[go: up one dir, main page]

CN115544574A - File management method and device based on block chain - Google Patents

File management method and device based on block chain Download PDF

Info

Publication number
CN115544574A
CN115544574A CN202211316920.5A CN202211316920A CN115544574A CN 115544574 A CN115544574 A CN 115544574A CN 202211316920 A CN202211316920 A CN 202211316920A CN 115544574 A CN115544574 A CN 115544574A
Authority
CN
China
Prior art keywords
file
metadata
channel
block chain
hash value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211316920.5A
Other languages
Chinese (zh)
Inventor
李孟男
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of China Ltd
Original Assignee
Bank of China Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of China Ltd filed Critical Bank of China Ltd
Priority to CN202211316920.5A priority Critical patent/CN115544574A/en
Publication of CN115544574A publication Critical patent/CN115544574A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/11File system administration, e.g. details of archiving or snapshots
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/13File access structures, e.g. distributed indices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/16File or folder operations, e.g. details of user interfaces specifically adapted to file systems
    • G06F16/164File meta data generation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/172Caching, prefetching or hoarding of files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/182Distributed file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Human Computer Interaction (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a block chain-based file management method and device, and relates to the technical field of block chains. Wherein the method comprises the following steps: responding to a file uploading request of a file uploading party, and calculating a hash value of a file through an interplanetary file system IPFS; encrypting the file to obtain an encrypted file, and storing the encrypted file through an IPFS; generating metadata of the file according to the hash value; wherein, the metadata comprises hash value; broadcasting the metadata to a first channel of a block chain network so as to synchronize the metadata to a first account book maintained by all nodes in the first channel; and broadcasting the key for decrypting the encrypted file to a second channel of the blockchain network so as to synchronize the key to a second account book maintained by all nodes in the second channel. The invention can improve the security of the file.

Description

File management method and device based on block chain
Technical Field
The present invention relates to the field of block chain technology, and in particular, to a block chain-based file management method and apparatus.
Background
This section is intended to provide a background or context to the embodiments of the invention that are recited in the claims. The description herein is not admitted to be prior art by inclusion in this section.
The Distributed File System (DFS) based on the block chain provides incentive and security guarantee for saving files by using the characteristics of the block chain, but some current DFS, such as an InterPlanetary File System (IPFS), has a problem in access control, and cannot audit and track how files are accessed, resulting in low security of the files.
Disclosure of Invention
The embodiment of the invention provides a block chain-based file management method, which is used for improving the security of a file and comprises the following steps:
responding to a file uploading request of a file uploading party, and calculating a hash value of a file through an interplanetary file system IPFS;
encrypting the file to obtain an encrypted file, and storing the encrypted file through an IPFS (Internet protocol file system);
generating metadata of the file according to the hash value; wherein, the metadata comprises hash value;
broadcasting the metadata to a first channel of a block chain network so as to synchronize the metadata to a first account book maintained by all nodes in the first channel;
and broadcasting the key for decrypting the encrypted file to a second channel of the blockchain network so as to synchronize the key to a second account book maintained by all nodes in the second channel.
Optionally, generating metadata of the file according to the hash value may include:
calling a block chain client, and sending metadata information of the file to the block chain client;
receiving metadata returned by a blockchain client; the block chain client is used for generating metadata according to the metadata information based on the intelligent contract on the block chain.
Optionally, after broadcasting the metadata in the first channel of the blockchain network, the method may further include:
acquiring metadata in a first account book in response to a request of a file user for requesting a file;
searching and downloading an encrypted file in the IPFS through a hash value in the metadata;
providing a key for decrypting the encrypted document to the document user;
and adding transaction information of a file user requesting the file in the blockchain network.
Optionally, providing the key for decrypting the encrypted file to the file user may include: and acquiring the key stored in the second account book under the condition that the file user belongs to the second channel.
An embodiment of the present invention further provides a block chain-based file management apparatus, so as to improve the security of a file, where the apparatus includes:
the computing module is used for responding to a request of a file uploading party for uploading a file and computing a hash value of the file through an interplanetary file system IPFS;
the encryption uploading module is used for encrypting the file to obtain an encrypted file and storing the encrypted file through the IPFS;
the generating module is used for generating metadata of the file according to the hash value;
the first broadcasting module is used for broadcasting the metadata to a first channel of the block chain network so as to synchronize the metadata to a first account book maintained by all nodes in the first channel;
and the second broadcasting module is used for broadcasting the key for decrypting the encrypted file to a second channel of the blockchain network so as to synchronize the key to a second account book maintained by all nodes in the second channel.
Optionally, the generating module may include:
the sending unit is used for calling the block chain client and sending the metadata information of the file to the block chain client; wherein the metadata information comprises a hash value;
the receiving unit is used for receiving metadata returned by the blockchain client; the block chain client is used for generating metadata according to the metadata information based on the intelligent contract on the block chain.
Optionally, the apparatus may further include:
the acquisition module is used for responding to a request of a file user for requesting a file after the metadata is broadcasted in a first channel of the block chain network, and acquiring the metadata in the first account book;
the searching and downloading module is used for searching and downloading the encrypted file in the IPFS through the hash value in the metadata;
an execution module for providing a key for decrypting the encrypted file to a file user;
and the adding module is used for adding the transaction information of the file requested by the file user in the blockchain network.
Optionally, the execution module is further configured to acquire the key stored in the second ledger if the file user belongs to the second channel.
The embodiment of the present invention further provides a computer device, which includes a memory, a processor, and a computer program that is stored in the memory and can run on the processor, and when the processor executes the computer program, the above file management method based on the block chain is implemented.
An embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the method for managing files based on a block chain is implemented.
An embodiment of the present invention further provides a computer program product, where the computer program product includes a computer program, and when the computer program is executed by a processor, the method for file management based on a block chain is implemented.
In the embodiment of the invention, in response to a request of a file uploading party for uploading a file, a hash value of the file is calculated through an interplanetary file system IPFS, the file is encrypted to obtain an encrypted file, the encrypted file is stored through the IPFS, and metadata of the file is generated according to the hash value, wherein the metadata comprises the hash value, the metadata is broadcasted into a first channel of a block chain network to synchronize the metadata into a first account book maintained by all nodes in the first channel, a key for decrypting the encrypted file is broadcasted into a second channel of the block chain network to synchronize the key into a second account book maintained by all nodes in the second channel.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts. In the drawings:
fig. 1 is a first flowchart illustrating a block chain-based file management method according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a second block chain-based file management method according to an embodiment of the present invention;
fig. 3 is a third schematic flowchart of a block chain-based file management method according to an embodiment of the present invention;
fig. 4 is a fourth schematic flowchart of a block chain-based file management method according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a file management apparatus based on a block chain according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the embodiments of the present invention are further described in detail below with reference to the accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.
It should be noted that, in the technical solution of the present application, the acquisition, storage, use, processing, etc. of data all conform to the relevant regulations of the national laws and regulations.
The interplanetary file system (IPFS) is a distributed file system that aims to decentralize the network and make it faster and more efficient. The distributed file system can be roughly divided into 7 layers, namely an identity layer, a data exchange layer, a network layer, a routing layer, a consensus layer and a stimulus layer, wherein each layer is a key module of the distributed file system. As a next-generation internet-efficient decentralized storage tier, IPFS provides low-latency data retrieval, fault-tolerant guarantees, and decentralized/distributed storage solutions. At the identity layer, the IPFS uses a multi-hash technique, and can store hash functions and digest information. At the network layer, IPFS uses libP2P as a solution. IPFS may replace existing components with newer technology. The distributed network of IPFS allows users to share files and information globally. IPFS is designed to operate over different protocols (e.g., FTP and HTTP), and can handle uploading and/or downloading of large files over the Internet that may consume or require large bandwidths.
An embodiment of the present invention provides a block chain-based file management method, and fig. 1 illustrates a first flowchart of the block chain-based file management method according to an embodiment of the present invention. As shown in fig. 1, the method may include the steps of:
step 101, responding to a file uploading request of a file uploading party, and calculating a hash value of a file through an interplanetary file system IPFS.
The embodiment of the invention can be realized in the forms of a client, a webpage and the like, and the hash value of the file is calculated through the interplanetary file system IPFS after the request of the file uploading party for uploading the file is received. Alternatively, IPFS may divide a file into a plurality of blocks, and calculate a hash value for each block. Wherein, IPFS uses the hash value as an index for searching the file.
And 102, encrypting the file to obtain an encrypted file, and storing the encrypted file through an IPFS.
The original file can be stored in the local of the file uploading party, and the IPFS encrypts the file through a key and then stores the encrypted file in a distributed network of the IPFS. Therefore, after the nodes in the IPFS distributed network download the encrypted files, the file contents can be obtained only by decrypting through the secret key, and the security of the files is improved.
And 103, generating metadata of the file according to the hash value.
The metadata includes a hash value. The metadata may also include the name of the file uploader, the current date and time, and the like. The metadata is used to describe the file and the hash value is used to index the file in the distributed network of the IPFS.
Step 104, broadcasting the metadata to a first channel of the block chain network, so as to synchronize the metadata to a first account book maintained by all nodes in the first channel.
The blockchain network can comprise a plurality of channels, each channel maintains a unified account book, each channel can comprise a plurality of nodes, the nodes of different channels can be different or have cross, the account books between different channels are not intercommunicated, namely, if a node is only in the first channel, only the first account book is possessed, and if the node is simultaneously in the first channel and the second channel, both the first account book and the second account book are possessed.
The metadata is broadcast in a first channel, and nodes of the first channel are recorded in a first ledger.
And 105, broadcasting a key for decrypting the encrypted file to a second channel of the blockchain network so as to synchronize the key to a second account book maintained by all nodes in the second channel.
The key and the metadata are maintained in different channels and recorded in different accounts, so that the key for decrypting the encrypted file can be limited in a limited node through a second channel, and a specified node can be set to allow the second channel to be added, thereby ensuring the security of the file.
In the embodiment of the invention, in response to a request of a file uploading party for uploading a file, a hash value of the file is calculated through an interplanetary file system IPFS, the file is encrypted to obtain an encrypted file, the encrypted file is stored through the IPFS, and metadata of the file is generated according to the hash value, wherein the metadata comprises the hash value, the metadata is broadcasted into a first channel of a block chain network to synchronize the metadata into a first account book maintained by all nodes in the first channel, a key for decrypting the encrypted file is broadcasted into a second channel of the block chain network to synchronize the key into a second account book maintained by all nodes in the second channel.
Optionally, as shown in fig. 2, the step 103 of generating metadata of the file according to the hash value may include:
step 201, calling the blockchain client, and sending the metadata information of the file to the blockchain client.
An executor executing the method of the embodiment of the present invention may call a blockchain client (e.g., a hyper ledger Fabric client), and send information of metadata that needs to be disclosed on a blockchain to the blockchain client.
Step 202, receiving metadata returned by the blockchain client.
And the blockchain client is used for generating metadata according to the metadata information based on the intelligent contract on the blockchain, and disclosing the metadata on the first channel of the blockchain. The nodes in the first channel can download and view the metadata, and then index and search and download the encrypted file in the IPFS through the hash value in the metadata.
The method of downloading and decrypting a file may be as shown in fig. 3, after broadcasting the metadata in the first channel of the blockchain network, performing the following steps:
step 301, in response to a request for a file from a file user, obtaining metadata in a first ledger.
The file user is a node in the first channel. When a file user requests a file, metadata of the file can be searched in the first account book through marks such as the name of the file, and after the metadata is downloaded, the hash value of the file can be obtained through analysis in the metadata.
Step 302, searching and downloading the encrypted file in the IPFS through the hash value in the metadata.
After obtaining the hash value in the metadata, an IPFS may be invoked in which the file is indexed with the hash value. In order to improve the security of the file, the file stored in the distributed network of the IPFS is an encrypted file, and therefore, the file downloaded by the file user is an encrypted file.
Step 303 provides the file user with a key for decrypting the encrypted file.
The key is stored in the second channel, and the file user needs to have corresponding authority to obtain the key. Alternatively, in the case where the file user belongs to the second channel, the key stored in the second ledger may be acquired. Alternatively, the file user may obtain the key after being authorized by a designated node in the second channel.
Step 304, add transaction information of the document user request document in the blockchain network.
Transaction information may be added in the second channel, maintained by a node in the second channel. The transaction information may include a record of the file user requesting the file, the time at which the key was obtained, the node authorized to allow the file user to obtain the key, etc. Through the transaction information, a clue can be provided for downloading the file, and the file can be tracked. The generation of the transaction information may be performed by invoking an intelligent contract of the chain code.
The embodiment of the invention mainly uses a data storage technology under a chain in the technical aspect, and the data storage technology comprises the steps of helping an Ethern reduce the size of the chain and reducing the growth rate of conventional nodes. The method is to remove the source code stored in the contract creation transaction out of the chain and replace it with a smaller hash value in order to retrieve the code. This is achieved with minimal impact on system performance and ensures that the node maintains the ability to fully validate transactions. Furthermore, a fast sync node in a file system needs to download less data. The embodiment of the invention provides a new technology (which can be called as blockIPFS for short), the IPFS is enhanced by using a super intelligent contract ledger, clues are provided for the IPFS to audit and protect the authorship identity of a file, and the ledger serves as a dispute resolution certificate. If someone removes the file from the IPFS and illegally shares the file with others, the BlockIPFS can help identify who downloads the file, so that the investigation range is narrowed, the distributed file system has clear audit trail, and the credibility of data and the protection of the identity of an author are improved.
In one application scenario of the blockchain-based file management method, a user interacts with the IPFS and can perform all operations available to him. As shown in fig. 4, which is an interaction diagram of inter-system components of a blockchain-based file management method, after initializing an IPFS, a user adds a file to a network using an IPFS add command, the IPFS runs a SHA256 algorithm that generates a 256-bit hash address (hash value) to obtain a hash address of the file, where the file may be divided into multiple blocks, generates a hash value (multi-hash) for each block, the IPFS stores an original file in a local storage, and adds the hash address to its network, and specifically, the hash may be issued by a user (author) on a private network or shared with a specific node (other user) on the network. IPFS calls a hyper-ledger Fabric client, the hyper-ledger client accepts the hash address of the file, the name of the owner, the current date and time, calls an intelligent contract of a chain code (chainode) to add the record to the ledger, and the process follows the standard hyper-intelligent contract ledger flow of adding the record to the ledger. If the process fails, the user will receive a prompt and may choose to continue or cancel. Otherwise, the user receives a prompt that the transaction is successful.
In this implementation, when a user accesses a file on another node, the record is not pushed to its local blockchain. But the access log will be recorded in the BlockIPFS of the file owner. The user may retrieve metadata from the local BlockIPFS to track activity related to a particular file or all files added to the IPFS. Notably, the super intelligent contract account blockchain in BlockIFPS only stores file metadata for tracking purposes, while the file itself is still managed by the IFPS. In other words, when a user reads and writes files, the blockchain is almost transparent and any file access control mechanism in the IFPS will be inherited by the BlockIPFS. A user views the metadata of a file only by querying the blockchain, which may be recorded in an encrypted manner on the blockchain ledger, and only the owner of the file or a user to which permission has been granted can read the metadata. As described above, blockaipfs utilizes channels in the super smart contract ledger to enable flexible and secure file sharing. Similarly, the file itself is encrypted and managed by IPFS, while the key to decrypt the file is stored in a specific channel on the blockchain.
The embodiment of the invention also provides a file management device based on the block chain, which is described in the following embodiment. Because the problems and the principle solved by the device are similar to those of the block chain-based file management method provided by the embodiment of the invention, the implementation of the device can refer to the implementation of the block chain-based file management method, and repeated details are not repeated.
As shown in fig. 5, the device for file management based on a block chain according to the embodiment of the present invention includes a computing module 10, an encryption uploading module 20, a generating module 30, a first broadcasting module 40, and a second broadcasting module 50.
The calculation module 10 may be configured to calculate a hash value of a file through the interplanetary file system IPFS in response to a request for uploading the file by the file uploading party;
the encryption uploading module 20 may be configured to encrypt a file to obtain an encrypted file, and store the encrypted file through the IPFS;
the generation module 30 may be configured to generate metadata of the file according to the hash value; wherein, the metadata comprises hash value;
the first broadcasting module 40 may be configured to broadcast the metadata into a first channel of the blockchain network, so as to synchronize the metadata into a first ledger maintained by all nodes themselves in the first channel;
the second broadcasting module 50 may be configured to broadcast a key for decrypting the encrypted file into a second channel of the blockchain network, so as to synchronize the key into a second ledger maintained by all nodes themselves in the second channel.
Optionally, the generating module 30 may include:
the sending unit is used for calling the block chain client and sending the metadata information of the file to the block chain client; wherein the metadata information includes a hash value;
the receiving unit is used for receiving metadata returned by the blockchain client; the block chain client is used for generating metadata according to the metadata information based on the intelligent contract on the block chain.
Optionally, the apparatus may further include:
the acquisition module is used for responding to a request of a file user for requesting a file after the metadata is broadcasted in a first channel of the block chain network, and acquiring the metadata in the first account book;
the searching and downloading module is used for searching and downloading the encrypted file in the IPFS through the hash value in the metadata;
an execution module for providing a key for decrypting the encrypted file to a file user;
and the adding module is used for adding the transaction information of the file requested by the file user in the blockchain network.
Optionally, the execution module is further configured to obtain the key stored in the second ledger in a case that the file user belongs to the second channel.
In the embodiment of the invention, in response to a request of a file uploading party for uploading a file, a hash value of the file is calculated through an interplanetary file system IPFS, the file is encrypted to obtain an encrypted file, the encrypted file is stored through the IPFS, and metadata of the file is generated according to the hash value, wherein the metadata comprises the hash value, the metadata is broadcasted into a first channel of a block chain network to synchronize the metadata into a first account book maintained by all nodes in the first channel, a key for decrypting the encrypted file is broadcasted into a second channel of the block chain network to synchronize the key into a second account book maintained by all nodes in the second channel.
According to the technical scheme, the data acquisition, storage, use, processing and the like meet relevant regulations of national laws and regulations, and various types of data such as personal identity data, operation data, behavior data and the like related to individuals, clients, crowds and the like are authorized.
The embodiment of the present invention further provides a computer device, which includes a memory, a processor, and a computer program that is stored in the memory and can run on the processor, and when the processor executes the computer program, the above file management method based on the block chain is implemented.
An embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the file management method based on a block chain is implemented.
An embodiment of the present invention further provides a computer program product, where the computer program product includes a computer program, and when executed by a processor, the computer program implements the above file management method based on a block chain.
In the embodiment of the invention, in response to a request of a file uploading party for uploading a file, a hash value of the file is calculated through an interplanetary file system IPFS, the file is encrypted to obtain an encrypted file, the encrypted file is stored through the IPFS, and metadata of the file is generated according to the hash value, wherein the metadata comprises the hash value, the metadata is broadcasted into a first channel of a block chain network to synchronize the metadata into a first account book maintained by all nodes in the first channel, a key for decrypting the encrypted file is broadcasted into a second channel of the block chain network to synchronize the key into a second account book maintained by all nodes in the second channel.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above-mentioned embodiments are provided to further explain the objects, technical solutions and advantages of the present invention in detail, and it should be understood that the above-mentioned embodiments are only examples of the present invention and should not be used to limit the scope of the present invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (11)

1. A file management method based on a block chain is characterized by comprising the following steps:
responding to a file uploading request of a file uploading party, and calculating a hash value of the file through an interplanetary file system IPFS;
encrypting the file to obtain an encrypted file, and storing the encrypted file through the IPFS;
generating metadata of the file according to the hash value; wherein the hash value is included in the metadata;
broadcasting the metadata to a first channel of a block chain network so as to synchronize the metadata to a first account book maintained by all nodes in the first channel;
broadcasting a key for decrypting the encrypted file to a second channel of the blockchain network to synchronize the key to a second ledger maintained by all nodes in the second channel.
2. The method of claim 1, wherein the generating metadata for the file from the hash value comprises:
calling a block chain client, and sending the metadata information of the file to the block chain client;
receiving the metadata returned by the blockchain client; the block chain client is used for generating the metadata according to the metadata information based on the intelligent contract on the block chain.
3. The method of claim 1 or 2, after broadcasting the metadata in the first channel of the blockchain network, further comprising:
in response to a request from a file user for the file, obtaining the metadata in the first ledger;
searching and downloading the encrypted file in the IPFS through the hash value in the metadata;
providing said document user with a key for decrypting said encrypted document;
and adding the transaction information of the file requested by the file user in the blockchain network.
4. The method of claim 3, wherein said providing said document user with a key for decrypting said encrypted document comprises:
and acquiring the secret key stored in the second account book under the condition that the file user belongs to the second channel.
5. A block chain-based file management apparatus, comprising:
the calculation module is used for responding to a request of a file uploading party for uploading a file and calculating a hash value of the file through an interplanetary file system IPFS;
the encryption uploading module is used for encrypting the file to obtain an encrypted file and storing the encrypted file through the IPFS;
the generating module is used for generating metadata of the file according to the hash value; wherein the hash value is included in the metadata;
the first broadcasting module is used for broadcasting the metadata to a first channel of a block chain network so as to synchronize the metadata to a first account book maintained by all nodes in the first channel;
a second broadcasting module, configured to broadcast a key for decrypting the encrypted file to a second channel of the blockchain network, so as to synchronize the key to a second account book maintained by all nodes in the second channel.
6. The apparatus of claim 5, wherein the generating module comprises:
the sending unit is used for calling a block chain client and sending the metadata information of the file to the block chain client;
a receiving unit, configured to receive the metadata returned by the blockchain client; the block chain client is used for generating the metadata according to the metadata information based on the intelligent contract on the block chain.
7. The apparatus of claim 5 or 6, further comprising:
an obtaining module, configured to obtain the metadata in the first ledger in response to a request for the file by a file user after broadcasting the metadata in a first channel of a blockchain network;
the searching and downloading module is used for searching and downloading the encrypted file in the IPFS through the hash value in the metadata;
an execution module for providing a key for decrypting the encrypted file to the file user;
and the adding module is used for adding the transaction information of the file requested by the file user in the block chain network.
8. The apparatus of claim 7, wherein the execution module is further for obtaining the key stored in the second ledger if the file user belongs to the second channel.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 4 when executing the computer program.
10. A computer-readable storage medium, characterized in that it stores a computer program which, when executed by a processor, implements the method of any one of claims 1 to 4.
11. A computer program product, characterized in that the computer program product comprises a computer program which, when being executed by a processor, carries out the method of any one of claims 1 to 4.
CN202211316920.5A 2022-10-26 2022-10-26 File management method and device based on block chain Pending CN115544574A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211316920.5A CN115544574A (en) 2022-10-26 2022-10-26 File management method and device based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211316920.5A CN115544574A (en) 2022-10-26 2022-10-26 File management method and device based on block chain

Publications (1)

Publication Number Publication Date
CN115544574A true CN115544574A (en) 2022-12-30

Family

ID=84718087

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211316920.5A Pending CN115544574A (en) 2022-10-26 2022-10-26 File management method and device based on block chain

Country Status (1)

Country Link
CN (1) CN115544574A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116185291A (en) * 2023-02-06 2023-05-30 深圳市迈科龙电子有限公司 Middleware storage method and device, electronic equipment and readable storage medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116185291A (en) * 2023-02-06 2023-05-30 深圳市迈科龙电子有限公司 Middleware storage method and device, electronic equipment and readable storage medium

Similar Documents

Publication Publication Date Title
CN106127075B (en) A searchable encryption method based on privacy protection in cloud storage environment
US8565422B2 (en) Method and system for enryption key versioning and key rotation in a multi-tenant environment
WO2002077747A2 (en) Distributed, scalable cryptographic access control
US11256662B2 (en) Distributed ledger system
JP2004126639A (en) Data management system, method and program
Alhazmi et al. Towards big data security framework by leveraging fragmentation and blockchain technology
Tan et al. Blockchain-based healthcare management system with two-side verifiability
Wu et al. Secure personal health records sharing based on blockchain and IPFS
Periasamy et al. An enhanced secure content de-duplication identification and prevention (ESCDIP) algorithm in cloud environment
Almutairi et al. Survey of centralized and decentralized access control models in cloud computing
Mishra et al. Enabling efficient deduplication and secure decentralized public auditing for cloud storage: A redactable blockchain approach
CN115544574A (en) File management method and device based on block chain
Kaci et al. Toward a big data approach for indexing encrypted data in cloud computing
Riad et al. Secure storage and retrieval of IoT data based on private information retrieval
Hao et al. Decentralized data integrity verification model in untrusted environment
Yan et al. Secure and efficient big data deduplication in fog computing
CN114793237B (en) Smart city data sharing method, equipment and medium based on block chain technology
Kumar et al. Improved write access control and stronger freshness guarantee to outsourced data
Chen et al. Carp: A cost-aware relaxed protocol for encrypted data stores
Khafagy et al. Hybrid-Key Stream Cipher Mechanism for Hadoop Distributed File System Security
CN113505098A (en) File sharing system, method and storage medium
Ebinazer et al. PoI: Proof of Identity and PoDI: Proof of Data Integrity for Secure Data Deduplication in the Cloud
Luding et al. Decentralized fine-grained access control for edge computing leveraging Samrt contracts
Chandran et al. Data management issues in cloud integrated computing: A big picture
Chen et al. Searchable encryption system for big data storage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination