[go: up one dir, main page]

CN109831527B - File processing method, user side, server and readable storage medium - Google Patents

File processing method, user side, server and readable storage medium Download PDF

Info

Publication number
CN109831527B
CN109831527B CN201910188697.2A CN201910188697A CN109831527B CN 109831527 B CN109831527 B CN 109831527B CN 201910188697 A CN201910188697 A CN 201910188697A CN 109831527 B CN109831527 B CN 109831527B
Authority
CN
China
Prior art keywords
file
ipfs
dapp
node
storage node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910188697.2A
Other languages
Chinese (zh)
Other versions
CN109831527A (en
Inventor
徐卓佳
胡晨光
黄文俊
陈晓鸿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Information Technology Co Ltd
Original Assignee
Shijinshi Credit Service Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shijinshi Credit Service Co ltd filed Critical Shijinshi Credit Service Co ltd
Priority to CN201910188697.2A priority Critical patent/CN109831527B/en
Publication of CN109831527A publication Critical patent/CN109831527A/en
Application granted granted Critical
Publication of CN109831527B publication Critical patent/CN109831527B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

本发明提供一种文件处理方法,应用于第一用户端,包括:在确认初次用户注册及身份验证通过后,生成互相配对的公钥与私钥,其中,第一用户端将所述私钥本地保存,以及DAPP将第一用户端上传的公钥通过预设Fabric节点登记到Fabric网络;当检测到文件上传信号时,获取待上传文件,并获取公钥;使用公钥加密待上传文件,并将得到的第一加密文件上传至DAPP;DAPP将第一加密文件拆分成若干文件块,并将文件块存储至IPFS网络中的IPFS存储节点;以及,DAPP将存储文件块的IPFS存储节点返回的节点地址存储至预设存储位置。本发明还提供了一种用户端、服务器及可读存储介质。本发明旨在提供一种安全可信且易于实现的去中心化数据存储技术方案。

Figure 201910188697

The present invention provides a file processing method, which is applied to a first user terminal, comprising: after confirming that the initial user registration and identity verification are passed, generating a paired public key and a private key, wherein the first user terminal uses the private key to Save locally, and the DAPP registers the public key uploaded by the first client to the Fabric network through the preset Fabric node; when the file upload signal is detected, the file to be uploaded is obtained, and the public key is obtained; the file to be uploaded is encrypted using the public key, and upload the obtained first encrypted file to the DAPP; the DAPP splits the first encrypted file into several file blocks, and stores the file blocks to the IPFS storage node in the IPFS network; and, the DAPP stores the IPFS storage node of the file block. The returned node address is stored to the preset memory location. The present invention also provides a client, a server and a readable storage medium. The present invention aims to provide a safe, reliable and easy-to-implement decentralized data storage technical solution.

Figure 201910188697

Description

File processing method, user side, server and readable storage medium
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a file processing method, a client, a server, and a readable storage medium.
Background
The cloud storage technology is a centralized storage technology, and has the defect of risk of deletion by mistake. In recent years, the mistaken deletion events of data on the cloud are endless, and the reasons of the events are closely related to the manual intervention in the existing cloud storage technology. In addition, data are stored in a fixed cloud position, and certain data leakage risks also exist.
Aiming at the defects of the centralized cloud storage technology, the decentralized storage technology and the block chain technology can provide an improved data storage solution. Among them, IPFS (Inter planet File System) is a common decentralized storage technology, which is a network transmission protocol aiming at creating persistent and distributed storage and shared files, so there is no risk of false deletion and leakage. However, there is a possibility of payment behind the IPFS public network, and in addition, IPFS currently has some policy face risks and is therefore not recognized for a while. While Fabric is a block chain technology suitable for a federation chain, Fabric only supports data storage less than 99M by default, and the Fabric's full-node redundant storage mode consumes a large amount of cost, so that it is difficult to implement storage of mass data.
Therefore, how to provide a safe, reliable and easy-to-implement decentralized data storage technical scheme has become a problem to be solved.
The above is only for the purpose of assisting understanding of the technical aspects of the present invention, and does not represent an admission that the above is prior art.
Disclosure of Invention
The invention mainly aims to provide a file processing method, a user side, a server and a readable storage medium, and aims to provide a safe, reliable and easily-realized decentralized data storage technical scheme.
In order to achieve the above object, the present invention provides a file processing method, which is applied to a first user side, wherein the first user side is connected to a server, the server is deployed with a distributed application program DAPP, and a preset interface of the DAPP is respectively connected to a preset Fabric node in a distributed accounting network Fabric and a preset IPFS storage node in an interplanetary file system IPFS network; the method comprises the following steps:
after confirming that the initial user registration and identity authentication pass, generating a public key and a private key which are matched with each other, wherein the private key is locally stored by the first user side, and the public key uploaded by the first user side is registered to a Fabric network by the DAPP through a preset Fabric node;
when a file uploading signal is detected, acquiring a file to be uploaded and acquiring the public key;
encrypting the file to be uploaded by using the public key to obtain a first encrypted file, and uploading the first encrypted file to the DAPP;
the DAPP splits the first encrypted file into a plurality of file blocks, and stores the file blocks to an IPFS storage node in the IPFS network; and the DAPP stores the node address returned by the IPFS storage node storing the file block to a preset storage position.
Preferably, after the step of storing the node address returned by the IPFS storage node storing the file block to the preset storage location, the DAPP further includes:
when a file downloading signal is detected, sending a first file downloading request to the DAPP; the DAPP determines a node address of a first IPFS storage node corresponding to a file to be downloaded according to the first file downloading request, and sends a first file block downloading request to the first IPFS storage node according to the node address of the first IPFS storage node; the DAPP assembles the returned file blocks corresponding to the first IPFS storage node;
and decrypting the assembled file returned by the DAPP through the private key to obtain the file to be downloaded.
Preferably, after the step of storing the node address returned by the IPFS storage node in the preset storage location, the DAPP further includes:
when the file sharing signal is detected, sending a second file downloading request to the DAPP;
the DAPP determines a node address of a second IPFS storage node corresponding to a file to be downloaded according to the second file downloading request, and sends a second file block downloading request to the second IPFS storage node according to the node address of the second IPFS storage node; the DAPP assembles the returned file blocks corresponding to the second IPFS storage node;
decrypting the assembled file returned by the DAPP through the private key to obtain a shared file;
acquiring a target user public key corresponding to the second user end;
encrypting the shared file through the target user public key to obtain a second encrypted file;
uploading the second encrypted file to the DAPP;
the DAPP stores a second encrypted file to a third IPFS storage node based on a second preset storage mode, and sends a node address of the third IPFS storage node to a second user end; the second user side acquires a second encrypted file from the third IPFS storage node through the node address of the third IPFS storage node, and decrypts and displays the second encrypted file through a target user private key locally stored in the second user side; and the second user terminal cleans the node address of the third IPFS storage node after destroying the second encrypted file.
In addition, in order to achieve the above object, the present invention further provides a file processing method, which is applied to a server, where the server deploys a distributed application program DAPP, a preset interface of the DAPP is respectively connected to a preset Fabric node in a distributed accounting network Fabric and a preset IPFS storage node in an interplanetary file system IPFS network, and the server is connected to a first user end; the method comprises the following steps:
when a first encrypted file uploaded by a first user side is received, splitting the first encrypted file into a plurality of file blocks;
after confirming that the initial user registration and identity authentication pass, the first user terminal generates a public key and a private key which are paired with each other; the private key is locally stored by the first user side, and the DAPP registers the public key uploaded by the first user side to a Fabric network through a preset Fabric node; when a file uploading signal is detected, the first user side obtains a file to be uploaded and obtains the public key; the first user terminal encrypts the file to be uploaded by using the public key to obtain a first encrypted file;
storing the file block to an IPFS storage node in an IPFS network;
and storing the node address returned by the IPFS storage node storing the file block to a preset storage position.
Preferably, after the step of storing the node address returned by the IPFS storage node storing the file block to the preset storage location, the method further includes:
when a first file downloading request sent by a first user terminal is received, determining a node address of a first IPFS storage node corresponding to a file to be downloaded according to the first file downloading request;
sending a first file block downloading request to a first IPFS storage node according to the node address of the first IPFS storage node;
assembling the returned file blocks corresponding to the first IPFS storage node;
and the first user terminal decrypts the assembled file returned by the DAPP through the private key to obtain the file to be downloaded.
Preferably, after the step of storing the node address returned by the IPFS storage node storing the file block to the preset storage location, the method further includes:
when a second file downloading request sent by a first user terminal is received, determining a node address of a second IPFS storage node corresponding to a file to be downloaded according to the second file downloading request, and sending a second file block downloading request to the second IPFS storage node according to the node address of the second IPFS storage node;
assembling the returned file blocks corresponding to the second IPFS storage node, and returning the assembled file to the first user terminal;
the first user terminal decrypts the assembled file through the private key to obtain a shared file; acquiring a target user public key corresponding to the second user end; the first user terminal encrypts the shared file through the target user public key to obtain a second encrypted file;
when a second encrypted file uploaded by a first user side is received, storing the second encrypted file to a third IPFS storage node based on a second preset storage mode, and sending a node address of the third IPFS storage node to a second user side;
the second user side acquires a second encrypted file from the third IPFS storage node through the node address of the third IPFS storage node, decrypts the second encrypted file through a target user private key locally stored in the second user side, and displays the second encrypted file; and the second user terminal cleans the node address of the third IPFS storage node after destroying the second encrypted file.
In addition, to achieve the above object, the present invention further provides a ue, including: a memory, a processor and a file processing program stored on the memory and executable on the processor, the file processing program when executed by the processor implementing the steps of the file processing method as described above.
In addition, to achieve the above object, the present invention also provides a readable storage medium having stored thereon a file processing program, which when executed by a processor, implements the steps of the file processing method as described above.
In addition, to achieve the above object, the present invention also provides a server, including: a memory, a processor and a file processing program stored on the memory and executable on the processor, the file processing program when executed by the processor implementing the steps of the file processing method as described above.
In addition, to achieve the above object, the present invention also provides a readable storage medium having stored thereon a file processing program, which when executed by a processor, implements the steps of the file processing method as described above.
The embodiment of the invention provides a file processing method, a user side, a server and a readable storage medium, wherein a public key in a public and private key pair generated by a first user side is registered to a Fabric network through DAPP (digital Address protocol) so as to encrypt a target file uploaded by the first user side before uploading, and the data security of the target file and the encrypted transmission of data are ensured. In addition, the encrypted target file is divided into a plurality of file blocks by the DAPP, the file blocks are stored in different IPFS storage nodes, and the node addresses returned by the IPFS storage nodes are stored by the DAPP for downloading the file blocks. The method and the device realize fragmentation and decentralized storage, and any storage party does not store a complete copy, thereby ensuring the security of file storage. Meanwhile, the data chaining of the file uploading behavior realizes the traceability of the file uploading behavior, thereby improving the data security of the file. Thus, a trusted decentralized storage platform is built by using IPFS and Fabric technologies in conjunction with a trusted enterprise server.
Drawings
FIG. 1 is a schematic flow chart diagram illustrating a document processing method according to a first embodiment of the present invention;
FIG. 2 is a schematic diagram of a system architecture related to the file processing method of the present invention;
FIG. 3 is a flowchart illustrating a user registration implementation in a first embodiment of a file processing method according to the present invention;
FIG. 4 is a flowchart illustrating a file uploading implementation in the file processing method according to the present invention;
FIG. 5 is a flowchart illustrating a second embodiment of a document processing method according to the present invention;
FIG. 6 is a flowchart illustrating a file downloading implementation in the file processing method according to the present invention;
FIG. 7 is a flowchart illustrating a document processing method according to a third embodiment of the present invention;
FIG. 8 is a flowchart of a file sharing implementation in the file processing method of the present invention;
FIG. 9 is a flowchart illustrating a fourth exemplary embodiment of a document processing method according to the present invention;
FIG. 10 is a flowchart illustrating a fifth exemplary embodiment of a document processing method according to the present invention;
FIG. 11 is a flowchart illustrating a sixth embodiment of a file processing method according to the present invention.
The objects, features and advantages of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
First, the following definitions or explanations are given for some terms involved in the present invention.
DAPP: DAPP is an abbreviation for Decentralized Application, meaning distributed applications, applications built on a blockchain architecture. The most obvious difference between it and the traditional application program APP: the DAPP runs on a decentralized network, i.e. a blockchain network. The DAPP can be completely controlled without a centralized node in the network; the APP needs to request a certain server to obtain data, process data, etc.
Fabric: a block chain framework is one of project members of the super account book and belongs to a distributed intelligent contract platform.
IPFS: the abbreviation of internet File System, the InterPlanetary File System, is a network transport protocol aimed at creating persistent and distributed storage and sharing of files. It is a content addressable hypermedia distribution protocol. The nodes in the IPFS network will constitute a distributed file system.
And (3) node: the communication entity of the block chain, the node, is a logical concept, and different types of nodes can run on the same physical server. The nodes may be deployed on a cloud server or locally.
MySQL: a relational database management system.
The invention provides a file processing method.
Referring to fig. 1, fig. 1 is a schematic flow chart of a file processing method according to a first embodiment of the present invention. In this embodiment, the method is applied to a first user side, the first user side is connected to the server, the server is deployed with a distributed application program DAPP, and a preset interface of the DAPP is respectively connected to a preset Fabric node in a distributed accounting network Fabric and a preset IPFS storage node in an interplanetary file system IPFS network;
the file processing method may be specifically implemented based on the system architecture shown in fig. 2. More specifically, servers of different trusted authorities (e.g., S1, S2, S3 in fig. 2) deploy corresponding DAPPs (e.g., DAPP1, DAPP2, DAPP3 in fig. 1); user end (e.g. M in fig. 1)A、MB、MC、MD) And connecting with a server of the trusted authority by running a specific mobile terminal application program. The user side can be various mobile intelligent devices such as a smart phone and a tablet computer.
In addition, a Fabric distributed accounting network comprising a plurality of Fabric nodes is built based on the existing Fabric technology. The interconnection relationship of different Fabric nodes on the Fabric distributed accounting network is not limited, such as point-to-point connection. And building an IPFS network comprising a plurality of IPFS storage nodes based on the existing IPFS technology.
And the servers of different trusted authorities are connected with a certain Fabric node or a certain IPFS storage node through the interface of the correspondingly deployed DAPP, so that a federation chain based on a Fabric distributed accounting network and an IPFS network is constructed. For example, the server S1 of trusted authority A is connected with Fabric node 1 and IPFS storage node 1 through DAPP1, and user end M of user AAThe mobile terminal application program is operated to connect with the server S1 for data transmission and interaction. In addition, the DAPP interface can also access the Fabric distributed accounting network or the IPFS network for data transmission and communication connection.
The document processing method of the present invention will be described in detail below. Wherein, as shown in fig. 1, the method comprises:
step S10, after confirming that the first user registration and identity verification pass, generating a public key and a private key which are paired with each other, wherein the private key is locally stored by the first user side, and the public key uploaded by the first user side is registered to the Fabric network through a preset Fabric node by the DAPP;
referring to fig. 3, in a specific implementation, if the first user terminal initially runs the related mobile application, the first user terminal needs to perform basic information filling and user identity authentication. The user basic information may be a name, an identification number, a mobile phone number, or the like of the user. The user identity authentication can be performed through the short message authentication code, or other identity authentication modes are adopted. After the first user side confirms that the first user registration and the identity authentication pass, at least one pair of a public key and a private key which are matched with each other is generated; and the generation mode of the public and private key pair is not limited.
Then, the first user end locally stores the generated private key and uploads the generated public key to the DAPP; the DAPP interface is connected with the preset Fabric node so as to register the public key uploaded by the first user end to the Fabric network through the preset Fabric node. Taking trusted authority a in fig. 1 as an example, user a uploads the generated public key to DAPP1 deployed by server S1, and DAPP1 uploads the public key to associated Fabric node 1 through a specific data interface, so as to register the public key on the Fabric distributed accounting network (i.e., blockchain) and generate a corresponding block. Meanwhile, the user A directly stores the generated private key in a local storage area of the user A.
Step S11, when a file uploading signal is detected, acquiring a file to be uploaded and acquiring the public key;
when a user needs to upload a certain file for storage, the first user obtains the file to be uploaded (such as the file/data uploaded to the application program of the mobile terminal), and sends a public key obtaining instruction to the DAPP, so that the DAPP is connected with the Fabric network through a preset Fabric node, and the DAPP obtains the public key registered in the Fabric network and sends the public key to the first user.
Step S12, encrypting the file to be uploaded by using the public key to obtain a first encrypted file, and uploading the first encrypted file to the DAPP;
referring to fig. 4, the file to be uploaded is encrypted by using a public key, preferably by using an asymmetric encryption algorithm, so as to improve the encryption level of the file.
The DAPP splits the first encrypted file into a plurality of file blocks, and stores the file blocks to an IPFS storage node in the IPFS network; and the DAPP stores the node address returned by the IPFS storage node storing the file block to a preset storage position.
The DAPP can split the first encrypted file according to the capacity of the preset file blocks to obtain a plurality of file blocks; the preset file block capacity can be set according to actual needs. And then, the DAPP sends the different file blocks to the random IPFS storage node to store the different file blocks to the random IPFS storage node, and the specific number of the IPFS storage nodes is not limited. And preferentially storing the file blocks to the associated preset IPFS storage nodes so as to improve the storage speed of the file blocks.
Preferably, the DAPP sends different file blocks to different IPFS storage nodes using a preset Cluster command (Cluster). The preset cluster command may refer to an existing cluster command. And a preset cluster command is used, so that a certain file block is conveniently synchronized to different nodes.
And when any IPFS storage node receives and stores the file block, the IPFS storage node returns the node address corresponding to the node to the DAPP. And the DAPP stores the node address returned by each IPFS storage node to a preset storage position according to the type of the node address group. The preset storage position is preferably a preset database, and the database preferably uses a MySQL system. The MySQL system stores the data in different data tables instead of centrally searching and locating all the data, so that the storage speed can be increased, and the flexibility of data storage is improved; meanwhile, the MySQL system is small in occupied size, low in construction cost and excellent in performance.
In this embodiment, a public key in a public-private key pair generated by a first user is registered to a Fabric network through DAPP, so as to encrypt a target file uploaded by the first user before uploading, thereby ensuring data security of the target file and encrypted transmission of data. In addition, the encrypted target file is divided into a plurality of file blocks by the DAPP, the file blocks are stored in different IPFS storage nodes, and the node addresses returned by the IPFS storage nodes are stored by the DAPP for downloading the file blocks. The method and the device realize fragmentation and decentralized storage, and any storage party does not store a complete copy, thereby ensuring the security of file storage. Meanwhile, the data chaining of the file uploading behavior realizes the traceability of the file uploading behavior, thereby improving the data security of the file. Thus, a trusted decentralized storage platform is built by using IPFS and Fabric technologies in conjunction with a trusted enterprise server.
Further, based on the first embodiment of the file processing method of the present invention as described above, a second embodiment is proposed. As shown in fig. 5, after the step of storing the node address returned by the IPFS storage node storing the file block to the preset storage location, the DAPP further includes:
step S20, when a file downloading signal is detected, a first file downloading request is sent to the DAPP; the DAPP determines a node address of a first IPFS storage node corresponding to a file to be downloaded according to the first file downloading request, and sends a first file block downloading request to the first IPFS storage node according to the node address of the first IPFS storage node; the DAPP assembles the returned file blocks corresponding to the first IPFS storage node;
referring to fig. 6, in an implementation, when a user needs to download a file (or data), the first user runs a related mobile application on the first user, so as to send a first file download request corresponding to a file download signal to the DAPP to request to download the file.
The DAPP determines, according to the first file download request, a file to be downloaded corresponding to the request and a file block to be pre-split corresponding to the file to be downloaded, specifically including determining a corresponding node address of an IPFS storage node (i.e., the first IPFS storage node described above) storing the file block; the first IPFS storage node is not limited to only one IPFS storage node, but may be a plurality of IPFS storage nodes. And then, the DAPP sends a first file block downloading request to the corresponding IPFS storage node based on the determined corresponding address of the IPFS storage node so as to request for downloading the file block.
Based on a first file block downloading request sent by the DAPP, different IPFS storage nodes return corresponding file blocks to the DAPP, and the returned file blocks are assembled on the DAPP to obtain a complete assembled file. For example, according to the first embodiment, after a certain data file is encrypted, the encrypted file is split into A, B, C three file blocks and stored in three IPFS storage nodes. When downloading the file, the DAPP assembles A, B, C file blocks respectively returned by the three IPFS storage nodes to obtain a complete encrypted file.
And step S21, decrypting the assembly file returned by the DAPP through the private key to obtain the file to be downloaded.
The DAPP returns an assembly file to the first user terminal; the first user side obtains a local stored private key, and assembles the file through the private key to obtain a decrypted file to be downloaded. In addition, as shown in fig. 6, the ue provides functions of previewing, downloading and displaying the file to be downloaded through the related mobile application.
In this embodiment, when a file needs to be downloaded, the DAPP sends a file block download request to an IPFS storage node based on a node address of the IPFS storage node storing a file block corresponding to the file to be downloaded, and then assembles the file block returned by the IPFS to obtain an encrypted file; and the first user end decrypts the encrypted file by using a private key in a public and private key pair stored locally so as to obtain a complete file to be downloaded without encryption. Meanwhile, the data chaining of the file downloading behavior realizes the traceability of the file downloading behavior, thereby improving the security of the file downloading. Therefore, the established trusted decentralized storage platform also has the file downloading function, and the application scene range of the storage platform is expanded.
Further, based on the first embodiment of the file processing method of the present invention as described above, a third embodiment is proposed. As shown in fig. 7, after the step of storing the node address returned by the IPFS storage node in the preset storage location, the DAPP further includes:
step S30, when the file sharing signal is detected, sending a second file downloading request to the DAPP;
the DAPP determines a node address of a second IPFS storage node corresponding to a file to be downloaded according to the second file downloading request, and sends a second file block downloading request to the second IPFS storage node according to the node address of the second IPFS storage node; the DAPP assembles the returned file blocks corresponding to the second IPFS storage node;
referring to fig. 8, in an implementation, when a user needs to share a file (or data) to a user terminal of another user (in this embodiment, referred to as a "second user terminal"), the first user terminal runs a related mobile application, so as to send a second file download request (i.e., a second file download request) corresponding to the file sharing signal to the DAPP to request to download the file.
The DAPP determines, according to the second file download request, the shared file corresponding to the request and the pre-split file block corresponding to the shared file, specifically including determining a corresponding node address of an IPFS storage node (i.e., the second IPFS storage node described above) storing the file block; the second IPFS storage node is not limited to only one IPFS storage node, but may be multiple IPFS storage nodes. And then, the DAPP sends a second file block downloading request to the corresponding IPFS storage node based on the determined corresponding address of the IPFS storage node so as to request for downloading the file block.
And based on a second file block downloading request sent by the DAPP, different IPFS storage nodes return corresponding file blocks to the DAPP, and assemble the returned file blocks on the DAPP to obtain a complete assembled file.
Step S31, decrypting the assembly file returned by the DAPP through the private key to obtain a shared file;
the DAPP returns an assembly file to the first user terminal; the first user side obtains a local stored private key, and assembles the file through the private key to obtain a decrypted shared file.
Step S32, obtaining a target user public key corresponding to the second user terminal;
a user selects a second user end needing to share files from a first user end; accordingly, the first user confirms the Fabric node where the second user stores the public key (i.e., the target user public key), and obtains the target user public key from the Fabric node.
Step S33, encrypting the shared file through the target user public key to obtain a second encrypted file;
and re-encrypting the decrypted shared file through the acquired target user public key to obtain a second encrypted file. The shared file is encrypted using the target user public key, preferably using an asymmetric encryption algorithm, to improve the encryption level of the file.
Step S34, uploading the second encrypted file to the DAPP;
the DAPP stores a second encrypted file to a third IPFS storage node based on a second preset storage mode, and sends a node address of the third IPFS storage node to a second user end; the second user side acquires a second encrypted file from the third IPFS storage node through the node address of the third IPFS storage node, and decrypts and displays the second encrypted file through a target user private key locally stored in the second user side; and the second user terminal cleans the node address of the third IPFS storage node after destroying the second encrypted file.
As shown in fig. 8, after receiving the second encrypted file uploaded by the first user, the DAPP directly and independently sends the second encrypted file to any IPFS storage node (which may be one or more IPFS storage nodes) in the IPFS network; correspondingly, the DAPP forwards the node address returned by the IPFS storage node (i.e. the third IPFS storage node described above) to the second user end; the third IPFS storage node is not limited to only one IPFS storage node, but may be a plurality of IPFS storage nodes. And the second user side sends a file downloading request of the second encrypted file to the third IPFS storage node through the node address of the third IPFS storage node so as to acquire the second encrypted file from the third IPFS storage node. And then, the second user terminal decrypts the second encrypted file through a target user private key locally stored in the second user terminal. Understandably, as shown in fig. 8, the second user terminal provides a display function of the decrypted file (i.e., the shared file) through the related mobile terminal application.
In addition, when the second user terminal displays that the downloaded shared file exceeds the preset duration, the second user terminal automatically destroys the downloaded shared file. The preset duration can be set according to actual needs, for example, different file capacities correspond to different preset durations, and the larger the file capacity is, the longer the preset duration is.
Preferably, after the shared file is destroyed, the second user uses a preset Cluster command (Cluster) to clean the node address of the third IPFS storage node, so that the shared file and the address of the IPFS storage node required by downloading the shared file are effectively cleaned, the effect of burning after reading is achieved, the shared file is prevented from being maliciously copied, and the data security of the shared file is protected. The preset cluster command may refer to an existing cluster command. Meanwhile, file blocks and shared files in the file sharing process are encrypted in advance, so that the files are effectively protected; and the data chaining of the file sharing behavior realizes the traceability of the file sharing behavior, thereby improving the security of the file sharing. Therefore, the established trusted decentralized storage platform also has a file sharing function, and the application scene range of the storage platform is expanded.
Correspondingly to the above embodiment of the file processing method, the present invention further provides a user side, including: the file processing system comprises a memory, a processor and a file processing program stored on the memory and capable of running on the processor, wherein the file processing program realizes the steps of the file processing method according to the above embodiments when being executed by the processor.
The user side can be various mobile intelligent devices such as a smart phone and a tablet computer.
In addition, the invention also provides a readable storage medium.
The readable storage medium has stored thereon a file processing program which, when executed by a processor, implements the steps of the file processing method as described in any one of the above.
The embodiments of the file processing apparatus and the readable storage medium of the present invention are substantially the same as the embodiments of the file processing method described above, and are not described herein again.
In addition, the invention also provides a file processing method which is applied to a server, wherein the server is deployed with a distributed application program DAPP, a preset interface of the DAPP is respectively connected with a preset Fabric node in the distributed accounting network Fabric and a preset IPFS storage node in the interplanetary file system IPFS network, and the server is connected with a first user end;
the system architecture of the server refers to the first embodiment of the file processing method of the present invention.
Referring to fig. 9, fig. 9 is a flowchart illustrating a file processing method according to a fourth embodiment of the present invention. In this embodiment, the method includes the steps of:
step S40, when a first encrypted file uploaded by a first user side is received, splitting the first encrypted file into a plurality of file blocks;
after confirming that the initial user registration and identity authentication pass, the first user terminal generates a public key and a private key which are paired with each other; the private key is locally stored by the first user side, and the DAPP registers the public key uploaded by the first user side to a Fabric network through a preset Fabric node; when a file uploading signal is detected, the first user side obtains a file to be uploaded and obtains the public key; the first user terminal encrypts the file to be uploaded by using the public key to obtain a first encrypted file;
referring to fig. 3, in a specific implementation, if the first user terminal initially runs the related mobile application, the first user terminal needs to perform basic information filling and user identity authentication. The user basic information may be a name, an identification number, a mobile phone number, or the like of the user. The user identity authentication can be performed through the short message authentication code, or other identity authentication modes are adopted. After the first user side confirms that the first user registration and the identity authentication pass, at least one pair of a public key and a private key which are matched with each other is generated; and the generation mode of the public and private key pair is not limited.
Then, the first user end locally stores the generated private key and uploads the generated public key to the DAPP; the DAPP interface is connected with the preset Fabric node so as to register the public key uploaded by the first user end to the Fabric network through the preset Fabric node. Taking trusted authority a in fig. 1 as an example, user a uploads the generated public key to DAPP1 deployed by server S1, and DAPP1 uploads the public key to associated Fabric node 1 through a specific data interface, so as to register the public key on the Fabric distributed accounting network (i.e., blockchain) and generate a corresponding block. Meanwhile, the user A directly stores the generated private key in a local storage area of the user A.
When a user needs to upload a certain file for storage, the first user obtains the file to be uploaded (such as the file/data uploaded to the application program of the mobile terminal), and sends a public key obtaining instruction to the DAPP, so that the DAPP is connected with the Fabric network through a preset Fabric node, and the DAPP obtains the public key registered in the Fabric network and sends the public key to the first user. And then, the first user terminal encrypts the file to be uploaded by using the public key to obtain a first encrypted file.
Referring to fig. 4, the file to be uploaded is encrypted by using a public key, preferably by using an asymmetric encryption algorithm, so as to improve the encryption level of the file.
Step S41, storing the file block to an IPFS storage node in the IPFS network;
the DAPP splits the first encrypted file into a plurality of file blocks, and stores the file blocks to a plurality of arbitrary IPFS storage nodes in the IPFS network; the DAPP can split the first encrypted file according to the capacity of the preset file blocks to obtain a plurality of file blocks; the preset file block capacity can be set according to actual needs. Furthermore, the DAPP sends different file blocks to the random IPFS storage node to store the different file blocks to the random IPFS storage node, and the specific number of the IPFS storage nodes is not limited. And preferentially storing the file blocks to the associated preset IPFS storage nodes so as to improve the storage speed of the file blocks.
Preferably, the DAPP sends different file blocks to different IPFS storage nodes using a preset Cluster command (Cluster). The preset cluster command may refer to an existing cluster command. And a preset cluster command is used, so that a certain file block is conveniently synchronized to different nodes.
And step S42, storing the node address returned by the IPFS storage node storing the file block to a preset storage position.
And when any IPFS storage node receives and stores the file block, the IPFS storage node returns the node address corresponding to the node to the DAPP. And the DAPP stores the node address returned by each IPFS storage node to a preset storage position according to the type of the node address group. The preset storage position is preferably a preset database, and the database preferably uses a MySQL system. The MySQL system stores the data in different data tables instead of centrally searching and locating all the data, so that the storage speed can be increased, and the flexibility of data storage is improved; meanwhile, the MySQL system is small in occupied size, low in construction cost and excellent in performance.
In this embodiment, a public key in a public-private key pair generated by a first user is registered to a Fabric network through DAPP, so as to encrypt a target file uploaded by the first user before uploading, thereby ensuring data security of the target file and encrypted transmission of data. In addition, the encrypted target file is divided into a plurality of file blocks by the DAPP, the file blocks are stored in different IPFS storage nodes, and the node addresses returned by the IPFS storage nodes are stored by the DAPP for downloading the file blocks. The method and the device realize fragmentation and decentralized storage, and any storage party does not store a complete copy, thereby ensuring the security of file storage. Meanwhile, the data chaining of the file uploading behavior realizes the traceability of the file uploading behavior, thereby improving the data security of the file. Thus, a trusted decentralized storage platform is built by using IPFS and Fabric technologies in conjunction with a trusted enterprise server.
Further, a fifth embodiment is proposed based on the fourth embodiment of the document processing method of the present invention as described above. As shown in fig. 10, after the step of storing the node address returned by the IPFS storage node storing the file block to the preset storage location, the method further includes:
step S50, when a first file downloading request sent by a first user terminal is received, determining a node address of a first IPFS storage node corresponding to a file to be downloaded according to the first file downloading request;
step S51, sending a first file block downloading request to the first IPFS storage node according to the node address of the first IPFS storage node;
step S52, assembling the returned file blocks corresponding to the first IPFS storage node;
and the first user terminal decrypts the assembled file returned by the DAPP through the private key to obtain the file to be downloaded.
Referring to fig. 6, in an implementation, when a user needs to download a file (or data), the first user runs a related mobile application on the first user, so as to send a first file download request corresponding to a file download signal to the DAPP to request to download the file.
The DAPP determines, according to the first file download request, a file to be downloaded corresponding to the request and a file block to be pre-split corresponding to the file to be downloaded, specifically including determining a corresponding address of an IPFS storage node (i.e., the first IPFS storage node described above) storing the file block; the first IPFS storage node is not limited to only one IPFS storage node, but may be a plurality of IPFS storage nodes. And then, the DAPP sends a first file block downloading request to the corresponding IPFS storage node based on the determined corresponding address of the IPFS storage node so as to request for downloading the file block.
Based on a first file block downloading request sent by the DAPP, different IPFS storage nodes return corresponding file blocks to the DAPP, and the returned file blocks are assembled on the DAPP to obtain a complete assembled file. For example, according to the first embodiment, after a certain data file is encrypted, the encrypted file is split into A, B, C three file blocks and stored in three IPFS storage nodes. When downloading the file, the DAPP assembles A, B, C file blocks respectively returned by the three IPFS storage nodes to obtain a complete encrypted file.
And then, the first user terminal decrypts the assembled file returned by the DAPP through the private key to obtain the file to be downloaded.
The DAPP returns an assembly file to the first user terminal; the first user side obtains a local stored private key, and assembles the file through the private key to obtain a decrypted file to be downloaded. In addition, as shown in fig. 6, the ue provides functions of previewing, downloading and displaying the file to be downloaded through the related mobile application.
In this embodiment, when a file needs to be downloaded, the DAPP sends a file block download request to an IPFS storage node based on a node address of the IPFS storage node storing a file block corresponding to the file to be downloaded, and then assembles the file block returned by the IPFS to obtain an encrypted file; and the first user end decrypts the encrypted file by using a private key in a public and private key pair stored locally so as to obtain a complete file to be downloaded without encryption. Meanwhile, the data chaining of the file downloading behavior realizes the traceability of the file downloading behavior, thereby improving the security of the file downloading. Therefore, the established trusted decentralized storage platform also has the file downloading function, and the application scene range of the storage platform is expanded.
Further, based on the fourth embodiment of the file processing method of the present invention as described above, a sixth embodiment is proposed. As shown in fig. 11, after the step of storing the node address returned by the IPFS storage node storing the file block to the preset storage location, the method further includes:
step S60, when a second file downloading request sent by the first user terminal is received, determining a node address of a second IPFS storage node corresponding to the file to be downloaded according to the second file downloading request, and sending a second file block downloading request to the second IPFS storage node according to the node address of the second IPFS storage node;
in specific implementation, when a user needs to share a file (or data) to a user terminal of another user (in this embodiment, referred to as a "second user terminal"), the first user terminal runs the relevant mobile application, so as to send a second file download request (i.e., a second file download request) corresponding to the file sharing signal to the DAPP to request to download the file.
The DAPP determines, according to the second file download request, the shared file corresponding to the request and the pre-split file block corresponding to the shared file, specifically including determining a corresponding node address of an IPFS storage node (i.e., the second IPFS storage node described above) storing the file block; the second IPFS storage node is not limited to only one IPFS storage node, but may be multiple IPFS storage nodes. And then, the DAPP sends a second file block downloading request to the corresponding IPFS storage node based on the determined corresponding address of the IPFS storage node so as to request for downloading the file block.
Step S61, assembling the returned file blocks corresponding to the second IPFS storage node, and returning the assembled file to the first user end;
the first user terminal decrypts the assembled file through the private key to obtain a shared file; acquiring a target user public key corresponding to the second user end; the first user terminal encrypts the shared file through the target user public key to obtain a second encrypted file;
and based on a second file block downloading request sent by the DAPP, different IPFS storage nodes return corresponding file blocks to the DAPP, and assemble the returned file blocks on the DAPP to obtain a complete assembled file.
Subsequently, the DAPP returns the assembly file to the first user terminal; the first user side obtains a local stored private key, and assembles the file through the private key to obtain a decrypted shared file.
Subsequently, the DAPP returns the assembly file to the first user terminal; the first user side obtains a local stored private key, and assembles the file through the private key to obtain a decrypted shared file. And the first user side encrypts the decrypted shared file again through the acquired target user public key to obtain a second encrypted file. The shared file is encrypted using the target user public key, preferably using an asymmetric encryption algorithm, to improve the encryption level of the file.
Step S62, when a second encrypted file uploaded by the first user side is received, storing the second encrypted file to a third IPFS storage node based on a second preset storage mode, and sending a node address of the third IPFS storage node to the second user side;
the second user side acquires a second encrypted file from the third IPFS storage node through the node address of the third IPFS storage node, decrypts the second encrypted file through a target user private key locally stored in the second user side, and displays the second encrypted file; and the second user terminal cleans the node address of the third IPFS storage node after destroying the second encrypted file.
After receiving a second encrypted file uploaded by a first user side, the DAPP directly and independently sends the second encrypted file to any IPFS storage node (which may be one or more IPFS storage nodes) in the IPFS network; correspondingly, the DAPP forwards the node address returned by the IPFS storage node (i.e. the third IPFS storage node described above) to the second user end; the third IPFS storage node is not limited to only one IPFS storage node, but may be a plurality of IPFS storage nodes. And the second user side sends a file downloading request of the second encrypted file to the third IPFS storage node through the node address of the third IPFS storage node so as to acquire the second encrypted file from the third IPFS storage node. And then, the second user terminal decrypts the second encrypted file through a target user private key locally stored in the second user terminal. Understandably, the second user end provides the functions of previewing, downloading and displaying the decrypted file (i.e. the shared file) through the related mobile end application program.
In addition, when the second user terminal displays that the downloaded shared file exceeds the preset duration, the second user terminal automatically destroys the downloaded shared file. The preset duration can be set according to actual needs, for example, different file capacities correspond to different preset durations, and the larger the file capacity is, the longer the preset duration is.
Preferably, after the shared file is destroyed, the second user uses a preset Cluster command (Cluster) to clean the node address of the third IPFS storage node, so that the shared file and the address of the IPFS storage node required by downloading the shared file are effectively cleaned, the effect of burning after reading is achieved, the shared file is prevented from being maliciously copied, and the data security of the shared file is protected. The preset cluster command may refer to an existing cluster command. Meanwhile, file blocks and shared files in the file sharing process are encrypted in advance, so that the files are effectively protected; and the data chaining of the file sharing behavior realizes the traceability of the file sharing behavior, thereby improving the security of the file sharing. Therefore, the established trusted decentralized storage platform also has a file sharing function, and the application scene range of the storage platform is expanded.
Correspondingly to the above file processing method embodiment, the present invention further provides a server, including: a memory, a processor and a file processing program stored on the memory and executable on the processor, the file processing program when executed by the processor implementing the steps of the file processing method as described above.
The type of the server is not particularly limited.
In addition, the invention also provides a readable storage medium.
The readable storage medium has stored thereon a file processing program which, when executed by a processor, implements the steps of the file processing method as described in any one of the above.
The embodiments of the file processing apparatus and the readable storage medium of the present invention are substantially the same as the embodiments of the file processing method described above, and are not described herein again.
The embodiments are described in a progressive manner in the specification, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the description of the method item.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
While the present invention has been described with reference to the embodiments shown in the drawings, the present invention is not limited to the embodiments, which are illustrative and not restrictive, and it will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the invention as defined in the appended claims.

Claims (10)

1.一种文件处理方法,其特征在于,应用于第一用户端,所述第一用户端连接服务器,所述服务器部署有分布式应用程序DAPP,DAPP的预设接口分别连接分布式记账网络Fabric中的预设Fabric节点及星际文件系统IPFS网络中的预设IPFS存储节点;所述方法包括如下步骤:1. a file processing method, it is characterized in that, it is applied to a first client, the first client is connected to a server, and the server is deployed with a distributed application program DAPP, and the preset interface of the DAPP is connected to distributed accounting respectively. The preset Fabric node in the network Fabric and the preset IPFS storage node in the interplanetary file system IPFS network; the method includes the following steps: 在确认初次用户注册及身份验证通过后,生成互相配对的公钥与私钥,其中,第一用户端将所述私钥本地保存,以及DAPP将第一用户端上传的所述公钥通过预设Fabric节点登记到Fabric网络;After confirming that the initial user registration and identity verification are passed, a paired public key and private key are generated, wherein the first user terminal saves the private key locally, and the DAPP stores the public key uploaded by the first user terminal through the pre- Set the Fabric node to register with the Fabric network; 当检测到文件上传信号时,获取待上传文件,并获取所述公钥;When a file upload signal is detected, obtain the file to be uploaded, and obtain the public key; 使用所述公钥加密待上传文件,以得到第一加密文件,并将第一加密文件上传至DAPP;Encrypting the file to be uploaded using the public key to obtain the first encrypted file, and uploading the first encrypted file to the DAPP; 其中,DAPP将第一加密文件拆分成若干文件块,并将所述文件块存储至IPFS网络中的IPFS存储节点;以及,DAPP将存储所述文件块的IPFS存储节点返回的节点地址存储至预设存储位置,其中,DAPP根据预设文件块容量对所述第一加密文件进行拆分。Wherein, the DAPP splits the first encrypted file into several file blocks, and stores the file blocks in the IPFS storage node in the IPFS network; and the DAPP stores the node address returned by the IPFS storage node storing the file block to A preset storage location, wherein the DAPP splits the first encrypted file according to the preset file block capacity. 2.如权利要求1所述的文件处理方法,其特征在于,所述DAPP将存储所述文件块的IPFS存储节点返回的节点地址存储至预设存储位置的步骤之后,还包括:2. The file processing method according to claim 1, characterized in that, after the step of storing the node address returned by the IPFS storage node storing the file block in the DAPP to a preset storage location, the DAPP also comprises: 当检测到文件下载信号时,向DAPP发送第一文件下载请求;其中,DAPP根据所述第一文件下载请求确定与待下载文件对应的第一IPFS存储节点的节点地址,并根据第一IPFS存储节点的节点地址向第一IPFS存储节点发送第一文件块下载请求;以及,DAPP将第一IPFS存储节点对应返回的文件块进行组装;When a file download signal is detected, a first file download request is sent to the DAPP; wherein, the DAPP determines the node address of the first IPFS storage node corresponding to the file to be downloaded according to the first file download request, and stores the node address according to the first IPFS storage The node address of the node sends the first file block download request to the first IPFS storage node; and the DAPP assembles the file block correspondingly returned by the first IPFS storage node; 通过所述私钥对DAPP返回的组装文件进行解密,以得到待下载文件。Decrypt the assembled file returned by the DAPP by using the private key to obtain the file to be downloaded. 3.如权利要求1所述的文件处理方法,其特征在于,所述DAPP将所述IPFS存储节点返回的节点地址存储至预设存储位置的步骤之后,还包括:3. The file processing method according to claim 1, wherein after the step of storing the node address returned by the IPFS storage node to a preset storage location by the DAPP, the method further comprises: 当检测到文件共享信号时,向DAPP发送第二文件下载请求;When a file sharing signal is detected, send a second file download request to DAPP; 其中,DAPP根据所述第二文件下载请求确定与待下载文件对应的第二IPFS存储节点的节点地址,并根据第二IPFS存储节点的节点地址向第二IPFS存储节点发送第二文件块下载请求;以及,DAPP将第二IPFS存储节点对应返回的文件块进行组装;The DAPP determines the node address of the second IPFS storage node corresponding to the file to be downloaded according to the second file download request, and sends the second file block download request to the second IPFS storage node according to the node address of the second IPFS storage node ; And, DAPP assembles the file blocks returned by the second IPFS storage node correspondingly; 通过所述私钥对DAPP返回的组装文件进行解密,以得到共享文件;Decrypt the assembled file returned by the DAPP through the private key to obtain the shared file; 获取与第二用户端对应的目标用户公钥;obtaining the public key of the target user corresponding to the second client; 通过所述目标用户公钥对共享文件进行加密,得到第二加密文件;Encrypting the shared file by using the target user's public key to obtain a second encrypted file; 将第二加密文件上传至DAPP;Upload the second encrypted file to the DAPP; 其中,DAPP基于第二预设存储方式将第二加密文件存储至第三IPFS存储节点,并向第二用户端发送第三IPFS存储节点的节点地址;第二用户端通过第三IPFS存储节点的节点地址从第三IPFS存储节点获取第二加密文件,并通过在第二用户端本地保存的目标用户私钥解密并显示第二加密文件;以及,第二用户端在销毁第二加密文件后清理第三IPFS存储节点的节点地址。The DAPP stores the second encrypted file in the third IPFS storage node based on the second preset storage method, and sends the node address of the third IPFS storage node to the second user; The node address obtains the second encrypted file from the third IPFS storage node, and decrypts and displays the second encrypted file through the private key of the target user stored locally on the second client; and, the second client cleans up after destroying the second encrypted file Node address of the third IPFS storage node. 4.一种文件处理方法,其特征在于,应用于服务器,所述服务器部署有分布式应用程序DAPP,DAPP的预设接口分别连接分布式记账网络Fabric中的预设Fabric节点及星际文件系统IPFS网络中的预设IPFS存储节点,所述服务器连接第一用户端;所述方法包括如下步骤:4. A file processing method, characterized in that it is applied to a server, and the server is deployed with a distributed application program DAPP, and the preset interface of the DAPP is respectively connected to the preset Fabric node and the interplanetary file system in the distributed accounting network Fabric. A preset IPFS storage node in the IPFS network, the server is connected to the first client; the method includes the following steps: 在接收到第一用户端上传的第一加密文件时,将第一加密文件拆分成若干文件块;When receiving the first encrypted file uploaded by the first user terminal, splitting the first encrypted file into several file blocks; 其中,第一用户端在确认初次用户注册及身份验证通过后,生成互相配对的公钥与私钥;第一用户端将所述私钥本地保存,以及DAPP将第一用户端上传的所述公钥通过预设Fabric节点登记到Fabric网络;当检测到文件上传信号时,第一用户端获取待上传文件,并获取所述公钥;以及,第一用户端使用所述公钥加密待上传文件,以得到第一加密文件;The first user terminal generates a paired public key and private key after confirming that the initial user registration and identity verification are passed; the first user terminal saves the private key locally, and the DAPP uploads the The public key is registered to the Fabric network through a preset Fabric node; when a file upload signal is detected, the first client obtains the file to be uploaded, and obtains the public key; and the first client uses the public key to encrypt the to-be-uploaded file file to obtain the first encrypted file; 将所述文件块存储至IPFS网络中的IPFS存储节点;storing the file block to an IPFS storage node in the IPFS network; 将存储所述文件块的IPFS存储节点返回的节点地址存储至预设存储位置,其中,DAPP根据预设文件块容量对所述第一加密文件进行拆分。The node address returned by the IPFS storage node that stores the file block is stored in a preset storage location, wherein the DAPP splits the first encrypted file according to the preset file block capacity. 5.如权利要求4所述的文件处理方法,其特征在于,所述将存储所述文件块的IPFS存储节点返回的节点地址存储至预设存储位置的步骤之后,还包括:5. The file processing method according to claim 4, wherein after the step of storing the node address returned by the IPFS storage node storing the file block to a preset storage location, the method further comprises: 当接收到第一用户端发送的第一文件下载请求时,根据所述第一文件下载请求确定与待下载文件对应的第一IPFS存储节点的节点地址;When receiving the first file download request sent by the first client, determining the node address of the first IPFS storage node corresponding to the file to be downloaded according to the first file download request; 根据第一IPFS存储节点的节点地址向第一IPFS存储节点发送第一文件块下载请求;Send the first file block download request to the first IPFS storage node according to the node address of the first IPFS storage node; 将第一IPFS存储节点对应返回的文件块进行组装;Assemble the file blocks returned by the first IPFS storage node; 其中,第一用户端通过所述私钥对DAPP返回的组装文件进行解密,以得到待下载文件。Wherein, the first user terminal decrypts the assembled file returned by the DAPP through the private key to obtain the file to be downloaded. 6.如权利要求4所述的文件处理方法,其特征在于,所述将存储所述文件块的IPFS存储节点返回的节点地址存储至预设存储位置的步骤之后,还包括:6. The file processing method according to claim 4, wherein after the step of storing the node address returned by the IPFS storage node storing the file block to a preset storage location, the method further comprises: 当接收到第一用户端发送的第二文件下载请求时,根据所述第二文件下载请求确定与待下载文件对应的第二IPFS存储节点的节点地址,并根据第二IPFS存储节点的节点地址向第二IPFS存储节点发送第二文件块下载请求;When receiving the second file download request sent by the first client, determine the node address of the second IPFS storage node corresponding to the to-be-downloaded file according to the second file download request, and determine the node address of the second IPFS storage node according to the second file download request sending a second file block download request to the second IPFS storage node; 将第二IPFS存储节点对应返回的文件块进行组装,并将组装文件返回至第一用户端;Assembling the corresponding returned file blocks of the second IPFS storage node, and returning the assembled files to the first client; 其中,第一用户端通过所述私钥对所述组装文件进行解密,以得到共享文件;获取与第二用户端对应的目标用户公钥;以及,第一用户端通过所述目标用户公钥对共享文件进行加密,得到第二加密文件;Wherein, the first user terminal decrypts the assembled file by using the private key to obtain the shared file; obtains the target user public key corresponding to the second user terminal; and the first user terminal uses the target user public key Encrypting the shared file to obtain a second encrypted file; 当接收到第一用户端上传的第二加密文件时,基于第二预设存储方式将第二加密文件存储至第三IPFS存储节点,并向第二用户端发送第三IPFS存储节点的节点地址;When receiving the second encrypted file uploaded by the first client, store the second encrypted file in the third IPFS storage node based on the second preset storage method, and send the node address of the third IPFS storage node to the second client ; 其中,第二用户端通过第三IPFS存储节点的节点地址从第三IPFS存储节点获取第二加密文件,并通过在第二用户端本地保存的目标用户私钥解密并显示第二加密文件;以及,第二用户端在销毁第二加密文件后清理第三IPFS存储节点的节点地址。Wherein, the second client obtains the second encrypted file from the third IPFS storage node through the node address of the third IPFS storage node, and decrypts and displays the second encrypted file through the private key of the target user stored locally on the second client; and , the second client clears the node address of the third IPFS storage node after destroying the second encrypted file. 7.一种用户端,其特征在于,包括:存储器、处理器及存储在所述存储器上并可在所述处理器上运行的文件处理程序,所述文件处理程序被所述处理器执行时实现如权利要求1至3中任一项所述的文件处理方法的步骤。7. A client, comprising: a memory, a processor and a file processing program stored on the memory and running on the processor, when the file processing program is executed by the processor Steps for implementing the file processing method as claimed in any one of claims 1 to 3. 8.一种服务器,其特征在于,包括:存储器、处理器及存储在所述存储器上并可在所述处理器上运行的文件处理程序,所述文件处理程序被所述处理器执行时实现如权利要求4至6中任一项所述的文件处理方法的步骤。8. A server, comprising: a memory, a processor, and a file processing program stored on the memory and executable on the processor, the file processing program being implemented when executed by the processor The steps of the document processing method according to any one of claims 4 to 6. 9.一种可读存储介质,其特征在于,所述可读存储介质上存储有文件处理程序,所述文件处理程序被处理器执行时实现如权利要求1至3中任一项所述的文件处理方法的步骤。9. A readable storage medium, characterized in that, a file processing program is stored on the readable storage medium, and when the file processing program is executed by a processor, the file processing program according to any one of claims 1 to 3 is implemented. The steps of the file processing method. 10.一种可读存储介质,其特征在于,所述可读存储介质上存储有文件处理程序,所述文件处理程序被处理器执行时实现如权利要求4至6中任一项所述的文件处理方法的步骤。10. A readable storage medium, characterized in that, a file processing program is stored on the readable storage medium, and when the file processing program is executed by a processor, the method according to any one of claims 4 to 6 is implemented. The steps of the file processing method.
CN201910188697.2A 2019-03-13 2019-03-13 File processing method, user side, server and readable storage medium Active CN109831527B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910188697.2A CN109831527B (en) 2019-03-13 2019-03-13 File processing method, user side, server and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910188697.2A CN109831527B (en) 2019-03-13 2019-03-13 File processing method, user side, server and readable storage medium

Publications (2)

Publication Number Publication Date
CN109831527A CN109831527A (en) 2019-05-31
CN109831527B true CN109831527B (en) 2021-12-28

Family

ID=66869229

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910188697.2A Active CN109831527B (en) 2019-03-13 2019-03-13 File processing method, user side, server and readable storage medium

Country Status (1)

Country Link
CN (1) CN109831527B (en)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112235331B (en) * 2019-07-15 2023-05-09 中国移动通信有限公司研究院 A data transmission processing method and device
CN110445851A (en) * 2019-07-26 2019-11-12 达闼科技成都有限公司 Communication means, device, storage medium and electronic equipment based on distributed network
CN111104386B (en) 2019-11-04 2023-09-01 京东科技信息技术有限公司 A file storage method, terminal and storage medium
CN111404936B (en) * 2020-03-16 2022-07-05 中国银行股份有限公司 File forwarding system and method
CN111683064A (en) * 2020-05-22 2020-09-18 易联众信息技术股份有限公司 Block chain-based data transfer method, device, medium, equipment and application
CN111858540B (en) * 2020-07-28 2024-10-15 昆明大棒客科技有限公司 Weighted distributed data storage method, system and storage medium
CN112035422B (en) * 2020-08-20 2022-03-25 郑州信大捷安信息技术股份有限公司 Distributed real-time data synchronization method, node equipment and system based on IPFS
CN112070498B (en) * 2020-09-09 2023-12-08 上海万向区块链股份公司 Ownership processing system and method
CN112417502B (en) * 2020-11-18 2022-03-18 中国电子科技集团公司第三十研究所 Distributed instant messaging system and method based on block chain and decentralized deployment
CN113259340B (en) * 2021-05-10 2023-02-24 中国联合网络通信集团有限公司 Block chain data processing method, device and electronic equipment
CN113434093B (en) * 2021-07-08 2023-12-01 山东中科好靓基础软件技术有限公司 An IPFS data storage method that can effectively improve storage capacity
CN114020705A (en) * 2021-10-19 2022-02-08 卓尔智联(武汉)研究院有限公司 File processing method and device and storage medium
CN115080526B (en) * 2022-08-22 2022-11-11 四川蜀天信息技术有限公司 Method for storing large file based on IPFS

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107273410A (en) * 2017-05-03 2017-10-20 上海点融信息科技有限责任公司 Distributed storage based on block chain
CN108259169A (en) * 2018-01-09 2018-07-06 北京大学深圳研究生院 A kind of file security sharing method and system based on block chain cloud storage
CN108647230A (en) * 2018-03-29 2018-10-12 深圳市网心科技有限公司 Distributed storage method, electronic device and storage medium
CN108681898A (en) * 2018-05-15 2018-10-19 广东工业大学 A kind of data trade method and system based on block chain
CN108710681A (en) * 2018-05-18 2018-10-26 腾讯科技(深圳)有限公司 File acquisition method, device, equipment and storage medium
CN108734029A (en) * 2018-05-23 2018-11-02 陈萍 A kind of approaches to IM and platform based on block chain and interspace file system
CN109215751A (en) * 2018-08-10 2019-01-15 暨南大学 Medical electronics case history distributed management system and its building method based on block chain
CN109243583A (en) * 2018-07-09 2019-01-18 研靖信息科技(上海)有限公司 The method and apparatus of medical imaging data decentralization management based on block chain
CN109246211A (en) * 2018-08-30 2019-01-18 南方科技大学 Resource uploading and resource requesting method in block chain
CN109274752A (en) * 2018-10-10 2019-01-25 腾讯科技(深圳)有限公司 The access method and device, electronic equipment, storage medium of block chain data

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107273410A (en) * 2017-05-03 2017-10-20 上海点融信息科技有限责任公司 Distributed storage based on block chain
CN108259169A (en) * 2018-01-09 2018-07-06 北京大学深圳研究生院 A kind of file security sharing method and system based on block chain cloud storage
CN108647230A (en) * 2018-03-29 2018-10-12 深圳市网心科技有限公司 Distributed storage method, electronic device and storage medium
CN108681898A (en) * 2018-05-15 2018-10-19 广东工业大学 A kind of data trade method and system based on block chain
CN108710681A (en) * 2018-05-18 2018-10-26 腾讯科技(深圳)有限公司 File acquisition method, device, equipment and storage medium
CN108734029A (en) * 2018-05-23 2018-11-02 陈萍 A kind of approaches to IM and platform based on block chain and interspace file system
CN109243583A (en) * 2018-07-09 2019-01-18 研靖信息科技(上海)有限公司 The method and apparatus of medical imaging data decentralization management based on block chain
CN109215751A (en) * 2018-08-10 2019-01-15 暨南大学 Medical electronics case history distributed management system and its building method based on block chain
CN109246211A (en) * 2018-08-30 2019-01-18 南方科技大学 Resource uploading and resource requesting method in block chain
CN109274752A (en) * 2018-10-10 2019-01-25 腾讯科技(深圳)有限公司 The access method and device, electronic equipment, storage medium of block chain data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
《学习利用IPFS在区块链上分享文件》;阿卡司机;《CSDN》;20180525;全文 *

Also Published As

Publication number Publication date
CN109831527A (en) 2019-05-31

Similar Documents

Publication Publication Date Title
CN109831527B (en) File processing method, user side, server and readable storage medium
CN112491847B (en) Block chain all-in-one machine and automatic chain building method and device thereof
US9317714B2 (en) Storing user data in a service provider cloud without exposing user-specific secrets to the service provider
US8543799B2 (en) Client authentication during network boot
CN107493162A (en) The implementation method and device of block chain node
US10685141B2 (en) Method for storing data blocks from client devices to a cloud storage system
CN114650144B (en) File sharing method and system based on blockchain, electronic equipment and storage medium
CN110910110B (en) Data processing method and device and computer storage medium
CN109151507B (en) Video playing system and method
CN101341691A (en) Authorisation and authentication
CN106790296B (en) Domain name record verification method and device
US20150142866A1 (en) Method and system for information synchronization between cloud storage gateways, and cloud storage gateway
WO2017076284A1 (en) Method and device for transmitting and sharing uniform resource locator
CN110351276A (en) Data processing method, equipment and computer readable storage medium
CN112306970B (en) Processing method, device, equipment and storage medium of container mirror warehouse
CN113342802A (en) Method and device for storing block chain data
CN114567647A (en) Distributed cloud file storage method and system based on IPFS
CN108965824A (en) Video monitoring method, system, camera, server and client based on CPK
CN111639357A (en) Encryption network disk system and authentication method and device thereof
JP5586397B2 (en) Secure network storage system, method, client device, server device, and program
CN103607449A (en) Method, device and system for enterprise internal network physical machine to visit cloud storage virtual machine
US20200329012A1 (en) System and method for dedicated storage, through a secure internet connection, in a remote location
CN108881257B (en) Encryption transmission method for distributed search cluster and encryption transmission distributed search cluster
EP2689570A1 (en) Anonymous and unlinkable distributed communication and data sharing system
CN108259609A (en) The management method and Cloud Server of a kind of family high in the clouds data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220907

Address after: Room 1006, Building 16, Yingcai North 3rd Street, Future Science City, Changping District, Beijing 102200

Patentee after: China Mobile Information Technology Co.,Ltd.

Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.)

Patentee before: SHIJINSHI CREDIT SERVICE Co.,Ltd.