CN115982690A - File authorization method based on block chain - Google Patents
File authorization method based on block chain Download PDFInfo
- Publication number
- CN115982690A CN115982690A CN202310031356.0A CN202310031356A CN115982690A CN 115982690 A CN115982690 A CN 115982690A CN 202310031356 A CN202310031356 A CN 202310031356A CN 115982690 A CN115982690 A CN 115982690A
- Authority
- CN
- China
- Prior art keywords
- file
- block chain
- block
- authorization
- abstract
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 27
- 238000000034 method Methods 0.000 title claims abstract description 19
- 238000012545 processing Methods 0.000 claims abstract description 15
- 238000013500 data storage Methods 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 abstract description 4
- 238000004422 calculation algorithm Methods 0.000 description 10
- 238000005034 decoration Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 239000002131 composite material Substances 0.000 description 1
- 238000005096 rolling process Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 238000013024 troubleshooting Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a file authorization method based on a block chain, which comprises the following steps: constructing an authorization platform based on a block chain; adding a relational database for the block chain, and establishing table empowerment when starting the block chain; a user uploads a file, important information of the file is stored in a block, and other business data are stored in a relational database; the client requests authorization, and the platform queries file information through a block chain; the platform returns the information and the file on the link to the client; the client checks the file. The method adds the relational data processing capacity to the block chain by constructing the relational database, thereby meeting the business logic requirement; the service data processing flow is completed in the block chain, so that the performance loss caused by uplink and downlink data transmission of the chain is reduced, and the service processing efficiency is improved; data operation is carried out on the block chain, the atomicity of the service can be guaranteed, the problems that data among nodes are asynchronous and tampered due to external operation are solved, and the safety of the system is improved.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to a file authorization method based on a block chain.
Background
The block chain technology is a brand new distributed infrastructure and computing paradigm that utilizes a block chain data structure to verify and store data, utilizes a distributed node consensus algorithm to generate and update data, utilizes cryptography to ensure the security of data transmission and access, and utilizes an intelligent contract composed of automated script codes to program and operate data. With the increasing demand for sharing important files through a network in modern society, the importance of ensuring the file security and protecting the information privacy is also shown, and the importance of the block chain technology in the aspects of data security, privacy protection and data right is increasingly shown in the scenes of file authorization, file sharing and the like.
Generally, a block chain stores data in a Key Value (Key-Value) form, and the Key Value is generally data without practical significance, such as a block address, and the like, so that it is difficult to meet diverse service requirements. The prior art has at least the following problems: the correlation query of the data of the user-file information is usually required to be carried out on an external database, so that the efficiency and the safety of the query are reduced. 2. The database outside the block chain is used, atomicity of block writing on the block chain and the block chain cannot be guaranteed, and if operation on the chain fails and the database under the chain does not roll back, the chain up and down data are not synchronous easily, so that the troubleshooting cost of error data and faults is increased, and the reliability of a service system is reduced.
Disclosure of Invention
The invention aims to provide a file authorization method based on a block chain, which adds a relational data processing capability to the block chain by constructing a relational database to meet the business logic requirement; the service data processing flow is completed in the block chain, so that the service processing efficiency is improved; data operation is carried out on the block chain, the problems of data asynchronism between nodes, tampering and the like caused by external operation are avoided, and the safety of the system is improved.
In order to achieve the purpose, the technical scheme of the invention is as follows:
a file authorization method based on a block chain comprises the following steps:
s1: the file authorization platform based on the block chain is constructed, the number of block chain nodes is more than 4, the block chain nodes are composed of a trusted authorization center, the consensus algorithm uses a PBFT algorithm, and an IPFS system for storing files needs to be deployed on a node server. In addition, a front-end application service and a back-end application service of the authorization platform are required to be deployed.
And S2, storing data on the block chain in a Key-Value form, wherein Key is generally a block address or a transaction number, and Value is generally a block detail or a transaction detail, the block detail is acquired according to the block address firstly during query, and then the transaction detail is acquired according to the transaction number, so that the requirement of directly querying the user and file associated service data is difficult to realize. When the block chain is started and the created block is created, creation of a database table and user authorization are completed through a script command, and the safety of database operation is guaranteed;
s3: the method comprises the steps that a user uploads a file, a file original is encrypted and then stored in an IPFS, information such as a user ID, a file name, a file decryption key and a file HASH abstract is sent to a block chain, the file ID, the file decryption key and the file HASH abstract are identified together and then stored in a block by key value data, and meanwhile, an intelligent contract stores the user ID, the file name, the block address and a transaction number in a relational database. The block writing and the database writing jointly form a transaction, and if the block writing fails or the database writing fails, the block writing and the database writing all roll back to ensure the atomicity of the transaction;
s4: the client sends an authorization request to the platform, the intelligent contract is inquired in the relational database to obtain information such as block addresses, transaction numbers and the like, and a file decryption key and a Hash abstract are obtained on a block chain according to an inquiry result;
s5: the platform returns the file, the file decryption key and the file Hash abstract to the client;
s6: the client decrypts the file and the Hash abstract of the file, performs Hash processing on the file to obtain an abstract 2, compares the abstract with the obtained Hash abstract of the file, and if the abstract is consistent with the obtained Hash abstract of the file, the file is not modified, so that the client is worthy of trust.
The invention has the following beneficial effects:
by constructing a relational database, adding a relational data processing capability to a block chain, and meeting the business logic requirements; the service data processing flow is completed in the block chain, so that the performance loss caused by data transmission on and off the chain is reduced, and the service processing efficiency is improved; data operation is carried out on the block chain, the atomicity of the service can be guaranteed, the problems that data among nodes are asynchronous and tampered due to external operation are solved, and the safety of the system is improved.
Drawings
FIG. 1 is a schematic of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made with reference to the accompanying drawings. The following examples are only for illustrating the technical solutions of the present invention more clearly, and the protection scope of the present invention is not limited thereby.
As shown in fig. 1, a block chain-based file authorization method includes the following steps:
s1: the file authorization method comprises the steps that a file authorization platform based on a block chain is constructed and comprises the block chain, an IPFS and an authorization application system, wherein the block chain is built by adopting a BFT type consensus algorithm alliance chain technical framework, and node members consist of a plurality of trusted authorization centers;
s2, modifying the block chain when a block chain system is built, additionally adding a relational database, such as a MySQL database, on each node server, writing a script command when the block chain is started, creating a creature block, and simultaneously creating a file information table in the database, wherein the table can contain columns such as user IDs, user names, file names, block addresses, transaction numbers and the like, and sets the columns of the user IDs and the file names as composite main keys, and gives authority of newly-added data to an account of the built-in database of the block chain;
s3: a user uploads a file to an authorization platform, an original file is processed by a Hash algorithm to obtain a Hash abstract, then the Hash abstract is encrypted by a symmetric encryption algorithm (such as an AES algorithm) and stored in an IPFS, a file ID and a decryption key are returned, then the user ID, a user name, a file ID, the file decryption key and a file HASH abstract are sent to a block chain by the platform, the file ID, the file decryption key and the file HASH abstract are stored in a block as transaction additional information, data storage on the block chain is divided into two parts, namely, original key value type data storage and newly increased relational data storage after transformation. Storing the user ID, the user name, the file name, the block address and the transaction number in a newly added relational database, adding a database operation verification link in the consensus step, and rolling back the block if the database writing operation fails; in the database writing process, if the block writing fails, the database operation is rolled back, that is, if the block writing or the database writing fails, the whole writing operation is rolled back.
One data writing type transaction of the block chain consists of two parts, one part consists of a file ID, a file decryption key and a file HASH abstract, and 3 data constitute one transaction additional information to be written into the block; and the second one consists of user ID, file name, block address and transaction number, and is written into the file information table of the relational database, and if one-time writing of the two fails, the whole transaction rolls back.
S4: the user sends a file authorization request to the platform through the client, and the platform sends the parameters to the intelligent contract for query operation after verifying the user identity. When a user queries a file, the query process is divided into two stages: in the first stage, a user sends a query instruction to an intelligent contract through a client, and the contract queries a relational database according to input parameters to obtain a block address for storing file information and a transaction number; and in the second stage, the intelligent contract searches out the file ID, the file decryption key and the file Hash abstract on the block chain according to the block address and the transaction number.
Firstly, a contract is spliced with an SQL instruction, and a block address and transaction number data on a block chain are obtained by inquiring a relational database according to a user ID and a file name field in parameters; secondly, the contract finds a corresponding block according to the inquired block address (Key), obtains block details (Value), and then obtains transaction details (Value) according to the transaction number (Key); thirdly, the intelligent contract analyzes the transaction details to obtain a specific file ID, a file decryption key and Hash abstract data;
s5: the system inquires the file in the IPFS according to the file ID obtained from the block chain, if the file is found successfully, the file decryption key, the file Hash abstract and the encrypted file are returned to the client side, and if the file is not found, error information is returned;
and S6, after the client side obtains a decryption key of the file, decrypting the file by using a symmetric encryption algorithm which is the same as the encryption algorithm to obtain a source file, performing Hash processing on the original file by using a Hash algorithm to obtain a Hash abstract 2 of the file, and comparing the Hash abstract with the Hash abstract obtained from the block chain.
The method adds the relational data processing capacity to the block chain by constructing the relational database, thereby meeting the business logic requirement; the service data processing flow is completed in the block chain, so that the performance loss caused by data transmission on and off the chain is reduced, and the service processing efficiency is improved; data operation is carried out on the block chain, the atomicity of the service can be guaranteed, the problems that data among nodes are asynchronous and tampered due to external operation are solved, and the safety of the system is improved.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the technical principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.
Claims (5)
1. A file authorization method based on a block chain is characterized by comprising the following steps:
s1: constructing a file authorization platform based on a block chain, wherein the file authorization platform consists of the block chain, an IPFS and an authorization application system;
s2, constructing an additional relational database in the blockchain system, and completing the creation of a storage table and user authorization through a script when the blockchain is started;
s3: a user uploads a file, an original file is encrypted and then stored in an IPFS, a file decryption key and a Hash abstract cochain are identified jointly through an intelligent contract and then stored in a block as a transaction, and the block address and transaction number information are stored in an additional relational database through the intelligent contract;
s4: the client sends an authorization request to the platform, the intelligent contract inquires in the relational database to obtain a block address and transaction number information, and a file ID, a file decryption key and a Hash abstract are obtained on a block chain according to an inquiry result;
s5: the platform inquires out an encrypted file according to the parameters and returns the encrypted file, the file decryption key and the file Hash abstract information to the client;
s6: the client decrypts the file and the Hash abstract of the file, performs Hash processing on the file to obtain an abstract 2, compares the abstract with the obtained Hash abstract of the file, and if the abstract is consistent with the obtained Hash abstract of the file, the file is not modified, so that the client is worthy of trust.
2. The method according to claim 1, wherein in step S2, the blockchain generates a created block by importing created file configuration, that is, creating a blocknode through a blockchain network command, synchronizing node configuration information to other nodes, and starting each blocknode by using a node start script to complete node configuration, creation of a relational database file information table, and user authorization.
3. The method according to claim 1, wherein in step S3, the data storage on the block chain is divided into two parts, namely an original key-value data storage and a newly-increased modified relational data storage.
4. The method of claim 1, wherein in step S3, a data write-in transaction of the blockchain is composed of two parts, one of which is composed of a file ID, a file decryption key and a file HASH digest, and 3 data segments constitute a transaction additional information write-in block; and the second one consists of user ID, file name, block address and transaction number, and is written into the file information table of the relational database, and if one-time writing of the two fails, the whole transaction rolls back.
5. The method according to claim 1, wherein in step S4, when the user queries the file, the query process is divided into two stages: in the first stage, a user sends a query instruction to an intelligent contract through a client, and the contract queries a relational database according to input parameters to obtain a block address for storing file information and a transaction number; and in the second stage, the intelligent contract searches the file ID, the file decryption key and the file Hash abstract on the block chain according to the block address and the transaction number.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310031356.0A CN115982690A (en) | 2023-01-10 | 2023-01-10 | File authorization method based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310031356.0A CN115982690A (en) | 2023-01-10 | 2023-01-10 | File authorization method based on block chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115982690A true CN115982690A (en) | 2023-04-18 |
Family
ID=85975921
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310031356.0A Pending CN115982690A (en) | 2023-01-10 | 2023-01-10 | File authorization method based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115982690A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116882940A (en) * | 2023-08-03 | 2023-10-13 | 广州金财智链数字科技有限公司 | Electronic file management method, device, terminal and storage medium based on blockchain |
-
2023
- 2023-01-10 CN CN202310031356.0A patent/CN115982690A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116882940A (en) * | 2023-08-03 | 2023-10-13 | 广州金财智链数字科技有限公司 | Electronic file management method, device, terminal and storage medium based on blockchain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230316273A1 (en) | Data processing method and apparatus, computer device, and storage medium | |
| TWI721691B (en) | A computer-implemented method, apparatus and system for isolating data stored on a blockchain maintained by a blockchain network | |
| CN110175840B (en) | Method, client, alliance chain and system for realizing light wallet mechanism in alliance chain | |
| CN111970129B (en) | Data processing method and device based on block chain and readable storage medium | |
| CN110912707B (en) | Block chain-based digital certificate processing method, device, equipment and storage medium | |
| WO2022193985A1 (en) | Data processing method and apparatus, and device and storage medium | |
| WO2022134951A1 (en) | Data synchronization method and apparatus, and device and computer-readable storage medium | |
| US8006084B2 (en) | Apparatus and method for managing plurality of certificates | |
| CN106998252B (en) | Lightweight RFID group tag authentication method based on cloud database | |
| CN110555783B (en) | A blockchain-based power marketing data protection method and system | |
| EP4191498A1 (en) | Data communication method and apparatus, computer device, and storage medium | |
| US11256662B2 (en) | Distributed ledger system | |
| CN111475828A (en) | Encryption method and device, decryption method and device of block chain account book data | |
| CN111327426B (en) | Data sharing method and related device, equipment and system | |
| CN115964730A (en) | A blockchain information storage method based on alliance chain multi-chain | |
| CN115982690A (en) | File authorization method based on block chain | |
| CN117834717A (en) | Service realization and management method for financial equipment internet of things sharing use | |
| US20240163118A1 (en) | Blockchain-based data processing method, device, and readable storage medium | |
| CN118779384A (en) | A decentralized identity storage method and system | |
| CN113221164A (en) | Block chain-based data verification method and device and electronic equipment | |
| EP4390720A1 (en) | Blockchain-based data processing method and apparatus, device, and medium | |
| US20220020010A1 (en) | Decentralized electronic contract attestation platform | |
| CN116049780A (en) | User identity authentication method, system, storage medium and equipment based on block chain | |
| CN117010889A (en) | Data processing method, device, equipment, medium and product | |
| CN117333175A (en) | Blockchain system, intelligent contract synchronization method, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |