Data processing method and device suitable for remote nuclear capacity communication system of battery, computer equipment and storage medium

By using digital signatures and asymmetric encryption technology in the remote battery capacity communication system, a salt value and a shared key are generated to ensure the security of data upload requests and business data. This solves the problem that traditional encrypted transmission is vulnerable to attack and achieves end-to-end security protection and highly secure data transmission.

CN122268593APending Publication Date: 2026-06-23CHINA SOUTHERN POWER GRID ENERGY STORAGE CO LTD INFORMATION & COMM BRANCH

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
CHINA SOUTHERN POWER GRID ENERGY STORAGE CO LTD INFORMATION & COMM BRANCH
Filing Date
2026-02-10
Publication Date
2026-06-23

AI Technical Summary

Technical Problem

In remote battery capacity communication systems, traditional data encryption transmission methods are vulnerable to attackers who can intercept passwords to send false data or steal information, resulting in low data transmission security.

Method used

Digital signature and asymmetric encryption technologies are employed. A salt value is generated through a quantum random number generator, combined with a trapdoor sampler and public key encryption to ensure the legitimacy of the data upload request and the integrity of the content. A shared key is used to encrypt and transmit business data, establishing a multi-stage verification mechanism.

Benefits of technology

It achieves end-to-end security protection from identity authentication to data transmission, preventing data from being maliciously modified during transmission, ensuring data confidentiality and integrity, eliminating the risk of identity impersonation, and improving the security of data transmission.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122268593A_ABST
    Figure CN122268593A_ABST
Patent Text Reader

Abstract

The application relates to a data processing method and device suitable for a battery remote nuclear capacity communication system, computer equipment and a storage medium. The method comprises the following steps: performing signature processing on a data uploading request to obtain a digital signature corresponding to the data uploading request; verifying the data uploading request and the digital signature, and establishing a communication channel between an energy storage control terminal and a database gateway when a verification result indicates that the verification is passed; performing encryption processing on business data to obtain encrypted business data corresponding to the business data; and sending the encrypted business data to the database gateway through the communication channel, so that the database gateway performs decryption processing on the encrypted business data to obtain the business data, and uploads the business data to a database of an energy storage control center corresponding to the database gateway according to the data uploading request. The method can improve the security of data transmission.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of computer technology, and in particular to a data processing method, apparatus, computer equipment, computer-readable storage medium, and computer program product suitable for a remote capacity communication system for batteries. Background Technology

[0002] In remote battery capacity communication systems, ensuring data transmission security and effectively encrypting data transmission is crucial.

[0003] In traditional technologies, identity is usually verified through simple methods such as fixed passwords during data encryption transmission. However, attackers can intercept passwords to send false data or steal information, resulting in low data transmission security. Summary of the Invention

[0004] Therefore, it is necessary to provide a data processing method, apparatus, computer equipment, computer-readable storage medium, and computer program product suitable for remote battery capacity communication systems that can improve the security of data transmission, addressing the aforementioned technical problems.

[0005] In a first aspect, this application provides a data processing method suitable for a remote capacity communication system for batteries, applied to an energy storage control terminal, comprising:

[0006] Generate a data upload request for the business data of the core capacity system; the core capacity system refers to the remote core capacity communication system for batteries.

[0007] The data upload request is signed to obtain a digital signature corresponding to the data upload request;

[0008] The data upload request and the digital signature are sent to the database gateway corresponding to the energy storage control terminal, so that the database gateway verifies the data upload request and the digital signature, and establishes a communication channel between the energy storage control terminal and the database gateway after the verification result indicates that it is successful.

[0009] The business data is encrypted to obtain encrypted business data corresponding to the business data;

[0010] The encrypted service data is sent to the database gateway through the communication channel, and the database gateway decrypts the encrypted service data to obtain the service data. Then, according to the data upload request, the service data is uploaded to the energy storage control center database corresponding to the database gateway.

[0011] In one embodiment, the step of signing the data upload request to obtain a digital signature corresponding to the data upload request includes:

[0012] The salt value corresponding to the data upload request is generated by the quantum random number generator of the nuclear capacity system.

[0013] The data upload request and the salt value are concatenated to obtain concatenated information;

[0014] Based on the splicing information and the salt value, a digital signature corresponding to the data upload request is generated.

[0015] In one embodiment, generating a digital signature corresponding to the data upload request based on the concatenation information and the salt value includes:

[0016] The concatenated information is digested to obtain a hash digest corresponding to the concatenated information;

[0017] The hash digest is sampled using a trapdoor sampler of the first private key corresponding to the energy storage control terminal to obtain a short vector corresponding to the hash digest.

[0018] Based on the short vector and the salt value, a digital signature corresponding to the data upload request is generated;

[0019] The step of sending the data upload request and the digital signature to the database gateway corresponding to the energy storage control terminal, enabling the database gateway to verify the data upload request and the digital signature, and establishing a communication channel between the energy storage control terminal and the database gateway after the verification result indicates success, includes:

[0020] The data upload request and the digital signature are sent to the database gateway corresponding to the energy storage control terminal. The database gateway verifies the data upload request and the digital signature using the first public key corresponding to the first private key. After the verification result indicates that the data upload request and the digital signature are successful, a communication channel is established between the energy storage control terminal and the database gateway.

[0021] In one embodiment, before encrypting the business data to obtain encrypted business data corresponding to the business data, the method further includes:

[0022] Based on the business data, a first shared key between the energy storage control terminal and the database gateway is determined;

[0023] The step of encrypting the business data to obtain encrypted business data corresponding to the business data includes:

[0024] The business data is encrypted using the first shared key to obtain the encrypted business data corresponding to the business data.

[0025] In one embodiment, determining the first shared key between the energy storage control terminal and the database gateway based on the service data includes:

[0026] Generate the error vector corresponding to the business data;

[0027] Based on the error vector, the second public key corresponding to the database gateway, and the business data, the ciphertext corresponding to the business data is determined;

[0028] Based on the ciphertext, a first shared key between the energy storage control terminal and the database gateway is determined;

[0029] The step of sending the encrypted service data to the database gateway through the communication channel, enabling the database gateway to decrypt the encrypted service data to obtain the service data, and then uploading the service data to the energy storage control center database corresponding to the database gateway according to the data upload request, includes:

[0030] The encrypted service data is sent to the database gateway through the communication channel. The database gateway then decrypts the encrypted service data using the second shared key obtained by determining the second shared key corresponding to the second public key, and uploads the service data to the energy storage control center database corresponding to the database gateway according to the data upload request.

[0031] In one embodiment, determining the ciphertext corresponding to the business data based on the error vector, the second public key corresponding to the database gateway, and the business data includes:

[0032] Based on the error vector and the second public key corresponding to the database gateway, the first ciphertext corresponding to the business data is determined;

[0033] Based on the error vector and the business data, the second ciphertext corresponding to the business data is determined;

[0034] The first ciphertext and the second ciphertext are combined to obtain the ciphertext corresponding to the business data.

[0035] Secondly, this application also provides a data processing device suitable for a remote capacity communication system for batteries, applied to an energy storage control terminal, comprising:

[0036] The request generation module is used to generate data upload requests for business data of the core capacity system; the core capacity system refers to the remote core capacity communication system for batteries.

[0037] The request signature module is used to sign the data upload request and obtain the digital signature corresponding to the data upload request.

[0038] The first sending module is used to send the data upload request and the digital signature to the database gateway corresponding to the energy storage control terminal, so that the database gateway verifies the data upload request and the digital signature, and establishes a communication channel between the energy storage control terminal and the database gateway after the verification result indicates that it passes.

[0039] A data encryption module is used to encrypt the business data to obtain encrypted business data corresponding to the business data;

[0040] The second sending module is used to send the encrypted service data to the database gateway through the communication channel, so that the database gateway can decrypt the encrypted service data to obtain the service data, and upload the service data to the energy storage control center database corresponding to the database gateway according to the data upload request.

[0041] Thirdly, this application also provides a computer device, including a memory and a processor, wherein the memory stores a computer program, and the processor executes the computer program to perform the following steps:

[0042] Generate a data upload request for the business data of the core capacity system; the core capacity system refers to the remote core capacity communication system for batteries.

[0043] The data upload request is signed to obtain a digital signature corresponding to the data upload request;

[0044] The data upload request and the digital signature are sent to the database gateway corresponding to the energy storage control terminal, so that the database gateway verifies the data upload request and the digital signature, and establishes a communication channel between the energy storage control terminal and the database gateway after the verification result indicates that it is successful.

[0045] The business data is encrypted to obtain encrypted business data corresponding to the business data;

[0046] The encrypted service data is sent to the database gateway through the communication channel, and the database gateway decrypts the encrypted service data to obtain the service data. Then, according to the data upload request, the service data is uploaded to the energy storage control center database corresponding to the database gateway.

[0047] Fourthly, this application also provides a computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, performs the following steps:

[0048] Generate a data upload request for the business data of the core capacity system; the core capacity system refers to the remote core capacity communication system for batteries.

[0049] The data upload request is signed to obtain a digital signature corresponding to the data upload request;

[0050] The data upload request and the digital signature are sent to the database gateway corresponding to the energy storage control terminal, so that the database gateway verifies the data upload request and the digital signature, and establishes a communication channel between the energy storage control terminal and the database gateway after the verification result indicates that it is successful.

[0051] The business data is encrypted to obtain encrypted business data corresponding to the business data;

[0052] The encrypted service data is sent to the database gateway through the communication channel, and the database gateway decrypts the encrypted service data to obtain the service data. Then, according to the data upload request, the service data is uploaded to the energy storage control center database corresponding to the database gateway.

[0053] Fifthly, this application also provides a computer program product, including a computer program that, when executed by a processor, performs the following steps:

[0054] Generate a data upload request for the business data of the core capacity system; the core capacity system refers to the remote core capacity communication system for batteries.

[0055] The data upload request is signed to obtain a digital signature corresponding to the data upload request;

[0056] The data upload request and the digital signature are sent to the database gateway corresponding to the energy storage control terminal, so that the database gateway verifies the data upload request and the digital signature, and establishes a communication channel between the energy storage control terminal and the database gateway after the verification result indicates that it is successful.

[0057] The business data is encrypted to obtain encrypted business data corresponding to the business data;

[0058] The encrypted service data is sent to the database gateway through the communication channel, and the database gateway decrypts the encrypted service data to obtain the service data. Then, according to the data upload request, the service data is uploaded to the energy storage control center database corresponding to the database gateway.

[0059] The aforementioned data processing method, apparatus, computer equipment, storage medium, and computer program product applicable to remote capacity control communication systems for batteries first generate a data upload request for business data of the remote capacity control communication system for batteries. Then, the data upload request is signed to obtain a digital signature corresponding to the data upload request. Next, the data upload request and digital signature are sent to the database gateway corresponding to the energy storage control terminal. The database gateway verifies the data upload request and digital signature. After the verification result indicates success, a communication channel is established between the energy storage control terminal and the database gateway. Then, the business data is encrypted to obtain encrypted business data. Finally, the encrypted business data is sent to the database gateway through the communication channel, allowing the database gateway to decrypt the encrypted business data to obtain the business data. According to the data upload request, the business data is uploaded to the energy storage control center database corresponding to the database gateway. In this way, during the encrypted data transmission process, a combination of digital signatures, encrypted transmission, and multi-stage verification strategies is used. The data upload request is signed and verified by the database gateway. Asymmetric encryption ensures the authenticity of the sender's identity, replacing traditional fixed password verification and eliminating the risk of identity impersonation at the source. Business data is transmitted encrypted, so even if intercepted, it cannot be cracked, ensuring data confidentiality. Furthermore, signature verification ensures that the request has not been tampered with, and decryption verification confirms the integrity of business data transmission. This dual verification mechanism can prevent data from being maliciously modified during transmission, thereby achieving end-to-end security protection from identity authentication to data transmission. This avoids the shortcomings of traditional technologies that rely on simple methods such as fixed passwords to confirm identity, where attackers can intercept passwords to send false data or steal information, resulting in low data transmission security. This further improves the security of data transmission. Attached Figure Description

[0060] To more clearly illustrate the technical solutions in the embodiments of this application or related technologies, the drawings used in the description of the embodiments of this application or related technologies will be briefly introduced below. Obviously, the drawings described below are only some embodiments of this application. For those skilled in the art, other related drawings can be obtained based on these drawings without creative effort.

[0061] Figure 1 This is an application environment diagram of a data processing method applicable to a remote capacity communication system for batteries, as shown in one embodiment.

[0062] Figure 2 This is a flowchart illustrating a data processing method applicable to a remote capacity communication system for batteries in one embodiment.

[0063] Figure 3 This is a flowchart illustrating a data processing method applicable to a remote capacity communication system for batteries, as described in another embodiment.

[0064] Figure 4 This is a flowchart illustrating a data processing method applicable to a remote capacity communication system for batteries, as described in yet another embodiment.

[0065] Figure 5 This is a schematic diagram of a quantum-safe database architecture applicable to a remote nuclear capacity communication system for batteries, as shown in one embodiment.

[0066] Figure 6 This is a structural block diagram of a data processing device suitable for a remote capacity communication system for batteries, as shown in one embodiment.

[0067] Figure 7 This is an internal structural diagram of a computer device in one embodiment. Detailed Implementation

[0068] To make the objectives, technical solutions, and advantages of this application clearer, the following detailed description is provided in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative and not intended to limit the scope of this application.

[0069] It should be noted that the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data used for analysis, data stored, data displayed, etc.) involved in this application are all information and data authorized by the user or fully authorized by all parties, and the collection, use and processing of the relevant data must comply with relevant regulations.

[0070] The data processing method for remote capacity control communication systems for batteries provided in this application can be applied to, for example... Figure 1 In the application environment shown, the database gateway 104 communicates with the energy storage control terminal 102 and the energy storage control center database 106 via the network. Specifically, refer to... Figure 1The energy storage control terminal 102 generates a data upload request for the core capacity system; the core capacity system refers to the remote core capacity communication system for batteries; the data upload request is signed to obtain a digital signature corresponding to the data upload request; the data upload request and digital signature are sent to the database gateway 104 corresponding to the energy storage control terminal 102, so that the database gateway 104 verifies the data upload request and digital signature, and establishes a communication channel between the energy storage control terminal 102 and the database gateway 104 after the verification result indicates that it has passed; the business data is encrypted to obtain the encrypted business data corresponding to the business data; the encrypted business data is sent to the database gateway 104 through the communication channel, so that the database gateway 104 decrypts the encrypted business data to obtain the business data, and uploads the business data to the energy storage control center database 106 corresponding to the database gateway 104 according to the data upload request. Among them, the energy storage control terminal 102, also known as the device layer (DL), refers to the terminal deployed locally on the battery pack or energy storage equipment of the core capacity system, which can be, but is not limited to, various personal computers, laptops, smartphones and tablets; the database gateway 104, also known as the edge layer (EL), refers to the intermediate communication processing node between the energy storage control terminal 102 and the energy storage control center database 106 in the core capacity system; the energy storage control center database 106, also known as the cloud layer (CL), refers to the centralized data storage system deployed in the energy storage control center of the core capacity system, used to persistently store the business data of the battery remote core capacity communication system.

[0071] In one exemplary embodiment, such as Figure 2 As shown, a data processing method suitable for a remote capacity communication system for batteries is provided, which can be applied to... Figure 1 Taking the energy storage control terminal as an example, this embodiment of the method includes the following steps:

[0072] Step S201: Generate a data upload request for the business data of the core capacity system.

[0073] Among them, the capacity verification system refers to the remote capacity verification communication system for batteries, which is used to describe a communication system that uses remote communication technology to detect (verify) core parameters such as capacity and health status of batteries (such as energy storage battery packs).

[0074] Among them, business data refers to the core data generated in the capacity system that reflects the status of the battery and the capacity assessment results, such as the battery's real-time capacity, voltage, charge and discharge curve, health status, capacity assessment timestamp, and other data.

[0075] Among them, a data upload request refers to a request to upload and process business data.

[0076] For example, in response to the data upload command of the energy storage control center database, or according to a preset data upload cycle, the energy storage control terminal collects the business data generated by the capacity system during the remote capacity verification process of the battery through the built-in acquisition sensors, and generates a data upload request for the business data of the capacity system according to a preset request template.

[0077] Step S202: Sign the data upload request to obtain the digital signature corresponding to the data upload request.

[0078] Digital signatures, also known as FALCON (Fast Automorphism-based LatticeCryptography with Compact Outputs) digital signatures, refer to a string obtained by signing a data upload request.

[0079] For example, the energy storage control terminal standardizes the data upload request (including terminal identifier, business data summary, transmission parameters, etc.), for example, by converting it into a byte stream encoded in UTF-8 (Unicode Transformation Format - 8-bit, a conversion format), to obtain a preprocessed data upload request. Then, the server uses the ECDSA (Elliptic Curve Digital Signature Algorithm) algorithm to sign the preprocessed data upload request, obtaining a digital signature corresponding to the preprocessed data upload request, which serves as the digital signature corresponding to the data upload request.

[0080] Step S203: Send the data upload request and digital signature to the database gateway corresponding to the energy storage control terminal, so that the database gateway can verify the data upload request and digital signature, and establish a communication channel between the energy storage control terminal and the database gateway after the verification result indicates that it has passed.

[0081] The verification result refers to the conclusion reached after verifying the legality of the received data upload request and digital signature, including whether it passes or fails.

[0082] The communication channel, also known as the secure communication channel, refers to the dedicated communication link between the energy storage control terminal and the database gateway used to transmit encrypted business data.

[0083] For example, the energy storage control terminal packages the data upload request and digital signature according to the protocol format (binary stream) through a preset network interface, and sends the packaged data to the database gateway corresponding to the energy storage control terminal through the underlying communication protocol; the database gateway extracts the signature parameters of the digital signature and performs hash processing on the data upload request to obtain the hash result of the data upload request, and compares the signature parameters of the digital signature with the hash result of the data upload request to obtain the verification result; after the verification result indicates that it is successful, the database gateway establishes a communication channel between the energy storage control terminal and the database gateway.

[0084] Step S204: Encrypt the business data to obtain the encrypted business data corresponding to the business data.

[0085] Encrypted business data refers to the result generated by encrypting business data as the original input using a symmetric encryption algorithm and a shared key.

[0086] For example, the energy storage control terminal performs data cleaning on the business data to obtain cleaned business data; then, the energy storage control terminal identifies the current data type of the cleaned business data and queries the correspondence between the data type and the encryption algorithm to obtain the encryption algorithm corresponding to the current data type, which is used as the target encryption algorithm for the cleaned business data; then, the server encrypts the cleaned business data using the target encryption algorithm to obtain the encrypted business data corresponding to the cleaned business data, which is used as the encrypted business data corresponding to the business data.

[0087] In step S205, encrypted service data is sent to the database gateway through the communication channel, so that the database gateway decrypts the encrypted service data to obtain the service data, and uploads the service data to the energy storage control center database corresponding to the database gateway according to the data upload request.

[0088] For example, the energy storage control terminal sends encrypted service data to the database gateway through a communication channel; the database gateway parses the encrypted service data to obtain parsing information, determines the corresponding shared key based on the ciphertext contained in the parsing information, and decrypts the encrypted service data using the shared key to obtain the service data; then, the database gateway determines the storage path of the service data in the energy storage control center database corresponding to the database gateway according to the device identifier (such as battery pack name) and data category (such as capacity detection data) carried in the data upload request, and uploads the service data to the energy storage control center database according to the storage path.

[0089] In the data processing method applicable to the remote capacity control communication system for batteries described above, a data upload request for the business data of the remote capacity control communication system for batteries is first generated. Then, the data upload request is signed to obtain a digital signature corresponding to the data upload request. Next, the data upload request and the digital signature are sent to the database gateway corresponding to the energy storage control terminal. The database gateway verifies the data upload request and the digital signature. After the verification result indicates that the verification is successful, a communication channel is established between the energy storage control terminal and the database gateway. Then, the business data is encrypted to obtain the encrypted business data corresponding to the business data. Finally, the encrypted business data is sent to the database gateway through the communication channel. The database gateway decrypts the encrypted business data to obtain the business data and uploads the business data to the energy storage control center database corresponding to the database gateway according to the data upload request. In this way, during the encrypted data transmission process, a combination of digital signatures, encrypted transmission, and multi-stage verification strategies is used. The data upload request is signed and verified by the database gateway. Asymmetric encryption ensures the authenticity of the sender's identity, replacing traditional fixed password verification and eliminating the risk of identity impersonation at the source. Business data is transmitted encrypted, so even if intercepted, it cannot be cracked, ensuring data confidentiality. Furthermore, signature verification ensures that the request has not been tampered with, and decryption verification confirms the integrity of business data transmission. This dual verification mechanism can prevent data from being maliciously modified during transmission, thereby achieving end-to-end security protection from identity authentication to data transmission. This avoids the shortcomings of traditional technologies that rely on simple methods such as fixed passwords to confirm identity, where attackers can intercept passwords to send false data or steal information, resulting in low data transmission security. This further improves the security of data transmission.

[0090] In an exemplary embodiment, step S202 above, which involves signing the data upload request to obtain a digital signature corresponding to the data upload request, specifically includes the following: generating a salt value corresponding to the data upload request using the quantum random number generator of the core-capacity system; concatenating the data upload request and the salt value to obtain concatenated information; and generating a digital signature corresponding to the data upload request based on the concatenated information and the salt value.

[0091] Among them, the quantum random number generator, also known as QRNG (Quantum Random Number Generator), refers to a module that generates random numbers (i.e., salt values) based on quantum physical principles (such as quantum uncertainty phenomena like photon polarization and vacuum fluctuations).

[0092] Salt value refers to a sequence of random bytes (such as a 256-bit random number) generated by a quantum random number generator.

[0093] Among them, spliced ​​information refers to the combined information obtained by splicing the data upload request and the salt value.

[0094] For example, the energy storage control terminal uses the quantum random number generator of the core capacity system to collect the original quantum signal based on photon polarization detection, performs noise reduction on the collected original quantum signal, and then converts the noise-reduced quantum signal into a binary random sequence through analog-to-digital conversion, which serves as the salt value corresponding to the data upload request. Next, the server concatenates the data upload request and the salt value according to a preset concatenation order (such as concatenation order with the salt value on the left and the data upload request on the right) to obtain concatenation information. Then, the server generates a digital signature corresponding to the data upload request based on the concatenation information and the salt value.

[0095] In this embodiment, the salt value generated by the quantum random number generator has true randomness, which can avoid the risk of traditional pseudo-random numbers being easily predictable. Moreover, the uniqueness of the salt value ensures that the same request generates different signatures to resist replay attacks. Furthermore, the association between the concatenated information and the salt value strengthens the binding relationship between the signature and the request content, providing a high level of security for the identity legitimacy and content integrity of data upload requests.

[0096] In an exemplary embodiment, a digital signature corresponding to a data upload request is generated based on the concatenated information and the salt value. Specifically, this includes: performing digest processing on the concatenated information to obtain a hash digest corresponding to the concatenated information; performing trapdoor sampling processing on the hash digest using a trapdoor sampler of the first private key corresponding to the energy storage control terminal to obtain a short vector corresponding to the hash digest; and generating a digital signature corresponding to the data upload request based on the short vector and the salt value.

[0097] Therefore, step S203 above, which involves sending the data upload request and digital signature to the database gateway corresponding to the energy storage control terminal, enabling the database gateway to verify the data upload request and digital signature, and establishing a communication channel between the energy storage control terminal and the database gateway after the verification result indicates that the data upload request and digital signature have passed, specifically includes the following: sending the data upload request and digital signature to the database gateway corresponding to the energy storage control terminal, enabling the database gateway to verify the data upload request and digital signature using the first public key corresponding to the first private key, and establishing a communication channel between the energy storage control terminal and the database gateway after the verification result indicates that the data upload request and digital signature have passed.

[0098] Hash digest refers to a fixed-length byte sequence obtained by digesting concatenated information.

[0099] The first private key refers to the private key held by the energy storage control terminal.

[0100] Among them, the trapdoor sampler refers to an algorithm module designed based on the first private key (trapdoor lattice base) to efficiently sample short vectors associated with hash digests.

[0101] Here, a short vector refers to a non-zero vector in the lattice space corresponding to the hash digest whose norm is less than the preset norm and which satisfies the preset length constraint.

[0102] The first public key refers to the asymmetric key publicly disclosed by the energy storage control terminal.

[0103] For example, the energy storage control terminal normalizes the concatenated information (e.g., by removing redundant delimiters) to obtain normalized concatenated information. It then uses a collision-resistant cryptographic hash algorithm to perform a hash operation on the normalized concatenated information, obtaining a hash digest corresponding to the normalized concatenated information. Next, the energy storage control terminal maps the hash digest to obtain a vector in the lattice space. Using a trapdoor sampler of the first private key corresponding to the energy storage control terminal, it selects non-zero vectors from the vectors in the lattice space whose norm is less than a preset norm and satisfies a preset length constraint, using these as the short vector corresponding to the hash digest. Finally, the server performs structured encapsulation of the short vector and salt value according to a preset signature template to obtain the digital signature corresponding to the data upload request.

[0104] Furthermore, the energy storage control terminal sends the data upload request and digital signature to the database gateway corresponding to the energy storage control terminal. The database gateway extracts the signature parameters of the digital signature, performs calculations on the signature parameters using the first public key corresponding to the first private key to obtain the vector corresponding to the signature parameters in the grid space, and performs hash processing on the data upload request to obtain the hash result of the data upload request. The hash result is then mapped to obtain the vector corresponding to the hash result in the grid space. The vector corresponding to the signature parameters in the grid space and the vector corresponding to the hash result in the grid space are then compared to obtain the verification result. After the verification result indicates that the verification is successful, the database gateway establishes a communication channel between the energy storage control terminal and the database gateway.

[0105] For example, a hash digest can be calculated using the following formula:

[0106] Equation (1)

[0107] Where c refers to hash digest, H refers to hash operation (digest processing), r refers to salt value, and m refers to data upload request.

[0108] In this embodiment, the concatenated information is condensed through hash digest to ensure a strong binding between the signature and the original information. A trapdoor sampler using the first private key generates a short vector that conforms to norm constraints, thereby achieving anti-forgery properties of the digital signature. This results in a digital signature that is unforgeable, tamper-proof, and replay-proof, providing a high level of security for the identity legitimacy and content integrity of data upload requests.

[0109] In an exemplary embodiment, step S204, before encrypting the business data to obtain the encrypted business data corresponding to the business data, specifically includes the following: determining the first shared key between the energy storage control terminal and the database gateway based on the business data.

[0110] Therefore, step S204 above, which encrypts the business data to obtain the encrypted business data corresponding to the business data, specifically includes the following: using the first shared key, the business data is encrypted to obtain the encrypted business data corresponding to the business data.

[0111] The first shared key refers to the symmetric key shared between the energy storage control terminal and the database gateway, which is calculated by the energy storage control terminal through key negotiation.

[0112] For example, the energy storage control terminal obtains the second public key corresponding to the database gateway, and determines the first shared key between the energy storage control terminal and the database gateway based on the business data and the second public key corresponding to the database gateway; the business data is encrypted using the first shared key to obtain the encrypted business data corresponding to the business data.

[0113] In this embodiment, a first shared key between the terminal and the gateway is generated by combining business data, and the business data is encrypted using the symmetric first shared key. While ensuring encryption efficiency, it ensures that only the terminal and the gateway can decrypt and obtain the original data, effectively preventing sensitive business data from being stolen or tampered with by unauthorized parties during transmission. This is beneficial to strengthening the overall security of data interaction between the energy storage control terminal and the database gateway.

[0114] In an exemplary embodiment, a first shared key between the energy storage control terminal and the database gateway is determined based on the business data. This includes: generating an error vector corresponding to the business data; determining the ciphertext corresponding to the business data based on the error vector, the second public key corresponding to the database gateway, and the business data; and determining the first shared key between the energy storage control terminal and the database gateway based on the ciphertext.

[0115] Therefore, step S205 above, which involves sending encrypted service data to the database gateway via a communication channel, enabling the database gateway to decrypt the encrypted service data, obtain the service data, and upload the service data to the energy storage control center database corresponding to the database gateway according to the data upload request, specifically includes the following: sending encrypted service data to the database gateway via a communication channel, enabling the database gateway to decrypt the encrypted service data using the second shared key obtained by determining the second shared key corresponding to the second public key, and uploading the service data to the energy storage control center database corresponding to the database gateway according to the data upload request.

[0116] Here, the error vector refers to a short vector whose corresponding component value is less than a preset component value, obtained by mapping business data using a hash function.

[0117] The second public key refers to the asymmetric key publicly disclosed by the database gateway.

[0118] The ciphertext corresponding to the business data refers to the encrypted result generated by using the business data as the original input and an asymmetric encryption algorithm.

[0119] The second private key refers to the private key held by the database gateway.

[0120] The second shared key refers to the symmetric key shared between the energy storage control terminal and the database gateway, which is calculated by the database gateway through key negotiation.

[0121] For example, the energy storage control terminal uses the quantum random number generator of the core capacity system to generate a short vector with a component value less than a preset component value through random sampling, which serves as the error vector corresponding to the business data. Then, the energy storage control terminal determines the ciphertext corresponding to the business data based on the error vector, the second public key corresponding to the database gateway, and the business data. Then, the energy storage control terminal uses a key derivation function to derive the key from the ciphertext and the business data to obtain the first shared key between the energy storage control terminal and the database gateway.

[0122] Furthermore, the energy storage control terminal sends encrypted service data to the database gateway via a communication channel. The database gateway decodes the encrypted service data using the second private key corresponding to the second public key, obtaining a decoding result, and recovers the encrypted service data, obtaining a data recovery result. The decoding result and the data recovery result are compared (e.g., whether they are equal) to obtain a decryption result. After the decryption result is successful, the database gateway extracts the ciphertext from the encrypted service data and determines the second shared key based on the ciphertext and the encrypted service data. The encrypted service data is then decrypted using the second shared key to obtain the service data. Next, the database gateway determines the storage path of the service data in the energy storage control center database corresponding to the database gateway according to the device identifier (e.g., battery pack name) and data category (e.g., capacity detection data) carried in the data upload request, and uploads the service data to the energy storage control center database according to the storage path.

[0123] It should be noted that if the unblocking result fails, the database gateway determines the second shared key based on the pre-generated random value and the encrypted business data.

[0124] The error vector can be calculated in the following way:

[0125] Equation (2)

[0126] in, and These are two different components of the error vector.

[0127] The first shared key can be calculated in the following way:

[0128] Equation (3)

[0129] Where K (left) refers to the first shared key, K (right) refers to the Key Derivation Function (KDF), m refers to the business data, and c refers to the ciphertext corresponding to the business data.

[0130] The second shared key can be calculated in the following way:

[0131] Equation (4)

[0132] Where m' refers to the data recovery result, and c refers to the ciphertext in the encrypted business data.

[0133] The second shared key can also be calculated in the following way:

[0134] Equation (5)

[0135] Here, σ refers to a pre-generated random value.

[0136] In this embodiment, computational ambiguity is introduced by generating an error vector in the form of a random short vector. This is combined with the second public key of the database gateway and business data to generate ciphertext. This not only utilizes the asymmetric encryption feature to ensure that only the gateway holding the second private key can decrypt the ciphertext, but also generates a first shared key between the terminal and the gateway through the ciphertext synchronously, thereby ensuring the confidentiality of business data transmission between the energy storage control terminal and the database gateway.

[0137] In an exemplary embodiment, the ciphertext corresponding to the business data is determined based on the error vector, the second public key corresponding to the database gateway, and the business data. Specifically, this includes: determining the first ciphertext corresponding to the business data based on the error vector and the second public key corresponding to the database gateway; determining the second ciphertext corresponding to the business data based on the error vector and the business data; and combining the first ciphertext and the second ciphertext to obtain the ciphertext corresponding to the business data.

[0138] The first ciphertext refers to the ciphertext obtained based on the error vector and the second public key corresponding to the database gateway.

[0139] The second ciphertext refers to the ciphertext obtained based on the error vector and business data.

[0140] For example, the energy storage control terminal determines the ciphertext corresponding to the error vector and the second public key corresponding to the database gateway based on the error vector and the second public key, and uses it as the first ciphertext corresponding to the business data; then, the energy storage control terminal determines the ciphertext corresponding to the error vector and the business data based on the error vector and the business data, and uses it as the second ciphertext corresponding to the business data; then, the energy storage control terminal combines the first ciphertext and the second ciphertext according to a preset combination method to obtain the ciphertext corresponding to the business data.

[0141] The first ciphertext can be calculated in the following way:

[0142] Equation (6)

[0143] Here, h refers to the second public key.

[0144] The second ciphertext can be calculated in the following way:

[0145] Equation (7)

[0146] Where m refers to business data and L refers to a linear mapping function.

[0147] The ciphertext can be determined in the following way:

[0148] Equation (8)

[0149] In this embodiment, asymmetric encryption security is achieved by using the association between the first ciphertext and the second public key. Furthermore, the business data and error vector are directly bound together by the second ciphertext to ensure data confidentiality. While ensuring high security, the adaptability of key synchronization and data encryption is improved, ensuring the interaction efficiency of business data transmission between the energy storage control terminal and the database gateway.

[0150] In one exemplary embodiment, such as Figure 3 As shown, another data processing method suitable for remote capacity communication systems for batteries is provided, which can be applied to... Figure 1 Taking the energy storage control terminal as an example, the specific steps include:

[0151] Step S301: Generate a data upload request for the business data of the core capacity system; the core capacity system refers to the remote core capacity communication system for batteries.

[0152] Step S302: Generate the salt value corresponding to the data upload request through the quantum random number generator of the nuclear capacity system.

[0153] Step S303: The data upload request and the salt value are concatenated to obtain the concatenated information.

[0154] Step S304: Perform digest processing on the concatenated information to obtain the hash digest corresponding to the concatenated information.

[0155] Step S305: The hash digest is subjected to trapdoor sampling processing by the trapdoor sampler of the first private key corresponding to the energy storage control terminal to obtain the short vector corresponding to the hash digest.

[0156] Step S306: Generate a digital signature corresponding to the data upload request based on the short vector and salt value.

[0157] Step S307: Send the data upload request and digital signature to the database gateway corresponding to the energy storage control terminal. The database gateway verifies the data upload request and digital signature using the first public key corresponding to the first private key. After the verification result indicates that the data upload request and digital signature are successful, a communication channel is established between the energy storage control terminal and the database gateway.

[0158] Step S308: Generate the error vector corresponding to the business data.

[0159] Step S309: Determine the first ciphertext corresponding to the business data based on the error vector and the second public key corresponding to the database gateway; determine the second ciphertext corresponding to the business data based on the error vector and the business data; combine the first ciphertext and the second ciphertext to obtain the ciphertext corresponding to the business data.

[0160] Step S310: Determine the first shared key between the energy storage control terminal and the database gateway based on the ciphertext.

[0161] Step S311: Encrypt the business data using the first shared key to obtain the encrypted business data corresponding to the business data.

[0162] In step S312, encrypted service data is sent to the database gateway through the communication channel. The database gateway uses the second shared key obtained by determining the second shared key corresponding to the second public key to decrypt the encrypted service data, obtain the service data, and upload the service data to the energy storage control center database corresponding to the database gateway according to the data upload request.

[0163] In the aforementioned data processing method applicable to remote capacity communication systems for batteries, during the encrypted data transmission process, a combination strategy of digital signature, encrypted transmission, and multi-stage verification is used. The data upload request is signed and verified by the database gateway. Asymmetric encryption ensures the sender's identity is genuine, replacing traditional fixed password verification and eliminating the risk of identity impersonation at the source. Business data is transmitted encrypted, making it unbreakable even if intercepted, ensuring data confidentiality. Furthermore, signature verification ensures the request has not been tampered with, and decryption verification confirms the integrity of the business data transmission. This dual verification mechanism prevents malicious modification of data during transmission, achieving end-to-end security protection from identity authentication to data transmission. This avoids the weakness of traditional technologies that rely on simple methods like fixed passwords for identity verification, where attackers can intercept passwords to send false data or steal information, resulting in low data transmission security. This further improves the security of data transmission.

[0164] In an exemplary embodiment, to more clearly illustrate the data processing method for a remote capacity control communication system for batteries provided in this application, the following specific embodiment will be used to describe the data processing method for a remote capacity control communication system for batteries. In one embodiment, as follows... Figure 4 and Figure 5 As shown, this application also provides a quantum-safe database architecture suitable for remote nuclear capacity communication systems for batteries. Specifically, it includes the following:

[0165] 1. Generate secure random keys in the cloud based on QRNG:

[0166] QRNG leverages the unpredictability of quantum mechanics to generate truly random number sequences, providing a high-quality entropy source for cryptographic key generation. In cloud computing environments, QRNG can be deployed in a distributed manner to achieve cross-regional and cross-platform key generation and distribution. The random numbers generated by QRNG are based on quantum physical processes, exhibiting unpredictability and non-replicability, which is superior to traditional pseudo-random number generators.

[0167] 2. Establish secure key exchange channels between layers using the BIKE (Bit Flipping Key Encapsulation) key encapsulation mechanism:

[0168] Key exchange between edges is accomplished using the BIKE (Post-Quantum Cryptography) key encapsulation mechanism. The BIKE scheme is based on the complex decoding problem in code-based cryptography. Its security relies on the difficulty of decoding random linear codes under Hamming metric, and is therefore considered resistant to quantum attacks. BIKE's encryption and decryption operations involve solving a system of equations: .

[0169] Where H is the check matrix, e is the error vector, and s is the syndrome.

[0170] 3. Utilize the FALCON digital signature scheme to ensure reliable transmission between layers:

[0171] To prevent man-in-the-middle attacks from impersonating others to participate in key negotiation and to ensure that the key comes from a trusted party, the digital signature scheme FALCON is added to the key encapsulation mechanism BIKE.

[0172] The FALCON digital signature scheme is based on lattice cryptography, providing strong security against quantum attacks. Its core idea is to find a short vector in the NTRU (Number Theoretic Transform-based Rounding Universal) lattice, thus ensuring resistance to quantum algorithms. The signature generation process is: σ = s + H(m) · f mod q.

[0173] Where σ is the signature, s and f are the private keys, H(m) is the hash output of message m, and q is a large prime number.

[0174] 4. User obtains and decrypts data:

[0175] After the endpoint user decrypts the key via BIKE, they obtain the symmetric key. The edge database gateway then encrypts the data obtained from the cloud database and sends it to the endpoint user. The endpoint user decrypts the encrypted data using the key to obtain the plaintext data.

[0176] 5. The quantum database uses the Grover algorithm to quickly query data:

[0177] After receiving a data query request from the database gateway, the cloud quantum database quickly retrieves the data using the Grover quantum search algorithm and then encrypts the data with a random key before sending it to the edge database gateway.

[0178] In the above embodiments, during the encrypted data transmission process, a combination strategy of digital signature, encrypted transmission, and multi-stage verification is used to sign the data upload request and verify it through the database gateway. Asymmetric encryption ensures the sender's identity is genuine, replacing traditional fixed password verification and eliminating the risk of identity impersonation at the source. Since the business data is transmitted encrypted, it cannot be cracked even if intercepted, ensuring data confidentiality. Furthermore, signature verification ensures the request has not been tampered with, and decryption verification confirms the integrity of the business data transmission. This dual verification mechanism prevents malicious modification of data during transmission, thus achieving end-to-end security protection from identity authentication to data transmission. This avoids the weakness of traditional technologies that rely on simple methods like fixed passwords for identity verification, where attackers can intercept passwords to send false data or steal information, resulting in low data transmission security. Therefore, this approach further improves the security of data transmission. Meanwhile, by combining QRNG technology, the security of key generation is effectively guaranteed. The random numbers generated by QRNG are based on quantum physics processes and are unpredictable and uncopyable, avoiding the risk of pseudo-random keys that may occur in traditional encryption methods. By combining the PQC key encapsulation mechanism BIKE with the digital signature scheme FALCON, key negotiation and identity authentication that are resistant to quantum attacks can be achieved simultaneously. This not only ensures the confidentiality of the key transmission process but also prevents man-in-the-middle attacks from impersonating others to participate in communication, thereby building a secure and reliable communication system that remains secure and reliable even under quantum threats.

[0179] It should be understood that although the steps in the flowcharts of the above embodiments are shown sequentially according to the arrows, these steps are not necessarily executed in the order indicated by the arrows. Unless explicitly stated herein, there is no strict order restriction on the execution of these steps, and they can be executed in other orders. Moreover, at least some steps in the flowcharts of the above embodiments may include multiple steps or multiple stages. These steps or stages are not necessarily completed at the same time, but can be executed at different times. The execution order of these steps or stages is not necessarily sequential, but can be performed alternately or in turn with other steps or at least some of the steps or stages of other steps.

[0180] Based on the same inventive concept, this application also provides a data processing apparatus for implementing the data processing method for a remote capacity control communication system for batteries as described above. The solution provided by this apparatus is similar to the implementation described in the above method. Therefore, the specific limitations in one or more embodiments of the data processing apparatus for a remote capacity control communication system for batteries provided below can be found in the limitations of the data processing method for a remote capacity control communication system for batteries described above, and will not be repeated here.

[0181] In one exemplary embodiment, such as Figure 6 As shown, a data processing device suitable for a remote capacity control communication system for batteries is provided, comprising: a request generation module 601, a request signature module 602, a first sending module 603, a data encryption module 604, and a second sending module 605, wherein:

[0182] The request generation module 601 is used to generate data upload requests for business data of the core capacity system; the core capacity system refers to the remote core capacity communication system for batteries.

[0183] The request signature module 602 is used to process the data upload request and obtain the digital signature corresponding to the data upload request.

[0184] The first sending module 603 is used to send the data upload request and digital signature to the database gateway corresponding to the energy storage control terminal, so that the database gateway can verify the data upload request and digital signature, and establish a communication channel between the energy storage control terminal and the database gateway after the verification result indicates that it has passed.

[0185] The data encryption module 604 is used to encrypt business data to obtain encrypted business data corresponding to the business data.

[0186] The second sending module 605 is used to send encrypted service data to the database gateway through the communication channel, so that the database gateway can decrypt the encrypted service data to obtain the service data, and upload the service data to the energy storage control center database corresponding to the database gateway according to the data upload request.

[0187] In an exemplary embodiment, the request signature module 602 is further configured to generate a salt value corresponding to the data upload request through the quantum random number generator of the core-capacity system; concatenate the data upload request and the salt value to obtain concatenated information; and generate a digital signature corresponding to the data upload request based on the concatenated information and the salt value.

[0188] In an exemplary embodiment, the request signature module 602 is further configured to perform digest processing on the concatenated information to obtain a hash digest corresponding to the concatenated information; perform trapdoor sampling processing on the hash digest using a trapdoor sampler of the first private key corresponding to the energy storage control terminal to obtain a short vector corresponding to the hash digest; generate a digital signature corresponding to the data upload request based on the short vector and the salt value; the first sending module 603 is further configured to send the data upload request and the digital signature to the database gateway corresponding to the energy storage control terminal, so that the database gateway verifies the data upload request and the digital signature using the first public key corresponding to the first private key, and establishes a communication channel between the energy storage control terminal and the database gateway after the verification result indicates that the verification is successful.

[0189] In an exemplary embodiment, the data processing device for a remote capacity communication system for batteries further includes a key determination module, used to determine a first shared key between the energy storage control terminal and the database gateway based on the business data; and a data encryption module 604, used to encrypt the business data using the first shared key to obtain encrypted business data corresponding to the business data.

[0190] In an exemplary embodiment, the key determination module is further configured to generate an error vector corresponding to the business data; determine the ciphertext corresponding to the business data based on the error vector, the second public key corresponding to the database gateway, and the business data; determine the first shared key between the energy storage control terminal and the database gateway based on the ciphertext; the second sending module 605 is further configured to send the encrypted business data to the database gateway through a communication channel, so that the database gateway can decrypt the encrypted business data using the second shared key determined by the second private key corresponding to the second public key, obtain the business data, and upload the business data to the energy storage control center database corresponding to the database gateway according to the data upload request.

[0191] In an exemplary embodiment, the key determination module is further configured to determine the first ciphertext corresponding to the business data based on the error vector and the second public key corresponding to the database gateway; determine the second ciphertext corresponding to the business data based on the error vector and the business data; and combine the first ciphertext and the second ciphertext to obtain the ciphertext corresponding to the business data.

[0192] The modules in the data processing device for the remote capacity communication system for batteries described above can be implemented entirely or partially through software, hardware, or a combination thereof. These modules can be embedded in or independent of the processor in a computer device, or stored in the memory of a computer device as software, so that the processor can call and execute the operations corresponding to each module.

[0193] In one exemplary embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as follows: Figure 7 As shown, this computer device includes a processor, memory, input / output interfaces (I / O), and a communication interface. The processor, memory, and I / O interfaces are connected via a system bus, and the communication interface is also connected to the system bus via the I / O interfaces. The processor provides computing and control capabilities. The memory includes non-volatile storage media and internal memory. The non-volatile storage media stores the operating system, computer programs, and a database. The internal memory provides the environment for the operating system and computer programs stored in the non-volatile storage media. The database stores business data, encrypts business data, etc. The I / O interfaces are used for exchanging information between the processor and external devices. The communication interface is used for communicating with external terminals via a network. When the computer program is executed by the processor, it implements a data processing method suitable for a remote battery-powered communication system.

[0194] Those skilled in the art will understand that Figure 7 The structure shown is merely a block diagram of a portion of the structure related to the present application and does not constitute a limitation on the computer device to which the present application is applied. Specific computer devices may include more or fewer components than those shown in the figure, or combine certain components, or have different component arrangements.

[0195] In one exemplary embodiment, a computer device is also provided, including a memory and a processor, wherein the memory stores a computer program, and the processor executes the computer program to implement the steps in the above-described method embodiments.

[0196] In one exemplary embodiment, a computer-readable storage medium is provided having a computer program stored thereon that, when executed by a processor, implements the steps in the above-described method embodiments.

[0197] In one exemplary embodiment, a computer program product is provided, including a computer program that, when executed by a processor, implements the steps in the above-described method embodiments.

[0198] Those skilled in the art will understand that all or part of the processes in the above embodiments can be implemented by a computer program instructing related hardware. The computer program can be stored in a non-volatile computer-readable storage medium. When executed, the computer program can include the processes of the embodiments described above. Any references to memory, databases, or other media used in the embodiments provided in this application can include at least one of non-volatile and volatile memory. Non-volatile memory can include read-only memory (ROM), magnetic tape, floppy disk, flash memory, optical memory, high-density embedded non-volatile memory, resistive random access memory (ReRAM), magnetic random access memory (MRAM), ferroelectric random access memory (FRAM), phase change memory (PCM), graphene memory, etc. Volatile memory can include random access memory (RAM) or external cache memory, etc. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM). The databases involved in the embodiments provided in this application may include at least one type of relational database and non-relational database. Non-relational databases may include, but are not limited to, blockchain-based distributed databases. The processors involved in the embodiments provided in this application may be general-purpose processors, central processing units, graphics processing units, digital signal processors, programmable logic devices, quantum computing-based data processing logic devices, etc., and are not limited to these.

[0199] The technical features of the above embodiments can be combined in any way. For the sake of brevity, not all possible combinations of the technical features in the above embodiments are described. However, as long as there is no contradiction in the combination of these technical features, they should be considered to be within the scope of this specification.

[0200] The embodiments described above are merely illustrative of several implementation methods of this application, and while the descriptions are specific and detailed, they should not be construed as limiting the scope of this patent application. It should be noted that those skilled in the art can make various modifications and improvements without departing from the concept of this application, and these all fall within the protection scope of this application. Therefore, the protection scope of this application should be determined by the appended claims.

Claims

1. A data processing method suitable for a remote capacity control communication system for storage batteries, characterized in that, The method, applied to an energy storage control terminal, includes: Generate a data upload request for the business data of the core capacity system; the core capacity system refers to the remote core capacity communication system for batteries. The data upload request is signed to obtain a digital signature corresponding to the data upload request; The data upload request and the digital signature are sent to the database gateway corresponding to the energy storage control terminal, so that the database gateway verifies the data upload request and the digital signature, and establishes a communication channel between the energy storage control terminal and the database gateway after the verification result indicates that it is successful. The business data is encrypted to obtain encrypted business data corresponding to the business data; The encrypted service data is sent to the database gateway through the communication channel, and the database gateway decrypts the encrypted service data to obtain the service data. Then, according to the data upload request, the service data is uploaded to the energy storage control center database corresponding to the database gateway.

2. The method according to claim 1, characterized in that, The step of signing the data upload request to obtain a digital signature corresponding to the data upload request includes: The salt value corresponding to the data upload request is generated by the quantum random number generator of the nuclear capacity system. The data upload request and the salt value are concatenated to obtain concatenated information; Based on the splicing information and the salt value, a digital signature corresponding to the data upload request is generated.

3. The method according to claim 2, characterized in that, The step of generating a digital signature corresponding to the data upload request based on the concatenation information and the salt value includes: The concatenated information is digested to obtain a hash digest corresponding to the concatenated information; The hash digest is sampled using a trapdoor sampler of the first private key corresponding to the energy storage control terminal to obtain a short vector corresponding to the hash digest. Based on the short vector and the salt value, a digital signature corresponding to the data upload request is generated; The step of sending the data upload request and the digital signature to the database gateway corresponding to the energy storage control terminal, enabling the database gateway to verify the data upload request and the digital signature, and establishing a communication channel between the energy storage control terminal and the database gateway after the verification result indicates success, includes: The data upload request and the digital signature are sent to the database gateway corresponding to the energy storage control terminal. The database gateway verifies the data upload request and the digital signature using the first public key corresponding to the first private key. After the verification result indicates that the data upload request and the digital signature are successful, a communication channel is established between the energy storage control terminal and the database gateway.

4. The method according to claim 1, characterized in that, Before encrypting the business data to obtain the encrypted business data corresponding to the business data, the process further includes: Based on the business data, a first shared key between the energy storage control terminal and the database gateway is determined; The step of encrypting the business data to obtain encrypted business data corresponding to the business data includes: The business data is encrypted using the first shared key to obtain the encrypted business data corresponding to the business data.

5. The method according to claim 4, characterized in that, The step of determining the first shared key between the energy storage control terminal and the database gateway based on the business data includes: Generate the error vector corresponding to the business data; Based on the error vector, the second public key corresponding to the database gateway, and the business data, the ciphertext corresponding to the business data is determined; Based on the ciphertext, a first shared key between the energy storage control terminal and the database gateway is determined; The step of sending the encrypted service data to the database gateway through the communication channel, enabling the database gateway to decrypt the encrypted service data to obtain the service data, and then uploading the service data to the energy storage control center database corresponding to the database gateway according to the data upload request, includes: The encrypted service data is sent to the database gateway through the communication channel. The database gateway then decrypts the encrypted service data using the second shared key obtained by determining the second shared key corresponding to the second public key, and uploads the service data to the energy storage control center database corresponding to the database gateway according to the data upload request.

6. The method according to claim 5, characterized in that, The step of determining the ciphertext corresponding to the business data based on the error vector, the second public key corresponding to the database gateway, and the business data includes: Based on the error vector and the second public key corresponding to the database gateway, the first ciphertext corresponding to the business data is determined; Based on the error vector and the business data, the second ciphertext corresponding to the business data is determined; The first ciphertext and the second ciphertext are combined to obtain the ciphertext corresponding to the business data.

7. A data processing device suitable for a remote capacity control communication system for storage batteries, characterized in that, The device includes: The request generation module is used to generate data upload requests for business data of the core capacity system; the core capacity system refers to the remote core capacity communication system for batteries. The request signature module is used to sign the data upload request and obtain the digital signature corresponding to the data upload request. The first sending module is used to send the data upload request and the digital signature to the database gateway corresponding to the energy storage control terminal, so that the database gateway verifies the data upload request and the digital signature, and establishes a communication channel between the energy storage control terminal and the database gateway after the verification result indicates that it passes. A data encryption module is used to encrypt the business data to obtain encrypted business data corresponding to the business data; The second sending module is used to send the encrypted service data to the database gateway through the communication channel, so that the database gateway can decrypt the encrypted service data to obtain the service data, and upload the service data to the energy storage control center database corresponding to the database gateway according to the data upload request.

8. A computer device comprising a memory and a processor, wherein the memory stores a computer program, characterized in that, When the processor executes the computer program, it implements the steps of the method according to any one of claims 1 to 6.

9. A computer-readable storage medium having a computer program stored thereon, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 6.

10. A computer program product, comprising a computer program, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 6.