Abstract: Examples in this application disclose information sharing methods, media, and systems. One example computer-implemented method includes receiving, by a trusted execution environment (TEE), a first sharing request from a first institution and a second sharing request from a second institution, where the first sharing request comprises a user identity of a first user and first anti-money laundering (AML) risk information and the second sharing request comprises a user identity of a second user and second AML risk information, comparing the user identity of the first user with the user identity of the second user, in response to that the user identity of the first user is the same as the user identity of the second user, combining the first AML risk information and the second AML risk information, and sending the combined first AML risk information and second AML risk information to the first institution and the second institution.

Abstract: Examples in this application disclose information sharing computer-implemented methods, media, and systems. One example computer-implemented method includes obtaining, from an external server at a trusted execution environment (TEE), a trigger instruction, in response to obtaining the trigger instruction, combining, at the TEE, first anti-money laundering (AML) risk information provided by a first institution and second AML risk information provided by a second institution to obtain third AML risk information, where the first AML risk information and the second AML risk information correspond to a user identifier, and sending, from the TEE to the first institution, the third AML risk information.

Abstract: Examples in this application disclose data verification methods, media, and systems. One example method includes receiving, from a blockchain network by a trusted execution environment (TEE) in a blockchain node, a trigger instruction based on a timed starting logic identifying a starting time to execute a smart contract, where the timed starting logic is comprised in a chain code which comprises information of a blockchain account and is executable by the blockchain node to determine the information of the blockchain account, retrieving first encrypted data from a first institution, decrypting the first encrypted data, receiving a data sharing request comprising a user identity corresponding to user basic data from a second institution, retrieving the user basic data based on the user identity, performing verification processing of the user basic data based on the trigger instruction to obtain a verification result, and sending the verification result to the second institution.

Abstract: Embodiments of the present specification disclose data processing methods, apparatuses, devices, and media. One method includes the following: receiving a data use request; determining data to be used based on the data use request; determining one or more approvers of the data to be used; sending an approval instruction to the one or more approvers, wherein the approval instruction instructs the one or more approvers to approve the data use request; receiving feedback data from the one or more approvers; and determining that the data use request is approved if the feedback data satisfies a predetermined condition.

Abstract: Embodiments of the present specification disclose data processing methods, apparatuses, and devices. A method can include: obtaining data use authorization information sent by a data requester; verifying the data use authorization information; in response to successfully verifying the data use authorization information, sending data authorized to be accessed by the data use authorization information to the data requester, wherein the data is obtained from a trusted institution and is stored in trusted hardware; and storing, on a blockchain associated with a blockchain network, a data sending record for the data.

Abstract: Embodiments of the present specification disclose data acquisition methods, apparatuses, and devices related to blockchain technologies. One method comprising: publishing, as a published description, a description of target data stored in a trusted device of a data owner; in response to the published description, receiving a data acquisition request from a data requestor for the target data wherein the data acquisition request is configured to retrieve the target data from a first resource; sending the data acquisition request to the data owner; receiving first confirmation information from the data owner; identifying the target data from the trusted device based on the first confirmation information; and sending the target data to the data requestor.

Abstract: Examples in this application disclose information sharing methods, media, and systems. One example computer-implemented method includes identifying, in a trusted execution environment (TEE), a transaction for invoking a smart contract, where the transaction is a first transaction initiated by a first institution or a second transaction initiated by a second institution, the first transaction comprise a first user identity of a first user and encrypted data of the first user, and the second transaction comprise a second user identity of a second user, updating accumulative invoking information for the smart contract based on the transaction, determining whether the updated accumulative invoking information satisfies an execution condition for the smart contract, executing the smart contract to obtain a user verification result to verify data of the second user, and sending the user verification result to the second institution.

Abstract: Examples in this application disclose data check computer-implemented methods, media, and systems. One example computer-implemented method includes retrieving, by a trusted execution environment (TEE), a check-triggering instruction from a server, where the check-triggering instruction is configured to trigger the TEE to perform a consistency check on basic data of a user to be identified, in response to the check-triggering instruction, retrieving, by the TEE, encrypted standard basic data of the user from a trusted institution, retrieving, by the TEE, encrypted basic data of the user from a first institution, retrieving, by the TEE, the basic data of the user by decrypting the encrypted basic data, performing, by the TEE, the consistency check on the basic data of the user based on the encrypted standard basic data to obtain a check result, and sending, from the TEE, the check result to a second institution.

Abstract: Embodiments of the present specification disclose matching methods, apparatuses, and devices based on trusted asset data. One method comprises: analyzing trusted asset data of a first entity to obtain asset description information of the first entity, wherein the trusted asset data is stored on a trusted device; obtaining service information of a plurality of second entities; determining target service information that matches the first entity based on the asset description information and the service information; and sending the target service information to the first entity.

Abstract: Embodiments of the present specification disclose trusted data transmission methods, apparatuses, and devices. One method comprising: identifying a data use request of a data requestor; identifying authorization information of a data owner; generating a data use authorization claim based on the authorization information, wherein the data use authorization claim indicates that the data owner authorizes the data requestor to use data; obtaining initial data based on the data use authorization claim; verifying the initial data to obtain target data that is successfully verified, wherein the target data comprises a data validity claim indicating a validity of the target data; and sending the target data to the data requestor.

Abstract: Examples in this application disclose information sharing computer-implemented methods, media, and systems.

Abstract: Embodiments of the present specification disclose methods, apparatuses, and devices for transferring data assets based on a blockchain. One method includes: obtaining usage demand information of a data requestor for using original data, wherein the usage demand information indicates a demand of the data requestor for performing computations based on the original data; sending a usage authorization request for the original data to a data owner of the original data based on a decentralized identifier (DID) corresponding to the original data; receiving confirmation information of the usage authorization request from the data owner; processing the original data based on the usage demand information to obtain a processing result; transmitting the processing result to the data requestor; and generating a verifiable claim (VC) for recording usage information of the original data.

Abstract: Embodiments of the present specification disclose data processing methods, apparatuses, and devices. One method comprises: obtaining an acquisition request for target data of a data owner; determining a trusted application (TAPP) for generating the target data based on decentralized identifier document (DID Doc) information of the data owner in response to the acquisition request; sending, to the TAPP, a target data generation request to use the TAPP to process data of the data owner obtained from a trusted institution; and receiving a processing result from the TAPP in response to the target data generation request.

Abstract: Embodiments of the present specification disclose data authorization information acquisition methods, apparatuses, and devices. One method comprises: receiving, from a data requestor and for data, a data use permission application; determining, based on the data use permission application, an approver, wherein the approver is an owner of the data; sending the data use permission application to the approver; receiving acknowledgement information of the approver for receiving the data use permission application; generating data authorization information based on the acknowledgement information; and sending the data authorization information to the data requestor.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for verifiable-claim issuance. One of the methods includes: receiving, from a first entity, a request for creating a verifiable claim (VC) for a decentralized identifier (DID) associated with a second entity; obtaining, in response to receiving the request, a digital signature associated with the first entity; and generating the VC based on the received request and the obtained digital signature.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for blockchain-based decentralized-identifier creation, are provided. One of the methods includes: obtaining a request for creating a decentralized identifier (DID), wherein the request comprises a public key of a cryptographic key pair; creating, based on the public key, a blockchain account associated with a blockchain; creating the DID based on information associated with the blockchain account; and returning a confirmation message comprising the created DID.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for blockchain-based decentralized-identifier creation, are provided. One of the methods includes: obtaining a request for creating a decentralized identifier (DID), wherein the request comprises a public key of a cryptographic key pair; creating, based on the public key, a blockchain account associated with a blockchain; creating the DID based on information associated with the blockchain account; and returning a confirmation message comprising the created DID.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for blockchain-based cross-entity authentication are provided. One of the methods includes: obtaining an authentication request by a first entity for authenticating a user, wherein the authentication request comprises a decentralized identifier (DID) of the user; in response to determining that the first entity is permitted to access authentication information of the user endorsed by a second entity, generating a blockchain transaction for obtaining an authentication result of the user by the second entity, wherein the authentication result is associated with the DID; and transmitting the blockchain transaction to a blockchain node for adding to a blockchain.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for blockchain-based cross-entity authentication are provided. One of the methods includes: obtaining, from a blockchain, a blockchain transaction comprising an authentication request by a first entity for authenticating a user, wherein the authentication request comprises a decentralized identifier (DID) of the user; in response to determining that the first entity is permitted to access authentication information of the user endorsed by a second entity, obtaining an authentication result of the user by the second entity in response to the obtained blockchain transaction, wherein the authentication result is associated with the DID; generating a different blockchain transaction comprising the authentication result; and transmitting the different blockchain transaction to a blockchain node for adding to the blockchain.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for claim verification. One of the methods includes: receiving, from a first entity, a request for verifying a verifiable claim (VC) that comprises a digital signature; obtaining, based on the VC, a public key associated with a second entity; determining that the digital signature is created based on a private key associated with the public key; and verifying the VC based on the determination.