[go: up one dir, main page]

CN119583577A - Block file storage method, device, storage medium and electronic device - Google Patents

Block file storage method, device, storage medium and electronic device Download PDF

Info

Publication number
CN119583577A
CN119583577A CN202411706843.3A CN202411706843A CN119583577A CN 119583577 A CN119583577 A CN 119583577A CN 202411706843 A CN202411706843 A CN 202411706843A CN 119583577 A CN119583577 A CN 119583577A
Authority
CN
China
Prior art keywords
target
target network
network
storage
block
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202411706843.3A
Other languages
Chinese (zh)
Inventor
蔡修明
赵玉霞
王刚
刘增智
彭跟耀
董天浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Travelsky Technology Co Ltd
Original Assignee
China Travelsky Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Travelsky Technology Co Ltd filed Critical China Travelsky Technology Co Ltd
Priority to CN202411706843.3A priority Critical patent/CN119583577A/en
Publication of CN119583577A publication Critical patent/CN119583577A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

本发明公开了一种区块文件的存储方法、装置、存储介质及电子设备。涉及区块链技术领域。其中,该方法包括:通过目标网络中的高可用集群管理工具,接收联盟链生成的区块文件,其中,目标网络中的节点包括:联盟链中的区块链节点,目标网络是指基于分布式文件系统搭建的网络;通过高可用集群管理工具,采用分布式存储策略将区块文件分片存储至目标网络中多个区块链节点关联的存储设备中。本发明解决了相关技术中联盟链的所有区块文件在联盟链中的所有节点中均完整的存储一份单个节点的存储压力大的技术问题。

The present invention discloses a method, device, storage medium and electronic device for storing block files. It relates to the field of blockchain technology. The method comprises: receiving a block file generated by a consortium chain through a high-availability cluster management tool in a target network, wherein the nodes in the target network include: a blockchain node in the consortium chain, and the target network refers to a network built based on a distributed file system; using a high-availability cluster management tool, adopting a distributed storage strategy to store the block file in pieces in storage devices associated with multiple blockchain nodes in the target network. The present invention solves the technical problem in the related art that all block files of the consortium chain are completely stored in all nodes in the consortium chain, resulting in high storage pressure on a single node.

Description

Storage method and device of block file, storage medium and electronic equipment
Technical Field
The present invention relates to the field of blockchain technologies, and in particular, to a method and apparatus for storing a blockfile, a storage medium, and an electronic device.
Background
A federated chain is a blockchain system that is jointly engaged, commonly maintained by multiple businesses or enterprises. The federated chain, as compared to the public chain, is commonly built by multiple enterprises or organizations, and can create a safer, efficient, trusted internal or cross-organization blockchain network for the enterprises. For example, enterprises may use federation chains to conduct transactions, and enterprises may utilize federation chains to conduct data sharing therebetween. The reliability of the federation chain is higher than that of the public chain because each enterprise or organization will store the state information of the federation chain locally and have a stricter privacy protection mechanism inside the enterprise.
However, when the related art federated chain system performs block file storage, a centralized management mode is adopted, that is, the federated chain system (or node management tool) records the contents of all block files. In the centralized management mode, all block files are stored in the server in a centralized way, and when the server fails, data loss is easy to cause, and data security is affected. Meanwhile, the centralized management mode can increase the storage pressure of the server and reduce the storage efficiency of the server.
In view of the above problems, no effective solution has been proposed at present.
Disclosure of Invention
The embodiment of the invention provides a storage method, a storage device, a storage medium and electronic equipment for block files, which at least solve the technical problem that the storage pressure of storing a single node in all nodes in a alliance chain is high when all block files of the alliance chain are completely stored in all nodes in the alliance chain in the related art.
According to one aspect of the embodiment of the invention, a storage method of a block file is provided, which comprises the steps of receiving a block file generated by a alliance chain through a high-availability cluster management tool in a target network, wherein nodes in the target network comprise block chain nodes in the alliance chain, the target network refers to a network built on the basis of a distributed file system, and storing the block file in a storage device associated with a plurality of block chain nodes in the target network in a fragmentation mode through the high-availability cluster management tool by adopting a distributed storage strategy.
Further, after the block file is stored in a storage device associated with a plurality of block chain nodes of the target network in a distributed mode through the high-availability cluster management tool, the method further comprises the steps of converting the content of the block file into a hash value through the high-availability cluster management tool to obtain a target hash value, and broadcasting the target hash value to all the block chain nodes in the target network so that the block chain nodes in the target network can verify the integrity of the block file.
Further, the type of the blockchain node in the target network comprises a server, and before the blockfile generated by the alliance chain is received through a high-availability cluster management tool in the target network, the method further comprises the steps of installing the distributed file system on the target server, configuring target parameters on the target server to obtain the configured target server, wherein the target parameters comprise parameters required by the target server when the target server communicates in the target network, accessing the configured target server into the target network, and taking the configured target server as the blockchain node in the alliance chain.
Further, the configured target server is accessed to the target network, and the method comprises the steps of obtaining a secret key of the configured target server to obtain a target secret key, verifying the configured target server based on the target secret key to obtain a verification result, and accessing the configured target server to the target network under the condition that the verification result indicates that the configured target server passes verification.
Further, before receiving the block file generated by the alliance chain through the high-availability cluster management tool in the target network, the method further comprises uploading the block file to the target network based on an application programming interface of the target network under the condition that the block file is generated in the alliance chain, and before uploading the block file to the target network, further comprises encrypting the block file by adopting an encryption algorithm.
Further, the storage method of the block file further comprises the steps of collecting log data generated by the target network in the operation process of the target network to obtain target log data, and analyzing whether the target network has faults or not based on the target log data to obtain an analysis result.
Further, the distributed file system includes an interstellar file system.
According to another aspect of the embodiment of the invention, a storage device of a block file is provided, which comprises a receiving unit and a storage unit, wherein the receiving unit is used for receiving the block file generated by a alliance chain through a high-availability cluster management tool in a target network, the nodes in the target network comprise block chain nodes in the alliance chain, the target network refers to a network built based on a distributed file system, and the storage unit is used for storing the block file in fragments into storage equipment associated with a plurality of block chain nodes in the target network through the high-availability cluster management tool by adopting a distributed storage strategy.
Further, the storage device of the block file further comprises a conversion unit, a broadcasting unit and a verification unit, wherein the conversion unit is used for converting the content of the block file into a hash value through the high-availability cluster management tool to obtain a target hash value after the block file is distributed and stored into storage equipment associated with a plurality of block chain nodes of the target network through the high-availability cluster management tool, and the broadcasting unit is used for broadcasting the target hash value to all the block chain nodes in the target network so that the block chain nodes in the target network verify the integrity of the block file.
Further, the type of the blockchain node in the target network comprises a server, a first processing unit and a second processing unit, wherein the first processing unit is used for installing the distributed file system on the target server and configuring target parameters on the target server before the blockchain file generated by the alliance chain is received through a high-availability cluster management tool in the target network, the target parameters comprise parameters required by the target server when the target server communicates in the target network, and the second processing unit is used for accessing the configured target server into the target network and taking the configured target server as the blockchain node in the alliance chain.
Further, the second processing unit comprises an acquisition subunit, a verification subunit and an access subunit, wherein the acquisition subunit is used for acquiring the secret key of the configured target server to obtain a target secret key, the verification subunit is used for verifying the configured target server based on the target secret key to obtain a verification result, and the access subunit is used for accessing the configured target server into the target network under the condition that the verification result indicates that the configured target server passes the verification.
Further, the storage device of the block file further comprises an uploading unit and an encrypting unit, wherein the uploading unit is used for uploading the block file to the target network based on an application programming interface of the target network under the condition that the block file generated by a alliance chain is generated in the alliance chain before the block file is received through a high-availability cluster management tool in the target network, and the encrypting unit is used for encrypting the block file by adopting an encrypting algorithm before the block file is uploaded to the target network.
Further, the storage device of the block file further comprises a collecting unit and an analyzing unit, wherein the collecting unit is used for collecting log data generated by the target network in the operation process of the target network to obtain target log data, and the analyzing unit is used for analyzing whether the target network has faults or not based on the target log data to obtain an analysis result.
Further, the distributed file system includes an interstellar file system.
According to another aspect of the embodiment of the invention, there is also provided an electronic device, including a processor, and a memory for storing executable instructions of the processor, wherein the processor is configured to execute the method for storing the block file of any one of the above through execution of the executable instructions.
According to another aspect of the embodiment of the present invention, there is also provided a computer readable storage medium, in which a computer program is stored, where the storage method of the block file of any one of the above items is controlled by a device in which the computer readable storage medium is located when the computer program is executed.
In the invention, a block file generated by a alliance chain is received through a high-availability cluster management tool in a target network, wherein nodes in the target network comprise block chain nodes in the alliance chain, the target network refers to a network built on the basis of a distributed file system, and the block file is stored in a storage device associated with a plurality of block chain nodes in the target network in a fragmentation way through the high-availability cluster management tool by adopting a distributed storage strategy. And further, the technical problem that the storage pressure of storing a single node in all nodes in the alliance chain is high is solved.
In the invention, the target network built based on the distributed file system is deployed in the alliance chain, after the alliance chain generates a new block file, the block file can be stored in a plurality of nodes in the target network in a slicing way, so that the situation that all nodes in the alliance chain need to store the complete block file and the storage pressure of a single node is high is avoided, and the technical effect of reducing the storage pressure of the nodes in the alliance chain is realized.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute a limitation on the application. In the drawings:
FIG. 1 is a flow chart of an alternative method of storing a block file according to an embodiment of the present invention;
FIG. 2 is an architecture diagram of an alternative target network according to an embodiment of the invention;
FIG. 3 is a schematic diagram of an alternative block file storage device according to an embodiment of the present invention;
Fig. 4 is a schematic diagram of an electronic device according to an embodiment of the invention.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be noted that, the user information (including but not limited to user equipment information, user personal information, etc.), collected information and data (including but not limited to data for analysis, stored data, displayed data, etc.) related to the present application are all information and data authorized by the user or fully authorized by each party, and the related data are collected, stored, used, processed, transmitted, provided, disclosed, applied, etc. in compliance with the related laws and regulations and standards of the related region, necessary security measures are taken, no prejudice to the public order is made, and corresponding operation entries are provided for the user to select authorization or rejection.
Example 1
According to an embodiment of the present invention, there is provided an optional method embodiment of a method for storing a block file, it should be noted that the steps illustrated in the flowchart of the drawings may be performed in a computer system such as a set of computer executable instructions, and that although a logical order is illustrated in the flowchart, in some cases the steps illustrated or described may be performed in an order different from that herein.
Fig. 1 is a flowchart of an alternative method for storing a block file according to an embodiment of the present invention, as shown in fig. 1, the method includes the following steps:
Step S101, receiving a block file generated by a alliance chain through a high-availability cluster management tool in a target network, wherein nodes in the target network comprise block chain nodes in the alliance chain, and the target network refers to a network built on the basis of a distributed file system.
The alliance chain is in a semi-private blockchain form, allows a group of authorized participants to jointly maintain a blockchain network, and performs transaction and data sharing in the network, and can be applied to the fields of financial industry, supply chain management, copyright protection and the like.
The target network may include a network built based on a distributed file system, such as an interplanetary file system (IPFS) that employs a novel decentralised storage solution with high throughput, content addressing, distributed storage, etc. The interstellar file system realizes global decentralization storage and quick access of the file by converting the file content into a hash value and taking the hash value as a unique identifier of the file, and the target network refers to a network which consists of partial nodes or all nodes in a alliance chain and runs a private IPFS protocol. These nodes may be selected and configured as storage nodes for storing and backing up the shards of the block files.
The high availability Cluster management tool described above may be IPFS-Cluster, IPFS-Cluster, which may allocate, copy and track pins (fixing the location of files in the interstellar file system) across daemons of a set of interstellar file systems, thereby ensuring redundancy and availability of data. By deploying IPFS-Cluster, distributed storage and efficient management of block files can be achieved.
In this embodiment, a portion (or all) of the existing nodes of the federation chain may be selected as participants of the private IPFS network (corresponding to the target network). These participants typically need to be subjected to strict identity authentication and authorization to ensure that they are sufficiently trusted and reliable. The authentication process may include steps of digital certificate verification, key exchange, etc. to ensure secure communication between nodes.
In this embodiment, the block files generated by the federation chain are received by a high availability cluster management tool in the target network.
Step S102, through a high-availability cluster management tool, the block file is stored in a distributed storage strategy in a storage device associated with a plurality of block chain nodes in a target network in a fragmentation mode.
Through the high-availability cluster management tool, the block file fragments are stored in storage devices associated with a plurality of block chain nodes in the target network by adopting a distributed storage strategy, for example, the block file fragments can be carried out by means of intelligent contracts and then distributed and stored in the block chain nodes. By utilizing the decentralization characteristic of IPFS, the block files are stored on a plurality of nodes in a scattered mode, and the risks of single-point faults and data loss are effectively avoided.
In this embodiment, the block file slicing refers to dividing a larger block file into a plurality of smaller segments, and the segments can be independently stored on different storage devices, so as to improve the efficiency and security of data storage. The slicing strategy can be adjusted according to factors such as file size, network bandwidth, available space of storage nodes and the like. After the coalition chain generates a new block file, the block file can be partitioned into multiple fragments using the data slicing functionality in IPFS-Cluster. The size and number of fragments can be dynamically adjusted according to actual requirements and network conditions to ensure that data can be efficiently stored and quickly accessed.
A distributed storage policy, such as a data redundancy policy and a node selection policy, may be set in IPFS-Cluster. The data redundancy policy ensures that each block file partition is backed up on multiple nodes, and that data is still accessible even if a node fails. And the node selection strategy automatically selects the best node to store the data fragments according to indexes such as the health condition, the storage capacity, the network delay and the like of the node. In this embodiment, the data fragments may be automatically allocated to a storage device associated with multiple blockchain nodes in the target network for storage. In an alternative example, redundant copies may also be automatically created for each data slice on multiple nodes, ensuring high availability and persistence of the data.
In this embodiment, through the above steps, the target network built based on the distributed file system is deployed in the federation chain, after the federation chain generates a new block file, the block file may be stored in a plurality of nodes in the target network in a fragmented manner, so that the situation that all nodes in the federation chain need to store a complete block file and the storage pressure of a single node is large is avoided, and thus the technical effect of reducing the storage pressure of nodes in the federation chain is achieved. And further, the technical problem that the storage pressure of storing a single node in all nodes in the alliance chain is high is solved.
FIG. 2 is an architecture diagram of an alternative target network according to an embodiment of the present invention, as shown in FIG. 2, including a plurality of chain nodes (i.e., blockchain nodes), IPFS-Cluster (high availability Cluster management tool) deployed in a plurality of storage spaces in a IPFS network, and after generating a blockfile, the link points may be uploaded to IPFS-Cluster, which stores the blockfile in tiles in storage spaces of a plurality of storage devices in the IPFS network.
Optionally, after the block file is distributed and stored into the storage devices associated with the plurality of block chain nodes of the target network through the high-availability cluster management tool, the method further comprises the steps of converting the content of the block file into a hash value through the high-availability cluster management tool to obtain a target hash value, and broadcasting the target hash value to all the block chain nodes in the target network so that the block chain nodes in the target network verify the integrity of the block file.
In this embodiment, after a block link point in a certain target network successfully uploads a block file, the hash value of the file may be broadcast to other nodes in the network. After receiving the information, other nodes can actively download and verify the integrity and correctness of the block file from the network. In this way, consistency and update of the block data throughout the network can be ensured.
For example, IPFS-Cluster after generating the target hash value, the target hash value and some necessary metadata (e.g., file size, creation time, etc.) may be packaged as one message and broadcast to all blockchain nodes via the communication protocol of the private IPFS network (corresponding to the target network).
When the other nodes receive the target hash value, the target hash value may be recorded and compared with a locally stored target hash value list to determine whether a new block file needs to be acquired from the network.
If there is no broadcast target hash value in the local target hash value list, the node actively downloads the block file from the node storing the block file and performs integrity verification.
When a blockchain node downloads a blockfile from the IPFS network, it recalculates the content hash value of the file.
And comparing the calculated hash value with the target hash value broadcasted before. If the two hash values are consistent, the block file is not tampered or damaged in the transmission process, and the integrity verification is passed.
If the hash values are not consistent, this indicates that the block file may have a problem in the transmission process.
Through the series of processing procedures, the technical scheme of the invention not only realizes the distributed storage of the block files, but also ensures the integrity and the safety of data and improves the reliability and the efficiency of the alliance chain. Meanwhile, through a high-availability Cluster management tool of IPFS-Cluster, the process can be automatically carried out, so that human intervention is reduced, and the stability and maintainability of the system are improved.
Optionally, the type of the blockchain node in the target network comprises a server, and before the blockfile generated by the alliance chain is received through a high-availability cluster management tool in the target network, a distributed file system is installed on the target server, and target parameters are configured on the target server to obtain the configured target server, wherein the target parameters comprise parameters required by the target server when the target server communicates in the target network, the configured target server is accessed into the target network, and the configured target server is used as the blockchain node in the alliance chain.
In this embodiment, after the node (target server) is selected, the private IPFS network may be built and configured, including installing IPFS software, configuring network parameters (such as private network key, inter-node communication protocol, etc.), and setting access control policy, etc. By generating and distributing the shared key, it is ensured that only authorized nodes can join the network and participate in data storage and sharing.
For example, a series of environmental preparation may be performed before starting the method of implementing the present invention for federation link point-based private IPFS network storage block files. The preparation work comprises purchasing and configuring of hardware equipment, building of a software environment, planning of a network environment and the like, and the preparation work comprises the following steps:
1. preparing environment:
(1) Hardware equipment:
and the server can select the server with stable performance and sufficient storage capacity as a node of the target network. The configuration of the server can be customized according to actual requirements, and the configuration comprises specifications of key components such as a CPU, a memory, a hard disk and the like.
The storage device is used for storing the block files by considering the storage devices such as a solid state disk or a mechanical hard disk/electric energy hard disk. The solid state disk has a faster read-write speed, is suitable for a high-frequency access scene, and the mechanical hard disk has higher storage capacity and cost effectiveness, and is suitable for long-term storage.
Network equipment, which ensures the stability and high speed of the network equipment, including routers, switches, etc., to support rapid communication and data transmission between nodes.
(2) Software environment:
and selecting a stable and reliable operating system as a basic platform of the server.
IPFS software-installing IPFS software on the server and configuring the corresponding parameters to support the operation of the private network.
IPFS-Cluster-IPFS-Cluster software is installed on a node where system reliability and performance are required to be improved, and its interaction mode with the IPFS daemon is configured.
And the encryption tool is used for installing and configuring the encryption tool and used for carrying out encryption processing on the block file.
(3) The network environment is a private network, namely a private IPFS network is built inside the alliance chain, and the security of the network is ensured by configuring a private network key and an access control strategy. Planning network topology structure, and determining connection mode and communication protocol between nodes. A star, ring, or mesh topology may be employed to construct the network.
2. Private IPFS network (corresponding to the target network) set up:
(1) Node initialization-installing and starting IPFS software on each selected server, generating the private and public keys of the node by executing the initialization command. The private key is used for authentication and signing operations of the node, and the public key is used for generating a unique identifier of the node.
(2) And (3) configuring the private network, namely modifying IPFS configuration files, and setting related parameters of the private network, including private network keys, inter-node communication protocols and the like. Ensuring that all participating nodes use the same private network key and communication protocol.
(3) And joining the node to the network by using the generated private key and public key, and joining the node to the private IPFS network. This typically involves a key exchange and authentication process between nodes to ensure that only authorized nodes can join the network. And the security of the target network is improved.
Optionally, the method comprises the steps of obtaining a secret key of the configured target server to obtain the target secret key, verifying the configured target server based on the target secret key to obtain a verification result, and accessing the configured target server to the target network when the verification result indicates that the configured target server passes verification.
In this embodiment, unauthorized access and data leakage can be prevented by a strict access control policy. Only authenticated nodes can join the private IPFS network (corresponding to the target network) and participate in data storage and sharing, while different access rights and role management policies can be set to further refine access control granularity.
For example, to secure a private IPFS network, each server (node) joining the network needs to have its own key pair, including a private key and a public key. The private key is used for authentication of the server and encryption and decryption of the data, while the public key is used to generate a unique identifier (peer ID) of the server. The generation and management of the key are the basis of IPFS networks, so that trusted interaction among the nodes and safe transmission of data are ensured, and specifically, the configured target server, namely the newly added node, needs to execute the initialization command of IPFS to generate the key pair. This process can typically create a directory of stored keys, including private and public key files. After the key of the new node is generated, public key information of the new node can be obtained through a command line or API interface so as to facilitate subsequent verification and network recording. After the public key of the new node is obtained, the existing node in the network will verify the public key to confirm whether the new node has the authority and trust of accessing the network. The authentication process typically includes the checking of digital certificates, the verification of the validity of keys, and the validation of node identities.
After the existing node in the target network obtains the public key information from the new node, it can check whether the public key matches a preset node authorization policy, for example, check whether the public key belongs to a predefined Certificate Authority (CA) or is in a trusted node list. If the public key of the new node passes the verification, the new node is an authorized legal node, the new node has qualification of accessing the network, the verification result indicates that the configured target server accesses the target network through verification, the node list of the target network can be updated in the process of allowing the target server to join the private IPFS network and participate in data storage and sharing, and all nodes are ensured to know the joining of the new node so as to perform data synchronization and communication.
The process of accessing the configured target server to the target network is essentially the key verification and trust confirmation process of the newly added node, ensures the security and reliability of the private IPFS network, simultaneously provides flexible expansion capability for the network, and allows new storage nodes to be added on the premise of ensuring the security so as to meet the continuously growing data storage requirement.
Optionally, before receiving the block file generated by the alliance chain through the high-availability cluster management tool in the target network, the method further comprises uploading the block file to the target network based on an application programming interface of the target network in the case of generating the block file in the alliance chain, and before uploading the block file to the target network, further comprises encrypting the block file by adopting an encryption algorithm.
When the federation chain generates a new block file, the block file may be uploaded into the private IPFS network. The uploading process may be implemented by writing a specific script, tool, or source code integrated into the blockchain node, and uploading the blockfile to the storage device of IPFS for storage through IPFS-Cluster.
For example, when a new blockfile is generated by the federated chain, the blockfile may be converted using a written script, tool, or code integrated into the blockchain node, uploaded into the private IPFS network through IPFS API (application programming interface of the target network). In the uploading process, the block file can be encrypted by using an encryption technology in an encryption tool so as to enhance the security of the data.
Before uploading and during transmission of the block file, the hash value of the block file can be encrypted by public key encryption algorithms such as RSA and the like to generate a digital signature, and meanwhile, in the transmission process, the secure transmission of the data is protected by encryption protocols such as TLS (Transport Layer Security, transport layer security protocol)/SSL (Secure Socket Layer ) and the like.
The block file is encrypted through an encryption algorithm, and the file is uploaded to a private IPFS network by utilizing a target network API (Application Programming Interface ), so that the safety and the integrity of data are ensured. The encryption processing ensures the privacy of the data in the transmission process, and the uploading through the API utilizes the distributed storage advantage of IPFS, thereby realizing the efficient and safe data storage. The security and privacy protection capability of the target network are enhanced, and the efficiency of data management is also improved.
Optionally, the storage method of the block file further comprises the steps of collecting log data generated by the target network in the operation process of the target network to obtain target log data, and analyzing whether the target network has faults or not based on the target log data to obtain an analysis result.
In this embodiment, a monitoring system and log collection tool may also be deployed to monitor the operational status and performance of a target network (e.g., a private IPFS network) in real-time. By collecting and analyzing log data, potential problems and faults can be discovered and resolved in time.
In this embodiment, the performance of the target network may be optimized according to the actual operating situation and performance of the target network. The performance and reliability of the target network can be improved by adjusting the configuration parameters of IPFS and IPFS-Cluster, optimizing the network topology, upgrading the hardware equipment and the like.
In order to improve the security of the target network, security evaluation can be carried out on the target at regular intervals, and whether the target network has security holes and hidden dangers or not can be checked. Safety test means such as penetration test and code audit can be adopted to evaluate the safety of the target network, and corresponding safety reinforcement and repair work can be carried out according to the evaluation result.
For example, the collection of target log data refers to the collection of log data in which all critical operations, state changes, error information, etc. are recorded during the operation of the system for subsequent analysis and fault localization. For a private IPFS-based federation chain storage network, log data may include start-up and shut-down of IPFS nodes, upload and download records of block files, network traffic conditions, failure alarm information, and the like. In particular, to collect target log data, a log collection tool or service may be deployed on each IPFS node, which allows log data to be automatically collected from the target network and stored centrally in a log server or log database. The format of the log data can be JSON or other resolvable text format, so that subsequent analysis and processing are facilitated.
In this embodiment, whether a fault or an abnormal situation exists in the system, and a specific cause and an influence range of the fault may be determined by data mining, abnormality detection, and other methods based on the collected log data. For a federated chain storage network, failures may involve node failures, network communication problems, storage device failures, data integrity problems, and so forth. Specifically, after log data collection is completed, the target log data may be analyzed in real time or offline using a data analysis tool or platform, for example, log search, anomaly detection, historical data trend analysis, and the like. Based on the analysis of the target log data, potential faulty nodes or fault types can be quickly located, for example, if network delay problems are reported in the logs of a plurality of nodes, which may indicate that network communication is a bottleneck, if records of file integrity verification failure frequently occur in the log of a certain node, which may indicate that the storage device of the node is problematic, or that data is damaged in the transmission process.
After the target log analysis is completed, the analysis result can be fed back to a system administrator or developer so that the administrator can take measures in time to repair faults or optimize the system. In addition, the analysis results can also be used for continuous improvement of system performance, for example, a method for optimizing network architecture can be found by analyzing network delay, and encryption algorithms and redundancy strategies for data transmission and storage can be improved by analyzing data integrity problems.
By collecting and analyzing the operation log of the target network, the system faults are found and processed in time, the stable operation and the data safety of the alliance chain storage network based on the private IPFS are ensured, the purposes of active monitoring and prevention strategies in the operation and fault processing of the target network are achieved, and the technical effect of improving the reliability of the target network is achieved.
Optionally, the distributed file system comprises an interstellar file system.
In this embodiment, the distributed file system may be an interplanetary file system (IPFS), which prevents illegal access and data theft of external nodes by constructing a private IPFS network, and ensures secure storage of block files. And by utilizing the distributed storage characteristic of IPFS, the decentralised storage of the block files is realized, and the storage pressure and the overall storage cost of a single node are reduced. Through a multi-node storage and synchronization mechanism, it is ensured that even if part of nodes fail or go offline, the block file can still be accessed and transmitted through other nodes.
By means of the embodiment, the block files are stored in a scattered mode on a plurality of nodes by means of the decentralization characteristic of IPFS, and the risks of single-point faults and data loss are effectively avoided. By combining encryption technology and node identity authentication mechanism, only authorized nodes can access and modify data, the security of data storage is enhanced, end-to-end encryption is adopted in the data transmission and storage process, the privacy and security of the data in the transmission process are ensured, and the data is prevented from being intercepted or tampered by unauthorized parties. Strict privacy policies and access control policies are formulated, access to sensitive data is limited, and user privacy is protected. By means of distributed storage, storage burden is distributed to a plurality of nodes, storage pressure of a single node is reduced, and overall storage cost is reduced. By utilizing a IPFS redundant storage and cache mechanism, the data redundancy and repeated storage are effectively reduced, and the resource utilization rate is improved.
In this embodiment, since the block data is distributed on a plurality of nodes, the user can quickly obtain the required data from the nearest node, thereby improving the data access speed. With the expansion of the federation chain and the addition of new nodes, the private IPFS network can easily expand storage capacity and computing power, meeting the ever-increasing data storage requirements. Through IPFS's distributed storage mechanism, realize redundant storage and backup of data, even partial node breaks down or data loss, also can resume data from other nodes. And by combining IPFS-Cluster deployment, automatic fault transfer and data synchronization among nodes are realized, and high availability and stability of the system are ensured.
Therefore, the method for storing the block file provided by the embodiment has obvious advantages in the aspects of improving the data storage safety, enhancing the data privacy protection, reducing the storage cost, improving the system efficiency and the expandability, enhancing the system fault tolerance and the reliability and the like.
Example two
An embodiment of the present invention provides an optional storage device for block files, where each implementation unit in the storage device corresponds to each implementation step in the first embodiment.
Fig. 3 is a schematic diagram of an alternative block file storage device according to an embodiment of the present invention, as shown in fig. 3, including a receiving unit 31 and a storage unit 32.
The receiving unit 31 is configured to receive, through a high-availability cluster management tool in a target network, a block file generated by a coalition chain, where a node in the target network includes a block chain node in the coalition chain, and the target network refers to a network built based on a distributed file system;
And the storage unit 32 is used for storing the block file fragments into storage devices associated with a plurality of block chain nodes in the target network by using a distributed storage strategy through a high-availability cluster management tool.
In the storage device for block files provided in the second embodiment of the present invention, the block files generated by the coalition chain may be received by the receiving unit 31 through the high-availability cluster management tool in the target network, where the nodes in the target network include the block chain nodes in the coalition chain, the target network refers to a network built based on the distributed file system, and the block files are stored in the storage devices associated with the plurality of block chain nodes in the target network in a partitioned manner by adopting the distributed storage policy through the storage unit 32 through the high-availability cluster management tool. And further, the technical problem that the storage pressure of storing a single node in all nodes in the alliance chain is high is solved. In this embodiment, by deploying the target network built based on the distributed file system in the federation chain, after the federation chain generates a new block file, the block file may be stored in a plurality of nodes in the target network in a fragmented manner, so that the situation that all nodes in the federation chain need to store a complete block file and the storage pressure of a single node is large is avoided, and thus the technical effect of reducing the storage pressure of nodes in the federation chain is achieved.
Optionally, in the storage device for a block file provided in the second embodiment of the present invention, the storage device for a block file further includes a conversion unit, configured to, after the block file is distributed and stored into storage devices associated with a plurality of blockchain nodes in a target network by using a high-availability cluster management tool, convert content of the block file into hash values by using the high-availability cluster management tool to obtain target hash values, and a broadcast unit, configured to broadcast the target hash values to all the blockchain nodes in the target network, so that the blockchain nodes in the target network verify the integrity of the block file.
Optionally, in the storage device for a block file provided in the second embodiment of the present invention, the type of the blockchain node in the target network includes a server, and the storage device for a block file further includes a first processing unit configured to install a distributed file system on the target server and configure target parameters on the target server before receiving the block file generated by the alliance chain through a high-availability cluster management tool in the target network, to obtain a configured target server, where the target parameters include parameters required when the target server communicates in the target network, and a second processing unit configured to access the configured target server to the target network and use the configured target server as the blockchain node in the alliance chain.
Optionally, in the storage device for a block file provided in the second embodiment of the present invention, the second processing unit includes an obtaining subunit, configured to obtain a key of the configured target server, to obtain a target key, an verifying subunit, configured to verify the configured target server based on the target key, to obtain a verification result, and an access subunit, configured to access the configured target server to the target network when the verification result indicates that the configured target server passes the verification.
Optionally, in the storage device for a block file provided in the second embodiment of the present invention, the storage device for a block file further includes an uploading unit, for uploading the block file to the target network based on an application programming interface of the target network in a case where the block file is generated in the federation chain before the block file generated by the federation chain is received by the high-availability cluster management tool in the target network, and an encrypting unit, for encrypting the block file by using an encryption algorithm before the block file is uploaded to the target network.
Optionally, in the storage device for a block file provided in the second embodiment of the present invention, the storage device for a block file further includes a collecting unit, configured to collect log data generated by a target network during an operation process of the target network to obtain target log data, and an analyzing unit, configured to analyze whether the target network has a fault based on the target log data to obtain an analysis result.
Optionally, in the storage device for block files provided in the second embodiment of the present invention, the distributed file system includes an interstellar file system.
The storage device for a block file may further include a processor and a memory, where the receiving unit 31 and the storage unit 32 are stored as program units, and the processor executes the program units stored in the memory to implement corresponding functions.
The processor includes a kernel, and the kernel fetches a corresponding program unit from the memory. The kernel can set one or more than one target network built on the basis of the distributed file system by adjusting kernel parameters, after the alliance chain generates a new block file, the block file can be stored into a plurality of nodes in the target network in a slicing way, the situation that all nodes in the alliance chain need to store complete block files and the storage pressure of a single node is large is avoided, and therefore the technical effect of reducing the storage pressure of nodes in the alliance chain is achieved.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM), which includes at least one memory chip.
According to another aspect of the embodiment of the invention, there is also provided an electronic device, including a processor, and a memory for storing executable instructions of the processor, wherein the processor is configured to execute the method for storing the block file of any one of the above through execution of the executable instructions.
According to another aspect of the embodiment of the present invention, there is also provided a computer readable storage medium, in which a computer program is stored, where the storage method of the block file of any one of the above items is controlled by a device in which the computer readable storage medium is located when the computer program is executed.
Fig. 4 is a schematic diagram of an electronic device according to an embodiment of the present invention, and as shown in fig. 4, an embodiment of the present invention provides an electronic device 40, where the electronic device includes a processor, a memory, and a program stored on the memory and capable of running on the processor, and the processor implements a method for storing a block file of any one of the above when executing the program.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
In the foregoing embodiments of the present invention, the descriptions of the embodiments are emphasized, and for a portion of this disclosure that is not described in detail in this embodiment, reference is made to the related descriptions of other embodiments.
In the several embodiments provided in the present application, it should be understood that the disclosed technology may be implemented in other manners. The above-described embodiments of the apparatus are merely exemplary, and the division of the units, for example, may be a logic function division, and may be implemented in another manner, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interfaces, units or modules, or may be in electrical or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied essentially or in part or all of the technical solution or in part in the form of a software product stored in a storage medium, including instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. The storage medium includes a U disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a removable hard disk, a magnetic disk, or an optical disk, etc. which can store the program code.
The foregoing is merely a preferred embodiment of the present invention and it should be noted that modifications and adaptations to those skilled in the art may be made without departing from the principles of the present invention, which are intended to be comprehended within the scope of the present invention.

Claims (10)

1.一种区块文件的存储方法,其特征在于,包括:1. A method for storing block files, comprising: 通过目标网络中的高可用集群管理工具,接收联盟链生成的区块文件,其中,所述目标网络中的节点包括:所述联盟链中的区块链节点,所述目标网络是指基于分布式文件系统搭建的网络;Receiving the block file generated by the alliance chain through a high-availability cluster management tool in the target network, wherein the nodes in the target network include: blockchain nodes in the alliance chain, and the target network refers to a network built based on a distributed file system; 通过所述高可用集群管理工具,采用分布式存储策略将所述区块文件分片存储至所述目标网络中多个区块链节点关联的存储设备中。Through the high-availability cluster management tool, a distributed storage strategy is adopted to store the block file fragments in storage devices associated with multiple blockchain nodes in the target network. 2.根据权利要求1所述的存储方法,其特征在于,在通过所述高可用集群管理工具,将所述区块文件分布式存储至所述目标网络的多个区块链节点关联的存储设备中之后,还包括:2. The storage method according to claim 1 is characterized in that after the block file is distributedly stored in the storage devices associated with the multiple blockchain nodes of the target network through the high-availability cluster management tool, it also includes: 通过所述高可用集群管理工具,将所述区块文件的内容转换为哈希值,得到目标哈希值;By using the high-availability cluster management tool, the content of the block file is converted into a hash value to obtain a target hash value; 将所述目标哈希值广播至所述目标网络中的所有区块链节点,以使所述目标网络中的区块链节点对所述区块文件的完整性进行验证。The target hash value is broadcast to all blockchain nodes in the target network, so that the blockchain nodes in the target network can verify the integrity of the block file. 3.根据权利要求1所述的存储方法,其特征在于,所述目标网络中的区块链节点的类型包括:服务器,在通过目标网络中的高可用集群管理工具,接收联盟链生成的区块文件之前,还包括:3. The storage method according to claim 1 is characterized in that the types of blockchain nodes in the target network include: servers, and before receiving the block files generated by the alliance chain through the high-availability cluster management tool in the target network, it also includes: 在目标服务器上安装所述分布式文件系统,并在所述目标服务器上配置目标参数,得到配置后的目标服务器,其中,所述目标参数包括:所述目标服务器在所述目标网络中进行通信时所需的参数;Installing the distributed file system on a target server and configuring target parameters on the target server to obtain a configured target server, wherein the target parameters include: parameters required by the target server for communication in the target network; 将所述配置后的目标服务器接入所述目标网络,并将配置后的所述目标服务器作为所述联盟链中的区块链节点。The configured target server is connected to the target network, and the configured target server is used as a blockchain node in the alliance chain. 4.根据权利要求3所述的存储方法,其特征在于,将所述配置后的目标服务器接入所述目标网络,包括:4. The storage method according to claim 3, characterized in that connecting the configured target server to the target network comprises: 获取所述配置后的目标服务器的秘钥,得到目标秘钥;Obtain the secret key of the target server after the configuration to obtain the target secret key; 基于所述目标秘钥对所述配置后的目标服务器进行验证,得到验证结果;Verifying the configured target server based on the target key to obtain a verification result; 在所述验证结果指示所述配置后的目标服务器通过验证的情况下,将所述配置后的目标服务器接入所述目标网络。When the verification result indicates that the configured target server passes the verification, the configured target server is connected to the target network. 5.根据权利要求1所述的存储方法,其特征在于,5. The storage method according to claim 1, characterized in that: 在通过目标网络中的高可用集群管理工具,接收联盟链生成的区块文件之前,还包括:在所述联盟链中生成所述区块文件的情况下,基于所述目标网络的应用程序编程接口,将所述区块文件上传至所述目标网络;Before receiving the block file generated by the alliance chain through the high-availability cluster management tool in the target network, the method further includes: when the block file is generated in the alliance chain, uploading the block file to the target network based on the application programming interface of the target network; 在将所述区块文件上传至所述目标网络之前,还包括:采用加密算法对所述区块文件进行加密处理。Before uploading the block file to the target network, the method further includes: encrypting the block file using an encryption algorithm. 6.根据权利要求1所述的存储方法,其特征在于,所述方法还包括:6. The storage method according to claim 1, characterized in that the method further comprises: 在所述目标网络的运行过程中,对所述目标网络产生的日志数据进行收集,得到目标日志数据;During the operation of the target network, log data generated by the target network is collected to obtain target log data; 基于所述目标日志数据,分析所述目标网络是否存在故障,得到分析结果。Based on the target log data, analyze whether the target network has a fault and obtain an analysis result. 7.根据权利要求1所述的存储方法,其特征在于,所述分布式文件系统包括:星际文件系统。7. The storage method according to claim 1 is characterized in that the distributed file system comprises: InterPlanetary File System. 8.一种区块文件的存储装置,其特征在于,包括:8. A storage device for block files, comprising: 接收单元,用于通过目标网络中的高可用集群管理工具,接收联盟链生成的区块文件,其中,所述目标网络中的节点包括:所述联盟链中的区块链节点,所述目标网络是指基于分布式文件系统搭建的网络;A receiving unit, configured to receive a block file generated by a consortium chain through a high-availability cluster management tool in a target network, wherein the nodes in the target network include: blockchain nodes in the consortium chain, and the target network refers to a network built based on a distributed file system; 存储单元,用于通过所述高可用集群管理工具,采用分布式存储策略将所述区块文件分片存储至所述目标网络中多个区块链节点关联的存储设备中。A storage unit is used to store the block file fragments in storage devices associated with multiple blockchain nodes in the target network using a distributed storage strategy through the high-availability cluster management tool. 9.一种计算机可读存储介质,其特征在于,所述计算机可读存储介质中存储有计算机程序,其中,在所述计算机程序运行时控制所述计算机可读存储介质所在设备执行权利要求1至7中任意一项所述的区块文件的存储方法。9. A computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, wherein when the computer program is running, the device where the computer-readable storage medium is located is controlled to execute the block file storage method described in any one of claims 1 to 7. 10.一种电子设备,其特征在于,包括一个或多个处理器和存储器,所述存储器用于存储一个或多个程序,其中,当所述一个或多个程序被所述一个或多个处理器执行时,使得所述一个或多个处理器实现权利要求1至7中任意一项所述的区块文件的存储方法。10. An electronic device, characterized in that it comprises one or more processors and a memory, wherein the memory is used to store one or more programs, wherein when the one or more programs are executed by the one or more processors, the one or more processors implement the block file storage method described in any one of claims 1 to 7.
CN202411706843.3A 2024-11-26 2024-11-26 Block file storage method, device, storage medium and electronic device Pending CN119583577A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411706843.3A CN119583577A (en) 2024-11-26 2024-11-26 Block file storage method, device, storage medium and electronic device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411706843.3A CN119583577A (en) 2024-11-26 2024-11-26 Block file storage method, device, storage medium and electronic device

Publications (1)

Publication Number Publication Date
CN119583577A true CN119583577A (en) 2025-03-07

Family

ID=94805390

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411706843.3A Pending CN119583577A (en) 2024-11-26 2024-11-26 Block file storage method, device, storage medium and electronic device

Country Status (1)

Country Link
CN (1) CN119583577A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115964730A (en) * 2023-01-09 2023-04-14 广东开放大学(广东理工职业学院) A blockchain information storage method based on alliance chain multi-chain
WO2024001304A1 (en) * 2022-06-30 2024-01-04 华为云计算技术有限公司 Data processing method and related device
CN118118153A (en) * 2024-03-19 2024-05-31 中国南方电网有限责任公司 Smart power grids data security interaction system
CN118353606A (en) * 2024-06-18 2024-07-16 鹏城实验室 Blockchain-based network threat intelligence sharing method, system, device and medium
CN118713902A (en) * 2024-07-12 2024-09-27 浪潮云洲工业互联网有限公司 A method, system, device and storage medium for sharing trusted data in the Internet of Things

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024001304A1 (en) * 2022-06-30 2024-01-04 华为云计算技术有限公司 Data processing method and related device
CN115964730A (en) * 2023-01-09 2023-04-14 广东开放大学(广东理工职业学院) A blockchain information storage method based on alliance chain multi-chain
CN118118153A (en) * 2024-03-19 2024-05-31 中国南方电网有限责任公司 Smart power grids data security interaction system
CN118353606A (en) * 2024-06-18 2024-07-16 鹏城实验室 Blockchain-based network threat intelligence sharing method, system, device and medium
CN118713902A (en) * 2024-07-12 2024-09-27 浪潮云洲工业互联网有限公司 A method, system, device and storage medium for sharing trusted data in the Internet of Things

Similar Documents

Publication Publication Date Title
Wang et al. Chainsplitter: Towards blockchain-based industrial iot architecture for supporting hierarchical storage
US8667096B2 (en) Automatically generating system restoration order for network recovery
KR102618665B1 (en) Version history management using blockchain
US9940208B2 (en) Generating reverse installation file for network restoration
JP7592089B2 (en) Efficient threshold storage of data objects
US20210194672A1 (en) Partially-ordered blockchain
CN111209262B (en) Large-scale distributed secure storage system based on block chain
US20100223609A1 (en) Systems and methods for automatic discovery of network software relationships
CN111737104B (en) Block chain network service platform, test case sharing method thereof and storage medium
CN112149105A (en) Data processing system, method, related equipment and storage medium
Li et al. A secure, reliable and low-cost distributed storage scheme based on blockchain and IPFS for firefighting IoT data
CN118484219B (en) Baseboard management controller cluster firmware upgrading method, product, equipment and medium
CN112564985A (en) Safe operation and maintenance management method based on block chain
CN114239044B (en) A decentralized traceable shared access system
CN115208779A (en) Data stream monitoring method based on block chain and big data and cloud computing service platform
CN114036560A (en) A blockchain-based charging pile subsidy data management method
US12353559B2 (en) Agentless attestation as a service
CN119583577A (en) Block file storage method, device, storage medium and electronic device
CN116232608A (en) Distributed trusted data sharing method and device based on blockchain
CN114189515A (en) SGX-based server cluster log acquisition method and device
CN113570321A (en) Hydrogen Energy Data Management System
CN118713816B (en) Server system, firmware processing method, device, equipment, medium and product
CN112333036B (en) Multi-storage-node-based power Internet of things configuration data backup method and device
US12045256B2 (en) Tracing data in complex replication system
JP7710448B2 (en) Partially ordered blockchain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination