CN111291420A - Distributed off-link data storage method based on block chain - Google Patents

Distributed off-link data storage method based on block chain Download PDF

Info

Publication number
CN111291420A
CN111291420A CN202010069732.1A CN202010069732A CN111291420A CN 111291420 A CN111291420 A CN 111291420A CN 202010069732 A CN202010069732 A CN 202010069732A CN 111291420 A CN111291420 A CN 111291420A
Authority
CN
China
Prior art keywords
data
storage
terminal
node
stored
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010069732.1A
Other languages
Chinese (zh)
Other versions
CN111291420B (en
Inventor
杜聪
仵冀颖
马志远
魏颖昊
孙文倩
赵晶晶
孔波
徐磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Information Center Of State Administration Of Market Supervision
Original Assignee
Information Center Of State Administration Of Market Supervision
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Information Center Of State Administration Of Market Supervision filed Critical Information Center Of State Administration Of Market Supervision
Priority to CN202010069732.1A priority Critical patent/CN111291420B/en
Publication of CN111291420A publication Critical patent/CN111291420A/en
Application granted granted Critical
Publication of CN111291420B publication Critical patent/CN111291420B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)
  • Multi Processors (AREA)

Abstract

The embodiment of the application discloses a distributed off-link data storage method based on a block chain. One embodiment of the method comprises: initializing a distributed storage system based on a block chain, and receiving a data storage request sent by a first terminal, wherein the storage request comprises data to be stored, a public key of the first terminal and a data tag of the first terminal; generating encrypted data based on the data to be stored sent by the first terminal, storing the encrypted data in the target storage node, determining whether the requirements of the storage condition group are met, and finishing off-link storage of the encrypted data meeting the requirements. The method realizes data storage by using the off-link storage nodes of the block chain, can realize reliable storage while ensuring the distributed data storage, the safety and the approvable tampering trace, and thus provides a flexible distributed data storage solution.

Description

Distributed off-link data storage method based on block chain
Technical Field
The embodiment of the application relates to the technical field of computers, in particular to the technical field of computer data storage.
Background
Distributed storage is a data storage technology, which uses disk space on each machine through a network and forms a virtual storage device by using the distributed storage resources, and data is stored in various corners in the network in a distributed manner. The blockchain is a decentralized database for holding detailed information for each transaction. Transactions are added to the chain of blocks in chronological order and stored as a series of blocks, each block referencing a preceding block to form an interconnected chain. In distributed storage, blockchains provide the structure required to create a logical storage pool of geographically dispersed storage resources.
Existing distributed storage technologies have some limitations such as lack of transparency, limited power transfer, and privacy and security challenges. Moreover, as the demand for more flexible, private, and secure data solutions continues to grow exponentially, it is critical to reconsider the current structure of distributed storage.
Disclosure of Invention
The embodiment of the application provides a distributed off-link data storage method based on a block chain.
In a first aspect, an embodiment of the present application provides a block chain-based distributed off-chain data storage method, including: initializing a distributed data storage system based on a block chain, and generating block nodes and storage nodes; generating a block node key and a storage node key, wherein the key is a key pair consisting of a public key and a private key; receiving a data storage request sent by a first terminal, wherein the data storage request comprises data to be stored, a public key of the first terminal and a data tag of the first terminal; generating encrypted data of data to be stored, and storing the encrypted data in an effective storage node; determining a head block node and generating a head block node identification code; determining a target storage node based on a data occupation mechanism; determining whether the following set of storage conditions is satisfied: the header block node identification code, the public key of the first terminal and the target storage node key are successfully verified; the encrypted data is valid data; and performing off-chain storage on the data to be stored in response to determining that the storage condition set is satisfied.
In some embodiments, the block node refers to an on-chain node of the block chain, and runs a protocol of the bottom layer block chain; the storage node is an off-link node of the block chain and provides storage capacity for storing and maintaining user data.
In some embodiments, before receiving the data storage request sent by the first terminal, the method further includes: generating a public key and a private key pair based on the public key registration request; sending the generated public key and private key pair to the first terminal, and encrypting the generated public key; and generating a data label of the first terminal based on the public key and the private key pair.
In some embodiments, generating encrypted data for data to be stored and storing the encrypted data in an active storage node comprises: encrypting data to be stored by using the public key of the first terminal to generate encrypted data; adding a data tag of the first terminal to encrypted data; randomly determining an effective storage node based on each storage node; storing the encrypted data in the active storage node.
In some embodiments, the determining a target storage node based on the data occupancy mechanism includes: sending the header block node identification code to the effective storage node, wherein the effective storage node hashes the received header block node identification code to generate a hashed header block node identification code; receiving the hash head block node identification code returned by the effective storage node; randomly generating a challenge code based on the hash header block node identification code and the public key of the first terminal; sending the challenge code to the effective storage node, wherein the effective storage node determines a data tag of encrypted data of the stored data based on the challenge code and generates a verification result; receiving a verification result returned by the effective storage node; and taking the valid storage node corresponding to the verification result of the first received verification result as a target storage node.
In some embodiments, the efficient storage node hashes the received header block node identification to generate a hashed header block node identification, comprising: transforming the header block node identification code into a fixed length output based on a hashing algorithm; a hash header block node identification code is generated.
In some embodiments, the method further comprises, in accordance with the storage method, controlling the target device to complete the storage operation.
In a second aspect, an embodiment of the present application provides a terminal device, where the terminal device includes: one or more processors; a storage device for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement the method as described in any implementation manner of the first aspect.
In a third aspect, the present application provides a computer-readable medium, on which a computer program is stored, and when executed by a processor, the computer program implements the method described in any implementation manner of the first aspect.
The embodiment of the application provides a distributed off-link data storage method based on a block chain, which includes initializing a distributed storage system based on the block chain, receiving a data storage request sent by a first terminal, generating encrypted data based on the data to be stored sent by the first terminal, storing the encrypted data in a target storage node, determining whether a storage condition group requirement is met, and completing off-link storage of the encrypted data meeting the requirement, wherein the storage request includes the data to be stored, a public key of the first terminal and a data tag of the first terminal.
One of the above embodiments of the present application has the following beneficial effects: a distributed storage system is constructed based on a block chain network, the characteristics of distribution, safety, auditability of tampering marks and the like of a block chain can be effectively utilized, meanwhile, data storage is carried out by utilizing a storage node away from the chain, and the reliability of data to be stored is verified by utilizing a data occupation mechanism, so that reliable and provable storage is guaranteed under the condition that the data meet the distributed storage requirement.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
FIG. 1 is an exemplary system architecture diagram in which the present application may be applied;
FIG. 2 is a flow diagram of one embodiment of a block chain based distributed off-chain data storage method according to the present application;
FIG. 3 is a flow diagram of yet another embodiment of a data encryption method according to the present application;
FIG. 4 is a flow diagram of yet another embodiment of generating off-chain storage nodes according to the present application;
fig. 5 is a schematic structural diagram of a computer system suitable for implementing a terminal device according to an embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
FIG. 1 illustrates an exemplary system architecture 100 to which embodiments of the data storage methods of the present application may be applied.
As shown in fig. 1, the system architecture 100 may include a first terminal device 101, a network 102, and a server 103. The network 102 may be a medium to provide a communication link between the first terminal device 101 and the server 103. Network 102 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the first terminal device 101 to interact with the server 103 via the network 102 to receive or send messages or the like. Various communication client applications, such as a wireless access point connection application, a search application, a data storage application, a data reading application, and the like, may be installed on the first terminal device 101.
The first terminal apparatus 101 may be hardware or software. When the first terminal device 101 is hardware, it may be various terminal devices supporting connection with a wireless access point, including but not limited to a smart phone, a tablet computer, a laptop portable computer, a desktop computer, and the like. When the first terminal apparatus 101 is software, it can be installed in the above-listed terminal apparatuses. It may be implemented as multiple pieces of software or software modules, or as a single piece of software or software module. And is not particularly limited herein.
The server 103 may provide various services, for example, a server in the server 103 may verify a data storage request received by the first terminal apparatus 101, and store the data requested to be stored after determining that the first terminal apparatus 101 and the data requested to be stored satisfy the storage condition.
The server 103 may be hardware or software. When the server 103 is hardware, it may be implemented as a distributed server cluster composed of a plurality of servers, or may be implemented as a single server. When the server is software, it may be implemented as multiple pieces of software or software modules (e.g., to provide distributed services), or as a single piece of software or software module. And is not particularly limited herein.
It should be noted that the data storage method provided by the embodiment of the present application may be executed by the server 103. Accordingly, the data storage device is typically provided in the server 103.
It should be noted that when the data storage method is applied to the block chain, the data storage device is generally disposed in the block chain. At this time, the first terminal apparatus 101 may access the block chain as a block chain storage node through a wired connection or a wireless connection.
It should be understood that the number of first terminal devices, networks and servers in fig. 1 is merely illustrative. There may be any number of first terminal devices, networks, and servers, as desired for implementation.
With continued reference to FIG. 2, a flow 200 of one embodiment of a blockchain-based distributed off-chain data storage method according to the present application is shown. The data storage method comprises the following steps:
step 201, initializing a distributed data storage system based on a block chain.
In this embodiment, a block node and a storage node are generated, and a block node key and a storage node key are generated, and a block chain-based distributed data storage system is initialized. The block node refers to a link node of a block chain, and runs a protocol of the bottom layer block chain; the storage node is an off-link node of the block chain and provides storage capacity for storing and maintaining user data.
Here, the blockchain is a novel data storage device of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm, and the like. The blockchain may include, but is not limited to, at least one of: private chain, federation chain, license chain. The federation chain is taken as an example for illustration.
The alliance chain is a block chain which is only opened for specific group members, and a plurality of pre-selected first terminals are appointed in the alliance chain to be used as nodes of the alliance chain to store data in the alliance chain. Here, the first terminal may join the federation chain in an authorization permission manner according to an authorization permission mechanism preset by an Application Programming Interface (API) in the federation chain, so as to be able to add data stored in the federation chain. Therefore, the first terminal is a node capable of storing data into the federation chain. Here, the manner of authorizing the license may include, for example, authorizing the license to the first terminal according to a preset condition (e.g., meeting a certain industry consensus standard, obtaining an industry certificate, etc.). After the first terminal is authorized to be licensed, the federation chain may generate a public key and a private key using an encryption algorithm, store the generated public key in a registration public key set, and send the generated public key and private key pair to the first terminal authorized to be licensed. When the first terminal stores data to a block in the federation chain, the public key of the federation chain authorization permission and the data to be stored need to be sent to the federation chain.
Step 202, receiving a data storage request sent by the first terminal.
In this embodiment, the execution subject of the data storage method (for example, the server 103 shown in fig. 1) may receive the data storage request sent by the first terminal by means of wired connection or wireless connection. The execution subject may be a data storage server, and the data storage server may store data of at least one first terminal. Here, the first terminal may be a terminal that transmits a data storage request to the execution main body. Therefore, the execution main body may receive the data storage request transmitted by one first terminal, or may receive the data storage requests transmitted by two or three first terminals at the same time, which is not limited herein and is set according to the needs of the application scenario.
In this embodiment, the executing entity may receive a data storage request sent by the first terminal, where the data storage request includes data to be stored, a public key of the first terminal, and a data tag of the first terminal. The public key of the first terminal may be generated locally for the first terminal, or may be obtained from the execution subject for the first terminal. The data to be stored may be the data content itself, or may be a data digest generated by performing hash calculation on the data content. And generating a data label of the first terminal by utilizing a publicly verifiable data occupation mechanism based on the public key and the private key pair.
As an example, the first terminal may first generate the public and private key pair locally using an encryption algorithm (e.g., JAVA RSA encryption algorithm). Then, based on a preset protocol (e.g., a connection protocol of the first terminal with the execution body, a transfer protocol, etc.), the first terminal may send the locally generated public key to the execution body so as to execute the body storage. When the executing entity determines that the preset protocol is correct and the public key meets a preset format (e.g., preset public key character length, preset algorithm for generating the public key), the public key of the first terminal may be stored in the registration public key set. When the execution main body is successfully stored, the public key of the first terminal is indicated to be registered in the execution main body. In the data storage, the first terminal may transmit the public key registered in the execution agent and the data to be stored to the execution agent.
Step 203, generating encrypted data of the data to be stored, and storing the encrypted data in an effective storage node.
In this embodiment, the public key of the first terminal is used to encrypt data to be stored, so as to generate encrypted data. And adding the data tag of the first terminal into encrypted data, wherein the encrypted data comprises two parts of data to be stored and the data tag.
And determining effective storage nodes by adopting a random mechanism based on each storage node. And storing the encrypted data to be stored in the effective storage node, wherein other storage nodes do not store data in the storage process. The effective storage node is a storage node which stores data and has an off-link storage requirement in the storage process.
Step 204, determining a head block node and a target storage node.
In this embodiment, at each timestamp, the head block node is determined and agreed upon by the election mechanism of the block chain, and the identification code of the head block node is output.
And determining 1 effective storage node as a final target storage node based on a data occupation mechanism. Sending the header block node identification code to the effective storage node, wherein the effective storage node hashes the received header block node identification code to generate a hashed header block node identification code; receiving the hash head block node identification code returned by the effective storage node; randomly generating a challenge code based on the hash header block node identification code and the public key of the first terminal; sending the challenge code to the effective storage node, wherein the effective storage node determines a data tag of encrypted data of the stored data based on the challenge code and generates a verification result; receiving a verification result returned by the effective storage node; and taking the valid storage node corresponding to the verification result of the first received verification result as a target storage node.
Step 205, determining whether the requirement of the storage condition group is met, and performing off-chain storage on the data meeting the requirement.
In this embodiment, after receiving the head block node identifier, the public key of the first terminal, and the target storage node key, the execution main body generates a challenge code by using the head block node identifier, the public key of the first terminal, and the target storage node key based on a data occupation mechanism, and if the challenge code passes verification, the data to be stored is proved to be reliable.
In this embodiment, the execution main body further needs to verify the received data to be stored sent by the first terminal, so as to determine whether the data to be stored is valid data. Here, the valid data may include, for example, data of the above-mentioned data to be stored in a valid period. Specifically, the execution body may store data in a preset time period sent by the first terminal. The data to be stored typically includes encrypted time stamp information. The execution main body may decrypt the encrypted timestamp information using a public key of the first terminal or a key agreed with the first terminal, and determine whether the data to be stored is valid data according to the decrypted timestamp information. Here, the encrypted key may be, for example, a private key corresponding to the public key of the first terminal, or may be a key of another scheme agreed with the execution agent.
In this embodiment, when it is determined that the header block node identifier, the public key of the first terminal, and the target storage node key meet the requirements and the data to be stored is valid data, it may be determined that the first terminal and the data stored by the first terminal meet a preset storage condition.
In some optional implementations of this embodiment, the data storage request of the first terminal further includes a digital signature. The executing body can decrypt and verify the digital signature by using the public key of the first terminal, thereby determining whether the digital signature is valid. And when the digital signature is valid, determining the data to be stored as valid data.
Specifically, the digital signature is generally obtained by the first terminal performing hash calculation on data to be stored by using a hash function (for example, SHA-256 algorithm) to generate a digest of the data to be stored, and then encrypting the generated digest by using its private key. Therefore, the executing body may perform hash calculation on the data to be stored sent by the first terminal by using the same calculation method as the first terminal, and generate a digest of the data to be stored sent by the first terminal. Then, the executing body decrypts the data signature sent by the first terminal by using the public key of the first terminal to obtain the abstract of the data to be stored. Finally, the executing entity may compare the digest obtained by decrypting the digital signature of the first terminal with the calculated digest, and determine whether the two are the same. When the two are the same, it can be determined that the digital signature transmitted by the first terminal is valid. Thus, the execution body may determine that the data to be stored is valid data.
In some optional implementations of this embodiment, the set of registration public keys further includes an identifier of the first terminal stored in correspondence with the public key of the first terminal. In order to facilitate to confirm whether the first terminal has the authority to store the data, the main body may further compare the identifier of the first terminal with identifiers in a preset identifier set to determine whether the first terminal has the authority to store the data.
In this embodiment, when the executing entity determines that the pre-stored registration public key set includes the public key of the first terminal and the data to be stored is valid data, the data to be stored may be stored. Here, the execution body may store the data content itself, or may store a data digest obtained by performing hash calculation on the data content.
One embodiment presented in fig. 2 has the following beneficial effects: a distributed storage system is constructed based on a block chain network, the characteristics of distribution, safety, auditability of tampering marks and the like of a block chain can be effectively utilized, meanwhile, data storage is carried out by utilizing a storage node away from the chain, and the reliability of data to be stored is verified by utilizing a data occupation mechanism, so that reliable and provable storage is guaranteed under the condition that the data meet the distributed storage requirement.
With continued reference to fig. 3, fig. 3 illustrates a flow 300 of yet another embodiment of a data encryption method according to the present application. The data encryption method comprises the following steps:
step 301, receiving a data storage request sent by a first terminal.
In this embodiment, a data storage request sent by a first terminal is received, where the data storage request includes data to be stored, a public key of the first terminal, and a data tag of the first terminal. The data integrity verification mechanism is used to generate data tags for the first terminal that will allow the storage node to prove that the file has been stored correctly.
Step 302, generating encrypted data to be stored by using the public key of the first terminal and the data tag of the first terminal.
In this embodiment, the public key of the first terminal is used to encrypt the data to be stored, so as to form encrypted data to be stored. And incorporating the data tag of the first terminal into the encrypted data to be stored, and outputting the encrypted data to be stored finally.
Step 303, generating a subset of encrypted data to be stored.
In this embodiment, the encrypted data to be stored is averagely divided into encrypted data subsets to be stored, and the number of the divisions is determined by the size of the encrypted data to be stored and the storage capacity of the storage node, so as to ensure that the storage node can store the allocated encrypted data subsets to be stored.
Step 304, storing the encrypted data in an active storage node.
In this embodiment, the encrypted data are respectively stored in valid storage nodes in the form of encrypted data subsets to be stored, where a storage node used for storing encrypted data is a valid storage node.
One embodiment presented in fig. 3 has the following beneficial effects: the data to be stored is generated by using the public key and the data label of the first terminal, the data security can be effectively ensured, the encrypted data to be stored is distributed to the effective storage nodes in a subset form, the self-adaptive storage capacity can be improved, and different data storage requirements can be met.
With continued reference to FIG. 4, FIG. 4 illustrates a flow 400 of yet another embodiment of generating an off-chain storage node according to the present application. The data storage method comprises the following steps:
in step 401, the head block node sends a verification request to the active storage node.
In this embodiment, the elected head block node sends a verification request to the valid storage node, where the verification request is a head block node identifier to prove that the head block node is a leader of the current timestamp block chain.
Step 402, the active storage node returns the verification result to the head block node.
In this embodiment, the valid storage node hashes the received header block node identifier. And randomly generating a challenge code by using the hash head block node identification code and the public key of the first terminal, determining a data label in the stored encrypted data by the effective storage node according to the challenge code, and returning the data label to the head block node as a verification result.
In this embodiment, the hashing process is to convert an input of arbitrary length into an output of fixed length by a hashing algorithm, and the output is a hash value. This transformation is a kind of compression mapping, i.e. the space of hash values is usually much smaller than the space of inputs, different inputs may hash to the same output, so it is not possible to determine a unique input value from a hash value. In short, it is a function of compressing a message of an arbitrary length to a message digest of a certain fixed length. Optionally, the hashing processing method includes a direct addressing method, a digital analysis method, a random number method, a folding method, a square-based method, and the like.
At step 403, an off-link storage node is generated.
In this embodiment, the head block node takes the valid storage node corresponding to the verification result of the first received verification result as the target storage node. The head block node issues a storage condition group to the block chain, wherein the storage condition group comprises: the first terminal public key is used for storing the target storage node key. Each blocknode in the blockchain verifies the set of storage conditions to determine whether the set of storage conditions is satisfied. In response to determining that the set of storage conditions is satisfied, the blockchain network expands the blockchain by adding new storage nodes to generate off-chain storage nodes.
One embodiment presented in fig. 4 has the following beneficial effects: the reliability of off-chain storage data is guaranteed by using a data occupancy mechanism, and meanwhile, a distributed storage system is constructed based on a block chain network, so that the characteristics of distributed storage, safety, auditable tampering trace and the like are realized, and reliable and provable storage is realized.
Referring now to FIG. 5, shown is a block diagram of a computer system 500 suitable for use in implementing a terminal device of an embodiment of the present application. The terminal device shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 5, the computer system 500 includes a Central Processing Unit (CPU)501 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data necessary for the operation of the system 500 are also stored. The CPU 501, ROM502, and RAM 503 are connected to each other via a bus 504. An Input/Output (I/O) interface 505 is also connected to bus 504.
The following components are connected to the I/O interface 505: a storage section 506 including a hard disk and the like; and a communication section 507 including a Network interface card such as a LAN (Local Area Network) card, a modem, or the like. The communication section 507 performs communication processing via a network such as the internet. The driver 508 is also connected to the I/O interface 505 as necessary. A removable medium 509 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 508 as necessary, so that a computer program read out therefrom is mounted into the storage section 506 as necessary.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 507 and/or installed from the removable medium 509. The computer program performs the above-described functions defined in the method of the present application when executed by the Central Processing Unit (CPU) 501. It should be noted that the computer readable medium described herein can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
As another aspect, the present application also provides a computer-readable medium, which may be contained in the apparatus described in the above embodiments; or may be present separately and not assembled into the device. The computer readable medium carries one or more programs which, when executed by the apparatus, cause the apparatus to: acquiring an input statement; determining nodes of the initialization knowledge graph corresponding to the input sentences based on the initialization knowledge graph obtained by initialization in advance; calculating the structural features and the non-structural features of each node; and determining graph embedding characteristics of all nodes in the initialization knowledge graph based on the determined structural characteristics and the non-structural characteristics by using a confidence coefficient propagation mechanism, and generating the knowledge graph of the question-answering system.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the invention. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.

Claims (9)

1. A distributed off-link data storage method based on a block chain comprises the following steps:
initializing a distributed data storage system based on a block chain, and generating block nodes and storage nodes;
generating a block node key and a storage node key, wherein the key is a key pair consisting of a public key and a private key;
receiving a data storage request sent by a first terminal, wherein the data storage request comprises data to be stored, a public key of the first terminal and a data tag of the first terminal;
generating encrypted data of data to be stored, and storing the encrypted data in an effective storage node;
determining a head block node and generating a head block node identification code;
determining a target storage node based on a data occupation mechanism;
determining whether the following set of storage conditions is satisfied: the header block node identification code, the public key of the first terminal and the target storage node key are successfully verified; the encrypted data is valid data;
and performing off-chain storage on the data to be stored in response to determining that the storage condition set is satisfied.
2. The method of claim 1, wherein,
the block node refers to an on-chain node of the block chain, and runs a protocol of the bottom layer block chain;
the storage node is an off-link node of the block chain and provides storage capacity for storing and maintaining user data.
3. The method of claim 1, wherein prior to receiving the data storage request sent by the first terminal, the method further comprises:
generating a public key and a private key pair based on the public key registration request;
sending the generated public key and private key pair to the first terminal, and encrypting the generated public key;
and generating a data label of the first terminal based on the public key and the private key pair.
4. The method of claim 1, the generating encrypted data for data to be stored and storing the encrypted data in a valid storage node, comprising:
encrypting data to be stored by using the public key of the first terminal to generate encrypted data;
adding a data tag of the first terminal to encrypted data;
randomly determining an effective storage node based on each storage node;
storing the encrypted data in the active storage node.
5. The method of claim 1, wherein determining a target storage node based on a data occupancy mechanism comprises:
sending the header block node identification code to the effective storage node, wherein the effective storage node hashes the received header block node identification code to generate a hashed header block node identification code;
receiving the hash head block node identification code returned by the effective storage node;
randomly generating a challenge code based on the hash header block node identification code and the public key of the first terminal;
sending the challenge code to the effective storage node, wherein the effective storage node determines a data tag of encrypted data of the stored data based on the challenge code and generates a verification result;
receiving a verification result returned by the effective storage node;
and taking the valid storage node corresponding to the verification result of the first received verification result as a target storage node.
6. The method of claim 5, the efficient storage node hashing the received header block node identification to generate a hashed header block node identification, comprising:
transforming the header block node identification code into a fixed length output based on a hashing algorithm;
a hash header block node identification code is generated.
7. The method of claim 1, further comprising:
and controlling the target equipment to finish the storage operation according to the storage method.
8. A first terminal device comprising:
one or more processors;
a storage device having one or more programs stored thereon;
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-7.
9. A computer-readable storage medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the method of any one of claims 1-7.
CN202010069732.1A 2020-01-21 2020-01-21 Distributed off-link data storage method based on block chain Active CN111291420B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010069732.1A CN111291420B (en) 2020-01-21 2020-01-21 Distributed off-link data storage method based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010069732.1A CN111291420B (en) 2020-01-21 2020-01-21 Distributed off-link data storage method based on block chain

Publications (2)

Publication Number Publication Date
CN111291420A true CN111291420A (en) 2020-06-16
CN111291420B CN111291420B (en) 2022-11-11

Family

ID=71023466

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010069732.1A Active CN111291420B (en) 2020-01-21 2020-01-21 Distributed off-link data storage method based on block chain

Country Status (1)

Country Link
CN (1) CN111291420B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113177230A (en) * 2021-05-20 2021-07-27 深圳市有传科技有限公司 Data processing apparatus, method thereof, and storage medium
CN113449032A (en) * 2021-06-03 2021-09-28 北京交通大学 Block link off-link data interaction system and method capable of verifying data uplink
CN117891820A (en) * 2024-03-15 2024-04-16 北京电科智芯科技有限公司 Multi-source heterogeneous data storage method, device, equipment, chip and storage medium

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5870475A (en) * 1996-01-19 1999-02-09 Northern Telecom Limited Facilitating secure communications in a distribution network
CN107465665A (en) * 2017-07-11 2017-12-12 上海互啊佑智能科技有限公司 A kind of file encryption-decryption method based on fingerprint identification technology
CN107480559A (en) * 2017-08-25 2017-12-15 北京中星仝创科技有限公司 Safe storage system and method for a kind of block chain from chain data
CN108259169A (en) * 2018-01-09 2018-07-06 北京大学深圳研究生院 A kind of file security sharing method and system based on block chain cloud storage
CN108681583A (en) * 2018-05-11 2018-10-19 北京奇虎科技有限公司 Data proof of possession method, apparatus and readable storage medium storing program for executing based on block chain
CN108737374A (en) * 2018-04-12 2018-11-02 三维通信股份有限公司 The method for secret protection that data store in a kind of block chain
CN108923925A (en) * 2018-06-22 2018-11-30 北京京东尚科信息技术有限公司 Date storage method and device applied to block chain
CN109154885A (en) * 2016-03-21 2019-01-04 澳大利亚国家Ict有限公司 Business processing on block platform chain executes
CN109691015A (en) * 2016-08-30 2019-04-26 联邦科学和工业研究组织 Dynamic access control on block chain
CN110290111A (en) * 2019-05-29 2019-09-27 深圳前海达闼云端智能科技有限公司 Operating right management method, device and block chain node, storage medium
CN110381072A (en) * 2018-10-11 2019-10-25 腾讯科技(深圳)有限公司 Data verification method, system and computer readable storage medium based on block chain
CN110581854A (en) * 2019-09-12 2019-12-17 北京笔新互联网科技有限公司 intelligent terminal safety communication method based on block chain
CN110602089A (en) * 2019-09-11 2019-12-20 腾讯科技(深圳)有限公司 Block chain-based medical data storage method, device, equipment and storage medium

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5870475A (en) * 1996-01-19 1999-02-09 Northern Telecom Limited Facilitating secure communications in a distribution network
CN109154885A (en) * 2016-03-21 2019-01-04 澳大利亚国家Ict有限公司 Business processing on block platform chain executes
CN109691015A (en) * 2016-08-30 2019-04-26 联邦科学和工业研究组织 Dynamic access control on block chain
CN107465665A (en) * 2017-07-11 2017-12-12 上海互啊佑智能科技有限公司 A kind of file encryption-decryption method based on fingerprint identification technology
CN107480559A (en) * 2017-08-25 2017-12-15 北京中星仝创科技有限公司 Safe storage system and method for a kind of block chain from chain data
CN108259169A (en) * 2018-01-09 2018-07-06 北京大学深圳研究生院 A kind of file security sharing method and system based on block chain cloud storage
CN108737374A (en) * 2018-04-12 2018-11-02 三维通信股份有限公司 The method for secret protection that data store in a kind of block chain
CN108681583A (en) * 2018-05-11 2018-10-19 北京奇虎科技有限公司 Data proof of possession method, apparatus and readable storage medium storing program for executing based on block chain
CN108923925A (en) * 2018-06-22 2018-11-30 北京京东尚科信息技术有限公司 Date storage method and device applied to block chain
CN110381072A (en) * 2018-10-11 2019-10-25 腾讯科技(深圳)有限公司 Data verification method, system and computer readable storage medium based on block chain
CN110290111A (en) * 2019-05-29 2019-09-27 深圳前海达闼云端智能科技有限公司 Operating right management method, device and block chain node, storage medium
CN110602089A (en) * 2019-09-11 2019-12-20 腾讯科技(深圳)有限公司 Block chain-based medical data storage method, device, equipment and storage medium
CN110581854A (en) * 2019-09-12 2019-12-17 北京笔新互联网科技有限公司 intelligent terminal safety communication method based on block chain

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113177230A (en) * 2021-05-20 2021-07-27 深圳市有传科技有限公司 Data processing apparatus, method thereof, and storage medium
CN113449032A (en) * 2021-06-03 2021-09-28 北京交通大学 Block link off-link data interaction system and method capable of verifying data uplink
CN113449032B (en) * 2021-06-03 2024-02-09 北京交通大学 System and method for interaction of block chain off-link data with verifiable data uplink
CN117891820A (en) * 2024-03-15 2024-04-16 北京电科智芯科技有限公司 Multi-source heterogeneous data storage method, device, equipment, chip and storage medium
CN117891820B (en) * 2024-03-15 2024-05-14 北京电科智芯科技有限公司 Multi-source heterogeneous data storage method, device, equipment, chip and storage medium

Also Published As

Publication number Publication date
CN111291420B (en) 2022-11-11

Similar Documents

Publication Publication Date Title
CN112214780B (en) Data processing method and device, intelligent equipment and storage medium
US10171440B2 (en) Method and apparatus for managing encryption keys for cloud service
WO2022199290A1 (en) Secure multi-party computation
US10395062B2 (en) Method and server for authenticating and verifying file
CN111291420B (en) Distributed off-link data storage method based on block chain
EP4191430A1 (en) Data processing method and apparatus applied to blockchain system
CN108923925B (en) Data storage method and device applied to block chain
CN111131336B (en) Resource access method, device, equipment and storage medium under multi-party authorization scene
JP2021511743A (en) Methods, application servers, IOT devices and media for implementing IOT services
CN111950030A (en) Data sharing storage method based on block chain, terminal equipment and storage medium
CN112118245B (en) Key management method, system and equipment
CN113610526A (en) Data trust method and device, electronic equipment and storage medium
CN111010283B (en) Method and apparatus for generating information
US8904508B2 (en) System and method for real time secure image based key generation using partial polygons assembled into a master composite image
WO2020177109A1 (en) Lot-drawing processing method, trusted chip, node, storage medium and electronic device
CN114357472B (en) Data tagging method, system, electronic device and readable storage medium
CN114095165B (en) Key updating method, server device, client device and storage medium
CN109768969A (en) Authority control method and internet-of-things terminal, electronic equipment
US20210150058A1 (en) Control method, server, recording medium, and data structure
CN111125734B (en) Data processing method and system
CN109639409B (en) Key initialization method, key initialization device, electronic equipment and computer-readable storage medium
Liu et al. Video data integrity verification method based on full homomorphic encryption in cloud system
CN112417400A (en) Safety optimization method and device based on multi-cluster system, electronic equipment and medium
CN114205086A (en) Block chain-based digital certificate processing method and device
EP3200388B1 (en) User permission check system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant