&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
			function printpage()
			{
			window.print()
			}
			</script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=11777745.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 11,777,745 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Cloud-side collaborative multi-mode private data circulation method based on smart contract</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Feng Gao,  Zhejiang (CN); and  Wenyuan Bai,  Zhejiang (CN)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Zhejiang Lab,  Zhejiang (CN)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Zhejiang Lab,  Zhejiang (CN)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Aug.  11, 2022, as Appl. No. 17/885,556.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 17/885,556 is a continuation of application No. PCT/CN2022/091909, filed on May   10, 2022.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Claims priority of application No. 202110886663.8 (CN), filed on Aug.  3, 2021.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2023/0041862 A1, Feb.  9, 2023</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 9/32</b></i> (2006.01); <i><b>H04L 9/00</b></i> (2022.01); <i><b>H04L 9/30</b></i> (2006.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 9/3268</b></i> (2013.01)&#xa0;[<i><b>H04L 9/30</b></i> (2013.01); <i><b>H04L 9/50</b></i> (2022.05)]</td>
            <td class="table_data" align="right"><b>6 Claims</b></td>
          </tr>
        </table>
        <center><img src="US11777745-20231003-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A cloud-side collaborative multi-mode private data circulation method based on a smart contract, comprising:<div class="claim_text">initializing a system:<div class="claim_text">initializing, by the system, a key algorithm of a Key-Policy as a Service (KaaS) to obtain a public system key (PSK) and a master secret key (MSK); and</div>
                  <div class="claim_text">creating, by the system, a user account for each user, wherein the user account comprises a user account identifier (ID), a corresponding public key ID<sub>pub-key</sub>, a private key ID<sub>pri-key</sub>, a data owner (DO), a data user (DU), and a user profile comprising an account ID<sub>SC</sub>, a public key SC<sub>pub-key</sub>, and a private key SC<sub>pri-key</sub>;</div>
                </div>
                <div class="claim_text">encrypting, by the DO, original data into private data and generating an encryption certificate, wherein the encryption certificate comprises metadata and a data certificate key:<div class="claim_text">applying to the KaaS, by the DO, for the PSK; and</div>
                  <div class="claim_text">obtaining, by the DO, the data certificate key according to the PSK, an encryption key, and an access policy, comprising:<div class="claim_text">generating the metadata based on the original data to form the private data by generating a random number as the encryption key of the original data and encrypting the original data through the encryption key to form the private data, and storing the private data in a cloud storage space; and</div>
                    <div class="claim_text">generating the access policy based on the user account ID and generating the data certificate key based on the key algorithm according to a key of a message to be encrypted, the PSK and the access policy;</div>
                  </div>
                </div>
                <div class="claim_text">uploading, by the DO, the encryption certificate to a block chain by using a smart contract which is accessible to all user accounts;</div>
                <div class="claim_text">determining, by the DO, a data circulation in response to identifying the DU, wherein the determining comprises:<div class="claim_text">in response to releasing the data certificate key, setting an account ID<sub>DU </sub>through the access policy, wherein the DU obtains the encryption key by executing the smart contract and the key algorithm, and the DU obtains the private data through the metadata and decrypts the private data to obtain a plaintext, comprising:<div class="claim_text">obtaining the encryption certificate by executing the smart contract for the account ID<sub>DU</sub>;</div>
                    <div class="claim_text">sending a request to the KaaS through the smart contract to apply for a user secret key (USK), wherein the USK is generated by the KaaS based on the key algorithm according the PSK, the MSK, and the account ID<sub>DU</sub>, and the USK is encrypted by a public key DU<sub>pub-key </sub>of the DU and uploaded to a block chain through the smart contract which is only accessible to the DU;</div>
                    <div class="claim_text">executing the smart contract to obtain the encrypted USK and obtaining the USK from the encrypted USK through a private key DU<sub>pri-key </sub>of the DU by the DU;</div>
                    <div class="claim_text">decrypting the data certificate key in the encryption certificate by the USK to obtain the encryption key; and</div>
                    <div class="claim_text">obtaining the private data through the metadata in the encryption certificate and decrypting the private data through the encryption key to obtain the original data;</div>
                  </div>
                </div>
                <div class="claim_text">determining, by the DO, the data circulation in response to not identifying the DU and releasing the data certificate key, wherein the DU retrieves the block chain, browses the metadata, and publishes a file reading request through the smart contract, comprising:<div class="claim_text">calling the smart contract, retrieving the block chain, and browsing the metadata;</div>
                  <div class="claim_text">sending an access request to the DO through the smart contract, wherein the DO submits a policy with a time attribute to the block chain, the time attribute is associated with a current contract execution time t, a circulation cycle start time<sub>start</sub>, and a circulation cycle ending time<sub>end</sub>, wherein the user profile is used to execute the smart contract, obtain a policy from the block chain, verify a validity of the policy, and informs the DU if the validity is fail, wherein the USK is generated by the KaaS based on the key algorithm according the PSK, the MSK, and the access policy, and the USK is encrypted by the public key DU<sub>pub-key </sub>of the DU and uploaded to the block chain through the smart contract which is only accessible to the DU; and</div>
                  <div class="claim_text">obtaining the encryption key based on the key algorithm according to the PSK, the USK, and the data certificate key through decryption as long as the account ID<sub>DU </sub>satisfies an enabling characteristic in the access policy within an effective time limit, obtaining the private data through the metadata in the encryption certificate, and decrypting the private data through the encryption key to obtain the original data, wherein the data circulation is completed if an authority passes a review after the DO executes the smart contract; and</div>
                </div>
                <div class="claim_text">submitting a transaction certificate of the data circulation and confirming that the data circulation is completed by the DO.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>