[go: up one dir, main page]

CN109040012A - A kind of data security protecting and sharing method based on block chain and system and application - Google Patents

A kind of data security protecting and sharing method based on block chain and system and application Download PDF

Info

Publication number
CN109040012A
CN109040012A CN201810628273.9A CN201810628273A CN109040012A CN 109040012 A CN109040012 A CN 109040012A CN 201810628273 A CN201810628273 A CN 201810628273A CN 109040012 A CN109040012 A CN 109040012A
Authority
CN
China
Prior art keywords
data
block
node
information
sharing method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810628273.9A
Other languages
Chinese (zh)
Other versions
CN109040012B (en
Inventor
樊凯
王尚阳
任延辉
孙士礼
李晖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201810628273.9A priority Critical patent/CN109040012B/en
Publication of CN109040012A publication Critical patent/CN109040012A/en
Application granted granted Critical
Publication of CN109040012B publication Critical patent/CN109040012B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The invention belongs to digital information transmission technical field, discloses a kind of data security protecting based on block chain and sharing method and system and application, each participant provide authentication information and key;The summary info of initial data and cryptographic Hash packing are uploaded into block catenary system;It is packaged node and all summary infos received in the period and cryptographic Hash is packaged into block according to a graded, be sent to common recognition node;The whole network broadcast common recognition result after efficiently reaching common understanding according to RPBFT agreement;Block is recorded in account book according to common recognition result;Different access-control protocols is associated with block;User may have access to account book after access-control protocol authorization, obtain the data summarization recorded in account book and prime information storage location using quick-searching function, and user accesses raw information storing data library, obtains initial data.The present invention can resist distorting for malicious node, efficiently realize common recognition, significantly improve data search efficiency.

Description

一种基于区块链的数据安全保护和共享方法与系统和应用A blockchain-based data security protection and sharing method, system and application

技术领域technical field

本发明属于数字信息传输技术领域,尤其涉及一种基于区块链的数据安全保护和共享方法与系统和应用。The invention belongs to the technical field of digital information transmission, and in particular relates to a block chain-based data security protection and sharing method, system and application.

背景技术Background technique

目前,业内常用的现有技术是这样的:随着信息与网络技术的发展,大数据时代来临,各种数据呈现出爆发性生长的态势。人们对于海量数据的挖掘和运用,为国民经济、生活、军事等领域的量化进步提供重要的支撑。例如,通过大数据挖掘分析,可以察觉商业趋势、判定研究质量、避免疾病扩散、打击犯罪或测定实时交通路况等。然而,在享受数据资源带来的便利的同时,个人与机构也在承受着隐私泄露的风险。由于各种异构网络的跨域互联,各种数据遍布终端设备、网络和云端,加上黑色经济利益的驱使,数据隐私暴露的风险日益加剧。在这样的背景下,大数据安全与隐私保护十分必要,只有加大数据安全技术的研究,才能确保数据安全存储,保护用户的隐私,保证人们在使用互联网过程中数据信息的完整性、可用性以及机密性,避免给个人带来利益损失。一方面,数据请求者希望获取用户以往的数据,以创造社会价值。另一方面,存储的数据记录包含机构和用户相关的很多隐私。因此,查询数据和共享可能会给数据提供商带来严重的机密风险。为了满足数据共享的高要求,研究人员提出了一些关于云存储和计算技术的相关方案,为压缩存储和处理需求提供合适的解决方案。然而,由于暴露数据内容带来的风险,云服务提供商(CSP)在说服机构使用集中式云服务方面面临重大障碍。与此同时,由于中心化问题,这些方案在效率和可用性方面也存在许多问题。对于机构而言将数据存储到例如云盘等第三方机构中并不令人放心。这些半信赖的第三方可能会滥用和披露提供商的隐私。基于现有方案中在共享过程中检索效率方面存在缺陷以及云服务提供商的信任问题,本发明将摘要信息存储于区块链上,原文件则异地存储于服务器,通过记录在分布式账本中的访问控制策略实现文件的访问控制,并利用快速检索机制提升检索效率,从而在保证文件安全的基础上,提升共享效率。 At present, the existing technologies commonly used in the industry are as follows: with the development of information and network technology, the era of big data is coming, and various data are showing explosive growth. People's mining and application of massive data provide important support for the quantitative progress of the national economy, life, military and other fields. For example, through big data mining and analysis, it is possible to detect business trends, determine the quality of research, prevent the spread of diseases, fight crime, or measure real-time traffic conditions. However, while enjoying the convenience brought by data resources, individuals and institutions are also bearing the risk of privacy leakage. Due to the cross-domain interconnection of various heterogeneous networks, all kinds of data are spread across terminal devices, networks and clouds, and driven by black economic interests, the risk of data privacy exposure is increasing. In this context, big data security and privacy protection are very necessary. Only by increasing the research on data security technology can we ensure the safe storage of data, protect the privacy of users, and ensure the integrity, availability and security of data information when people use the Internet. Confidentiality, to avoid loss of personal interests. On the one hand, data requesters hope to obtain users' past data to create social value. On the other hand, stored data records contain a lot of privacy related to institutions and users. Therefore, querying data and sharing it can pose serious confidentiality risks for data providers. In order to meet the high requirements of data sharing, researchers have proposed some related schemes about cloud storage and computing technology, providing suitable solutions for compressed storage and processing requirements. However, cloud service providers (CSPs) face significant hurdles in convincing institutions to use centralized cloud services due to the risks posed by exposing data content. At the same time, due to centralization issues, these solutions also have many problems in terms of efficiency and usability. It is not reassuring for organizations to store data in third-party organizations such as cloud disks. These semi-trusted third parties may abuse and disclose the provider's privacy. Based on the defects in the retrieval efficiency in the sharing process in the existing solutions and the trust problem of the cloud service provider, the present invention stores the abstract information on the block chain, and stores the original files in different places on the server, and records them in the distributed ledger The unique access control strategy implements file access control, and uses the fast retrieval mechanism to improve retrieval efficiency, thereby improving sharing efficiency on the basis of ensuring file security.

综上所述,现有技术存在的问题是:互联网系统数据非常容易受到攻击从而泄露,当前没有一个合适的数据共享方式,解决数据安全保护与跨机构共享的问题,实现数据安全保护和共享。 To sum up, the problems existing in the existing technology are: Internet system data is very vulnerable to attack and leakage, and currently there is no suitable data sharing method to solve the problem of data security protection and cross-agency sharing, and realize data security protection and sharing.

解决上述技术问题的难度和意义:The difficulty and significance of solving the above technical problems:

解决数据安全保护与跨机构共享的问题,如何克服区块链技术本身在效率方面的瓶颈,以及加密数据如何高效的实现数据检索。以上问题为现有安全共享方法带来困难。Solve the problem of data security protection and cross-agency sharing, how to overcome the bottleneck of blockchain technology itself in terms of efficiency, and how to efficiently realize data retrieval with encrypted data. The above problems bring difficulties to existing security sharing methods.

发明内容Contents of the invention

针对现有技术存在的问题,本发明提供了一种基于区块链的数据安全保护和共享方法与系统和应用。Aiming at the problems existing in the prior art, the present invention provides a block chain-based data security protection and sharing method, system and application.

本发明是这样实现的,一种基于区块链的数据安全保护和共享方法,所述基于区块链的数据安全保护和共享方法包括:每一个参与方发放身份认证信息和密钥;将原始数据的摘要信息和哈希值打包上传到区块链系统;打包节点将时间段内接收到的所有摘要信息和哈希值按照一定次序打包成区块,发送给共识节点;按照RPBFT协议高效达成共识后全网广播共识结果;根据共识结果将区块记录到账本中;将不同的访问控制协议与区块进行关联;用户经访问控制协议授权后可访问账本,使用快速检索功能获取账本中记录的数据摘要和原信息存储位置,用户访问原始信息存储数据库,获取原始数据。The present invention is achieved in this way, a blockchain-based data security protection and sharing method, the blockchain-based data security protection and sharing method includes: each participant issues identity authentication information and keys; The summary information and hash value of the data are packaged and uploaded to the blockchain system; the packaging node packs all the summary information and hash value received within the time period into blocks in a certain order and sends them to the consensus node; it is efficiently achieved according to the RPBFT protocol After consensus, the whole network broadcasts the consensus result; according to the consensus result, the block is recorded in the ledger; different access control protocols are associated with the block; users can access the ledger after being authorized by the access control protocol, and use the quick search function to obtain the records in the ledger The data summary and original information storage location, the user accesses the original information storage database to obtain the original data.

进一步,所述基于区块链的数据安全保护和共享方法的初始化方法包括:Further, the initialization method of the blockchain-based data security protection and sharing method includes:

(1)每一个参与方发放身份认证信息和密钥;(1) Each participant issues identity authentication information and keys;

(2)参与系统的节点需要申请身份认证信息和密钥,并明确自己担负的职责;(2) Nodes participating in the system need to apply for identity authentication information and keys, and clarify their responsibilities;

(3)通过验证的节点会得到由认证授权机构源颁发的安全证书;(3) Nodes that pass the verification will get a security certificate issued by the certification authority;

(4)节点选择成为数据节点、打包节点、共识节点、记账节点;(4) The node chooses to become a data node, a packaging node, a consensus node, and an accounting node;

(5)认证授权机构需要监督每轮共识是否正常,随机种子是否能正确选出当前轮次共识节点。(5) The certification authority needs to supervise whether each round of consensus is normal, and whether the random seed can correctly select the current round of consensus nodes.

进一步,所述基于区块链的数据安全保护和共享方法的数据机构上传数据方法包括:Further, the data organization uploading data method of the blockchain-based data security protection and sharing method includes:

(1)每经过一段时间,数据节点通过客户端将本地需要上传的数据进行处理,提取摘要信息、数据哈希值、与用户相关的前一个区块编码;(1) After a certain period of time, the data node processes the data that needs to be uploaded locally through the client, and extracts summary information, data hash value, and the previous block code related to the user;

(2)与用户相关的前一个区块编码,将随着信息摘要一起被访问控制协议保护;(2) The previous block code related to the user will be protected by the access control protocol along with the information summary;

(3)数据节点需明确该文件的访问控制策略,并随文件一起上传;(3) The data node needs to specify the access control policy of the file and upload it together with the file;

(4)原始数据文件被存储在本地数据库或上传至可信赖的云数据库。(4) Raw data files are stored in a local database or uploaded to a trusted cloud database.

进一步,所述基于区块链的数据安全保护和共享方法的打包节点接收数据包括:Further, the data received by the packaging node of the blockchain-based data security protection and sharing method includes:

(1)打包节点收到数据节点上传的数据后,将返回应答信息;(1) After the packaging node receives the data uploaded by the data node, it will return the response information;

(2)打包节点将收集相关的数据节点上传文件,并记录每一个文件来源和访问控制策略,并将所有文件按时间顺序,打包成一个区块;(2) The packaging node will collect relevant data nodes to upload files, record the source and access control policy of each file, and package all files into a block in chronological order;

(3)所有打包节点将按照系统约定,轮流上传区块给共识节点,当前轮次打包节点上传时,其余节点将静默;(3) All packaging nodes will upload blocks to consensus nodes in turn according to the system agreement. When the current round of packaging nodes uploads, other nodes will be silent;

(4)区块头包含有打包节点地址、时间戳、区块哈希值、文件哈希值。(4) The block header contains the packaging node address, timestamp, block hash value, and file hash value.

进一步,所述基于区块链的数据安全保护和共享方法的共识节点达成共识包括:Further, the consensus nodes of the blockchain-based data security protection and sharing method reach a consensus including:

(1)根据规则,每一轮次会由一个随机数发生器产生随机数,确定备选共识节点中哪些节点可以成为当前轮次的共识节点,由新选出的共识节点接收区块;(1) According to the rules, a random number generator will generate random numbers in each round to determine which nodes among the candidate consensus nodes can become the consensus nodes of the current round, and the newly selected consensus nodes will receive blocks;

(2)共识节点之间根据PBFT协议达成共识;(2) The consensus nodes reach a consensus according to the PBFT protocol;

(3)共识节点达成共识后,向全网广播结果;(3) After the consensus node reaches a consensus, it broadcasts the result to the whole network;

(4)共识节点将区块发送给记账节点;(4) The consensus node sends the block to the accounting node;

(5)同一节点不可以连续成为共识节点。(5) The same node cannot continuously become a consensus node.

进一步,所述基于区块链的数据安全保护和共享方法的记账节点将区块写入账本具体包括:Further, the bookkeeping node of the blockchain-based data security protection and sharing method writes the block into the ledger specifically includes:

(1)记账节点收到共识节点发送的区块,将其写入账本中;(1) The accounting node receives the block sent by the consensus node and writes it into the ledger;

(2)记账节点完成记账后,将向全网广播。(2) After the accounting node completes the accounting, it will broadcast to the whole network.

进一步,所述基于区块链的数据安全保护和共享方法的配置访问控制协议具体包括:Further, the configuration access control protocol of the blockchain-based data security protection and sharing method specifically includes:

(1)记账节点需要根据文件中记录的访问控制策略,配置访问控制策略,并将策略与区块锚定;(1) The accounting node needs to configure the access control strategy according to the access control strategy recorded in the file, and anchor the strategy to the block;

(2)访问控制策略将隐藏文件信息,只暴露出区块头信息;(2) The access control strategy will hide the file information and only expose the block header information;

(3)用户可以根据需要更新访问策略。(3) The user can update the access policy as needed.

进一步,所述基于区块链的数据安全保护和共享方法的用户获取信息方法包括:Further, the user information acquisition method of the blockchain-based data security protection and sharing method includes:

(1)用户通过客户端访问账本信息,根据需要向系统提交个人身份认证信息;(1) The user accesses the ledger information through the client, and submits personal identity authentication information to the system as needed;

(2)访问控制策略将审核用户身份信息,如果符合访问策略将允许用户查看特定文件内容;如果未通过认证,则无法查看;(2) The access control policy will review the user's identity information, and if it complies with the access policy, the user will be allowed to view the content of specific files; if it is not authenticated, it cannot be viewed;

(3)用户查看信息摘要,根据账本中记录的数据来源信息,申请访问存储原始数据的数据库;(3) The user checks the information summary and applies for access to the database storing the original data according to the data source information recorded in the ledger;

(4)用户根据相关区块记录信息,找到上一个区块的信息,将不同的文件进行关联使用;(4) The user finds the information of the previous block according to the information recorded in the relevant block, and associates different files for use;

(5)用户比对文件哈希值,校验文件是否被恶意篡改。(5) The user compares the hash value of the file to verify whether the file has been maliciously tampered with.

本发明的另一目的在于提供一种实现所述基于区块链的数据安全保护和共享方法的基于区块链的数据安全保护和共享系统,所述基于区块链的数据安全保护和共享系统包括:Another object of the present invention is to provide a blockchain-based data security protection and sharing system that implements the blockchain-based data security protection and sharing method, and the blockchain-based data security protection and sharing system include:

认证授权机构模块,用于给系统内每一个参与方发放身份认证信息和密钥;The authentication authority module is used to issue identity authentication information and keys to each participant in the system;

数据机构模块,用于将原始数据的摘要信息和哈希值打包上传到区块链系统,文件中摘要信息含有与之关联的前一个区块编码;The data organization module is used to package and upload the summary information and hash value of the original data to the blockchain system, and the summary information in the file contains the code of the previous block associated with it;

区块链模块,用于打包节点将时间段内接收到的所有摘要信息和哈希值按照一定次序打包成区块,发送给共识节点;The block chain module is used for packing nodes to pack all the summary information and hash values received within the time period into blocks in a certain order and send them to the consensus nodes;

共识节点模块,用于按照改进PBFT协议达成共识后全网广播共识结果;Consensus node module, which is used to broadcast consensus results on the whole network after reaching a consensus according to the improved PBFT protocol;

记账节点模块,用于根据共识结果将区块记录到账本中;The bookkeeping node module is used to record the block into the ledger according to the consensus result;

访问控制协议模块,用于根据数据机构的要求,将不同的访问控制协议与区块进行关联;The access control protocol module is used to associate different access control protocols with blocks according to the requirements of the data organization;

用户经访问控制协议模块,用于授权后可访问账本,根据快速检索功能获取账本中记录的数据摘要和原信息存储位置,用户访问原始信息存储数据库,获取原始数据。The access control protocol module is used by the user to access the account book after authorization, and obtain the data summary recorded in the account book and the original information storage location according to the quick search function, and the user accesses the original information storage database to obtain the original data.

本发明的另一目的在于提供一种应用所述基于区块链的数据安全保护和共享方法的信息数据处理终端。Another object of the present invention is to provide an information data processing terminal applying the blockchain-based data security protection and sharing method.

综上所述,本发明的优点及积极效果为:文件中摘要信息含有与之关联的前一个区块编码,以方便后续快速数据检索,改进过的数据检索机制能够大幅提高系统的效率。RPBFT共识机制能够高效实现共识的基础上,很好的防范贪心攻击和恶意节点分叉攻击,在保证方案安全可靠的基础上,进一步提高系统的效率。系统链上摘要信息与链下原始数据分离,保证原始数据的隐私性。使用的区块链技术保证了分布式账本中的信息的不可篡改,账本上的文件密文哈希值保证了文件的完整以及不可篡改,账本上的访问策略实现了文件的安全共享,能将未经授权用户阻挡在系统之外。 To sum up, the advantages and positive effects of the present invention are: the abstract information in the file contains the code of the previous block associated with it to facilitate subsequent rapid data retrieval, and the improved data retrieval mechanism can greatly improve the efficiency of the system. On the basis of the RPBFT consensus mechanism being able to achieve consensus efficiently, it can well prevent greedy attacks and malicious node bifurcation attacks, and further improve the efficiency of the system on the basis of ensuring the safety and reliability of the scheme. The summary information on the system chain is separated from the original data off the chain to ensure the privacy of the original data. The blockchain technology used ensures that the information in the distributed ledger cannot be tampered with. The file ciphertext hash value on the ledger ensures the integrity and tamper-proof of the file. The access policy on the ledger realizes the safe sharing of files and can Unauthorized users are blocked from the system.

本发明利用区块链技术能够实现用户对文件的安全的共享,以确保原始数据文件的存储与共享安全;用户在客户端实现文件的上传、下载,并以密文形式将文件保存在可信赖的数据库中,只将数据摘要、哈希值、关联区块编号写入区块链账本中;同时用户可以为文件定制细粒度的访问策略,并将其与区块链账本进行关联,用户在获取文件的过程中需要进行身份验证,只有满足访问策略的用户可以获取账本中信息内容,并进一步获取文件。本发明确保了用户数据的安全性,用户使用简单方便;传统的公私钥密码技术使得文件更为安全;区块链技术本身账本的不可篡改性进一步保证了文件的完整可用,同时使得用户可以针对不同文件制定不同的访问策略,在共享文件的同时实现了对文件的完全控制;实现了基于该系统的用户控制的文件加密上传、细粒度的访问控制以及在系统内的文件安全共享。The present invention utilizes block chain technology to realize the safe sharing of files by users, so as to ensure the storage and sharing security of original data files; In the database, only the data summary, hash value, and associated block number are written into the blockchain ledger; at the same time, users can customize fine-grained access policies for files and associate them with the blockchain ledger. Identity verification is required in the process of obtaining files, and only users who meet the access policy can obtain the information content in the ledger and further obtain files. The invention ensures the security of user data, and is easy and convenient for users to use; traditional public-private key cryptography technology makes files more secure; the non-tamperable modification of blockchain technology's own ledger further ensures the integrity and availability of files, and at the same time allows users to target Different access policies are formulated for different files, and complete control over files is achieved while sharing files; user-controlled file encryption uploads based on the system, fine-grained access control, and file security sharing within the system are realized.

附图说明Description of drawings

图1是本发明实施例提供的基于区块链的数据安全保护和共享方法流程图。Fig. 1 is a flowchart of a blockchain-based data security protection and sharing method provided by an embodiment of the present invention.

图2是本发明实施例提供的基于区块链的数据安全保护和共享方法的实现流程图。Fig. 2 is an implementation flow chart of a blockchain-based data security protection and sharing method provided by an embodiment of the present invention.

图3是本发明实施例提供基于区块链的数据安全保护和共享方法的系统实现示意图。Fig. 3 is a schematic diagram of a system implementation of a blockchain-based data security protection and sharing method provided by an embodiment of the present invention.

图4是本发明实施例提供的系统模型图。Fig. 4 is a system model diagram provided by an embodiment of the present invention.

图5是本发明实施例提供的区块链系统模型图。Fig. 5 is a block chain system model diagram provided by the embodiment of the present invention.

图6是本发明实施例提供的区块链账本结构图。Fig. 6 is a structural diagram of a blockchain ledger provided by an embodiment of the present invention.

图7是本发明实施例提供的数据效率的仿真图。FIG. 7 is a simulation diagram of data efficiency provided by an embodiment of the present invention.

图8是本发明实施例提供的网络阻塞的仿真图。FIG. 8 is a simulation diagram of network congestion provided by an embodiment of the present invention.

具体实施方式Detailed ways

为了使本发明的目的、技术方案及优点更加清楚明白,以下结合实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。In order to make the object, technical solution and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

本发明在保证数据完整、机密、可用的基础上,对数据实现快速数据检索和高效系统共识以达到共享的目的,实现数据的挖掘分析,产生价值。On the basis of ensuring data integrity, confidentiality and availability, the present invention realizes fast data retrieval and efficient system consensus on data to achieve the purpose of sharing, realizes data mining and analysis, and generates value.

下面结合附图对本发明的应用原理作详细的描述。The application principle of the present invention will be described in detail below in conjunction with the accompanying drawings.

如图1所示,本发明实施例提供的基于区块链的数据安全保护和共享方法包括以下步骤:As shown in Figure 1, the blockchain-based data security protection and sharing method provided by the embodiment of the present invention includes the following steps:

S101:搭建、管理系统,给系统内每一个参与方发放身份认证信息和密钥;S101: Build and manage the system, and issue identity authentication information and keys to each participant in the system;

S102:将原始数据的摘要信息和哈希值打包上传到区块链系统,文件中摘要信息含有与之关联的前一个区块编码;S102: Pack and upload the summary information and hash value of the original data to the blockchain system, and the summary information in the file contains the code of the previous block associated with it;

S103:打包节点将时间段内接收到的所有摘要信息和哈希值按照一定次序打包成区块,发送给共识节点;S103: The packaging node packages all the summary information and hash values received within the time period into blocks in a certain order and sends them to the consensus node;

S104:按照RPBFT协议高效达成共识后全网广播共识结果;S104: After efficiently reaching a consensus according to the RPBFT protocol, the whole network broadcasts the consensus result;

S105:根据共识结果将区块记录到账本中;S105: Record the block into the ledger according to the consensus result;

S106:根据数据机构的要求,将不同的访问控制协议与区块进行关联;S106: According to the requirements of the data organization, associate different access control protocols with blocks;

S107:用户经访问控制协议授权后可访问账本,使用快速检索功能获取账本中记录的数据摘要和原信息存储位置,用户访问原始信息存储数据库,获取原始数据。S107: After being authorized by the access control protocol, the user can access the account book, use the quick search function to obtain the data summary recorded in the account book and the storage location of the original information, and the user accesses the original information storage database to obtain the original data.

下面结合附图对本发明的应用原理作进一步的描述。The application principle of the present invention will be further described below in conjunction with the accompanying drawings.

如图2所示,本发明实施例提供的基于区块链的数据安全保护和共享方法具体包括以下步骤:As shown in Figure 2, the blockchain-based data security protection and sharing method provided by the embodiment of the present invention specifically includes the following steps:

(1)认证授权机构,也就是联盟链的发起者,拥有着最高的系统权限,负责搭建、管理系统。同时,负责给系统内每一个参与方发放身份认证信息和密钥。(1) The certification authority, that is, the initiator of the alliance chain, has the highest system authority and is responsible for building and managing the system. At the same time, it is responsible for issuing identity authentication information and keys to each participant in the system.

(2)数据机构将原始数据的摘要信息和哈希值打包上传到区块链系统,文件中摘要信息含有与之关联的前一个区块编码,以方便后续检索。原始数据保存在本地数据库或云端。(2) The data organization packages and uploads the abstract information and hash value of the original data to the blockchain system, and the abstract information in the file contains the code of the previous block associated with it to facilitate subsequent retrieval. Raw data is stored in a local database or in the cloud.

(3)区块链系统中打包节点将时间段内接收到的所有摘要信息和哈希值按照一定次序打包成区块,发送给共识节点。(3) The packaging node in the blockchain system packs all the summary information and hash values received within the time period into blocks in a certain order and sends them to the consensus node.

(4)共识节点按照改进PBFT协议达成共识后全网广播共识结果。(4) After the consensus nodes reach a consensus according to the improved PBFT protocol, the consensus result is broadcast across the entire network.

(5)记账节点根据共识结果将区块记录到账本中。(5) The bookkeeping node records the block into the ledger according to the consensus result.

(6)访问控制协议可根据数据机构的要求,将不同的访问控制协议与区块进行关联。(6) Access control protocols Different access control protocols can be associated with blocks according to the requirements of the data organization.

(7)用户经访问控制协议授权后可访问账本,根据快速检索功能获取账本中记录的数据摘要和原信息存储位置,用户访问原始信息存储数据库,获取原始数据。(7) After being authorized by the access control protocol, the user can access the account book, and obtain the data summary recorded in the account book and the original information storage location according to the quick search function, and the user accesses the original information storage database to obtain the original data.

如图3所示,本发明实施例提供的基于区块链的数据安全保护和共享方法包括以下步骤:As shown in Figure 3, the blockchain-based data security protection and sharing method provided by the embodiment of the present invention includes the following steps:

(1)系统初始化:为了实现系统能正常运转,需要在起始阶段对系统进行初始化。初始化过程包括:(1) System initialization: In order to realize the normal operation of the system, it is necessary to initialize the system at the initial stage. The initialization process includes:

a)认证授权机构,也就是联盟链的发起者,拥有着最高的系统权限,负责搭建、管理系统。同时,负责给系统内每一个参与方发放身份认证信息和密钥。a) The certification authority, that is, the initiator of the alliance chain, has the highest system authority and is responsible for building and managing the system. At the same time, it is responsible for issuing identity authentication information and keys to each participant in the system.

b)想要参与系统的节点需要申请身份认证信息和密钥,并明确自己担负的职责。b) Nodes who want to participate in the system need to apply for identity authentication information and keys, and clarify their responsibilities.

c)通过验证的节点会得到由认证授权机构源颁发的安全证书,这个证书中包含有一个唯一的序列号以及公私钥对,序列号代表节点的身份,公私钥对用于签名。在终端设备初次连接时间节点进行初始化的时候,安全证书可以证明节点身份的合法性,该节点将成为系统内节点。c) The verified node will get a security certificate issued by the certification authority. This certificate contains a unique serial number and a public-private key pair. The serial number represents the identity of the node, and the public-private key pair is used for signatures. When the terminal device first connects to the node for initialization, the security certificate can prove the legitimacy of the node's identity, and the node will become a node in the system.

d)节点可以选择成为数据节点、打包节点、共识节点、记账节点等职责。节点可以担负其中一个或多个职责。d) Nodes can choose to become data nodes, packaging nodes, consensus nodes, accounting nodes and other responsibilities. Nodes can take on one or more of these responsibilities.

e)认证授权机构需要监督每轮共识是否正常,随机种子是否能正确选出当前轮次共识节点,保证系统健康有序。e) The certification authority needs to supervise whether each round of consensus is normal, and whether the random seed can correctly select the current round of consensus nodes to ensure the health and order of the system.

(2)数据机构上传数据(2) Data institutions upload data

a)按照系统约定,每经过一段时间,数据节点通过客户端将本地需要上传的数据进行处理,提取摘要信息、数据哈希值、与该用户相关的前一个区块编码。摘要信息含有与之关联的前一个区块编码,以方便用户后续快速数据检索。将所有信息整理成一个文件,上传给邻近的打包节点。a) According to the system agreement, after a period of time, the data node processes the data that needs to be uploaded locally through the client, and extracts the summary information, data hash value, and the previous block code related to the user. The summary information contains the code of the previous block associated with it, so as to facilitate the user's subsequent fast data retrieval. Organize all the information into a file and upload it to the adjacent packaging node.

b)与该用户相关的前一个区块编码,将随着信息摘要一起被访问控制协议保护。b) The previous block code related to this user will be protected by the access control protocol along with the information digest.

c)数据节点需明确该文件的访问控制策略,并随文件一起上传。c) The data node needs to specify the access control policy of the file and upload it together with the file.

d)原始数据文件被存储在本地数据库或上传至可信赖的云数据库。d) Raw data files are stored in a local database or uploaded to a trusted cloud database.

(3)打包节点接收数据(3) Packing node receives data

a)打包节点收到数据节点上传的数据后,将返回应答信息。a) After the packaging node receives the data uploaded by the data node, it will return a response message.

b)打包节点将收集相关的数据节点上传文件,并记录每一个文件来源和访问控制策略,并将所有文件按时间顺序,打包成一个区块。b) The packaging node will collect relevant data nodes to upload files, record the source and access control policy of each file, and package all files into a block in chronological order.

c)所有打包节点将按照系统约定,轮流上传区块给共识节点,当前轮次打包节点上传时,其余节点将静默。c) All packaging nodes will upload blocks to consensus nodes in turn according to the system agreement. When the current round of packaging nodes uploads, the remaining nodes will be silent.

d)区块头包含有打包节点地址、时间戳、区块哈希值、文件哈希值等信息。d) The block header contains information such as packaging node address, timestamp, block hash value, and file hash value.

(4)共识节点达成共识(4) Consensus nodes reach a consensus

a)根据系统规则,每一轮次会由一个随机数发生器产生随机数,来确定备选共识节点中哪些节点可以成为当前轮次的共识节点,由新选出的共识节点接收区块。认证授权机构监督该过程。a) According to the system rules, a random number generator will generate random numbers in each round to determine which nodes among the candidate consensus nodes can become the consensus nodes of the current round, and the newly selected consensus nodes will receive blocks. A certification authority oversees the process.

b)共识节点之间根据PBFT协议达成共识。b) The consensus nodes reach a consensus according to the PBFT protocol.

c)共识节点达成共识后,向全网广播结果。c) After the consensus node reaches a consensus, it broadcasts the result to the whole network.

d)共识节点将区块发送给记账节点。d) The consensus node sends the block to the accounting node.

e)为保证系统的安全性、同一节点不可以连续成为共识节点。e) In order to ensure the security of the system, the same node cannot continuously become a consensus node.

(5)记账节点将区块写入账本(5) The accounting node writes the block into the ledger

a)记账节点收到共识节点发送的区块,将其写入账本中。a) The accounting node receives the block sent by the consensus node and writes it into the ledger.

b)记账节点完成记账后,将向全网广播。b) After the accounting node completes the accounting, it will broadcast to the whole network.

(6)配置访问控制协议(6) Configure access control protocol

a)记账节点需要根据文件中记录的访问控制策略,配置访问控制策略,并将策略与区块锚定。a) The accounting node needs to configure the access control strategy according to the access control strategy recorded in the file, and anchor the strategy to the block.

b)访问控制策略将隐藏文件信息,只暴露出区块头信息。以保障信息的安全和隐私。访问控制策略将由记账节点更新维护。b) The access control strategy will hide the file information and only expose the block header information. To ensure the security and privacy of information. Access control policies will be updated and maintained by accounting nodes.

c)用户可以根据需要更新访问策略。c) The user can update the access policy as needed.

(7)用户获取信息(7) User obtains information

a)用户通过客户端访问账本信息,根据需要向系统提交个人身份认证信息。a) The user accesses the ledger information through the client, and submits personal identity authentication information to the system as needed.

b)访问控制策略将审核用户身份信息,如果符合访问策略将允许用户查看特定文件内容。如果未通过认证,则无法查看。b) The access control policy will review the user identity information, and if the access policy is met, the user will be allowed to view the specific file content. If you are not authenticated, you cannot view it.

c)用户查看信息摘要,需要进一步查看原始数据,可以根据账本中记录的数据来源信息,进一步申请访问存储原始数据的数据库。c) The user views the information summary and needs to further view the original data, and can further apply for access to the database storing the original data according to the data source information recorded in the ledger.

d)用户根据相关区块记录信息,快速找到上一个区块的信息,将不同的文件进行关联使用。d) The user can quickly find the information of the previous block according to the information recorded in the relevant block, and associate different files for use.

e)用户比对文件哈希值,校验文件是否被恶意篡改。e) The user compares the hash value of the file to verify whether the file has been maliciously tampered with.

下面结合仿真对本发明的应用效果做详细的描述。The application effect of the present invention will be described in detail below in combination with simulation.

1.仿真条件1. Simulation conditions

仿真环境是:联想笔记本,配置是Intel(R)Core(TM)i5-3210M CPU@2.50GHz 4.0GRAM。The simulation environment is: Lenovo notebook, the configuration is Intel(R) Core(TM) i5-3210M CPU@2.50GHz 4.0GRAM.

2.仿真内容与结果分析2. Simulation content and result analysis

采用本发明方法不同的系统之间,信息检索的效率差别,结果如图7所示,在本发明的方案中,本发明采用关联区块编号机制来提高信息检索的效率。如果一个用户要检索特定的信息,可以直接根据联区块编号记录找到相应的块。原来的搜索方法需要遍历的数据块直到找到有用的数据。虽然联区块编号会带来附加的数据量,相对于数据检索的传统方式,其效率增加太多。本发明与其他方案如Medrecord A Lippman,T Vieira,A Ekblaw,AAzaria.Et al,“MedRec:Using Blockchain for Medical Data,”Presented atInternational Conference on Open&Big Data.[Online]2016.Available:http://ieeexplore.ieee.org/document/7573685/和Medshare Qi Xia,Emmanuel BoatengSifah,et al.“MeDShare:Trust-Less Medical Data Sharing via Blockchain,”IEEEAccess,July,2017.Vol.5.DOI.10.1109/ACCESS.2017.2730843.。随着访问人数的增加,本发明使用较少的时间。结果表明,数据检索的效率大大提高。The efficiency of information retrieval differs between different systems using the method of the present invention, and the result is shown in Figure 7. In the solution of the present invention, the present invention uses an associated block numbering mechanism to improve the efficiency of information retrieval. If a user wants to retrieve specific information, he can directly find the corresponding block according to the associated block number record. The original search method needs to traverse the data blocks until useful data is found. Although concatenated block numbers will bring additional data volume, compared with the traditional way of data retrieval, its efficiency will increase too much. This invention and other proposals such as Medrecord A Lippman, T Vieira, A Ekblaw, AAzaria. Et al, "MedRec: Using Blockchain for Medical Data," Presented at International Conference on Open & Big Data. [Online] 2016. Available: http://ieeexplore .ieee.org/document/7573685/ and Medshare Qi Xia, Emmanuel BoatengSifah, et al. “MeDShare: Trust-Less Medical Data Sharing via Blockchain,” IEEE Access, July, 2017.Vol.5.DOI.10.1109/ACCESS.2017.2730843 .. As the number of visitors increases, the present invention uses less time. The results show that the efficiency of data retrieval is greatly improved.

当用户的数量较少时,每个用户的有效信息量占总信息量的比例较高。原来的搜索方法也可以快速找到相关的信息。然而,随着用户数量的增加,本发明对其他方法的优势越来越明显。关联区块编号记录可以直接引导用户找到相应的块。即使有效信息的比例较低,不会对效率造成约束。采用本发明方法不同的系统之间,系统网络阻塞差别,结果如图8所示。当打包节点发出建议添加区块到系统,本发明从实时上传的方法改为交替上传。如果打包节点选择上传实时数据,系统将承担很大的高负荷,这可能会导致数据拥塞。为避免这种情况,提高系统的稳定性。本发明使用按轮次依次上传的方法。上传异步数据使系统负载平滑,有助于避免系统数据拥塞。理论分析和仿真结果表明,该方案是有效的避免大量高负荷,可能导致数据拥塞。When the number of users is small, the effective information volume of each user accounts for a higher proportion of the total information volume. The original search method can also quickly find relevant information. However, as the number of users increases, the advantages of the present invention over other methods become more and more obvious. The associated block number record can directly guide the user to find the corresponding block. Even if the proportion of valid information is low, it will not constrain the efficiency. Between different systems adopting the method of the present invention, the system network congestion is different, and the result is shown in FIG. 8 . When the packaging node sends out a suggestion to add blocks to the system, the present invention changes the method of real-time uploading to alternate uploading. If the packaging node chooses to upload real-time data, the system will bear a large high load, which may cause data congestion. To avoid this situation, improve the stability of the system. The present invention uses the method of sequentially uploading in rounds. Uploading asynchronous data smoothes the system load and helps avoid system data congestion. Theoretical analysis and simulation results show that the scheme is effective in avoiding massive high loads that may cause data congestion.

以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本发明的保护范围之内。The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalent replacements and improvements made within the spirit and principles of the present invention should be included in the protection of the present invention. within range.

Claims (10)

1. a kind of data security protecting and sharing method based on block chain, which is characterized in that the data based on block chain Safeguard protection and sharing method include: that each participant provides authentication information and key;The abstract of initial data is believed Breath and cryptographic Hash packing upload to block catenary system;It is packaged all summary infos and cryptographic Hash that node will receive in the period It is packaged into block according to a graded, is sent to common recognition node;The whole network broadcast common recognition after efficiently reaching common understanding according to RPBFT agreement As a result;Block is recorded in account book according to common recognition result;Different access-control protocols is associated with block;User's warp It may have access to account book after access-control protocol authorization, the data summarization and prime information recorded in account book obtained using quick-searching function Storage location, user access raw information storing data library, obtain initial data.
2. data security protecting and sharing method as described in claim 1 based on block chain, which is characterized in that described to be based on The data security protecting of block chain and the initial method of sharing method include:
(1) each participant provides authentication information and key;
(2) node for participating in system needs to apply authentication information and key, and the clear responsibility oneself undertaken;
(3) safety certificate issued by certification authority source can be obtained by the node of verifying;
(4) node is selected to back end, is packaged node, common recognition node, accounting nodes;
(5) certification authority needs to supervise whether every wheel common recognition is normal, and it is total whether random seed can correctly select current round Know node.
3. data security protecting and sharing method as described in claim 1 based on block chain, which is characterized in that described to be based on The data security protecting of block chain and the data structures of sharing method upload data method and include:
(1) per after a period of time, back end locally will need the data uploaded to handle by client, extraction is made a summary Information, data cryptographic Hash, previous block coding related to user;
(2) previous block coding related to user will be accessed together control protocol protection with informative abstract;
(3) back end needs the access control policy of clear this document, and uploads with file;
(4) raw data file is stored in local data base or is uploaded to reliable cloud database.
4. data security protecting and sharing method as described in claim 1 based on block chain, which is characterized in that described to be based on The data security protecting of block chain and the packing node received data packet of sharing method include:
(1) after being packaged the data that node receives back end upload, response message will be returned;
(2) transmitting file on relevant back end will be collected by being packaged node, and record each document source and access control plan Slightly, and in chronological order by All Files, it is packaged into a block;
(3) all packing nodes will arrange according to system, upload block in turn and give common recognition node, current round is packaged node and uploads When, remaining node will be silent;
(4) block head includes to be packaged node address, timestamp, block cryptographic Hash, file cryptographic Hash.
5. data security protecting and sharing method as described in claim 1 based on block chain, which is characterized in that described to be based on The data security protecting of block chain and the common recognition node of sharing method, which are reached common understanding, includes:
(1) according to rule, each round can generate random number by a randomizer, which is determined in alternative common recognition node Node can become the common recognition node of current round, receive block by the common recognition node newly selected;
(2) reached common understanding between common recognition node according to PBFT agreement;
(3) after common recognition node is reached common understanding, to the whole network broadcast results;
(4) block is sent to accounting nodes by common recognition node;
(5) same node cannot continuously become common recognition node.
6. data security protecting and sharing method as described in claim 1 based on block chain, which is characterized in that described to be based on The data security protecting of block chain and the accounting nodes of sharing method specifically include block write-in account book:
(1) accounting nodes receive the block that common recognition node is sent, and are written into account book;
(2) it after accounting nodes complete book keeping operation, will be broadcasted to the whole network.
7. data security protecting and sharing method as described in claim 1 based on block chain, which is characterized in that described to be based on The data security protecting of block chain and the configuration access control protocol of sharing method specifically include:
(1) accounting nodes are needed according to the access control policy recorded in file, configuration access control strategy, and by strategy and area Block anchoring;
(2) hidden file information is only exposed block head information by access control policy;
(3) user can according to need update access strategy.
8. data security protecting and sharing method as described in claim 1 based on block chain, which is characterized in that described to be based on The data security protecting of block chain and the user of sharing method obtain information approach and include:
(1) user accesses account book information by client, submits personal identification information to system as needed;
(2) access control policy will audit subscriber identity information, user will be allowed to check specific file if meeting access strategy Content;If unauthenticated, can not check;
(3) user checks informative abstract, according to the data origin information recorded in account book, the number of application access storage initial data According to library;
(4) user records information according to Correlation block, finds the information of a block, different files, which is associated, to be made With;
(5) user compares file cryptographic Hash, and whether verification file is maliciously tampered.
9. a kind of number based on block chain of the data security protecting realized based on block chain described in claim 1 and sharing method According to safeguard protection and shared system, which is characterized in that the data security protecting and shared system based on block chain include:
Certification authority module, for providing authentication information and key to each participant in system;
Data structures module uploads to block catenary system for the summary info of initial data and cryptographic Hash to be packaged, in file Summary info contains the previous block coding being associated;
Block chain module, for being packaged node for all summary infos received in the period and cryptographic Hash according to a graded It is packaged into block, is sent to common recognition node;
Common recognition node module, for the whole network broadcast common recognition result after reaching common understanding according to improvement PBFT agreement;
Accounting nodes module, for block to be recorded in account book according to common recognition result;
Access-control protocol module closes different access-control protocols with block for the requirement according to data structures Connection;
User obtains in account book according to quick-searching function and remembers for may have access to account book after authorizing through access-control protocol module The data summarization and prime information storage location of record, user access raw information storing data library, obtain initial data.
10. a kind of letter of data security protecting and sharing method using based on block chain described in claim 1~8 any one Cease data processing terminal.
CN201810628273.9A 2018-06-19 2018-06-19 Block chain-based data security protection and sharing method and system and application Active CN109040012B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810628273.9A CN109040012B (en) 2018-06-19 2018-06-19 Block chain-based data security protection and sharing method and system and application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810628273.9A CN109040012B (en) 2018-06-19 2018-06-19 Block chain-based data security protection and sharing method and system and application

Publications (2)

Publication Number Publication Date
CN109040012A true CN109040012A (en) 2018-12-18
CN109040012B CN109040012B (en) 2021-02-09

Family

ID=64609906

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810628273.9A Active CN109040012B (en) 2018-06-19 2018-06-19 Block chain-based data security protection and sharing method and system and application

Country Status (1)

Country Link
CN (1) CN109040012B (en)

Cited By (55)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107276765A (en) * 2017-07-04 2017-10-20 中国联合网络通信集团有限公司 The processing method and processing device known together in block chain
CN109660545A (en) * 2018-12-27 2019-04-19 北京新唐思创教育科技有限公司 A Consortium Chain Consensus Method and Computer Storage Medium
CN109684287A (en) * 2018-12-29 2019-04-26 厦门链平方科技有限公司 Gateway information sharing query method and system based on block chain
CN109743173A (en) * 2018-12-20 2019-05-10 弗洛格(武汉)信息科技有限公司 Go out block node in block chain and determines method, block verification method and block catenary system
CN109766673A (en) * 2019-01-18 2019-05-17 四川大学 A consortium audio and video copyright blockchain system and method for uploading audio and video copyright to the chain
CN109819443A (en) * 2018-12-29 2019-05-28 东莞见达信息技术有限公司 Authentication registration method, apparatus and system based on block chain
CN109815732A (en) * 2019-01-09 2019-05-28 北京邮电大学 A system, method and device for storing and accessing workshop data based on alliance chain
CN109871669A (en) * 2019-03-14 2019-06-11 哈尔滨工程大学 A data sharing solution based on blockchain technology
CN109919654A (en) * 2019-01-23 2019-06-21 深圳壹账通智能科技有限公司 Integral monitoring method, device, equipment and storage medium based on block chain
CN109936620A (en) * 2019-01-21 2019-06-25 中国联合网络通信集团有限公司 Blockchain-based storage method and device, system and storage medium
CN109981772A (en) * 2019-03-22 2019-07-05 西安电子科技大学 A kind of multiple domain data share exchange platform architecture based on block chain
CN109978571A (en) * 2019-04-01 2019-07-05 众安信息技术服务有限公司 Source tracing method based on block chain and device of tracing to the source
CN110071802A (en) * 2019-04-24 2019-07-30 西安纸贵互联网科技有限公司 Data processing method and device suitable for block chain
CN110289963A (en) * 2019-05-08 2019-09-27 重庆八戒电子商务有限公司 Merging under high concurrent is packaged the method that block chain and its verifying is recorded
CN110336833A (en) * 2019-07-30 2019-10-15 中国工商银行股份有限公司 Image content common recognition method, server based on block chain
CN110427763A (en) * 2019-07-24 2019-11-08 上海朝夕网络技术有限公司 A kind of common recognition method based on the predefined distributed system for executing code
CN110581839A (en) * 2019-07-23 2019-12-17 中国空间技术研究院 Content protection method and device
CN110728577A (en) * 2019-08-21 2020-01-24 北京邮电大学 Centralized hierarchical and continuously-expanded block chain transaction method
CN110781531A (en) * 2019-09-04 2020-02-11 安徽省粮油信息中心(安徽粮食批发交易市场管委会) Tamper-proof grain depot data secure storage system and method
CN110795772A (en) * 2019-11-05 2020-02-14 重庆道之易科技服务有限公司 Creative processing method based on block chain
CN111049658A (en) * 2019-12-12 2020-04-21 北京信息科技大学 DAG-based whole-network unified trust anchor system, establishment method and authentication method
CN111061695A (en) * 2019-12-19 2020-04-24 广东以诺通讯有限公司 File sharing method and system based on block chain
CN111092882A (en) * 2019-12-12 2020-05-01 中国船舶工业系统工程研究院 Cross-domain multi-party information secure sharing method based on block chain and IPFS (Internet protocol File System)
CN111245570A (en) * 2020-01-14 2020-06-05 中国科学院软件研究所 Block chain network covert communication method based on multi-node timestamp collusion
CN111241092A (en) * 2019-12-31 2020-06-05 中国科学院昆明植物研究所 Block chain based species publishing system and method
CN111262936A (en) * 2020-01-16 2020-06-09 天津大学 Block chain-based ocean big data sharing method
CN111274594A (en) * 2020-01-20 2020-06-12 上海市大数据中心 Block chain-based secure big data privacy protection sharing method
CN111311263A (en) * 2020-03-18 2020-06-19 广州知弘科技有限公司 Local safety accounting method for block chain node
CN111339206A (en) * 2020-03-11 2020-06-26 中国建设银行股份有限公司 Data sharing method and device based on block chain
CN111405223A (en) * 2019-01-02 2020-07-10 中国移动通信有限公司研究院 Video processing method, device and equipment
CN111416832A (en) * 2019-01-07 2020-07-14 珠海金山办公软件有限公司 File updating method and device, electronic equipment and readable storage medium
CN111428834A (en) * 2020-04-21 2020-07-17 吉林大学 Orchard spraying information management system and method based on block chain and information fusion
CN111563130A (en) * 2020-07-15 2020-08-21 成都无右区块链科技有限公司 Data credible data management method and system based on block chain technology
CN111583393A (en) * 2020-05-06 2020-08-25 江苏恒宝智能系统技术有限公司 Three-dimensional modeling product management method and system based on block chain technology
CN111682934A (en) * 2020-04-21 2020-09-18 国网天津市电力公司电力科学研究院 A method and system for storing, accessing and sharing comprehensive energy metering data
CN111753321A (en) * 2020-06-29 2020-10-09 山东大学 A method and system for data security sharing based on blockchain
CN112003704A (en) * 2020-07-31 2020-11-27 中科扶云(杭州)科技有限公司 Electronic evidence processing method and device and computer equipment
CN112100665A (en) * 2020-09-23 2020-12-18 江苏四象软件有限公司 A blockchain-based data sharing system
CN112163241A (en) * 2020-09-09 2021-01-01 法信公证云(厦门)科技有限公司 Notarization archive information processing method, system, platform, equipment and storage medium
CN112241435A (en) * 2020-10-23 2021-01-19 山西特信环宇信息技术有限公司 Cone block chain storage system and consensus storage method
CN112468565A (en) * 2020-11-19 2021-03-09 江苏省测绘资料档案馆 System for managing space data integrity and tracking shared flow based on block chain
CN112487443A (en) * 2020-11-11 2021-03-12 昆明理工大学 Energy data fine-grained access control method based on block chain
CN112818365A (en) * 2021-02-01 2021-05-18 上海竞动科技有限公司 User privacy data protection method and system based on block chain
CN112861180A (en) * 2020-03-06 2021-05-28 西南交通大学 Supply chain information sharing system and method combining block chain and workflow
CN112966126A (en) * 2021-02-26 2021-06-15 南京审计大学 High-reliability knowledge base construction method capable of inquiring and tracing mass unstructured data content
CN113438084A (en) * 2021-06-23 2021-09-24 国网北京市电力公司 Green power source tracing method and system based on R-PBFT consensus algorithm and timestamp
CN113656365A (en) * 2021-07-28 2021-11-16 熵链科技(福建)有限公司 Data sharing method and system based on block chain
CN114020832A (en) * 2021-10-14 2022-02-08 杭州数钮科技有限公司 Method, device, terminal equipment and medium for cooperation under uplink and downlink
CN114338719A (en) * 2021-12-27 2022-04-12 杭州趣链科技有限公司 Evidence processing method and device based on alliance chain and electronic equipment
CN114528346A (en) * 2022-01-27 2022-05-24 中科大数据研究院 Method for sharing transaction of multi-source heterogeneous data assets by depending on block chain
CN114626849A (en) * 2022-03-16 2022-06-14 中信建投证券股份有限公司 Data protection method and protection device based on block chain
CN114938278A (en) * 2022-04-11 2022-08-23 北京邮电大学 Zero trust access control method and device
CN115021914A (en) * 2022-06-14 2022-09-06 广西师范大学 Safe and efficient education seniority witness method based on block chain
CN115378960A (en) * 2022-06-20 2022-11-22 华东计算技术研究所(中国电子科技集团公司第三十二研究所) Distributed rapid file sharing method and system based on novel block chain
CN115801815A (en) * 2023-02-03 2023-03-14 安徽中科晶格技术有限公司 Block chain-based plant growth condition sharing method and device and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107169125A (en) * 2017-05-31 2017-09-15 北京小米移动软件有限公司 The dispensing statistics acquisition methods and device of multimedia resource
CN107181599A (en) * 2017-07-18 2017-09-19 天津理工大学 The storage of route location data confidentiality and sharing method based on block chain
CN107770115A (en) * 2016-08-15 2018-03-06 华为技术有限公司 Distribute the method and system of digital content in a peer-to-peer network
CN108092982A (en) * 2017-12-22 2018-05-29 广东工业大学 A kind of date storage method and system based on alliance's chain

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107770115A (en) * 2016-08-15 2018-03-06 华为技术有限公司 Distribute the method and system of digital content in a peer-to-peer network
CN107169125A (en) * 2017-05-31 2017-09-15 北京小米移动软件有限公司 The dispensing statistics acquisition methods and device of multimedia resource
CN107181599A (en) * 2017-07-18 2017-09-19 天津理工大学 The storage of route location data confidentiality and sharing method based on block chain
CN108092982A (en) * 2017-12-22 2018-05-29 广东工业大学 A kind of date storage method and system based on alliance's chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
薛腾飞 等: "基于区块链的医疗数据共享模型研究", 《自动化学报》 *

Cited By (80)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107276765A (en) * 2017-07-04 2017-10-20 中国联合网络通信集团有限公司 The processing method and processing device known together in block chain
CN109743173A (en) * 2018-12-20 2019-05-10 弗洛格(武汉)信息科技有限公司 Go out block node in block chain and determines method, block verification method and block catenary system
CN109743173B (en) * 2018-12-20 2021-07-20 弗洛格(武汉)信息科技有限公司 Block out node determining method in block chain, block verification method and block chain system
CN109660545A (en) * 2018-12-27 2019-04-19 北京新唐思创教育科技有限公司 A Consortium Chain Consensus Method and Computer Storage Medium
CN109660545B (en) * 2018-12-27 2021-04-09 北京新唐思创教育科技有限公司 Alliance chain consensus method and computer storage medium
CN109684287A (en) * 2018-12-29 2019-04-26 厦门链平方科技有限公司 Gateway information sharing query method and system based on block chain
CN109819443A (en) * 2018-12-29 2019-05-28 东莞见达信息技术有限公司 Authentication registration method, apparatus and system based on block chain
CN109819443B (en) * 2018-12-29 2021-09-21 东莞见达信息技术有限公司 Registration authentication method, device and system based on block chain
CN111405223A (en) * 2019-01-02 2020-07-10 中国移动通信有限公司研究院 Video processing method, device and equipment
CN111416832B (en) * 2019-01-07 2023-03-24 珠海金山办公软件有限公司 File updating method and device, electronic equipment and readable storage medium
CN111416832A (en) * 2019-01-07 2020-07-14 珠海金山办公软件有限公司 File updating method and device, electronic equipment and readable storage medium
CN109815732B (en) * 2019-01-09 2021-12-28 北京邮电大学 Workshop data storage and access system, method and device based on alliance chain
CN109815732A (en) * 2019-01-09 2019-05-28 北京邮电大学 A system, method and device for storing and accessing workshop data based on alliance chain
CN109766673A (en) * 2019-01-18 2019-05-17 四川大学 A consortium audio and video copyright blockchain system and method for uploading audio and video copyright to the chain
CN109936620A (en) * 2019-01-21 2019-06-25 中国联合网络通信集团有限公司 Blockchain-based storage method and device, system and storage medium
CN109919654A (en) * 2019-01-23 2019-06-21 深圳壹账通智能科技有限公司 Integral monitoring method, device, equipment and storage medium based on block chain
CN109871669B (en) * 2019-03-14 2023-02-10 哈尔滨工程大学 A data sharing solution based on blockchain technology
CN109871669A (en) * 2019-03-14 2019-06-11 哈尔滨工程大学 A data sharing solution based on blockchain technology
CN109981772A (en) * 2019-03-22 2019-07-05 西安电子科技大学 A kind of multiple domain data share exchange platform architecture based on block chain
CN109978571A (en) * 2019-04-01 2019-07-05 众安信息技术服务有限公司 Source tracing method based on block chain and device of tracing to the source
CN109978571B (en) * 2019-04-01 2024-01-19 众安信息技术服务有限公司 Block chain-based tracing method and tracing device
CN110071802A (en) * 2019-04-24 2019-07-30 西安纸贵互联网科技有限公司 Data processing method and device suitable for block chain
CN110289963A (en) * 2019-05-08 2019-09-27 重庆八戒电子商务有限公司 Merging under high concurrent is packaged the method that block chain and its verifying is recorded
CN110581839B (en) * 2019-07-23 2021-12-14 中国空间技术研究院 Content protection method and device
CN110581839A (en) * 2019-07-23 2019-12-17 中国空间技术研究院 Content protection method and device
CN110427763A (en) * 2019-07-24 2019-11-08 上海朝夕网络技术有限公司 A kind of common recognition method based on the predefined distributed system for executing code
CN110427763B (en) * 2019-07-24 2021-07-23 上海朝夕网络技术有限公司 Consensus method of distributed system based on predefined execution codes
CN110336833A (en) * 2019-07-30 2019-10-15 中国工商银行股份有限公司 Image content common recognition method, server based on block chain
CN110728577B (en) * 2019-08-21 2022-09-30 北京邮电大学 Centralized block chain transaction method capable of continuously expanding hierarchical layers
CN110728577A (en) * 2019-08-21 2020-01-24 北京邮电大学 Centralized hierarchical and continuously-expanded block chain transaction method
CN110781531B (en) * 2019-09-04 2023-04-07 安徽省粮油信息中心(安徽粮食批发交易市场管委会) Tamper-proof grain depot data secure storage system and method
CN110781531A (en) * 2019-09-04 2020-02-11 安徽省粮油信息中心(安徽粮食批发交易市场管委会) Tamper-proof grain depot data secure storage system and method
CN110795772A (en) * 2019-11-05 2020-02-14 重庆道之易科技服务有限公司 Creative processing method based on block chain
CN111092882A (en) * 2019-12-12 2020-05-01 中国船舶工业系统工程研究院 Cross-domain multi-party information secure sharing method based on block chain and IPFS (Internet protocol File System)
CN111092882B (en) * 2019-12-12 2021-12-07 中国船舶工业系统工程研究院 Cross-domain multi-party information secure sharing method based on block chain and IPFS (Internet protocol File System)
CN111049658A (en) * 2019-12-12 2020-04-21 北京信息科技大学 DAG-based whole-network unified trust anchor system, establishment method and authentication method
CN111049658B (en) * 2019-12-12 2022-09-16 北京信息科技大学 DAG-based whole-network unified trust anchor system and establishment method
CN111061695A (en) * 2019-12-19 2020-04-24 广东以诺通讯有限公司 File sharing method and system based on block chain
CN111061695B (en) * 2019-12-19 2023-04-14 广东以诺通讯有限公司 File sharing method and system based on block chain
CN111241092A (en) * 2019-12-31 2020-06-05 中国科学院昆明植物研究所 Block chain based species publishing system and method
CN111241092B (en) * 2019-12-31 2023-05-05 中国科学院昆明植物研究所 Species publishing system and method based on blockchain
CN111245570A (en) * 2020-01-14 2020-06-05 中国科学院软件研究所 Block chain network covert communication method based on multi-node timestamp collusion
CN111245570B (en) * 2020-01-14 2021-06-08 中国科学院软件研究所 A covert communication method for blockchain network based on multi-node timestamp collusion
CN111262936A (en) * 2020-01-16 2020-06-09 天津大学 Block chain-based ocean big data sharing method
CN111274594A (en) * 2020-01-20 2020-06-12 上海市大数据中心 Block chain-based secure big data privacy protection sharing method
CN112861180A (en) * 2020-03-06 2021-05-28 西南交通大学 Supply chain information sharing system and method combining block chain and workflow
CN112861180B (en) * 2020-03-06 2022-07-12 西南交通大学 Supply chain information sharing system and method combining block chain and workflow
CN111339206A (en) * 2020-03-11 2020-06-26 中国建设银行股份有限公司 Data sharing method and device based on block chain
CN111339206B (en) * 2020-03-11 2023-07-18 建信金融科技有限责任公司 Block chain-based data sharing method and device
CN111311263A (en) * 2020-03-18 2020-06-19 广州知弘科技有限公司 Local safety accounting method for block chain node
CN111428834B (en) * 2020-04-21 2024-03-08 吉林大学 Orchard spraying information management system and method based on blockchain and information fusion
CN111682934B (en) * 2020-04-21 2023-08-01 国网天津市电力公司电力科学研究院 Method and system for storing, accessing and sharing comprehensive energy metering data
CN111428834A (en) * 2020-04-21 2020-07-17 吉林大学 Orchard spraying information management system and method based on block chain and information fusion
CN111682934A (en) * 2020-04-21 2020-09-18 国网天津市电力公司电力科学研究院 A method and system for storing, accessing and sharing comprehensive energy metering data
CN111583393A (en) * 2020-05-06 2020-08-25 江苏恒宝智能系统技术有限公司 Three-dimensional modeling product management method and system based on block chain technology
CN111753321A (en) * 2020-06-29 2020-10-09 山东大学 A method and system for data security sharing based on blockchain
CN111563130A (en) * 2020-07-15 2020-08-21 成都无右区块链科技有限公司 Data credible data management method and system based on block chain technology
CN112003704A (en) * 2020-07-31 2020-11-27 中科扶云(杭州)科技有限公司 Electronic evidence processing method and device and computer equipment
CN112163241A (en) * 2020-09-09 2021-01-01 法信公证云(厦门)科技有限公司 Notarization archive information processing method, system, platform, equipment and storage medium
CN112100665A (en) * 2020-09-23 2020-12-18 江苏四象软件有限公司 A blockchain-based data sharing system
CN112241435A (en) * 2020-10-23 2021-01-19 山西特信环宇信息技术有限公司 Cone block chain storage system and consensus storage method
CN112487443A (en) * 2020-11-11 2021-03-12 昆明理工大学 Energy data fine-grained access control method based on block chain
CN112468565A (en) * 2020-11-19 2021-03-09 江苏省测绘资料档案馆 System for managing space data integrity and tracking shared flow based on block chain
CN112818365B (en) * 2021-02-01 2021-07-23 上海竞动科技有限公司 User privacy data protection method and system based on block chain
CN112818365A (en) * 2021-02-01 2021-05-18 上海竞动科技有限公司 User privacy data protection method and system based on block chain
CN112966126A (en) * 2021-02-26 2021-06-15 南京审计大学 High-reliability knowledge base construction method capable of inquiring and tracing mass unstructured data content
CN113438084B (en) * 2021-06-23 2022-11-29 国网北京市电力公司 A green power traceability method and system based on R-PBFT consensus algorithm and time stamp
CN113438084A (en) * 2021-06-23 2021-09-24 国网北京市电力公司 Green power source tracing method and system based on R-PBFT consensus algorithm and timestamp
CN113656365B (en) * 2021-07-28 2024-05-17 熵链科技(福建)有限公司 Block chain-based data sharing method and system
CN113656365A (en) * 2021-07-28 2021-11-16 熵链科技(福建)有限公司 Data sharing method and system based on block chain
CN114020832A (en) * 2021-10-14 2022-02-08 杭州数钮科技有限公司 Method, device, terminal equipment and medium for cooperation under uplink and downlink
CN114338719A (en) * 2021-12-27 2022-04-12 杭州趣链科技有限公司 Evidence processing method and device based on alliance chain and electronic equipment
CN114528346B (en) * 2022-01-27 2023-01-13 中科大数据研究院 Method for sharing transaction of multi-source heterogeneous data assets by depending on block chain
CN114528346A (en) * 2022-01-27 2022-05-24 中科大数据研究院 Method for sharing transaction of multi-source heterogeneous data assets by depending on block chain
CN114626849A (en) * 2022-03-16 2022-06-14 中信建投证券股份有限公司 Data protection method and protection device based on block chain
CN114938278B (en) * 2022-04-11 2023-10-31 北京邮电大学 A zero-trust access control method and device
CN114938278A (en) * 2022-04-11 2022-08-23 北京邮电大学 Zero trust access control method and device
CN115021914A (en) * 2022-06-14 2022-09-06 广西师范大学 Safe and efficient education seniority witness method based on block chain
CN115378960A (en) * 2022-06-20 2022-11-22 华东计算技术研究所(中国电子科技集团公司第三十二研究所) Distributed rapid file sharing method and system based on novel block chain
CN115801815A (en) * 2023-02-03 2023-03-14 安徽中科晶格技术有限公司 Block chain-based plant growth condition sharing method and device and storage medium

Also Published As

Publication number Publication date
CN109040012B (en) 2021-02-09

Similar Documents

Publication Publication Date Title
CN109040012A (en) A kind of data security protecting and sharing method based on block chain and system and application
JP6542962B2 (en) Delayed data access
US20240031155A1 (en) Decentralized data authentication
CN109525671B (en) Block chain-based data storage method, electronic device and storage medium
CN105191207B (en) Federated key management
CN102932136B (en) Systems and methods for managing cryptographic keys
US8799981B2 (en) Privacy protection system
US7334255B2 (en) System and method for controlling access to multiple public networks and for controlling access to multiple private networks
CN109962890B (en) Block chain authentication service device and node admission and user authentication method
CN112685790B (en) Block chain data security and privacy protection method
ES2875963T3 (en) Method and system related to user authentication to access data networks
CN112134864B (en) Evidence chain platform based on double-block chain structure and implementation method thereof
Doshi et al. A review paper on security concerns in cloud computing and proposed security models
US12206769B2 (en) Distributed anonymized compliant encryption management system
Shen et al. SecDM: Securing data migration between cloud storage systems
Yang et al. An access control model based on blockchain master-sidechain collaboration
Guo et al. Using blockchain to control access to cloud data
Bhandary et al. Securing logs of a system-an iota tangle use case
Said et al. A multi-factor authentication-based framework for identity management in cloud applications
CN110188545A (en) A kind of data ciphering method and device based on chain database
Gupta et al. Secure data access using blockchain technology through IoT cloud and fabric environment
Adlam et al. Applying blockchain technology to security-related aspects of electronic healthcare record infrastructure
CN112423302A (en) Wireless network access method, terminal and wireless access equipment
Cheng et al. IoT security access authentication method based on blockchain
Deshmukh et al. Secure fine-grained data access control over multiple cloud server based healthcare applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant