Implementation Of Data Authorization And Exchange Process Under IOS

With the development of Big Data technology, Big Data in commercial application is more and more widely. Because of the software architecture and the limitations of traditional data system, information "isolated island" and "chimney" phenomenon is more and more serious. Sharing information hardly become the main reason of the development of big data. In order to alleviate the stress of sharing information about the big data examples of interaction, integration, exchange, trade is also increasing, and the emergence of big data exchange greatly promote the development of the information sharing.Many problems is derived from the real data transactions, such as data leak, etc.information sharing is increasingly difficult. To solve these problems in the process of Data Exchange Platform, who do a lot of requirements and regulations, for example, establishing credit evaluation system, developing data business agreement.Big data exchange and the emergence of these rules could solve many problems in information sharing. Although the Data Exchange Platform set trading institutions, it is just in the form of contract or agreement, it can not effectively prevent the violation, it is difficult to stop the third party to steal data, it is also difficult to find the culprit after violating the regulations. To make the Data Exchange Platform reasonable and orderly and make each data exchange be normal and orderly, we must solve the two most fundamental problems of data direct disclosure and indirect leakage tracing.This paper is based on the two problems. It takes Data Oriented Architecture(DOA) theory as foothold. It analyzes, integrates, modifies respectively from the HTTPS and currency operation principle. It finds a solution to solve the most practical and direct problems in data exchange.This paper introduces the roles of the data in the process of circulation and their connection first. And on this basis, the focus of the introduction is the rights of the data users and the relationship between the roles and rights. And then it illustrates the data for the property attribute, which concluded with the ownership attribute data,and ownership is the basis of data exchange. Through those above it is concluded that the nature of the data exchange is data authorization.Data authorization is the premise of obtaining real data. In DOA theory, one of the mechanism is what data is implemented “innate encryption, authorized to use ”.That means that the data is divided into the keep the encryption in “data situation” when is store and transfer and be decrypted in "application situation”when is authorized to use in the application, fully ensure the security of the data and the use of authorization. Just make sure the data in the "data situation" is encrypted, that can ensure that data will not be leaked. Among them, the data is encrypted by the data user`s secret key and stored in the storage cloud, anyone can obtain encrypted data, but only the user can obtain the real data. Data security solutions of DOA make attacker who can only get the encrypted data, unable to obtain the real data, and so as ensure the data security.In this paper, for data users violate regulations to use data, and data users on account of their improper safekeeping leak has real data or even leak their keys all of these cases, according to some features of the Bitcoin running principle, put forward and explain the Data Authorization Process Record. In this theory, record number means the data which is exchanged this time; The effective time and rights content express the user during what time has what is the right for data; Data distribution chain record complete data authorization process. A Data Authorization Process Record represents a data authorization. On the other hand, propose the DRC record, which be generated when such as data has be used or obtained and records that who obtain the data. Using cooperatively the Data Authorization Process Record and DRC record can trace to the source in user unauthorized or data leak.The last chapter in this paper is simulated to realization of Data Exchange Platform by iOS platform. The realization simulating data exchange, especially data transmission such a complete process, but also consider the situation of the requester`s identity fail to authenticate and the situation of requester' authorization fail to check what occur different results.Through the iOS platform realizing data authorization and exchange process,proves that the theory of DOA data security and Data Authorization Process Record to solve the problem of data security in Data Exchange Platform is feasible, through the perfect binding to protect the safety of data, protect the legitimate rights and interests of all participators in the Data Exchange Platform.This paper achieves the following achievements:1.This paper discusses data security problems in data exchange platform,establishes a model of DOA data exchange platform by iOS app, which is verylightweights, and achieve the core operations in data exchange.2.This paper based on DOA data security theory, expands a solution to avoid direct data leakage, is used for the DOA data trading platform model to achieves some processes which is the data encryption storage, data encryption transmission and data display.3.The paper based on DOA data security theory, put forward innovatively a method for tracing of indirect data after the leak combined with the Bitcoin operation principle, t is used for the DOA data trading platform model to achieve some methods or processes which is the data authentication, authorization, tracing.