowing the execution of the steps described in this embodiment. Alternatively, a designated FPGA can be used as a programming device, and the steps of this embodiment can be executed on the FPGA. Furthermore, performing target operations corresponding to the target's association with the original target data yields the data to be verified, effectively generating the data to be verified. In other words, this embodiment can utilize the TEE during the generation of the data to be verified, but not during the verification process. This ensures that the data to be verified is generated through trusted target operations. For example, it guarantees that merging different data tables is a trusted operation. Therefore, the reliability of subsequent verification of the data to be verified using the data verification method provided in this specification can be further improved.

[0098] Furthermore, the target operation corresponding to the target relationship can be multiple. For example, if the target relationship is parallel, then the target operation is a merge operation. Specifically, the merge operation can be adding different data to a data table and sorting the merged data table, or concatenating different data, etc.

[0099] Any method that can obtain the data to be verified can be used in this specification, and this embodiment does not limit it.

[0100] Furthermore, obtaining the generation time of the data to be verified can include: reading the generation time carried in the data to be verified, or obtaining the data identifier of the data to be verified, finding the correspondence between the preset data identifier and the generation time, and obtaining the generation time corresponding to the data identifier of the data to be verified. Moreover, there can be multiple ways to obtain the preset data table. For example, if there is only one preset data table, it can be read directly. For instance, if the relationship between the data is a merging relationship, a preset data table storing each merged data and the merged data can be created based on this merging relationship. Alternatively, if there are multiple preset data tables, the data identifier of the data to be verified can be obtained, and the preset data table corresponding to that data identifier can be found. For example, a preset data table can be created for different projects based on the relationships between the data generated by that project.

[0101] S104. Based on the data to be verified, perform data matching using a preset data table. If the matching is successful, the existence of the data to be verified is confirmed to be successfully verified.

[0102] In practical applications, there are various ways to perform data matching based on the data to be verified using a preset data table. For example, one can obtain the source information of the data to be verified, retrieve the target original data based on the source information, and then perform data matching on the target original data, the data to be verified, and the preset data table; alternatively, one can directly perform data matching on the data to be verified and the preset data table. For ease of understanding and logical layout, the specific process of performing data matching based on the data to be verified using a preset data table will be described below in the form of optional embodiments.

[0103] S106. Obtain the target trusted timestamp from the time ledger. If the generation time is determined to meet the preset trusted conditions using the target trusted timestamp, then the timeliness verification of the data to be verified is successful. The time ledger records multiple trusted timestamps that have been certified by the trusted time service center.

[0104] Here, "generation time" refers to the generation time of the data to be verified, which can be the time when the data to be verified is written to the disk, or the time when the data to be verified is generated, etc. In specific applications, the specific implementation of step S106 varies depending on the specific implementation of step S104. For ease of understanding and reasonable layout, the implementation of step S106 will be specifically described in the following optional embodiments.

[0105] In one embodiment of this specification, the preset data table is a pre-established data table based on the relationships between data. Therefore, for the data to be verified obtained by the operation of changing the relationships between data, data matching is performed using the preset data table based on the data to be verified. If the matching is successful, it indicates that the operation used to obtain the relationship between the changed data to obtain the data to be verified exists and is reliable. Accordingly, the data to be verified obtained through this operation is reliable. Therefore, the existence verification of the data to be verified can be determined to be successful. Furthermore, the time ledger records multiple trusted timestamps certified by the trusted time synchronization center. Therefore, the target trusted timestamp can be obtained from the time ledger. If the generation time is determined using the target trusted timestamp to meet the preset trusted conditions, it indicates that the generation time of the data to be verified is reliable. Therefore, the timeliness verification of the data to be verified can be determined to be successful. It can be seen that this solution can verify the existence and timeliness of data obtained by the operation of changing the relationships between data, thus improving the reliability of data verification.

[0106] In one optional implementation, the above-mentioned data matching based on the data to be verified using a preset data table may specifically include the following steps:

[0107] Determine the target source information for the data to be verified;

[0108] Based on the target tracing information, determine the original target data that makes up the data to be verified;

[0109] The target raw data is matched with the preset data table. If the match is successful, the existence of the data to be verified is confirmed to be successfully verified.

[0110] This embodiment verifies the existence of the data to be verified by matching the target original data that makes up the data to be verified with a preset data table. If the target original data and the preset data table match successfully, it indicates that the target original data that makes up the data to be verified, obtained through tracing the data to be verified, is reliable data. Therefore, the existence verification of the data to be verified can be confirmed as successful. For example, merging target original data SStable1 and SSTable2 to obtain data to be verified SStable3, if target original data SSTable1 and SSTable2 are reliable data, then the data to be verified SStable3 obtained by merging the reliable data is also very likely to be reliable data.

[0111] Here, target tracing information refers to information indicating the source of the data to be verified. Furthermore, there are various ways to determine the original target data that constitutes the data to be verified based on the target tracing information; the following description uses optional embodiments.

[0112] In one optional implementation, determining the target original data that constitutes the data to be verified based on the target tracing information may specifically include the following steps:

[0113] If the target tracing information contains the original target data that makes up the data to be verified, then the original target data is read from the target tracing information.

[0114] In another optional implementation, determining the target original data that constitutes the data to be verified based on the target traceability information may specifically include the following steps:

[0115] If the target traceability information contains the data identifier of the target original data that makes up the data to be verified, then the data identifier of the target original data can be read from the target traceability information, and the target original data corresponding to the data identifier can be found from the pre-stored correspondence between the data identifier and the original data.

[0116] In another alternative implementation, determining the target original data that constitutes the data to be verified based on the target traceability information may specifically include the following steps:

[0117] Analyze the target tracing information to obtain candidate raw data for the data to be verified;

[0118] Determine whether the candidate raw data has traceability information;

[0119] If it does not exist, then the candidate original data is determined to be the target original data;

[0120] If it exists, the source data information of the candidate original data is parsed to obtain the candidate original data of the data to be verified, and the process of determining whether the candidate original data has source information is returned.

[0121] In practical applications, the original data that makes up the data to be verified may be obtained by processing other data, such as by merging them. Therefore, to further improve the reliability of data verification, the original data obtained by parsing the target traceability information can be used as candidate original data for the data to be verified, and then candidate original data without traceability information can be identified as the target original data. This reduces the risk of the target original data itself being unreliable.

[0122] Furthermore, there are various ways to determine the target traceability information of the data to be verified, which will be specifically described below in the form of optional embodiments.

[0123] In one optional implementation, determining the target source information of the data to be verified may specifically include the following steps:

[0124] If the data to be verified carries traceability information, then the data to be verified is parsed to obtain the target traceability information.

[0125] In another optional implementation, the determination of the target source information of the data to be verified may specifically include the following steps:

[0126] Obtain the data identifier of the data to be verified, find the correspondence between the preset data identifier and the traceability information, and obtain the target traceability information corresponding to the data identifier of the data to be verified.

[0127] The data identifier of the data to be verified can be the signature information of the data to be verified.

[0128] Furthermore, to further improve the reliability of the data verification method provided in the embodiments of this specification, the data to be verified can be verified before determining the target traceability information of the data to be verified. In an optional implementation, if the data identifier of the data to be verified is signature information, the existence of the signature information can be verified. For example, if the signature information is found in the version record file sstable file1 of the data table, the existence verification of the signature information is successful, and the step of determining the target traceability information of the data to be verified can be performed.

[0129] In another alternative implementation, the aforementioned preset data table stores a reference summary;

[0130] Accordingly, determining the target source information of the data to be verified may specifically include the following steps:

[0131] Obtain a target summary of the data to be verified;

[0132] The reference abstract is matched with the target abstract. If the match is successful, the target data identifier of the data to be verified is determined. The target traceability information corresponding to the target data identifier is searched from the pre-stored correspondence between traceability information and data identifier.

[0133] Specifically, the reference digest stored in the preset data table can be either a hash value of the reference digest or the reference digest itself. The reference digest refers to a digest of data with the aforementioned association. Furthermore, determining the target data identifier of the data to be verified can specifically include: reading the data identifier contained in the data to be verified to obtain the target data identifier; or, processing the data to be verified using a preset hash algorithm to obtain the target data identifier, i.e., the target data identifier is a hash value (key).

[0134] This embodiment verifies the data content of the data to be verified by matching the reference digest with the target digest. This ensures a dual existence verification of both the data to be verified (which is itself the data content) and the target original data that constitutes the data to be verified. Therefore, this embodiment further improves the reliability of the data verification method provided in this specification through dual existence verification.

[0135] Furthermore, there are various ways to match the reference abstract with the target abstract, which will be specifically described below in the form of optional embodiments.

[0136] In one optional implementation, the above-described matching of the reference digest and the target digest may specifically include the following steps:

[0137] Compare the reference abstract with the target abstract; if they are the same, the match is successful.

[0138] In another optional implementation, the above-mentioned preset data table is a tree structure. The root node of the preset data table stores a reference summary obtained based on the data corresponding to all child nodes of the root node, and each child node of the preset data table stores a reference summary of the data corresponding to that child node.

[0139] Accordingly, the matching of the reference abstract with the target abstract can specifically include the following steps:

[0140] Starting from the layer where the child node of the target summary is located, traverse the preset data table to the root node to obtain the sibling reference summary stored by the sibling node of the specified node in each layer.

[0141] The target digest and the obtained sibling reference digests are used as the digests to be matched. The digests to be matched are compared with the reference digests stored in the root node. If they are the same, it is determined that the preset data table and the target digest are successfully matched.

[0142] For example, such as Figure 2 In one embodiment of this specification, a data verification method is provided, and an example diagram illustrating the relationship between the target raw data and the data to be verified is shown: The preset data table is... Figure 2 The tree structure shown stores the target digest of the data to be verified in the form of a hash value in the target child node 20. The relationship between the target original data and the data to be verified, determined by the tracing information, is parallel: merging means that merging at least two target original data sets yields the data to be verified. Therefore, the digests of the two target original data sets are stored as hash values ​​in child nodes 02 and 03, respectively, at the same level as the target child node. Furthermore, the matching method for the target digests in this embodiment ensures that the sibling reference digests contain the reference digests corresponding to child nodes 02 and 03, respectively. Therefore, matching the target original data with the preset data table can specifically involve searching for the hash value of the target original data's digest in the preset data table; if found, the match is successful.

[0143] Within this hierarchy, nodes belonging to the same layer are sibling nodes. Specific nodes include: the child node storing the target summary (i.e., the target child node), and the root node of each layer within the branch containing the target child node. For example... Figure 2 As shown, the sibling nodes of the specified nodes in the layer where the child node storing the target summary is located are the sibling nodes of the target child node: the third-level sibling nodes; during the traversal of the preset data table from the layer where the child node storing the target summary is located to the root node, the sibling nodes of the specified nodes in the second layer are the sibling nodes of the root node of the target child node: the second-level sibling nodes; and so on, the sibling nodes of the specified nodes in the first layer are the sibling nodes of the root node of the second-level sibling nodes: the first-level sibling nodes. Thus, the sibling reference summaries and the target summary obtained after the above traversal contain summaries of all child nodes of the preset data table. Therefore, the target summary and the obtained sibling reference summaries are used as the summaries to be matched. The summaries to be matched are compared with the reference summaries stored in the root node. If they are the same, it indicates that the summary content stored in the target child node is correct. Therefore, it can be determined that the preset data table and the target summary are successfully matched. Furthermore, the form of the summaries to be matched can be various. For example, the summaries to be matched can be in the form of an array, with each sibling reference summary and the target summary being an element of the array; or, the sibling reference summaries and the target summary can be concatenated to obtain the summaries to be matched.

[0144] The matching method provided in this embodiment can verify the data to be verified and the target original data by matching the data to be verified with the preset data table. This eliminates the need to repeatedly verify whether the summary of the target original data matches the preset data table, thus achieving a dual improvement in the reliability and efficiency of data verification.

[0145] In one optional implementation, the aforementioned target trusted timestamp includes a first target trusted timestamp and a second target trusted timestamp;

[0146] Accordingly, obtaining the target trusted timestamp from the time ledger can specifically include the following steps:

[0147] Find the first and second target trusted timestamps in the time ledger that match the specified conditions of the relationship between the data to be verified;

[0148] Accordingly, if the generation time determined by using the target trusted timestamp meets the preset trusted conditions, then the timeliness verification of the data to be verified is successful. Specifically, this can include the following steps:

[0149] Determine whether the generation time is greater than the trusted timestamp of the first target and whether the generation time is less than the trusted timestamp of the second target;

[0150] If so, then the time-related verification of the data to be verified is confirmed to be successful.

[0151] In practical applications, if the time ledger interweaves trusted timestamps and data in chronological order, the aforementioned specified conditions can include: taking the trusted timestamp preceding the data to be verified from two adjacent trusted timestamps in the time ledger, and using the trusted timestamp following the data to be verified as the second target trusted timestamp. Since the data to be verified is obtained from multiple target raw data, if the generation time of the data to be verified is trusted, there must exist trusted timestamps earlier than that generation time. Therefore, the above method of determining target trusted timestamps can improve the reliability of time-based verification.

[0152] Furthermore, the fact that the generation time is greater than the first target trusted timestamp ensures that the generation time of the data to be verified conforms to natural laws. Based on this, the generation time being less than the second target trusted timestamp indicates that the generation time of the data to be verified has a temporally reliable proof. Therefore, since the generation time of the data to be verified satisfies the size conditions corresponding to the two target trusted timestamps, the temporality verification of the data to be verified can be confirmed as successful. It is evident that this embodiment can directly utilize the already certified target trusted timestamp to verify the temporal reliability of the time to be verified, thereby reducing the risk of data unreliability during the waiting process due to the lack of a trusted timestamp or the need for trusted timestamp authentication of the data to be verified, and improving the reliability and efficiency of data verification.

[0153] In one optional implementation, the above-mentioned data matching based on the data to be verified using a preset data table may specifically include the following steps:

[0154] The system matches the preset data table with the data to be verified. If the match is successful, the existence of the data to be verified is confirmed.

[0155] This embodiment is equivalent to verifying the data content of the data to be verified, which is itself the data to be verified. If the preset data table matches the data to be verified successfully, it indicates that the data to be verified is reliable, and therefore, the existence verification of the data to be verified can be confirmed as successful. In this way, the efficiency of the existence verification of the data to be verified can be improved.

[0156] Furthermore, there are various ways to match the preset data table with the data to be verified, which will be specifically described below in the form of optional embodiments.

[0157] In one optional implementation, the above-mentioned matching of the preset data table with the data to be verified may specifically include the following steps:

[0158] The system searches for the data to be verified in a preset data table. If the data is found, the match is considered successful.

[0159] In another optional implementation, the above-mentioned preset data table is a tree structure. The root node of the preset data table stores a reference summary obtained based on the data corresponding to all child nodes of the root node, and each child node of the preset data table stores a reference summary of the data corresponding to that child node.

[0160] Accordingly, the matching of the preset data table with the data to be verified can specifically include the following steps:

[0161] Obtain a target summary of the data to be verified;

[0162] Starting from the layer where the child node of the target summary is located, traverse the preset data table to the root node to obtain the sibling reference summary stored by the sibling node of the specified node in each layer.

[0163] The target digest and the obtained sibling reference digests are used as the digests to be matched. The digests to be matched are compared with the reference digests stored in the root node. If they are the same, it is determined that the preset data table and the data to be verified are successfully matched.

[0164] This embodiment, based on the located data to be verified, further verifies the content of the data to be verified for errors through sibling reference digests and the digest stored in the root node, thereby improving the reliability of data verification. For example, as shown... Figure 3In one embodiment of this specification, a data verification method is provided, as shown in the example diagram of sibling nodes: the target digest of the data to be verified is stored in the target child node in the form of a hash value of 20. The sibling node of the specified node in the layer where the child node storing the target digest is located is the sibling node of the target child node: the third-level sibling node; during the traversal of the preset data table to the root node, the sibling node of the specified node in the second layer is the sibling node of the root node of the target child node: the second-level sibling node; and so on, the sibling node of the specified node in the first layer is the sibling node of the root node of the second-level sibling node: the first-level sibling node. Thus, the sibling reference digests and target digests obtained after the above traversal contain the digests of all child nodes of the preset data table. This embodiment is similar to the above. Figure 2 The implementation method is similar, except that it does not perform source tracing and matching of the original target data; therefore, it does not involve target source tracing information. For the same parts, please refer to the above. Figure 2 The description of the embodiments will not be repeated here.

[0165] For example, such as Figure 4 An example diagram illustrating a data verification method provided in one embodiment of this specification shows a data verification method that may include the following verification steps:

[0166] Verification Step 1: Determine that the data identifier ssTB-20 of the data to be verified exists in the tuple version file sstablefile1;

[0167] Verification Step 2: Determine whether the hash value of the digest of the above data to be verified matches the Merkle tree;

[0168] Verification Step 3: Determine that the hash value of the summary of the data to be verified belongs to node 20 between trusted timestamps T3 and T4.

[0169] In practical applications, the data identifier of the data to be verified can be the version signature of the tuple, and the tuple version file can be the latest version file. Therefore, the output of verification step 1, i.e., the return result, can be the existence proof (receipt) of the tuple version signature. The output of verification step 2, i.e., the return result, can be the storage path of the data to be verified on the Merkle tree. The Merkle path can specifically include the target digest and its sibling reference digest, as well as the matching result of the target digest: the target digest and its sibling reference digest are used as the digest to be matched, and the matching result of the digest to be matched and the digest stored in the root node of the Merkle tree. The output of verification step 3, i.e., the return result, can be the hash value of node 20, the existence paths of T3 and T4 in Timeledger, and the trusted time certificates of T3 and T4. Among them, the hash value of node 20, and the existence paths of T3 and T4 in Timeledger can include: the generation time of the hash value of node 20, i.e., the generation time of the data to be verified, is to the right of T3 and to the left of T4. In another scenario, to avoid excessive differences between the generation time and T3 and T4, and to further improve reliability, the generation time of the data to be verified is to the right of T3, and the difference between it and T3 is less than or equal to a first preset threshold; the generation time of the data to be verified is to the left of T4, and the difference between it and T4 is less than or equal to a second preset threshold. The first and second preset thresholds can be set according to specific needs, and this embodiment does not impose any restrictions on them.

[0170] In addition, this embodiment is similar to the one described above. Figure 1 In the embodiments and some optional embodiments, steps that have the same function are considered the same step, differing only in their description. Repeated descriptions of the identical parts are omitted here; please refer to the above for details. Figure 1 Description of the same steps in the embodiments and some optional embodiments.

[0171] The following is in conjunction with the appendix Figure 5 According to this instruction manual Figure 1 Taking the integration scheme of the data verification method provided in some optional embodiments as an example, the data verification method will be further explained. Among them, Figure 5 The present specification provides a flowchart illustrating a data verification method according to an embodiment, which includes the following steps:

[0172] S502, obtain the data to be verified, the generation time of the data to be verified, and a preset data table. The preset data table is pre-established based on the relationship between the data.

[0173] S504, determine the target traceability information of the data to be verified; based on the target traceability information, determine the target original data that makes up the data to be verified.

[0174] S506, Match the target raw data with the preset data table. If the match is successful, the existence verification of the data to be verified is successful.

[0175] S508, find the first target trusted timestamp and the second target trusted timestamp from the time ledger that meet the specified conditions of the relationship between the data to be verified and the data.

[0176] S510, determine whether the generation time is greater than the first target trusted timestamp, and whether the difference between the generation time and the second target trusted timestamp is less than or equal to a preset threshold; if so, proceed to step S512.

[0177] S512, confirming that the timeliness verification of the data to be verified was successful.

[0178] S514, Match the preset data table with the data to be verified. If the match is successful, the existence of the data to be verified is confirmed to be successfully verified, and step S508 is executed.

[0179] In this embodiment, the branch starting in step S504 and the branch starting in step S514 are two parallel solutions, and either one can be selected for execution in specific applications. Furthermore, the steps in this embodiment are similar to those described above. Figure 1 The same steps are described in the embodiments and optional embodiments, and will not be repeated here.

[0180] In practical applications, the branch starting at step S504 is equivalent to verifying that the data to be verified, such as the file file1 to which the tuple to be verified belongs, is obtained by merging (compacting) multiple original files. To this end, the target original tuple can be found in the child nodes, i.e., leaf nodes, of the Merkle tree. Specifically, this returns the target source information and the matching results (merkle paths) between the target original tuple and the Merkle tree. For example, to further improve the reliability of data verification, if the data in this specification is stored in the form of transactions in the blockchain blocks, the target source information can be the source history path (Lineage onchain, referring to the way a block was obtained, for example, the data table ssTB-20 represented by this block is obtained by merging data table 02 and data table 03). Additionally, the branch starting at step S514 can specifically be... Figure 4 Examples are not described in detail here.

[0181] In addition, in specific applications, if any of the matching, verification, or acquisition steps in the above embodiments fails, it is determined that the credibility verification of the data to be verified has failed, and the data verification ends, and the data to be verified is untrustworthy data.

[0182] Corresponding to the above method embodiments, this specification also provides embodiments of a data verification device. Figure 6A schematic diagram of a data verification device according to one embodiment of this specification is shown. Figure 6 As shown, the device includes:

[0183] The data acquisition module 602 is configured to acquire data to be verified, the generation time of the data to be verified, and a preset data table, wherein the preset data table is pre-established based on the relationship between data.

[0184] The existence verification module 604 is configured to perform data matching based on the data to be verified using the preset data table. If the matching is successful, the existence verification of the data to be verified is determined to be successful.

[0185] The time-based verification module 606 is configured to obtain a target trusted timestamp from the time ledger. If the generation time is determined to meet the preset trusted conditions using the target trusted timestamp, then the time-based verification of the data to be verified is determined to be successful. The time ledger records multiple trusted timestamps that have been certified by a trusted time synchronization center.

[0186] In one embodiment of this specification, the preset data table is a pre-established data table based on the relationships between data. Therefore, for the data to be verified obtained by the operation of changing the relationships between data, data matching is performed using the preset data table based on the data to be verified. If the matching is successful, it indicates that the operation used to obtain the relationship between the changed data to obtain the data to be verified exists and is reliable. Accordingly, the data to be verified obtained through this operation is reliable. Therefore, the existence verification of the data to be verified can be determined to be successful. Furthermore, the time ledger records multiple trusted timestamps certified by the trusted time synchronization center. Therefore, the target trusted timestamp can be obtained from the time ledger. If the generation time is determined using the target trusted timestamp to meet the preset trusted conditions, it indicates that the generation time of the data to be verified is reliable. Therefore, the timeliness verification of the data to be verified can be determined to be successful. It can be seen that this solution can verify the existence and timeliness of data obtained by the operation of changing the relationships between data, thus improving the reliability of data verification.

[0187] In an optional implementation, the data acquisition module 602 is further configured to:

[0188] Obtain the target's raw data within a Trusted Execution Environment (TEE);

[0189] Perform target operations corresponding to the target association on the original target data to obtain the data to be verified.

[0190] In an optional implementation, the existence verification module 604 is further configured to:

[0191] Determine the target source information of the data to be verified;

[0192] Based on the target tracing information, determine the target original data that makes up the data to be verified;

[0193] The target raw data and the preset data table are matched. If the match is successful, the existence of the data to be verified is confirmed to be successfully verified.

[0194] In one optional implementation, the preset data table stores a reference summary;

[0195] Accordingly, the existence verification module 604 is further configured as follows:

[0196] Obtain the target summary of the data to be verified;

[0197] The reference digest is matched with the target digest. If the match is successful, the target data identifier of the data to be verified is determined. The target traceability information corresponding to the target data identifier is searched from the pre-stored correspondence between traceability information and data identifier.

[0198] In one optional implementation, the preset data table is a tree structure, the root node of the preset data table stores a reference summary obtained based on the data corresponding to all child nodes of the root node, and each child node of the preset data table stores a reference summary of the data corresponding to that child node.

[0199] Accordingly, the existence verification module 604 is further configured as follows:

[0200] Starting from the layer where the child node storing the target summary is located, the preset data table is traversed to the root node to obtain the sibling reference summary stored by the sibling node of the specified node in each layer;

[0201] The target digest and the obtained sibling reference digests are used as the digests to be matched. The digests to be matched are compared with the reference digests stored in the root node. If they are the same, it is determined that the preset data table and the target digest are successfully matched.

[0202] In an optional implementation, the existence verification module 604 is further configured to:

[0203] The target tracing information is parsed to obtain candidate original data of the data to be verified.

[0204] Determine whether the candidate raw data has traceability information;

[0205] If it does not exist, then the candidate original data is determined to be the target original data;

[0206] If it exists, the source data information of the candidate original data is parsed to obtain the candidate original data of the data to be verified, and the process of determining whether the candidate original data has source information is returned.

[0207] In one optional implementation, the target trusted timestamp includes a first target trusted timestamp and a second target trusted timestamp;

[0208] The timeliness verification module 606 is further configured as follows:

[0209] Find the first and second target trusted timestamps in the time ledger that match the specified conditions of the relationship between the data to be verified;

[0210] Determine whether the generation time is greater than the first target trusted timestamp and whether the generation time is less than the second target trusted timestamp;

[0211] If so, then the timeliness verification of the data to be verified is confirmed to be successful.

[0212] In an optional implementation, the existence verification module 604 is further configured to:

[0213] The preset data table is matched with the data to be verified. If the match is successful, the existence of the data to be verified is confirmed to be successfully verified.

[0214] In one optional implementation, the preset data table is a tree structure, the root node of the preset data table stores a reference summary obtained based on the data corresponding to all child nodes of the root node, and each child node of the preset data table stores a reference summary of the data corresponding to that child node.

[0215] Accordingly, the existence verification module 604 is further configured as follows:

[0216] Obtain the target summary of the data to be verified;

[0217] Starting from the layer where the child node storing the target summary is located, the preset data table is traversed to the root node to obtain the sibling reference summary stored by the sibling node of the specified node in each layer;

[0218] The target digest and the obtained sibling reference digests are used as the digests to be matched. The digests to be matched are compared with the reference digests stored in the root node. If they are the same, it is determined that the preset data table and the data to be verified are successfully matched.

[0219] The above is an illustrative scheme of a data verification device according to this embodiment. It should be noted that the technical solution of this data verification device and the technical solution of the data verification method described above belong to the same concept. For details not described in detail in the technical solution of the data verification device, please refer to the description of the technical solution of the data verification method described above.

[0220] Figure 7 A structural block diagram of a computing device 700 according to one embodiment of this specification is shown. The components of the computing device 700 include, but are not limited to, a memory 710 and a processor 720. The processor 720 is connected to the memory 710 via a bus 730, and a database 750 is used to store data.

[0221] The computing device 700 also includes an access device 740, which enables the computing device 700 to communicate via one or more networks 760. Examples of these networks include Public Switched Telephone Network (PSTN), Local Area Network (LAN), Wide Area Network (WAN), Personal Area Network (PAN), or combinations of communication networks such as the Internet. The access device 740 may include one or more of any type of wired or wireless network interface (e.g., Network Interface Controller (NIC)), such as an IEEE 802.11 Wireless Local Area Networks (WLAN) wireless interface, a Wi-MAX (Worldwide Interoperability for Microwave Access) interface, an Ethernet interface, a Universal Serial Bus (USB) interface, a cellular network interface, a Bluetooth interface, a Near Field Communication (NFC) interface, and so on.

[0222] In one embodiment of this specification, the above-described components of the computing device 700 and Figure 7 Other components, not shown, can also be connected to each other, for example, via a bus. It should be understood that... Figure 7 The block diagram of the computing device shown is for illustrative purposes only and is not intended to limit the scope of this specification. Those skilled in the art can add or replace other components as needed.

[0223] The computing device 700 can be any type of stationary or mobile computing device, including mobile computers or mobile computing devices (e.g., tablet computers, personal digital assistants, laptop computers, notebook computers, netbooks, etc.), mobile phones (e.g., smartphones), wearable computing devices (e.g., smartwatches, smart glasses, etc.) or other types of mobile devices, or stationary computing devices such as desktop computers or PCs. The computing device 700 can also be a mobile or stationary server.

[0224] The processor 720 is used to execute the following computer-executable instructions, which, when executed by the processor, implement the steps of the above-described data verification method.

[0225] The above is an illustrative scheme of a computing device according to this embodiment. It should be noted that the technical solution of this computing device and the technical solution of the data verification method described above belong to the same concept. For details not described in detail in the technical solution of the computing device, please refer to the description of the technical solution of the data verification method described above.

[0226] An embodiment of this specification also provides a computer-readable storage medium storing computer-executable instructions that, when executed by a processor, implement the steps of the above-described data verification method.

[0227] The above is an illustrative scheme of a computer-readable storage medium according to this embodiment. It should be noted that the technical solution of this storage medium and the technical solution of the data verification method described above belong to the same concept. For details not described in detail in the technical solution of the storage medium, please refer to the description of the technical solution of the data verification method described above.

[0228] An embodiment of this specification also provides a computer program, wherein when the computer program is executed in a computer, it causes the computer to perform the steps of the above-described data verification method.

[0229] The above is an illustrative example of a computer program according to this embodiment. It should be noted that the technical solution of this computer program and the technical solution of the data verification method described above belong to the same concept. Details not described in detail in the technical solution of the computer program can be found in the description of the technical solution of the data verification method described above.

[0230] The foregoing has described specific embodiments of this specification. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps recited in the claims may be performed in a different order than that shown in the embodiments and may still achieve the desired result. Furthermore, the processes depicted in the drawings do not necessarily require the specific or sequential order shown to achieve the desired result. In some embodiments, multitasking and parallel processing are possible or may be advantageous.

[0231] The computer instructions include computer program code, which may be in the form of source code, object code, executable file, or some intermediate form. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording media, USB flash drive, portable hard drive, magnetic disk, optical disk, computer memory, read-only memory (ROM), random access memory (RAM), electrical carrier signals, telecommunication signals, and software distribution media, etc.

[0232] It should be noted that, for the sake of simplicity, the foregoing method embodiments are all described as a series of actions. However, those skilled in the art should understand that the embodiments in this specification are not limited to the described order of actions, because according to the embodiments in this specification, some steps can be performed in other orders or simultaneously. Furthermore, those skilled in the art should also understand that the embodiments described in this specification are all preferred embodiments, and the actions and modules involved are not necessarily essential to the embodiments in this specification.

[0233] In the above embodiments, the descriptions of each embodiment have different focuses. For parts not described in detail in a certain embodiment, please refer to the relevant descriptions in other embodiments.

[0234] The preferred embodiments disclosed above are merely illustrative of this specification. The optional embodiments do not exhaustively describe all details, nor do they limit the invention to the specific implementations described. Clearly, many modifications and variations can be made based on the embodiments described herein. These embodiments are selected and specifically described in this specification to better explain the principles and practical applications of the embodiments, thereby enabling those skilled in the art to better understand and utilize this specification. This specification is limited only by the claims and their full scope and equivalents.

Claims

1. A data validation method, comprising: The process involves obtaining the data to be verified, the generation time of the data to be verified, and a preset data table. The preset data table is pre-established based on the relationship between data. The data to be verified is data from a data table obtained by merging different data tables. The data to be verified is obtained by performing a target operation corresponding to the relationship on the target original data. In the case that the relationship is parallel, the target operation is a merging operation. Based on the data to be verified, data matching is performed using the preset data table, including: determining the target source information of the data to be verified; determining the target original data that makes up the data to be verified according to the target source information; matching the target original data with the preset data table; and if the matching is successful, the existence verification of the data to be verified is successful. The target trusted timestamp is obtained from the time ledger. If the generation time is determined to meet the preset trusted conditions using the target trusted timestamp, then the timeliness verification of the data to be verified is successful. The time ledger records multiple trusted timestamps that have been certified by the trusted time synchronization center.

2. The method according to claim 1, wherein the preset data table stores a reference summary; The determination of the target source information for the data to be verified includes: Obtain the target summary of the data to be verified; The reference digest is matched with the target digest. If the match is successful, the target data identifier of the data to be verified is determined. The target traceability information corresponding to the target data identifier is searched from the pre-stored correspondence between traceability information and data identifier.

3. The method according to claim 2, wherein the preset data table is a tree structure, the root node of the preset data table stores a reference summary obtained based on the data corresponding to all child nodes of the root node, and each child node of the preset data table stores a reference summary of the data corresponding to the child node. The matching of the reference digest with the target digest includes: Starting from the layer where the child node storing the target summary is located, the preset data table is traversed to the root node to obtain the sibling reference summary stored by the sibling node of the specified node in each layer; The target digest and the obtained sibling reference digests are used as the digests to be matched. The digests to be matched are compared with the reference digests stored in the root node. If they are the same, it is determined that the preset data table and the target digest are successfully matched.

4. The method according to any one of claims 1 to 3, wherein the target trusted timestamp includes a first target trusted timestamp and a second target trusted timestamp; Obtaining the target trusted timestamp from the time ledger includes: Find the first and second target trusted timestamps in the time ledger that match the specified conditions of the relationship between the data to be verified; If the generation time is determined to meet the preset trust conditions using the target trusted timestamp, then the timeliness verification of the data to be verified is successful, including: Determine whether the generation time is greater than the first target trusted timestamp and whether the generation time is less than the second target trusted timestamp; If so, then the timeliness verification of the data to be verified is confirmed to be successful.

5. The method according to any one of claims 1 to 3, wherein determining the target original data constituting the data to be verified based on the target tracing information comprises: The target tracing information is parsed to obtain candidate original data of the data to be verified. Determine whether the candidate original data contains traceability information; If it does not exist, then the candidate original data is determined to be the target original data; If it exists, the source data information of the candidate original data is parsed to obtain the candidate original data of the data to be verified, and the process of determining whether the candidate original data has source information is returned.

6. The method according to claim 1, wherein the step of performing data matching based on the data to be verified using the preset data table further includes: The preset data table is matched with the data to be verified. If the match is successful, the existence of the data to be verified is confirmed to be successfully verified.

7. The method according to claim 6, wherein the preset data table is a tree structure, the root node of the preset data table stores a reference summary obtained based on the data corresponding to all child nodes of the root node, and each child node of the preset data table stores a reference summary of the data corresponding to the child node. The matching of the preset data table with the data to be verified includes: Obtain the target summary of the data to be verified; Starting from the layer where the child node storing the target summary is located, the preset data table is traversed to the root node to obtain the sibling reference summary stored by the sibling node of the specified node in each layer; The target digest and the obtained sibling reference digests are used as the digests to be matched. The digests to be matched are compared with the reference digests stored in the root node. If they are the same, it is determined that the preset data table and the data to be verified are successfully matched.

8. The method according to any one of claims 1 to 3 and 6 to 7, wherein obtaining the data to be verified comprises: Obtain the target's raw data within a Trusted Execution Environment (TEE); Perform target operations corresponding to the target association on the original target data to obtain the data to be verified.

9. A data verification device, comprising: The data acquisition module is configured to acquire data to be verified, the generation time of the data to be verified, and a preset data table. The preset data table is pre-established based on the relationship between data. The data to be verified is data in a data table obtained by merging different data tables. The data to be verified is obtained by performing a target operation corresponding to the relationship on the target original data. When the relationship is parallel, the target operation is a merging operation. The existence verification module is configured to perform data matching based on the data to be verified using the preset data table. If the matching is successful, the existence verification of the data to be verified is determined to be successful. The existence verification module is further configured to: determine the target source information of the data to be verified; determine the target original data that makes up the data to be verified based on the target source information; match the target original data with the preset data table; and if the match is successful, determine that the existence verification of the data to be verified is successful. The time-based verification module is configured to obtain a target trusted timestamp from the time ledger. If the generation time is determined to meet the preset trusted conditions using the target trusted timestamp, then the time-based verification of the data to be verified is successful. The time ledger records multiple trusted timestamps that have been certified by a trusted time synchronization center.

10. The apparatus according to claim 9, wherein the target trusted timestamp includes a first target trusted timestamp and a second target trusted timestamp; The time-based verification module is further configured as follows: Find the first and second target trusted timestamps in the time ledger that match the specified conditions of the relationship between the data to be verified; Determine whether the generation time is greater than the first target trusted timestamp and whether the generation time is less than the second target trusted timestamp; If so, then the timeliness verification of the data to be verified is confirmed to be successful.

11. The apparatus according to claim 9, wherein the existence verification module is further configured to: The preset data table is matched with the data to be verified. If the match is successful, the existence of the data to be verified is confirmed to be successfully verified.

12. The apparatus according to any one of claims 9 to 11, wherein the data acquisition module is further configured to: Obtain the target's raw data within a Trusted Execution Environment (TEE); Perform target operations corresponding to the target association on the original target data to obtain the data to be verified.

13. A computing device, comprising: Memory and processor; The memory is used to store computer-executable instructions, and the processor is used to execute the computer-executable instructions, which, when executed by the processor, implement the steps of the data verification method according to any one of claims 1 to 8.

14. A computer-readable storage medium storing computer-executable instructions that, when executed by a processor, implement the steps of the data verification method according to any one of claims 1 to 8.

15. A computer program product, wherein, When the computer program product is executed in a computer, the computer is instructed to perform the steps of the data verification method according to any one of claims 1 to 8.