CN109639437B - Monitoring method, device, equipment and medium based on trusted data source - Google Patents
Monitoring method, device, equipment and medium based on trusted data source Download PDFInfo
- Publication number
- CN109639437B CN109639437B CN201910017494.7A CN201910017494A CN109639437B CN 109639437 B CN109639437 B CN 109639437B CN 201910017494 A CN201910017494 A CN 201910017494A CN 109639437 B CN109639437 B CN 109639437B
- Authority
- CN
- China
- Prior art keywords
- website
- intelligent contract
- supervision
- data source
- trusted data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 63
- 238000012544 monitoring process Methods 0.000 title abstract description 10
- 230000008569 process Effects 0.000 claims abstract description 18
- 238000012545 processing Methods 0.000 claims description 34
- 230000000903 blocking effect Effects 0.000 claims description 30
- 238000012546 transfer Methods 0.000 claims description 6
- 239000000126 substance Substances 0.000 claims description 5
- 238000012795 verification Methods 0.000 claims description 5
- 238000012806 monitoring device Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 17
- 238000004590 computer program Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 5
- 230000008901 benefit Effects 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 238000004519 manufacturing process Methods 0.000 description 3
- RTZKZFJDLAIYFH-UHFFFAOYSA-N Diethyl ether Chemical compound CCOCC RTZKZFJDLAIYFH-UHFFFAOYSA-N 0.000 description 2
- 230000009471 action Effects 0.000 description 2
- 239000003795 chemical substances by application Substances 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000003908 quality control method Methods 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000008014 freezing Effects 0.000 description 1
- 238000007710 freezing Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Abstract
The application discloses a monitoring method, a monitoring device, equipment and a monitoring medium based on a trusted data source. At least part of the method is applied to a block chain platform, and the part of the method at least comprises the following steps: receiving a supervision request sent by a server of a website; judging whether the website is a trusted data source or not by running a pre-constructed intelligent contract according to the signature content signed by the HTTPS private key of the website and contained in the supervision request; if yes, the intelligent contract is operated to correspondingly process the supervision object appointed by the signature content. According to the method and the device, the HTTPS private key signature of the supervision request party can be automatically verified based on the intelligent contract to determine whether the supervision request party is a trusted data source or not, so that the trusted data source is helped to supervise the supervision object efficiently, and the reliability and the safety are high.
Description
Technical Field
The present application relates to the field of block chain technologies, and in particular, to a method, an apparatus, a device, and a medium for monitoring based on a trusted data source.
Background
The rapid development of the internet brings great convenience to the life of people, a plurality of off-line services have corresponding on-line platforms, and users can efficiently obtain corresponding services on the on-line platforms through terminals such as smart phones. While convenient, it also carries the risk that the online platform itself is more vulnerable or vulnerable to attack than the offline physical store, which may compromise the user's interest.
In the prior art, users are often relied on to identify these risky online platforms themselves and then actively avoid conducting business on these online platforms. However, even if a few users anticipate the risk or recognize the risk after suffering a loss, it is still difficult to avoid that other users will follow before and suffer a loss.
Based on this, there is a need for an efficient and reliable surveillance scheme to supervise objects such as these risky online platforms to protect the interests of the user.
Disclosure of Invention
The embodiment of the application provides a monitoring method, a monitoring device, equipment and a monitoring medium based on a trusted data source, which are used for solving the following technical problems in the prior art: there is a need for an efficient and reliable surveillance scheme to supervise objects such as these risky online platforms to protect the interests of the user.
The embodiment of the application adopts the following technical scheme:
a trusted data source-based supervision method applied to a block chain platform comprises the following steps:
receiving a supervision request sent by a server of a website;
judging whether the website is a trusted data source or not by running a pre-constructed intelligent contract according to the signature content of the supervision request which is signed by using a Hypertext Transfer Protocol Secure (HTTPS) private key of the website;
and if so, correspondingly processing the supervision object specified by the signature content by operating the intelligent contract.
Optionally, the determining, by running a pre-established intelligent contract according to the signature content signed by the HTTPS private key of the website included in the supervision request, whether the website is a trusted data source includes:
and verifying the signature content signed by the HTTPS private key of the website and contained in the supervision request by operating a pre-constructed intelligent contract and utilizing the HTTPS public key of the website, and judging whether the website is a trusted data source.
Optionally, a white list is pre-stored in the intelligent contract, each trusted data source is recorded in the white list, and an HTTPS public key of each trusted data source is pre-stored in the intelligent contract;
the operating a pre-established intelligent contract, verifying signature content signed by an HTTPS private key of the website and contained in the supervision request by using the HTTPS public key of the website, and judging whether the website is a trusted data source comprises the following steps:
and determining whether the website is recorded in the white list by running a pre-constructed intelligent contract, if so, verifying the signature content signed by the HTTPS private key of the website and contained in the supervision request by using the HTTPS public key of the website saved in the intelligent contract, and if the verification is passed, judging the website to be a trusted data source.
Optionally, the administrative request comprises a block request, the administrative object comprises a block object, and the signature content specifies the block object;
the corresponding processing of the supervision object specified by the signature content by running the intelligent contract comprises the following steps:
and writing the forbidden object specified by the forbidden request into the block chain where the intelligent contract is located by operating the intelligent contract.
Optionally, a blacklist is pre-stored in the intelligent contract and used for recording a forbidden object;
the writing of the block chain in which the intelligent contract is located with the block object specified by the block request includes:
and writing the forbidden object specified by the forbidden request into the blacklist.
Optionally, after the block object specified by the block request is written into the block chain where the intelligent contract is located by running the intelligent contract, the method further includes:
and triggering the blocking operation of the blocking object specified by the blocking request by running the intelligent contract so as to prevent the specified business of the blocking object from being executed.
A supervision method based on a trusted data source is applied to a server of a website, and the method comprises the following steps:
signing by using an HTTPS private key of the website to obtain signature content, wherein the signature content designates a supervision object;
and sending a supervision request containing the signature content to a block chain platform so that the block chain platform can correspondingly process the supervision object specified by the signature content by running a pre-constructed intelligent contract and if the website is judged to be a trusted data source.
A trusted data source based supervision apparatus applied to a blockchain platform, the apparatus comprising:
the receiving module is used for receiving a supervision request sent by a server of a website;
the judging module is used for judging whether the website is a trusted data source or not by running a pre-constructed intelligent contract according to the signature content which is contained in the supervision request and signed by using the HTTPS private key of the website;
and if so, the processing module correspondingly processes the supervision object specified by the signature content by operating the intelligent contract.
Optionally, the determining module determines, by running a pre-established intelligent contract according to the signature content signed by the HTTPS private key of the website included in the supervision request, whether the website is a trusted data source, where the determining module includes:
and the judging module verifies the signature content signed by the HTTPS private key of the website and contained in the supervision request by running a pre-constructed intelligent contract and utilizing the HTTPS public key of the website, and judges whether the website is a trusted data source.
Optionally, a white list is pre-stored in the intelligent contract, each trusted data source is recorded in the white list, and an HTTPS public key of each trusted data source is pre-stored in the intelligent contract;
the judging module verifies the signature content signed by the HTTPS private key of the website and contained in the supervision request by running a pre-constructed intelligent contract and utilizing the HTTPS public key of the website, and judges whether the website is a trusted data source or not, wherein the judging module comprises the following steps:
the judging module determines whether the website is recorded in the white list by running a pre-constructed intelligent contract, if so, verifies the signature content signed by the HTTPS private key of the website and contained in the supervision request by using the HTTPS public key of the website saved in the intelligent contract, and if the verification is passed, judges that the website is a trusted data source.
Optionally, the administrative request comprises a block request, the administrative object comprises a block object, and the signature content specifies the block object;
the processing module performs corresponding processing on the supervision object specified by the signature content by running the intelligent contract, and the processing module comprises:
and the processing module writes the forbidden object specified by the forbidden request into the block chain where the intelligent contract is located by operating the intelligent contract.
Optionally, a blacklist is pre-stored in the intelligent contract and used for recording a forbidden object;
the processing module writes the block chain in which the intelligent contract is located with the block object specified by the block request, and the block chain comprises:
and the processing module writes the forbidden object specified by the forbidden request into the blacklist.
Optionally, the processing module, by running the intelligent contract, after writing the prohibited object specified by the prohibition request into the block chain where the intelligent contract is located, further performs:
and triggering the blocking operation of the blocking object specified by the blocking request by running the intelligent contract so as to prevent the specified business of the blocking object from being executed.
A trusted data source based supervision apparatus applied to a server of a website, the apparatus comprising:
the signature module is used for obtaining signature content by means of the HTTPS private key signature of the website, and the signature content designates a supervision object;
and the sending module is used for sending a supervision request containing the signature content to a block chain platform so that the block chain platform can correspondingly process a supervision object appointed by the signature content by running a pre-constructed intelligent contract if the website is judged to be a trusted data source.
A trusted data source based policing apparatus for use with a blockchain platform, the apparatus comprising:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
receiving a supervision request sent by a server of a website;
judging whether the website is a trusted data source or not by running a pre-constructed intelligent contract according to the signature content which is contained in the supervision request and signed by using the HTTPS private key of the website;
and if so, correspondingly processing the supervision object specified by the signature content by operating the intelligent contract.
A trusted data source based surveillance device for application to a server of a website, the device comprising:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
signing by using an HTTPS private key of the website to obtain signature content, wherein the signature content designates a supervision object;
and sending a supervision request containing the signature content to a block chain platform so that the block chain platform can correspondingly process the supervision object specified by the signature content by running a pre-constructed intelligent contract and if the website is judged to be a trusted data source.
A trusted data source based policing non-volatile computer storage medium storing computer-executable instructions for use in a blockchain platform, the computer-executable instructions configured to:
receiving a supervision request sent by a server of a website;
judging whether the website is a trusted data source or not by running a pre-constructed intelligent contract according to the signature content which is contained in the supervision request and signed by using the HTTPS private key of the website;
and if so, correspondingly processing the supervision object specified by the signature content by operating the intelligent contract.
A non-transitory computer storage medium for trusted data source based regulation, storing computer-executable instructions for application to a server of a website, the computer-executable instructions configured to:
signing by using an HTTPS private key of the website to obtain signature content, wherein the signature content designates a supervision object;
and sending a supervision request containing the signature content to a block chain platform so that the block chain platform can correspondingly process the supervision object specified by the signature content by running a pre-constructed intelligent contract and if the website is judged to be a trusted data source.
The embodiment of the application adopts at least one technical scheme which can achieve the following beneficial effects: the method and the system can automatically verify the HTTPS private key signature of the supervision request party based on the intelligent contract to determine whether the supervision request party is a trusted data source or not, further help the trusted data source to supervise the supervision object efficiently, have high reliability and safety, and protect the benefits of users.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1 is a schematic flow chart of a trusted data source based supervision method for a blockchain platform perspective according to some embodiments of the present application;
FIG. 2 is a schematic flow chart diagram of a method for server-based administration of a website in accordance with some embodiments of the present application;
fig. 3 is a detailed flowchart of a trusted data source based supervision method according to some embodiments of the present application in a practical application scenario;
FIG. 4 is a schematic diagram of a trusted data source based policing apparatus corresponding to FIG. 1 according to some embodiments of the present application;
FIG. 5 is a schematic diagram of a trusted data source based policing apparatus corresponding to FIG. 2 according to some embodiments of the present application;
FIG. 6 is a schematic block diagram of a trusted data source based surveillance device corresponding to FIG. 1 according to some embodiments of the present application;
fig. 7 is a schematic structural diagram of a trusted data source based supervising device corresponding to fig. 2 according to some embodiments of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail and completely with reference to the following specific embodiments of the present application and the accompanying drawings. It should be apparent that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The present application provides a trusted data source based policing scheme that, among other things, can further be executed intelligently based on intelligent contracts for blockchain platforms. Trusted data sources, such as organizations with national credit endorsements, including government departments, public inspection authorities, nationally owned banks, and the like, can implement efficient, reliable and secure supervision through interaction between a blockchain platform and servers of websites of such organizations.
The supervised object may be an online platform mentioned in the background art, or may be an offline entity, and the solution of the present application is not limited to the scenario proposed in the background art. For example, for an offline commodity production line, departments of each production link and the output thereof can be respectively regarded as objects which can be monitored, and monitoring is performed through one or more objects in the scheme of the application, which is beneficial to commodity quality control; for different scenarios, there may be different trusted data sources, and in the scenario of this example, the trusted data sources include, for example, an administrative department of an industrial and commercial department, a quality control department of a company to which the commodity belongs, and the like.
The following describes the scheme of the present application in detail from the perspective of the blockchain platform and the server perspective of the website (which may be a trusted data source or an untrusted data source) interacting with the blockchain platform, respectively. It should be noted that the server itself may also be a blockchain node of a blockchain platform.
Fig. 1 is a flowchart illustrating a trusted data source based supervision method according to some embodiments of the present application. The flow in fig. 1 is described from the perspective of a blockchain platform, and accordingly, the execution subject may be one or more blockchain nodes of the blockchain platform, and more specifically, the execution subject may specifically be a blockchain program running on the blockchain nodes, such as an intelligent contract on the blockchain. The blockchain platform can support the use of intelligent contracts, such as an ether house platform.
The process in fig. 1 may include the following steps:
s102: and receiving a supervision request sent by a server of the website.
In some embodiments of the present application, the administrative request is normally from a trusted data source. When the trusted data source considers that some objects have risks and needs to take supervision measures, the objects can be regarded as supervision objects, and supervision requests for the supervision objects are sent to the block chain platform. The supervision measures may be various, for example, completely block the supervision object, limit partial rights of the supervision object, provide an audit level of the supervision object, and the like, and may be predefined according to actual needs.
The block chain platform responds to the supervision request through the block chain and the function logic adapted to the block chain platform, and carries out corresponding processing. The blockchain is used for maintaining data related to supervision, for example, information such as a supervision object and corresponding supervision measures may be stored in the blockchain, the information in the blockchain may be public or callable based on a certain authority, and is conveniently used by a third party, for example, a user, a third party service platform, and the like, and the third party itself may be a node of the blockchain platform. In response to the supervision request, the blockchain platform may perform a read blockchain (read chain for short) operation and/or a write blockchain (write chain for short) write chain operation on the corresponding blockchain.
In some embodiments of the present application, the supervision request may be sent through HTTPS, which helps to improve the security of information interaction and also saves cost. For example, the blockchain platform may provide a website for receiving the supervision request in advance, and the server of the website may establish an HTTPS connection with the server of the website to access the website and submit the supervision request.
S104: and judging whether the website is a trusted data source or not by running a pre-constructed intelligent contract according to the signature content which is signed by the HTTPS private key of the website and is contained in the supervision request.
In some embodiments of the present application, an intelligent contract may be pre-built and responsive action logic written in the intelligent contract at least in part to the administrative request. In this case, the supervision request triggers the execution of the smart contract, which in turn automatically executes the response action logic.
In some embodiments of the present application, at least a portion of the content contained in the administrative request is digitally signed using the HTTPS private key of the website. By running the smart contract, the signed content can be verified to clarify the true identity of the website and whether the signed content is indeed from the website, the content not being tampered with.
By running the intelligent contract, it is also possible to determine which data sources are currently identified as trusted data sources. For example, a white list may be constructed in advance to record each trusted data source, and whether the current data source is a trusted data source may be determined by retrieving in the white list.
S106: and if so, correspondingly processing the supervision object specified by the signature content by operating the intelligent contract.
In some embodiments of the present application, how the administrative object is specifically handled may depend on the instructions of the administrative request.
For example, assuming that the supervision request indicates that the supervision object is to be blocked, the supervision object may be added to a pre-built blocked list by running an intelligent contract. The forbidden list may be directly stored on the block chain, and in this case, the supervision object is added to the pre-constructed forbidden list by specifically executing the write chain operation.
By the method of fig. 1, the HTTPS private key signature of the supervision requester can be automatically verified based on the intelligent contract to determine whether the supervision requester is a trusted data source, so that the trusted data source can efficiently supervise the supervised object, the reliability and the security are high, the benefit of the user can be protected, and the implementation cost of the functional logic of the HTTPS part in the scheme is low.
Based on the method of fig. 1, some embodiments of the present application also provide some specific embodiments of the method, and further embodiments, which are explained below.
In some embodiments of the present application, it has been mentioned above that the authenticity of the identity may be determined from a digital signature, and then, when determining whether the website from which the administrative request originates is a trusted data source, at least the signature of the website needs to be verified, at least to ensure that it is not an attacker impersonating the trusted data source. Based on this, for step S104, determining whether the website is a trusted data source by running a pre-constructed intelligent contract according to the signature content signed by the HTTPS private key of the website included in the supervision request, may include: and verifying the signature content signed by the HTTPS private key of the website and contained in the supervision request by operating a pre-constructed intelligent contract and utilizing the HTTPS public key of the website, and judging whether the website is a trusted data source.
In some embodiments of the present application, a white list may be stored in an intelligent contract in advance, each trusted data source is recorded in the white list, at least a preliminary filtering may be performed on the supervision request based on the white list, and if the website is not in the white list, it may be directly determined that the current supervision requesting party is not a trusted data source, and thus the supervision request may be rejected. If the website is in the white list and can be verified through the digital signature, it can be determined that the current supervision requester is the website without errors and is a trusted data source.
Further, the HTTPS public key for verifying the digital signature may be obtained from the other party or a third party such as a certificate center by the blockchain platform, or may be obtained in advance and stored in the blockchain, and then may be directly used, which may reduce the interaction cost.
Based on the analysis of the two previous paragraphs, for example, HTTPS public keys of the trusted data sources may be pre-stored in the smart contract, and then, for the smart contract pre-constructed by the operation, the signature content signed by the HTTPS private key of the website included in the supervision request is verified by using the HTTPS public key of the website, and it is determined whether the website is a trusted data source, for example, the method may include: and determining whether the website is recorded in a white list or not by operating a pre-constructed intelligent contract, if so, verifying the signature content signed by the HTTPS private key of the website and contained in the supervision request by using the HTTPS public key of the website stored in the intelligent contract, and if the verification is passed, judging the website to be a trusted data source.
In some embodiments of the present application, the administrative request may, for example, comprise a block request, and accordingly, the administrative object may comprise a block object, and the signature content may specify the block object. In this way, the risk can be more strictly regulated. In this case, the supervision request may specifically be a write chain request, which is used to request that the specified prohibited object is written into the blockchain where the smart contract is located, and for step S106, the corresponding processing is performed on the supervision object specified by the signature content by running the smart contract, which may include, for example: and writing the blocking object specified by the blocking request into the block chain where the intelligent contract is located by running the intelligent contract.
Further, in order to facilitate management and maintenance of the written forbidden objects, the forbidden objects can be uniformly recorded in the same data structure, such as a list or other form of blacklist. The black list may also be pre-stored in the intelligent contract, in which case, the writing of the blocking object specified by the blocking request into the blockchain in which the intelligent contract is located may include: and writing the forbidden object specified by the forbidden request into a blacklist.
Further, the blockchain platform and a third party having business association with the supervisory object can perform more specific measures according to the blacklist to implement the blocking of the supervisory object, such as refusing business transaction with the supervisory object, freezing assets of the supervisory object, recovering authority of the supervisory object, and the like. Based on this, for step S106, for example, it may also be performed: and triggering the blocking operation of the blocking object specified by the blocking request by running the intelligent contract so as to prevent the specified business of the blocking object from being executed.
The above description is from the perspective of the blockchain platform, and the following description is continued from the perspective of the server of the website interacting with the blockchain platform.
Fig. 2 is a flowchart of another trusted data source-based supervision method according to some embodiments of the present application. The flow in fig. 2 is described from the server perspective of a website interacting with a blockchain platform, and accordingly, the execution agent may be the server, and more specifically, the execution agent may specifically be a website program running on the server, and possibly a blockchain program running thereon.
The process in fig. 2 may be understood with reference to the above description of fig. 1, and for brevity, will not be explained repeatedly, and may include the following steps:
s202: and signing by using the HTTPS private key of the website to obtain signature content, wherein the signature content designates a supervision object.
S204: and sending a supervision request containing the signature content to a block chain platform so that the block chain platform can correspondingly process the supervision object specified by the signature content by running a pre-constructed intelligent contract and if the website is judged to be a trusted data source.
By the method of fig. 2, the HTTPS private key signature of the supervision requester can be automatically verified based on the intelligent contract to determine whether the supervision requester is a trusted data source, so that the trusted data source can efficiently supervise the supervised object, the reliability and the security are high, the benefit of the user can be protected, and the implementation cost of the functional logic of the HTTPS part in the scheme is low.
According to the above description, some embodiments of the present application further provide a detailed flowchart of the trusted data source-based supervision method in a practical application scenario, assuming that the government website is the trusted data source and is the current block requester, as shown in fig. 3.
The flow in fig. 3 may include the following steps:
s302: the block chain platform pre-constructs an intelligent contract, the intelligent contract comprises a white list and a black list, HTTPS public keys of all trusted data sources and websites of the trusted data sources are recorded in the white list, and the black list is used for recording the forbidden objects.
S304: the server of the government website acquires the information of the blocking object to be blocked (such as the website of the object) and signs the information by using the HTTPS private key of the server, and sends a blocking request containing the signed content to the block chain platform.
S306: and the block chain platform operates an intelligent contract, and according to the white list, if the government website is determined to be recorded in the white list and the signature content is verified to pass by using the HTTPS public key of the government website, the government website is determined not to be counterfeited and is really a trusted data source.
S308: and the block chain platform writes the forbidden object indicated by the signature content into a blacklist by running an intelligent contract.
Based on the same idea, some embodiments of the present application further provide an apparatus, a device, and a non-volatile computer storage medium corresponding to the above method.
Fig. 4 is a schematic structural diagram of a trusted data source based supervision apparatus corresponding to fig. 1, which is applied to a blockchain platform, according to some embodiments of the present application, and includes:
a receiving module 401, configured to receive a monitoring request sent by a server of a website;
a determining module 402, configured to determine, according to a signature content, which is signed by using an HTTPS private key of the website and is included in the supervision request, whether the website is a trusted data source by running a pre-established intelligent contract;
and if so, the processing module 403 correspondingly processes the supervision object specified by the signature content by running the intelligent contract.
Optionally, the determining module 402 determines, by running a pre-constructed intelligent contract, whether the website is a trusted data source according to the signature content signed by the HTTPS private key of the website included in the supervision request, where the determining includes:
the determining module 402 verifies the signature content signed by the HTTPS private key of the website included in the supervision request by running a pre-established intelligent contract and using the HTTPS public key of the website, and determines whether the website is a trusted data source.
Optionally, a white list is pre-stored in the intelligent contract, each trusted data source is recorded in the white list, and an HTTPS public key of each trusted data source is pre-stored in the intelligent contract;
the determining module 402, by running a pre-established intelligent contract, verifies, by using the HTTPS public key of the website, the signature content, which is included in the supervision request and signed by using the HTTPS private key of the website, and determines whether the website is a trusted data source, where the determining includes:
the determining module 402 determines whether the website is recorded in the white list by running a pre-established intelligent contract, if so, verifies the signature content signed by the HTTPS private key of the website included in the supervision request by using the HTTPS public key of the website saved in the intelligent contract, and if the verification is passed, determines that the website is a trusted data source.
Optionally, the administrative request comprises a block request, the administrative object comprises a block object, and the signature content specifies the block object;
the processing module 403 performs corresponding processing on the supervision object specified by the signature content by running the intelligent contract, including:
the processing module 403 writes the prohibited object specified by the prohibition request into the block chain where the intelligent contract is located by running the intelligent contract.
Optionally, a blacklist is pre-stored in the intelligent contract and used for recording a forbidden object;
the processing module 403 writes the prohibited object specified by the blocking request into the block chain where the intelligent contract is located, including:
the processing module 403 writes the forbidden object specified by the forbidden request into the blacklist.
Optionally, the processing module 403, by running the intelligent contract, further executes, after writing the blocking object specified by the blocking request into the block chain where the intelligent contract is located:
and triggering the blocking operation of the blocking object specified by the blocking request by running the intelligent contract so as to prevent the specified business of the blocking object from being executed.
Fig. 5 is a schematic structural diagram of an administration apparatus based on trusted data source corresponding to fig. 2, which is applied to a server of a website, according to some embodiments of the present application, and includes:
the signature module 501 obtains signature content by using an HTTPS private key of the website, where the signature content designates a monitoring object;
the sending module 502 sends a supervision request including the signature content to a blockchain platform, so that the blockchain platform performs corresponding processing on a supervision object specified by the signature content by running a pre-established intelligent contract if the website is determined to be a trusted data source.
Fig. 6 is a schematic structural diagram of a trusted data source based supervision device corresponding to fig. 1, which is applied to a block chain platform and provided in some embodiments of the present application, and includes:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
receiving a supervision request sent by a server of a website;
judging whether the website is a trusted data source or not by running a pre-constructed intelligent contract according to the signature content which is contained in the supervision request and signed by using the HTTPS private key of the website;
and if so, correspondingly processing the supervision object specified by the signature content by operating the intelligent contract.
Fig. 7 is a schematic structural diagram of an administrative device based on a trusted data source, corresponding to fig. 2, which is applied to a server of a website, according to some embodiments of the present application, and includes:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
signing by using an HTTPS private key of the website to obtain signature content, wherein the signature content designates a supervision object;
and sending a supervision request containing the signature content to a block chain platform so that the block chain platform can correspondingly process the supervision object specified by the signature content by running a pre-constructed intelligent contract and if the website is judged to be a trusted data source.
Some embodiments of the present application provide a trusted data source based policing nonvolatile computer storage medium corresponding to fig. 1, storing computer-executable instructions for use in a blockchain platform, the computer-executable instructions configured to:
receiving a supervision request sent by a server of a website;
judging whether the website is a trusted data source or not by running a pre-constructed intelligent contract according to the signature content which is contained in the supervision request and signed by using the HTTPS private key of the website;
and if so, correspondingly processing the supervision object specified by the signature content by operating the intelligent contract.
Some embodiments of the present application provide a trusted data source based curation non-volatile computer storage medium corresponding to fig. 2, storing computer-executable instructions for application to a server of a website, the computer-executable instructions configured to:
signing by using an HTTPS private key of the website to obtain signature content, wherein the signature content designates a supervision object;
and sending a supervision request containing the signature content to a block chain platform so that the block chain platform can correspondingly process the supervision object specified by the signature content by running a pre-constructed intelligent contract and if the website is judged to be a trusted data source.
The embodiments in the present application are described in a progressive manner, and the same and similar parts among the embodiments can be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus, device and media embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference may be made to some descriptions of the method embodiments for relevant points.
The apparatus, the device, the apparatus, and the medium provided in the embodiment of the present application correspond to the method one to one, and therefore, the apparatus, the device, and the medium also have beneficial technical effects similar to those of the corresponding method.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (9)
1. A trusted data source-based supervision method applied to a blockchain platform, the method comprising:
receiving a supervision request sent by a server of a website;
judging whether the website is a trusted data source or not by running a pre-constructed intelligent contract according to the signature content of the supervision request signed by using a hypertext transfer security protocol (HTTPS) private key of the website, wherein the signature content comprises: verifying the signature content signed by the HTTPS private key of the website and contained in the supervision request by running a pre-constructed intelligent contract and utilizing the HTTPS public key of the website, and judging whether the website is a trusted data source;
and if so, correspondingly processing the supervision object specified by the signature content by operating the intelligent contract.
2. The method according to claim 1, wherein a white list is pre-stored in the intelligent contract, each trusted data source is recorded in the white list, and an HTTPS public key of each trusted data source is pre-stored in the intelligent contract;
the operating a pre-established intelligent contract, verifying signature content signed by an HTTPS private key of the website and contained in the supervision request by using the HTTPS public key of the website, and judging whether the website is a trusted data source comprises the following steps:
and determining whether the website is recorded in the white list by running a pre-constructed intelligent contract, if so, verifying the signature content signed by the HTTPS private key of the website and contained in the supervision request by using the HTTPS public key of the website saved in the intelligent contract, and if the verification is passed, judging the website to be a trusted data source.
3. The method of claim 1, wherein the administrative request comprises a block request, the administrative object comprises a block object, the signature content specifies a block object;
the corresponding processing of the supervision object specified by the signature content by running the intelligent contract comprises the following steps:
and writing the forbidden object specified by the forbidden request into the block chain where the intelligent contract is located by operating the intelligent contract.
4. The method of claim 3, wherein a blacklist is pre-stored in the intelligent contract for recording banned objects;
the writing of the block chain in which the intelligent contract is located with the block object specified by the block request includes:
and writing the forbidden object specified by the forbidden request into the blacklist.
5. The method of claim 3, wherein after the block chain in which the intelligent contract is located is written with the block object specified by the block request by running the intelligent contract, the method further comprises:
and triggering the blocking operation of the blocking object specified by the blocking request by running the intelligent contract so as to prevent the specified business of the blocking object from being executed.
6. A trusted data source-based supervision method applied to a server of a website, the method comprising:
signing by utilizing a hypertext transfer security protocol (HTTPS) private key of the website to obtain signature content, wherein the signature content designates a supervision object;
sending a supervision request containing the signature content to a blockchain platform so that the blockchain platform can correspondingly process a supervision object specified by the signature content by running a pre-constructed intelligent contract, if the website is judged to be a trusted data source, and the supervision request comprises: and verifying the signature content signed by the HTTPS private key of the website and contained in the supervision request by operating a pre-constructed intelligent contract and utilizing the HTTPS public key of the website, and judging whether the website is a trusted data source.
7. A trusted data source based supervision apparatus, applied to a blockchain platform, the apparatus comprising:
the receiving module is used for receiving a supervision request sent by a server of a website;
the judging module judges whether the website is a trusted data source or not by running a pre-constructed intelligent contract according to the signature content of the supervision request which is signed by using a hypertext transfer security protocol (HTTPS) private key of the website, and comprises the following steps: verifying the signature content signed by the HTTPS private key of the website and contained in the supervision request by running a pre-constructed intelligent contract and utilizing the HTTPS public key of the website, and judging whether the website is a trusted data source;
and if so, the processing module correspondingly processes the supervision object specified by the signature content by operating the intelligent contract.
8. A trusted data source based policing device for use with a blockchain platform, the device comprising:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
receiving a supervision request sent by a server of a website;
judging whether the website is a trusted data source or not by running a pre-constructed intelligent contract according to the signature content of the supervision request signed by using a hypertext transfer security protocol (HTTPS) private key of the website, wherein the signature content comprises: verifying the signature content signed by the HTTPS private key of the website and contained in the supervision request by running a pre-constructed intelligent contract and utilizing the HTTPS public key of the website, and judging whether the website is a trusted data source;
and if so, correspondingly processing the supervision object specified by the signature content by operating the intelligent contract.
9. A non-transitory computer storage medium for policing based on trusted data sources, storing computer-executable instructions, for use in a blockchain platform, that when executed, cause the following method to be performed:
receiving a supervision request sent by a server of a website;
judging whether the website is a trusted data source or not by running a pre-constructed intelligent contract according to the signature content of the supervision request signed by using a hypertext transfer security protocol (HTTPS) private key of the website, wherein the signature content comprises: verifying the signature content signed by the HTTPS private key of the website and contained in the supervision request by running a pre-constructed intelligent contract and utilizing the HTTPS public key of the website, and judging whether the website is a trusted data source;
and if so, correspondingly processing the supervision object specified by the signature content by operating the intelligent contract.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910017494.7A CN109639437B (en) | 2019-01-09 | 2019-01-09 | Monitoring method, device, equipment and medium based on trusted data source |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910017494.7A CN109639437B (en) | 2019-01-09 | 2019-01-09 | Monitoring method, device, equipment and medium based on trusted data source |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109639437A CN109639437A (en) | 2019-04-16 |
| CN109639437B true CN109639437B (en) | 2021-08-17 |
Family
ID=66060338
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910017494.7A Active CN109639437B (en) | 2019-01-09 | 2019-01-09 | Monitoring method, device, equipment and medium based on trusted data source |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109639437B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110310205B (en) * | 2019-06-28 | 2022-02-25 | 百度在线网络技术(北京)有限公司 | Block chain data monitoring method, device, equipment and medium |
| CN111539013A (en) * | 2020-03-24 | 2020-08-14 | 山东爱城市网信息技术有限公司 | Data use, intelligent contract write-in and application method, device and medium |
| CN113496434A (en) * | 2020-04-03 | 2021-10-12 | 山东浪潮质量链科技有限公司 | Supervision method, device and medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102355459A (en) * | 2011-09-27 | 2012-02-15 | 北京交通大学 | TPM (Trusted Platform Module)-based trusted Web page realization method |
| CN103179096A (en) * | 2011-12-22 | 2013-06-26 | 上海格尔软件股份有限公司 | Website unique identification achieving method and authentication method based on favicon expansion |
| WO2017152150A1 (en) * | 2016-03-04 | 2017-09-08 | ShoCard, Inc. | Method and system for authenticated login using static or dynamic codes |
-
2019
- 2019-01-09 CN CN201910017494.7A patent/CN109639437B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102355459A (en) * | 2011-09-27 | 2012-02-15 | 北京交通大学 | TPM (Trusted Platform Module)-based trusted Web page realization method |
| CN103179096A (en) * | 2011-12-22 | 2013-06-26 | 上海格尔软件股份有限公司 | Website unique identification achieving method and authentication method based on favicon expansion |
| WO2017152150A1 (en) * | 2016-03-04 | 2017-09-08 | ShoCard, Inc. | Method and system for authenticated login using static or dynamic codes |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109639437A (en) | 2019-04-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107852412B (en) | System and method, computer readable medium for phishing and brand protection | |
| CN107169499B (en) | Risk identification method and device | |
| CN111767578B (en) | Data inspection method, device and equipment | |
| CN109639437B (en) | Monitoring method, device, equipment and medium based on trusted data source | |
| US20160080355A1 (en) | Authentication of api-based endpoints | |
| US20160125522A1 (en) | Automatic account lockout | |
| CN111222841B (en) | Block chain-based data distribution method and equipment and storage medium thereof | |
| CN112800404B (en) | Cross-link access control method and device | |
| WO2019040424A1 (en) | System and method for aggregating client data and cyber data for authentication determinations | |
| CN111092724A (en) | Block chain system digital certificate issuing method, equipment, system and medium | |
| CN110032846B (en) | Identity data anti-misuse method and device and electronic equipment | |
| CN112700242A (en) | Method, device and medium for detecting sensitive information of block chain in advance | |
| CN112182506A (en) | Data compliance detection method, device and equipment | |
| CN113721893A (en) | Micro-service bus design method and device | |
| CN111245897A (en) | Data processing method, device, system, storage medium and processor | |
| US11411947B2 (en) | Systems and methods for smart contract-based detection of authentication attacks | |
| CN111680282B (en) | Node management method, device, equipment and medium based on block chain network | |
| CN112560051A (en) | Industrial data security management method and device, electronic equipment and storage medium | |
| CN111639998A (en) | Method, device and medium for guaranteeing user deposit rights and interests based on block chain | |
| CN112866265B (en) | CSRF attack protection method and device | |
| CN113327169B (en) | Claims settlement method and device based on block chain and electronic equipment | |
| CN113495927B (en) | Block management method and device | |
| CN113129017B (en) | Information sharing method, device and equipment | |
| CN110334514B (en) | Method and device for verifying measurement report based on trusted computing platform | |
| CN113486409A (en) | Electronic contract tamper-proof method and device, storage medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |