CN109462570B - Block chain-based cross-cloud platform computing system and computing method applying same - Google Patents
Block chain-based cross-cloud platform computing system and computing method applying same Download PDFInfo
- Publication number
- CN109462570B CN109462570B CN201811021095.XA CN201811021095A CN109462570B CN 109462570 B CN109462570 B CN 109462570B CN 201811021095 A CN201811021095 A CN 201811021095A CN 109462570 B CN109462570 B CN 109462570B
- Authority
- CN
- China
- Prior art keywords
- service
- cloud platform
- block chain
- cloud
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004364 calculation method Methods 0.000 title claims abstract description 23
- 238000012544 monitoring process Methods 0.000 claims abstract description 35
- 230000000007 visual effect Effects 0.000 claims abstract description 9
- 238000007726 management method Methods 0.000 claims description 47
- 238000000586 desensitisation Methods 0.000 claims description 12
- 238000012545 processing Methods 0.000 claims description 8
- 238000000034 method Methods 0.000 claims description 7
- 238000012550 audit Methods 0.000 claims description 6
- 238000004891 communication Methods 0.000 claims description 5
- 238000007405 data analysis Methods 0.000 claims description 3
- 230000000977 initiatory effect Effects 0.000 claims description 3
- 230000003993 interaction Effects 0.000 abstract description 10
- 238000013500 data storage Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 241000209202 Bromus secalinus Species 0.000 description 2
- 238000013475 authorization Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000004888 barrier function Effects 0.000 description 1
- 238000009395 breeding Methods 0.000 description 1
- 230000001488 breeding effect Effects 0.000 description 1
- 230000019771 cognition Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000000126 substance Substances 0.000 description 1
- 238000012800 visualization Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0421—Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
- H04L67/1004—Server selection for load balancing
- H04L67/1008—Server selection for load balancing based on parameters of servers, e.g. available memory or workload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Medical Treatment And Welfare Office Work (AREA)
Abstract
The invention discloses a block chain-based cross-cloud platform computing system and a computing method using the same, and belongs to the technical field of block chains. The computing system is deployed to a plurality of cloud platforms in a distributed manner, and comprises: the system comprises a bottom layer block chain framework with a block chain network layer and block chain interfaces, wherein the block chain interfaces are used for interaction between each cloud platform and the block chain network layer so as to execute operation; the joint management monitoring system is used for managing an open service interface, configuring a service management protocol, a security policy protocol and deploying an intelligent contract, and is further interacted with the block link interface to monitor the state of each cloud platform and provide visual data; a distributed attribute access system controlled by a blockchain network layer to provide secure storage, sharing, and private data computation. The embodiment of the invention can solve the problems of low efficiency, high expenditure management and low resource utilization rate of the treatment of the cross-cloud system.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to a block chain-based cross-cloud platform computing system and a computing method using the same.
Background
Many enterprises and public sectors are currently equipped with large numbers of private cloud systems, and management is becoming increasingly complex and inefficient due to simple usage operational requirements, barriers between elastic resource providers, and limited access to distributed data sources. In the future, the system can work across a plurality of cloud systems, based on the access requirements on data and services, so as to better utilize computable resources, and a current urgent need is to provide a software bottom layer architecture to ensure safe and controllable interaction.
Broadly speaking, the governance capability of a cross-cloud system can encourage more applications and breeding system integrators of private clouds for public departments. Internationally many countries, such as china, the united states, south africa, italy and france, face a high rate of increase in small and medium data centers concurrently supporting public relations. This results in inefficiency, high overhead management, and low resource utilization. Cloud federation (cloud provisioning) is a practical activity to interconnect the cloud computing (cloud computing) environments of two or more service providers with the goal of load balancing (load balancing) traffic on demand and accommodating peaks.
For the public sector, federated cloud computing systems are just needed, for example, insurance companies (ABC) currently face a challenge of isolating data from public authorities distributed on the cloud in order to calculate medical claims for patients. In particular, the current compliance legal framework states that Hospitals (HG) are the only controllers of medically sensitive data, however ABC requires access to these data for correct calculation of claims, e.g. from cognition, local social and medical insurance correlations are calculated based on the patient's actual residence, but this site is sealed by HG for data classification purposes. To overcome these problems, ABC has advanced a sophisticated collaboration with HG, where part of the medical premium calculations are done locally and then used by ABC. However, this has led to an uncontrolled, misbehaving and misbehaving trend, such as large payments occurring in a short time to avoid tax expenditures. These fraud are delicate and not easily detectable. And ABC relies on, or even has no control over, most of the medical insurance premium data. Thus, ABC requires different such deployments in use cases, introducing sufficient computational guarantees for the sensitive data used and the computation performed.
However, no corresponding solution is available at present how to solve the problems of low efficiency, high-cost management and excessively low resource utilization rate of the treatment of the cross-cloud system.
Disclosure of Invention
In order to solve one of the technical problems in the prior art, the invention provides a block chain-based cross-cloud platform computing system and a computing method using the same, and the specific technical scheme of the invention is as follows:
in a first aspect, a block chain based cross-cloud platform computing system is provided, where the computing system is deployed to multiple cloud platforms in a distributed manner, and the computing system includes:
an underlying blockchain architecture having a blockchain network layer and blockchain interfaces for each of the cloud platforms to interact with the blockchain network layer to perform operations;
the combined management monitoring system is used for managing an open service interface, configuring a service management protocol, a security policy protocol and deploying an intelligent contract, and is also interacted with the block chain interface to monitor the state of each cloud platform and provide visual data;
a distributed attribute access system controlled by the blockchain network layer to provide secure storage, sharing, and private data computation.
In one embodiment, the computing system further comprises a federated monitoring system comprising:
the operation monitoring unit is used for monitoring the load data of each cloud platform in operation;
and the offline monitoring unit is used for monitoring the audit information uploaded to the block chain by each cloud platform.
In one embodiment, the computing system further comprises:
the intelligent work load manager is used for acquiring load index data analysis reported by each cloud platform through a resource scheduling management interface of each cloud platform and receiving scheduling information of the joint management system;
the intelligent workload manager is further used for acquiring the open service interface information through the block link interface, and selecting optimal service scheduling and optimizing resource scheduling of the cloud complex according to an interface service protocol.
In one embodiment, the computing system further comprises:
and the identity management component is used for interacting with the blockchain interface to provide identity authentication of each cloud platform.
In one embodiment, the operations include at least one of:
calling an intelligent contract, reading chain state information, monitoring a chain broadcast event, storing key information and establishing an authorized service contract model on a block chain network.
In one embodiment, the joint management monitoring system includes:
the cloud joint management control unit is used for interacting with the block chain interface;
the visual UI control unit is used for providing cloud joint tenant management and cloud joint member management;
the service configuration unit is used for managing respective open services, configuring service security policies, service protocol access security and service performance requirements by each cloud platform;
the auditing service unit is used for providing a visual service auditing report, charging management and auditing service;
and the intelligent contract deployment unit is used for deploying various types of intelligent contracts to the block chain network by the cloud platforms.
In one embodiment, the distributed attribute access system comprises:
the data anonymity service component is used for providing data anonymity service and storing a data anonymity strategy on the block chain;
the data desensitization service component is used for performing mask processing on sensitive data according to a desensitization protocol strategy, wherein the desensitization protocol strategy is configured by a user and stored in a block chain;
and the safety multi-party computing service component is used for initiating multi-party computing through the intelligent contract so that each cloud platform triggers the intelligent contract after receiving the contract computing request and provides respective data participating computing service.
In one embodiment, the data anonymity service component is specifically configured to:
the data Anonymity policy is stored on the blockchain using the K-Anonymity algorithm.
In a second aspect, a sensitive data computing method is provided, where the computing system based on the blockchain across cloud platforms according to the first aspect is applied to perform computing of sensitive data, the method includes:
deploying the computing system to a cloud platform of an insurance company and a cloud platform of a hospital in a distributed mode, and establishing communication connection between the cloud platform of the insurance company and the cloud platform of the hospital;
deploying, by the insurance company, intelligent contracts on the blockchain network for calculating local patient medical claim information, and validating through the hospital voting;
issuing, by the hospital, a claim calculation request to the insurance company to cause the insurance company to return an identification of an intelligent contract corresponding to the claim calculation request;
calling an intelligent contract by the hospital according to the identification of the intelligent contract to access local sensitive data and calculate a corresponding claim settlement cost result, wherein the sensitive data is encrypted by a private key of the hospital in advance;
and broadcasting the claim settlement expense result to the insurance company by the hospital so that the insurance company carries out claim checking processing according to the claim settlement expense result.
By applying the technical scheme of the invention, the block chain-based cross-cloud platform computing system provided by the invention is deployed on a plurality of cloud platforms in a distributed manner, and comprises a bottom layer block chain architecture, a distributed attribute access system and a combined management monitoring system, cloud combination is taken as a service solution given by the block chain technology, and recoverable data storage and a distributed convenient computing facility are provided by the bottom layer block chain architecture, so that the requirements on a trusted third party can be reduced, the system risks caused by disputes and cheats in cross-cloud platform interaction can be reduced, and the problems of low efficiency, high-expenditure management and low resource utilization rate of the cross-cloud system are solved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a block diagram of a computing system of a block chain based cross-cloud platform provided by the present invention;
FIG. 2 is a block chain based computing system topology diagram across cloud platforms provided by the present invention;
fig. 3 is a flowchart of a sensitive data calculation method provided by the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
An embodiment of the present invention provides a block chain based cross-cloud platform computing system, which is implemented by a software platform, and the concept of the software platform is to be deployed to multiple cloud platforms in a distributed manner, so as to avoid any central control. Referring to FIG. 1, the computing system includes:
the system comprises a bottom layer block chain framework 10 with a block chain network layer 11 and a block chain interface 12, wherein the block chain interface 12 is used for interaction between each cloud platform and the block chain network layer 11 to execute operation;
the joint management monitoring system 20 is configured to manage an open service interface, configure a service management protocol, a security policy protocol, and deploy an intelligent contract, and the joint management monitoring system 20 further interacts with the blockchain interface 12 to monitor the state of each cloud platform and provide visual data.
A distributed attribute access system 30, the distributed attribute access system 30 controlled by the blockchain network layer 11 to provide secure storage, sharing, and private data computation;
the bottom layer block chain architecture in this embodiment is referred to as Service edge, and provides a Service edge Service through the bottom layer block chain architecture, that is, a recoverable data storage and a distributed convenient computing facility can be provided, so that the demand on a trusted third party can be reduced, and the system risk caused by dispute and fraud in the interaction across cloud platforms can be reduced. The interaction between the cloud Service and the block chain is completed by a block chain Interface (Service edge Interface), and operations such as a key for reading the data anonymity Service, a read Service authorization protocol, a read data security policy protocol and the like can be read from the chain.
The bottom-layer blockchain architecture (Service edge) is deployed in respective local areas by each cloud platform, each cloud platform interacts with the blockchain network through the Service edge Service to execute corresponding operations, where the operations include, but are not limited to: the method comprises the following operations of calling an intelligent contract, reading chain state information, monitoring a chain broadcast event, storing key information, establishing an authorized service contract model on a chain network and the like.
Further, referring to FIG. 1, the computing system further includes a joint monitoring system 40, the joint monitoring system 40 including:
the runtime monitoring unit 41 is configured to monitor load data of each cloud platform during runtime;
and the offline monitoring unit 42 is used for monitoring the audit information uploaded to the block chain by each cloud platform.
In this embodiment, the runtime monitoring unit collects load data reported from each cloud platform, where the load data may be provided by an Iaas, Paas, Saas, and other related service open interfaces provided by each cloud platform, and monitors the service resource usage load of each cloud platform according to the load data. The auditing information uploaded to the block chain by each cloud platform is obtained by performing authorization service operation by each cloud platform and performing chain linking through each component, and the offline monitoring unit provides auditing report service, charging service and the like according to the auditing information.
Further, referring to fig. 1, the computing system further comprises:
the intelligent work load manager 50 is used for acquiring load index data analysis reported by each cloud platform through a resource scheduling management interface of each cloud platform and receiving scheduling information of the joint management system;
the intelligent workload manager 50 is further configured to obtain the open service interface information through the blockchain interface 12, and select an optimal service schedule according to the interface service protocol, and optimize resource scheduling of the cloud complex.
Further, referring to fig. 1, the computing system further comprises:
and an identity management component 60 for interacting with the blocklink interface to provide identity authentication of each cloud platform. Wherein the authentication information includes information related to the access user, the administrator, the service provider, and the platform assembly, and the authentication information is stored on the chain.
Further, referring to fig. 1, the joint management monitoring system 20 includes:
a cloud joint management control unit 21, configured to interact with the block link interface;
a visualization UI control unit 22 to provide cloud federation tenant management and cloud federation member management;
the service configuration unit 23 is configured to enable each cloud platform to manage respective open services, configure service security policies, service protocol access security, and service performance requirements;
the audit service unit 24 is used for providing a visual service audit report, charging management and audit service;
and the intelligent contract deployment unit 25 is used for deploying various types of intelligent contracts to the blockchain network by each cloud platform.
Further, referring to fig. 1, the distributed attribute access system 30 includes a data anonymization service component 31, a data desensitization service component 32 and a secure multi-party computation service component 33, and the distributed attribute access system 30 is controlled by the blockchain network, and configures the field access policy and the access authority of the data at the blockchain network layer; wherein the content of the first and second substances,
a data anonymization service component 31, configured to provide a data anonymization service, and store a data anonymization policy on the blockchain;
the data desensitization service component 32 is configured to perform mask processing on the sensitive data according to a desensitization protocol policy, where the desensitization protocol policy is configured by a user and stored in a block chain;
and the secure multi-party computing service component 33 is used for initiating multi-party computing through the intelligent contract, so that each cloud platform triggers the intelligent contract after receiving the contract computing request, and provides respective data participating computing service.
Further, the data anonymity service component 31 is specifically configured to:
the data Anonymity policy is stored on the blockchain using the K-Anonymity algorithm.
The computing system based on the block chain and across cloud platforms is deployed on a plurality of cloud platforms in a distributed mode and comprises a bottom layer block chain architecture, a distributed attribute access system and a combined management monitoring system, cloud is combined to serve as a service solution in an enabling mode through a block chain technology, and recoverable data storage and a distributed convenient computing facility are provided through the bottom layer block chain architecture, so that the requirements for a trusted third party can be reduced, system risks caused by disputes and cheats in interaction across cloud platforms are reduced, and the problems of low efficiency, high expenditure management and low resource utilization rate of management of the across cloud systems are solved.
An application case of the block chain-based cross-cloud platform computing system in the embodiment of the present invention will be described in detail below.
For insurance companies (ABC), two conflicting requirements must be balanced: the certifying insurance company (ABC) calculates the sensitive data while keeping the sensitive data within the Hospital (HG) range. Intuitively, the medical expense claim system needs to be divided into two parts, one logically deployed at ABC for computing large amounts of claim details and one logically deployed at HG for processing regionalized sensitive data. In order to implement such an infrastructure, the following two points must therefore be satisfied, including:
1, the cloud complexes of ABC and HG must be securely federated together;
2, the ancillary medical claims system of HG must be tamper-proof so that the calculations expected by ABC at the HG end are guaranteed.
Based on the above, the block chain-based cloud platform-crossing computing system is applied to the cloud platforms of insurance companies and hospitals, and as shown in fig. 2, the computing system is deployed on the cloud platforms of insurance companies and hospitals in a distributed manner, so that the problem of safety and controllability of interaction of data and services of cloud computing across multiple types is solved, and sensitive data computing is realized.
Referring to fig. 3, the specific steps of the sensitive data calculation method may include:
s1, deploying the computing system on the cloud platform of the insurance company and the cloud platform of the hospital in a distributed mode, and establishing communication connection between the cloud platform of the insurance company and the cloud platform of the hospital.
Firstly, the cloud platforms of the insurance company and the hospital are connected together safely through the block chain-based cross-cloud platform computing system of the embodiment, so that the controllability and the safety of communication in the cloud can be ensured. The ABC and the HG respectively deploy network nodes of a bottom layer block chain architecture (Service edge) in respective clouds. In order to establish network communication between the cloud platforms, in practical application, Service edge network nodes need to be deployed in a uniform vpn network, so that the Service edge can meet the guarantee requirement of the application case on data and code execution.
A joint management monitoring system (FAM) component, a block link interface (SLI) component, an Intelligent Workload Manager (IWM) component, and an data Anonymization (ANM) component, a data Desensitization (DM) component, a Secure multi-party computing (SMC) component, and an Identity management (ID) component, etc. are installed and deployed inside each of an insurance company and a hospital.
The insurance company and the hospital respectively register on respective cloud platforms to become cloud joint members, operate on a cloud joint management control unit of the joint management monitoring system to control an open service interface, and configure a service management protocol, a security policy protocol and the like.
S2, deploying, by the insurance company, an intelligent contract over the blockchain network for calculating local patient medical claim information, and validating through hospital voting.
In a specific implementation process, an insurance company deploys an intelligent contract on a cloud platform of the insurance company to a block chain network through an intelligent contract deployment unit of a joint management monitoring system, the intelligent contract comprises codes verified by the insurance company and used for calculating local patient medical treatment claims, and proposal voting is initiated, so that a hospital votes on a proposal initiated by the insurance company through the own joint management monitoring system to determine contract availability.
And S3, sending a claim calculation request to the insurance company by the hospital so that the insurance company returns the identification of the intelligent contract corresponding to the claim calculation request.
In a specific implementation, a hospital issues a claim calculation request to an insurance company, and the claim calculation request is notified to the insurance company through an underlying blockchain architecture (Service leader) network. After receiving the claim calculation request, the insurance company determines the corresponding intelligent contract identifier according to the claim calculation request, and broadcasts the intelligent contract identifier to the insurance company through a chain message, wherein the intelligent contract identifier is used for indicating a hospital to call the corresponding intelligent contract.
And S4, calling the intelligent contract by the hospital according to the identification of the intelligent contract to access local sensitive data and calculate a corresponding claim settlement cost result, wherein the sensitive data is encrypted by a private key of the hospital in advance.
In the specific implementation process, the hospital calls the intelligent contract according to the identification of the intelligent contract, and triggers the intelligent contract to access local sensitive data to calculate a corresponding claim settlement cost result. Sensitive data are encrypted by a private key of a hospital in advance, and the encrypted key is acquired from a chain by the hospital. Thus, disputes between insurance companies and hospitals can be avoided for the used data, and in most cases, the management of sensitive data is strongly dependent on the hospitals.
And S5, broadcasting the result of the claim settlement cost to the insurance company by the hospital, so that the insurance company carries out claim checking processing according to the result of the claim settlement cost.
In the specific implementation process, the claim settlement cost result is broadcast to the insurance company through a bottom layer block chain architecture (Service hedger) network, and the insurance company performs claim settlement processing according to the claim settlement cost result.
Further, after step S5, the method may further include:
the resulting transaction will record claim information in text form and then be used by the smart contract to format the sensitive input information in an encrypted form.
In this embodiment, to ensure privacy of the transaction sensitive information, the transaction record claim sensitive information is encrypted with the asymmetric key and then stored in the block chain.
According to the sensitive data computing method provided by the invention, the sensitive data is computed by applying the computing system of the cross-cloud platform based on the block chain in the embodiment, so that the insurance company can be proved to compute the sensitive data, and meanwhile, the sensitive data is kept in the controllable range of a hospital, thereby reducing the system risk brought by dispute and fraud in the interaction of the cross-cloud platform, and providing safety guarantee and controllable interaction for the access of the cross-cloud data and the access of the service.
All the above-mentioned optional technical solutions can be combined arbitrarily to form the optional embodiments of the present invention, and are not described herein again.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by associated hardware through a program, and the program may be stored in a computer readable storage medium, and the above mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (9)
1. A blockchain-based cross-cloud platform computing system, the computing system deployed in a distributed manner to a plurality of cloud platforms, the computing system comprising:
an underlying blockchain architecture having a blockchain network layer and blockchain interfaces for each of the cloud platforms to interact with the blockchain network layer to perform operations;
the combined management monitoring system is used for managing an open service interface, configuring a service management protocol, a security policy protocol and deploying an intelligent contract, and is also interacted with the block chain interface to monitor the state of each cloud platform and provide visual data;
a distributed attribute access system controlled by the blockchain network layer to provide secure storage, sharing, and private data computation;
the distributed attribute access system comprises a data anonymity service component, a data desensitization service component and a secure multi-party computing service component;
the secure multi-party computing service component is used for initiating multi-party computing through an intelligent contract, so that each cloud platform triggers the intelligent contract after receiving a contract computing request, and provides respective data participating computing service.
2. The computing system of claim 1, further comprising a federated monitoring system, the federated monitoring system comprising:
the operation monitoring unit is used for monitoring the load data of each cloud platform in operation;
and the offline monitoring unit is used for monitoring the audit information uploaded to the block chain by each cloud platform.
3. The computing system of claim 1, wherein the computing system further comprises:
the intelligent work load manager is used for acquiring load index data analysis reported by each cloud platform through a resource scheduling management interface of each cloud platform and receiving scheduling information of the joint management system;
the intelligent workload manager is further used for acquiring the open service interface information through the block link interface, and selecting optimal service scheduling and optimizing resource scheduling of the cloud complex according to an interface service protocol.
4. The computing system of claim 1, wherein the computing system further comprises:
and the identity management component is used for interacting with the blockchain interface to provide identity authentication of each cloud platform.
5. The computing system of any of claims 1 to 4, wherein the operations comprise at least one of:
calling an intelligent contract, reading chain state information, monitoring a chain broadcast event, storing key information and establishing an authorized service contract model on a block chain network.
6. The computing system of any of claims 1 to 4, wherein the federated management monitoring system comprises:
the cloud joint management control unit is used for interacting with the block chain interface;
the visual UI control unit is used for providing cloud joint tenant management and cloud joint member management;
the service configuration unit is used for managing respective open services, configuring service security policies, service protocol access security and service performance requirements by each cloud platform;
the auditing service unit is used for providing a visual service auditing report, charging management and auditing service;
and the intelligent contract deployment unit is used for deploying various types of intelligent contracts to the block chain network by the cloud platforms.
7. The computing system of any of claims 1 to 4, the data anonymization service component to provide data anonymization services, store data anonymization policies on blockchains;
the data desensitization service component is used for performing mask processing on sensitive data according to a desensitization protocol policy, wherein the desensitization protocol policy is configured by a user and stored in a block chain.
8. The computing system of claim 7, wherein the data anonymity service component is specifically to:
the data Anonymity policy is stored on the blockchain using the K-Anonymity algorithm.
9. A sensitive data computing method, wherein the computing system based on the block chain across cloud platforms of any one of claims 1 to 8 is applied to perform computing of sensitive data, and the method comprises:
deploying the computing system to a cloud platform of an insurance company and a cloud platform of a hospital in a distributed mode, and establishing communication connection between the cloud platform of the insurance company and the cloud platform of the hospital;
deploying, by the insurance company, intelligent contracts on the blockchain network for calculating local patient medical claim information, and validating through the hospital voting;
issuing, by the hospital, a claim calculation request to the insurance company to cause the insurance company to return an identification of an intelligent contract corresponding to the claim calculation request;
calling an intelligent contract by the hospital according to the identification of the intelligent contract to access local sensitive data and calculate a corresponding claim settlement cost result, wherein the sensitive data is encrypted by a private key of the hospital in advance;
and broadcasting the claim settlement expense result to the insurance company by the hospital so that the insurance company carries out claim checking processing according to the claim settlement expense result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811021095.XA CN109462570B (en) | 2018-09-03 | 2018-09-03 | Block chain-based cross-cloud platform computing system and computing method applying same |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811021095.XA CN109462570B (en) | 2018-09-03 | 2018-09-03 | Block chain-based cross-cloud platform computing system and computing method applying same |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109462570A CN109462570A (en) | 2019-03-12 |
| CN109462570B true CN109462570B (en) | 2021-04-06 |
Family
ID=65606475
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811021095.XA Active CN109462570B (en) | 2018-09-03 | 2018-09-03 | Block chain-based cross-cloud platform computing system and computing method applying same |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109462570B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112053239B (en) * | 2019-06-05 | 2024-05-03 | 深圳前海橙色魔方信息技术有限公司 | Financial asset transaction cloud platform based on blockchain |
| SG11202001888UA (en) * | 2019-06-21 | 2020-03-30 | Alibaba Group Holding Ltd | Methods and systems for automatic blockchain deployment based on cloud platform |
| CN111740973A (en) * | 2020-06-16 | 2020-10-02 | 深圳市迈科龙电子有限公司 | Intelligent defense system and method for block chain service and application |
| CN112466471A (en) * | 2020-12-16 | 2021-03-09 | 丁贤根 | Method for monitoring and adjusting wisdom |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106101242A (en) * | 2016-06-24 | 2016-11-09 | 深圳前海微众银行股份有限公司 | The construction method of block chain cloud service platform and device |
| CN107122477A (en) * | 2017-05-02 | 2017-09-01 | 成都中远信电子科技有限公司 | A kind of block chain storage system |
| CN107147704A (en) * | 2017-04-21 | 2017-09-08 | 杭州趣链科技有限公司 | A kind of generic service middleware system towards block chain |
| CN206639260U (en) * | 2017-04-18 | 2017-11-14 | 杜伯仁 | A kind of block chain network node serve device towards multi-tiling platform chain |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108123936B (en) * | 2017-12-13 | 2021-04-13 | 北京科技大学 | Access control method and system based on block chain technology |
-
2018
- 2018-09-03 CN CN201811021095.XA patent/CN109462570B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106101242A (en) * | 2016-06-24 | 2016-11-09 | 深圳前海微众银行股份有限公司 | The construction method of block chain cloud service platform and device |
| CN206639260U (en) * | 2017-04-18 | 2017-11-14 | 杜伯仁 | A kind of block chain network node serve device towards multi-tiling platform chain |
| CN107147704A (en) * | 2017-04-21 | 2017-09-08 | 杭州趣链科技有限公司 | A kind of generic service middleware system towards block chain |
| CN107122477A (en) * | 2017-05-02 | 2017-09-01 | 成都中远信电子科技有限公司 | A kind of block chain storage system |
Non-Patent Citations (1)
| Title |
|---|
| 腾讯云:区块链TBaaS产品白皮书;数据局;《搜狐新闻》;20180724;正文第3部分,图3-3 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109462570A (en) | 2019-03-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109462570B (en) | Block chain-based cross-cloud platform computing system and computing method applying same | |
| EP3688650B1 (en) | System and method for providing a representational state transfer proxy service for a blockchain cloud service | |
| Badger et al. | Cloud computing synopsis and recommendations | |
| US20180337931A1 (en) | System, method, and computer program for verifying virtual network function (vnf) package and/or network service definition integrity | |
| CN112154434A (en) | Automatic data projection of intelligent contract groups on blockchains | |
| Demchenko et al. | Security infrastructure for on-demand provisioned cloud infrastructure services | |
| KR102569409B1 (en) | Systems and methods for virtual distributed ledger networks | |
| Bracci et al. | Database security management for healthcare SaaS in the Amazon AWS Cloud | |
| Kim et al. | Benefits of cloud computing adoption for smart grid security from security perspective | |
| Altowaijri | An architecture to improve the security of cloud computing in the healthcare sector | |
| US20200351077A1 (en) | Systems and methods for control-data plane partitioning in virtual distributed ledger networks | |
| CN111429303A (en) | Service platform based on block chain | |
| Deng et al. | Towards trustworthy health platform cloud | |
| CN112335268A (en) | Device and method for creating and/or providing a working environment, in particular for use in a machine economy environment | |
| CN114357490A (en) | Data sharing method, device and system based on block chain | |
| US11146403B2 (en) | Self-governed secure attestation policy for server data privacy logs | |
| Lu et al. | ATMCC: design of the integration architecture of cloud computing and blockchain for air traffic management | |
| Iannucci et al. | IBM SmartCloud: Building a cloud enabled data center | |
| CN109474706B (en) | data security centralized service method and system | |
| Ngo et al. | Security framework for virtualised infrastructure services provisioned on-demand | |
| CN112926981B (en) | Transaction information processing method, device and medium for block chain and electronic equipment | |
| CN111769956B (en) | Service processing method, device, equipment and medium | |
| Maroua et al. | A new formal proxy-based approach for secure distributed business process on the cloud | |
| CN113315635A (en) | Computational resource sharing processing method based on decentralized architecture | |
| Filograna et al. | Cloudification of public services in smart cities the clips project |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20240306 Address after: Room 1179, W Zone, 11th Floor, Building 1, No. 158 Shuanglian Road, Qingpu District, Shanghai, 201702 Patentee after: Shanghai Zhongan Information Technology Service Co.,Ltd. Country or region after: China Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.) Patentee before: ZHONGAN INFORMATION TECHNOLOGY SERVICE Co.,Ltd. Country or region before: China |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20240415 Address after: Room 1179, W Zone, 11th Floor, Building 1, No. 158 Shuanglian Road, Qingpu District, Shanghai, 201702 Patentee after: Shanghai Zhongan Information Technology Service Co.,Ltd. Country or region after: China Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.) Patentee before: ZHONGAN INFORMATION TECHNOLOGY SERVICE Co.,Ltd. Country or region before: China |