CN113378236A - Evidence data online security notarization platform and security method - Google Patents
Evidence data online security notarization platform and security method Download PDFInfo
- Publication number
- CN113378236A CN113378236A CN202110617209.2A CN202110617209A CN113378236A CN 113378236 A CN113378236 A CN 113378236A CN 202110617209 A CN202110617209 A CN 202110617209A CN 113378236 A CN113378236 A CN 113378236A
- Authority
- CN
- China
- Prior art keywords
- evidence
- hash value
- module
- notarization
- webpage
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of computer information processing, in particular to an evidence data online security notarization platform and a security method. The substantial effects of the invention are as follows: the method effectively provides the security service of the evidence data for the user, and simultaneously adopts the mode of scattering encryption storage, thereby improving the security of the evidence data.
Description
Technical Field
The invention relates to the technical field of computer information processing, in particular to an evidence data online security notarization platform and a security method.
Background
The preservation of the electronic evidence is to preserve the electronic evidence through various technical means under the condition that the electronic evidence is possibly lost or difficult to obtain later, and to manage the electronic evidence by a correct method, so that the electronic evidence is convenient for a judge, a inspector or a lawyer to analyze and prove the evidence to be proved. Electronic evidence is one type of evidence that must be kept in compliance with general evidence rules. Meanwhile, compared with the traditional electronic evidence, the electronic evidence has the characteristic of being easier to be tampered and deleted. Thus, there is a need for reliable and secure storage of electronic proof data.
For example, chinese patent CN102223374B, published date 2014 4 and 23 discloses a third party certification security system and method based on electronic evidence online security, which includes: after the client sends a security request to the server, the client generates a hash value related to the secured electronic data and transmits the hash value to the server for storage; the client sends out an authentication security request, and the server compares the client hash value stored by the system with the hash value transmitted by the client to determine whether the security behavior of the client is objective and real; the communication between the client and the server is encrypted by adopting a safe cryptographic algorithm; the server-side performs correlation processing on all hash values in the system to ensure that the hash values stored by the server-side and related to the electronic data cannot be tampered; when the used cryptographic algorithm is decoded, the application is updated to preserve, and the data to be preserved and the result data of the last application are preserved again to ensure the continuous safety of the system. However, it cannot ensure that the data stored in the client is not deleted, or the original data cannot be retrieved after being tampered, and the user needing to be secured needs to establish a client with strong functions, which is not beneficial to the user needing to be secured quickly and with few times.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: the technical problems that the existing evidence data is inconvenient to preserve and poor in safety are solved, and an evidence data online preservation notarization platform and a preservation method are provided, so that evidence data can be preserved conveniently and quickly, and the evidence data can be stored safely.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows: an evidence data online security notarization platform is connected with a client and comprises an identity verification module, an online evidence obtaining module, a file encryption storage module, a hash value extraction module, a chain loading module and a notarization module, wherein the identity verification module verifies user login information submitted by the client, the online evidence obtaining module is arranged in a security server of a notarization place and used for receiving operation instructions of the client to obtain evidence data, the evidence data is associated with security abstract information to serve as an evidence package, the security abstract information comprises user information, security numbers and standard time stamps, the hash value extraction module extracts a hash value of the evidence package, the chain loading module uploads the hash value of the evidence package to a block chain for storage, corresponding block height and the block hash value are fed back to the file encryption storage module, and the file encryption storage module encrypts the evidence package, stores the evidence package, the file encryption storage module and the file, The evidence package hash value, the block height and the block hash value are stored in an encrypted mode and transmitted to a notarization module, the notarization module is connected with a notarization server, the notarization server verifies whether the hash value of the evidence package exists on the corresponding block, and if the hash value of the evidence package exists on the corresponding block, a notarization certificate is issued.
Preferably, the hash value extraction module maintains a history hash value record, the history hash value record records a hash value obtained by the hash value extraction module each time, the last hash value of the history hash value record and the current evidence packet are packed together to extract the hash value as the current hash value, the current hash value is added into the record, the evidence packet hash value and the current hash value are submitted to the uplink module, and the uplink module uploads the evidence packet hash value and the current hash value to the block chain for storage.
Preferably, the online evidence obtaining module comprises a static webpage evidence obtaining module, the static webpage evidence obtaining module comprises a website receiving unit, an evidence obtaining workstation and an evidence generating unit, the website receiving unit receives a website to be proved submitted by a client, the evidence obtaining workstation is connected with the website receiving unit, the evidence obtaining workstation receives the website to be proved and accesses the website to be proved to obtain a webpage source code and a webpage resource file of the website to be proved, the evidence obtaining workstation renders a webpage and captures the webpage according to the webpage source code and the webpage resource file, and the evidence generating unit packs the webpage screenshot, the webpage source code and the webpage resource file into an evidence package and submits the evidence package to the evidence obtaining file receiving module.
Preferably, the evidence obtaining workstation renders a webpage rendering interface with a website input field, visits a time service website at standard time through the webpage rendering interface, inputs and visits a website to be proved in an address field, loads and renders a webpage of the website to be proved, then captures the webpage as a webpage evidence obtaining screenshot, closes the webpage rendering interface, and simultaneously and periodically captures the webpage during the operation period of the webpage rendering interface to form a browsing process video.
Preferably, the online evidence obtaining module further comprises a process evidence obtaining module, the process evidence obtaining module comprises a virtual machine, a virtual machine console and an operation video generating unit, a user connects and operates the virtual machine through the virtual machine console, the operation video generating unit generates a process video by periodically capturing the process of operating the virtual machine by the user, when the user finishes process evidence obtaining through the virtual machine console, the operation video generating unit submits the process video as an evidence storage file to the evidence storage file receiving module, and the virtual machine is released and restored.
Preferably, the identity verification module comprises a login verification module and a real-name verification module, the login verification module verifies whether user login information submitted by the client is matched with registered information, if the user login information is matched with the registered information, login verification is passed, otherwise, the client prompts the user to fill in correct login information or register, the real-name verification module verifies whether the user completes real-name authentication, if the user does not complete real-name authentication, the third-party real-name authentication platform is skipped to perform real-name authentication, and if the user completes real-name authentication, the real-name verification is passed.
Preferably, the user information comprises a user login name, user real-name authentication information, a client version identifier, a client IP address and a client running time stamp, the user login name is a registered login name of the user, the user real-name authentication information comprises a real name, an identity document type and an identity document number of the user, the client version identifier, the client IP address and the client running time stamp are transmitted to an identity verification module by the client, the identity verification module verifies whether a difference value between the received client running time stamp and the current standard time is smaller than a preset threshold value, if the difference value exceeds the preset threshold value, the user is prevented from logging in, and the user is prompted to synchronize the standard time.
An evidence data online preservation method using the evidence data online preservation notarization platform comprises the following steps: verifying whether the user login information is a registered user, if so, verifying whether the user completes real-name authentication, if so, entering the next step, otherwise, prompting the user to register or perform real-name authentication; the method comprises the following steps that a user uploads existing evidence data or obtains evidence data to be saved through online evidence obtaining, an online evidence obtaining module generates preservation abstract information, and evidence data and a preservation abstract are packaged into a data packet; extracting an evidence packet hash value, maintaining a historical hash value record, recording the hash value obtained by the hash value extraction module each time, extracting the hash value as the current hash value after packaging the last hash value of the historical hash value record and the current evidence packet, and adding the current hash value into the historical hash value record; uploading the evidence packet hash value and the current hash value to a block chain for storage, and obtaining the corresponding block height and the block hash value; the evidence package, the evidence package hash value, the block height corresponding to the current hash value and the block hash value are encrypted, stored and transmitted to the notarization module; the notarization module is connected with a notarization server, the notarization server verifies whether the hash value of the evidence packet exists on the corresponding block, and if yes, the notarization certificate is issued.
Preferably, the method for storing the evidence packet, the evidence packet hash value, the block height corresponding to the current hash value and the block hash value in an encrypted manner includes: the file encryption storage module comprises a plurality of storage units, the plurality of storage units are paired, and an approximate fixed number is arranged between the paired storage units; the two storage units of the plurality of storage unit periodic election pairs are respectively used as storage monitoring nodes and reading monitoring nodes; the storage monitoring node monitors a newly generated evidence packet, packs the evidence packet, the Hash value of the evidence packet, the block height corresponding to the current Hash value and the block Hash value into a compressed file, and breaks the compressed file into a plurality of sub-files; generating an encryption key according to the appointment number and the evidence package hash value, encrypting the subfiles by using a symmetric encryption algorithm, and associating the subfiles with the evidence package hash value; randomly allocating the plurality of sub-files and the evidence packet hash values to a plurality of storage units for storage; the storage monitoring node sends the Hash value of the evidence package and the preservation summary in the evidence package to the reading monitoring node to establish an index; the reading monitoring node monitors a request of a user for extracting evidence, verifies whether a login name and a security number of the user are matched with records in the index, and sends a corresponding evidence packet hash value to a plurality of storage units if the login name and the security number of the user are matched with the records in the index; the storage units find out corresponding subfiles according to the evidence package hash value and submit the subfiles to the reading monitoring node; and reading the monitoring node to obtain an encryption key according to the appointment number and the evidence packet hash value, so that the subfiles can be decrypted, the decrypted subfiles are spliced into a compressed file, and the compressed file is decompressed and provided for a user.
Preferably, if the index of the monitoring node is read and the corresponding user login name and the corresponding security number cannot be found, the request of the user for extracting the evidence is broadcasted to all the storage units, each storage unit inquires the index of the storage unit, and if the corresponding record of the user login name and the corresponding security number is found from the index, the step of extracting the evidence is carried out.
The substantial effects of the invention are as follows: the evidence obtaining service can be provided for the user quickly through the online evidence obtaining module, the evidence obtaining and protecting system is suitable for the requirement that evidence is lost or evidence is difficult to obtain again in untimely time, the evidence data can be effectively provided for the user, the mode of scattering, encrypting and storing is adopted, the evidence data can be guaranteed not to be tampered or lost, and the safety of the evidence data is improved.
Drawings
Fig. 1 is a schematic structural diagram of an online security notary platform according to an embodiment.
Fig. 2 is a schematic structural diagram of an online evidence obtaining module according to an embodiment.
FIG. 3 is a schematic diagram of a web page rendering interface according to an embodiment.
FIG. 4 is a block diagram of an embodiment of an authentication module.
FIG. 5 is a flowchart illustrating an on-line security method according to an embodiment.
Fig. 6 is a flowchart illustrating a second online secure encrypted storage method according to an embodiment.
Wherein: 101. the system comprises a client, 102, an identity verification module, 103, an online evidence obtaining module, 104, a file encryption storage module, 105, a hash value extraction module, 106, a chain linking module, 107, a notarization module, 200, a block chain, 300, a notarization place, 1021, a login verification module, 1022, a real name verification module, 1031, a webpage evidence obtaining module, 1032, a process evidence obtaining module, 13011, a website receiving unit, 10312, a evidence obtaining workstation, 10313, an evidence generating unit, 10321, a virtual machine, 10322, a virtual machine console, 10323, an operation video generating unit, 130, a webpage rendering interface, 131, an address bar, 132, an access button, 133, a refreshing button, 134 and a webpage display area.
Detailed Description
The following provides a more detailed description of the present invention, with reference to the accompanying drawings.
The first embodiment is as follows:
an evidence data online security notarization platform is connected with a client 101, please refer to fig. 1, which includes an identity verification module 102, an online evidence obtaining module 103, a file encryption storage module 104, a hash value extraction module 105, a chain loading module 106 and a notarization module 107, wherein the identity verification module 102 verifies user login information submitted by the client 101, the online evidence obtaining module 103 is deployed in a security server of a notarization department 300, the online evidence obtaining module 103 receives an operation instruction of the client 101 to obtain evidence data, the evidence data is associated with security abstract information as an evidence package, the security abstract information includes user information, a security number and a standard time stamp, the hash value extraction module 105 extracts a hash value of the evidence package, the chain loading module 106 uploads the hash value of the evidence package to a block chain 200 for storage, and feeds back the corresponding block height and the block hash value to the file encryption storage module 104, the file encryption storage module 104 encrypts and stores the evidence package, the hash value of the evidence package, the block height and the block hash value and transmits the encrypted and stored evidence package, the block hash value and the block hash value to the notarization module 107, the notarization module 107 is connected with the notarization 300 server, the notarization 300 server verifies whether the hash value of the evidence package exists on the corresponding block, and if the hash value exists, the notarization certificate is issued.
The hash value extraction module 105 maintains a history hash value record, the history hash value record records the hash value obtained by the hash value extraction module 105 each time, the last hash value recorded by the history hash value record and the current evidence packet are packed together to extract the hash value as the current hash value, the current hash value is added into the record, the evidence packet hash value and the current hash value are submitted to the uplink module 106, and the uplink module 106 uploads the evidence packet hash value and the current hash value to the block chain 200 for storage.
The online evidence obtaining module 103 includes a static web page evidence obtaining module 1031, please refer to fig. 2, the static web page evidence obtaining module 1031 includes a website receiving unit 10311, an evidence obtaining workstation 10312 and an evidence generating unit 10313, the website receiving unit 10311 receives a website to be proved submitted by the client 101, the evidence obtaining workstation 10312 is connected to the website receiving unit 10311, the evidence obtaining workstation 10312 receives the website to be proved and accesses the website to be proved, a web page source code and a web page resource file of the website to be proved are obtained, the evidence obtaining workstation 10312 renders a web page and captures a screen according to the web page source code and the web page resource file, the evidence generating unit 10313 packs the web page screenshot, the web page source code and the web page resource file into an evidence package, and submits the evidence package to the evidence file receiving module.
The online forensics module 103 further includes a process forensics module 1032, the process forensics module 1032 includes a virtual machine 10321, a virtual machine console 10322, and an operation video generating unit 10323, the user connects and operates the virtual machine 10321 through the virtual machine console 10322, the operation video generating unit 10323 generates a process video by periodically capturing a screenshot of the process of the user operating the virtual machine 10321, when the user finishes the process forensics through the virtual machine console 10322, the operation video generating unit 10323 submits the process video as a forensics file to the forensics file receiving module, and the virtual machine 10321 is released and restored.
Referring to fig. 3, in this embodiment, a forensic workstation 10312 renders a web page rendering interface 130 with a website input field, accesses a standard time-service website through the web page rendering interface 130, inputs a website to be forensic in an address field 131 and accesses the website, displays web page contents in a web page display area 134, automatically scrolls a screenshot image after loading and rendering of the web page of the website to be forensic is completed, as a web page forensic screenshot, closes the web page rendering interface 130, and the forensic workstation 10312 simultaneously and periodically captures the webpage during operation of the web page rendering interface 130 to form a browsing process video, and an evidence generating unit 10313 packs the webpage screenshot, the browsing process video, a webpage source code, and a webpage resource file into an evidence package and submits the evidence package to a forensic file receiving module. The webpage rendering interface 130 is displayed with an access button 132 and a refresh button 133, a pointer is rendered, the pointer is moved to the access button 132 to click and trigger access to a website to be forensics, the steps can display complete page jumping and loading processes of a webpage to be forensics, evidence obtained by forensics is more complete and credible, after loading of the webpage to be forensics is completed, the pointer is moved to click the refresh button 133 to record a secondary loading process of the webpage, and reliability of the evidence is further improved.
The identity verification module 102 includes a login verification module 1021 and a real-name verification module 1022, please refer to fig. 4, where the login verification module 1021 verifies whether the user login information submitted by the client 101 matches the registered information, if so, the login verification passes, otherwise, the client 101 prompts the user to fill in correct login information or to perform registration, the real-name verification module 1022 verifies whether the user has completed real-name authentication, if not, the client jumps to a third-party real-name authentication platform to perform real-name authentication, and if so, the real-name verification passes.
The user information comprises a user login name, user real-name authentication information, a client 101 version identification, a client 101IP address and a client 101 running time stamp, the user login name is a registered login name of a user, the user real-name authentication information comprises a real name, an identity document type and an identity document number of the user, the client 101 version identification, the client 101IP address and the client 101 running time stamp are transmitted to the identity verification module 102 by the client 101, the identity verification module 102 verifies whether the difference value between the received client 101 running time stamp and the current standard time is smaller than a preset threshold value, if the difference value exceeds the preset threshold value, the user is prevented from logging in, and the user is prompted to synchronize the standard time.
An evidence data online preservation method, using the above evidence data online preservation notarization platform, please refer to fig. 5, this embodiment includes:
step A) verifying whether the user login information is a registered user, if so, verifying whether the user completes real-name authentication, if so, entering the next step, otherwise, prompting the user to register or perform real-name authentication;
step B), uploading existing evidence data by a user or obtaining evidence data to be preserved through online evidence collection, generating preservation abstract information by an online evidence collection module 103, and packaging the evidence data and the preservation abstract into a data packet;
step C), extracting the hash value of the evidence packet, maintaining a historical hash value record, recording the hash value obtained by the hash value extraction module 105 each time, extracting the hash value as the current hash value after the last hash value of the historical hash value record and the current evidence packet are packed, and adding the current hash value into the historical hash value record;
step D), uploading the evidence packet hash value and the current hash value to the block chain 200 for storage, and obtaining the corresponding block height and the block hash value;
step E) the evidence package, the Hash value of the evidence package, the block height corresponding to the current Hash value and the block Hash value are encrypted, stored and transmitted to the notarization module 107;
step F), the notarization module 107 is connected with the notarization department 300 server, the notarization department 300 server verifies whether the hash value of the evidence package exists on the corresponding block, and if so, the notarization certificate is issued.
The beneficial technical effects of this embodiment are: the evidence obtaining service can be rapidly provided for the user through the online evidence obtaining module 103, the evidence obtaining and protecting system is suitable for the requirement that evidence is easily lost or evidence is difficult to obtain again in untimely evidence obtaining and protecting, the evidence data protecting service can be effectively provided for the user, meanwhile, the scattered encryption storage mode is adopted, the evidence data is ensured not to be tampered or lost, and the safety of the evidence data is improved.
Example two:
in this embodiment, a new scheme is proposed with respect to the embodiment of storing and encrypting an evidence packet, and referring to fig. 6, the method for storing and encrypting an evidence packet, a hash value of an evidence packet, a block height corresponding to a current hash value, and a block hash value specifically includes:
step E1) the file encryption storage module 104 comprises a plurality of storage units, and a plurality of storage units are paired, and an approximate number is arranged between the two paired storage units.
Step E2) periodically selecting two memory cells of the pair of memory cells as a memory snooping node and a read snooping node respectively.
Step E3), the storage monitoring node monitors a newly generated evidence packet, packs the evidence packet, the Hash value of the evidence packet, the block height corresponding to the current Hash value and the block Hash value into a compressed file, and breaks the compressed file into a plurality of sub-files.
Step E4) generates an encryption key based on the commitment number and the evidence package hash value, encrypts the subfile using a symmetric encryption algorithm, and associates the subfile with the evidence package hash value. Assuming that the number of approvals currently serving as storage snooping nodes and read snooping nodes is (2AB58C92), and the evidence packet HASH value is 8D969EEF6ECAD3C29A3a629280E686CF0C3F5D5a86AFF3CA12020C923ADC6C92, at this time, HASH (approximant number + evidence packet HASH value) is extracted as an encryption key, i.e., HASH (2AB58C92+8D969EEF6ECAD3C29A3a629280E686CF0C3F5D5a86AFF3CA12020C923ADC6C 92)' 5EB06F10C1 63a10A3DBF1966847F46895D6CF DA73690BCF79F1D96D 939F. I.e. obtain an encryption key.
During decryption, the monitoring node is read, HASH (the appointment number + the evidence packet HASH value) is extracted again according to the evidence packet HASH value and the appointment value (2AB58C92), an encryption key can be obtained, and decryption can be achieved by using a decryption algorithm of a symmetric encryption algorithm.
Other methods may be used to obtain the encryption key generated from the commitment number and the evidence package hash value. For example, the evidence package hash value is regarded as a hexadecimal number, and the fixed number is subtracted to be used as the encryption key. Or converting the evidence packet hash value and the constraint number into 2-system numbers, and carrying out bitwise XOR operation on the tail 32 bits of the evidence packet hash value and the constraint number.
Step E5) randomly assigning the sub-files and the evidence package hash values to storage units.
Step E6) the storage monitoring node sends the hash value of the evidence package and the preservation summary in the evidence package to the reading monitoring node to build an index.
Step E7), reading a request of a monitoring node for monitoring a user to extract evidence, verifying whether the login name and the security number of the user are matched with records in the index, and if so, sending the corresponding evidence package hash value to a plurality of storage units; if the corresponding user login name and the corresponding security number cannot be found by reading the index of the monitoring node, broadcasting a request of extracting the evidence by the user to all storage units, inquiring the index of each storage unit, and if the corresponding record of the user login name and the corresponding security number is found from the index, performing an evidence extraction step.
Step E8), finding out corresponding subfiles by the storage units according to the evidence package hash value, and submitting the subfiles to the reading monitoring node.
Step E9), the reading monitoring node obtains an encryption key according to the appointment number and the evidence package hash value, so that the subfiles can be decrypted, the decrypted subfiles are spliced into a compressed file, and the compressed file is decompressed and provided for a user.
The rest steps are the same as those of the first embodiment, and compared with the first embodiment, the first embodiment can provide encrypted storage which is more difficult to crack, and the evidence data is ensured not to be tampered or lost.
The above-described embodiments are only preferred embodiments of the present invention, and are not intended to limit the present invention in any way, and other variations and modifications may be made without departing from the spirit of the invention as set forth in the claims.
Claims (6)
1. An evidence data online security notarization platform is connected with a client and is characterized in that,
comprises an identity authentication module, an online evidence obtaining module, a file encryption storage module, a hash value extraction module, a chain linking module and a notarization module,
the identity authentication module authenticates user login information submitted by a client, the online evidence obtaining module is deployed in a security server of a notarization department, the online evidence obtaining module receives an operation instruction of the client to obtain evidence data, the evidence data is associated with security abstract information as an evidence package, the security abstract information comprises user information, a security number and a standard timestamp,
the Hash value extraction module extracts the Hash value of the evidence package, the cochain module uploads the Hash value of the evidence package to a block chain for storage and feeds back the corresponding block height and the block Hash value to the file encryption storage module, the file encryption storage module encrypts, stores and transmits the evidence package, the Hash value of the evidence package, the block height and the block Hash value to the notarization module,
the notarization module is connected with a notarization server, the notarization server verifies whether the hash value of the evidence packet exists on the corresponding block, and if yes, the notarization certificate is issued.
2. An evidence data online security notarization platform according to claim 1,
the hash value extraction module maintains a history hash value record, the history hash value record records the hash value obtained by the hash value extraction module each time, the last hash value of the history hash value record and the current evidence packet are packed and then the hash value is extracted together to be used as the current hash value, the current hash value is added into the record, the evidence packet hash value and the current hash value are submitted to the uplink module, and the uplink module uploads the evidence packet hash value and the current hash value to a block chain for storage.
3. An evidence data online security notarization platform according to claim 1 or 2,
the online forensics module comprises a static webpage forensics module,
the static webpage evidence obtaining module comprises a website receiving unit, an evidence obtaining workstation and an evidence generating unit, wherein the website receiving unit receives a to-be-obtained website submitted by a client, the evidence obtaining workstation is connected with the website receiving unit, the evidence obtaining workstation receives the to-be-obtained website and accesses the to-be-obtained website to obtain a webpage source code and a webpage resource file of the to-be-obtained website, the evidence obtaining workstation renders a webpage and captures the webpage according to the webpage source code and the webpage resource file, and the evidence generating unit packs the webpage screenshot, the webpage source code and the webpage resource file into an evidence package and submits the evidence package to the evidence file receiving module.
4. An evidence data online security notarization platform according to claim 3,
the evidence obtaining workstation renders a webpage rendering interface with a website input column, visits a time service website at standard time through the webpage rendering interface, inputs and visits a website to be proved in an address column, takes a screenshot as a webpage evidence obtaining screenshot after webpage loading and rendering of the website to be proved are completed, closes the webpage rendering interface, and simultaneously and periodically captures the webpage during operation of the webpage rendering interface to form a browsing process video.
5. An evidence data online preservation method using an evidence data online preservation notarization platform according to any one of claims 2 to 4,
the method comprises the following steps:
verifying whether the user login information is a registered user, if so, verifying whether the user completes real-name authentication, if so, entering the next step, otherwise, prompting the user to register or perform real-name authentication;
the method comprises the following steps that a user uploads existing evidence data or obtains evidence data to be saved through online evidence obtaining, an online evidence obtaining module generates preservation abstract information, and evidence data and a preservation abstract are packaged into a data packet;
extracting an evidence packet hash value, maintaining a historical hash value record, recording the hash value obtained by the hash value extraction module each time, extracting the hash value as the current hash value after packaging the last hash value of the historical hash value record and the current evidence packet, and adding the current hash value into the historical hash value record;
uploading the evidence packet hash value and the current hash value to a block chain for storage, and obtaining the corresponding block height and the block hash value;
the evidence package, the evidence package hash value, the block height corresponding to the current hash value and the block hash value are encrypted, stored and transmitted to the notarization module;
the notarization module is connected with a notarization server, the notarization server verifies whether the hash value of the evidence packet exists on the corresponding block, and if yes, the notarization certificate is issued.
6. An on-line evidence data preservation method according to claim 5,
the method for storing the evidence packet, the evidence packet hash value, the block height corresponding to the current hash value and the block hash value in an encryption manner comprises the following steps:
the file encryption storage module comprises a plurality of storage units, the plurality of storage units are paired, and an approximate fixed number is arranged between the paired storage units;
the two storage units of the plurality of storage unit periodic election pairs are respectively used as storage monitoring nodes and reading monitoring nodes;
the storage monitoring node monitors a newly generated evidence packet, packs the evidence packet, the Hash value of the evidence packet, the block height corresponding to the current Hash value and the block Hash value into a compressed file, and breaks the compressed file into a plurality of sub-files;
generating an encryption key according to the appointment number and the evidence package hash value, encrypting the subfiles by using a symmetric encryption algorithm, and associating the subfiles with the evidence package hash value;
randomly allocating the plurality of sub-files and the evidence packet hash values to a plurality of storage units for storage;
the storage monitoring node sends the Hash value of the evidence package and the preservation summary in the evidence package to the reading monitoring node to establish an index;
the reading monitoring node monitors a request of a user for extracting evidence, verifies whether a login name and a security number of the user are matched with records in the index, and sends a corresponding evidence packet hash value to a plurality of storage units if the login name and the security number of the user are matched with the records in the index;
the storage units find out corresponding subfiles according to the evidence package hash value and submit the subfiles to the reading monitoring node;
and reading the monitoring node to obtain an encryption key according to the appointment number and the evidence packet hash value, so that the subfiles can be decrypted, the decrypted subfiles are spliced into a compressed file, and the compressed file is decompressed and provided for a user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110617209.2A CN113378236B (en) | 2021-06-02 | 2021-06-02 | Evidence data online security notarization platform and security method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110617209.2A CN113378236B (en) | 2021-06-02 | 2021-06-02 | Evidence data online security notarization platform and security method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113378236A true CN113378236A (en) | 2021-09-10 |
| CN113378236B CN113378236B (en) | 2022-09-16 |
Family
ID=77575603
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110617209.2A Active CN113378236B (en) | 2021-06-02 | 2021-06-02 | Evidence data online security notarization platform and security method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113378236B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113849572A (en) * | 2021-10-11 | 2021-12-28 | 浙江数秦科技有限公司 | Small credit and debt dispute case evidence management system based on block chain |
| CN113886860A (en) * | 2021-12-06 | 2022-01-04 | 山东确信信息产业股份有限公司 | Electronic data security system and method based on mobile terminal |
| CN114417391A (en) * | 2022-03-31 | 2022-04-29 | 浙江数秦科技有限公司 | Laboratory thesis certificate storage system based on block chain |
| CN114449197A (en) * | 2021-12-30 | 2022-05-06 | 厦门市美亚柏科信息股份有限公司 | Electronic evidence storage and presentation method and system |
| CN114666060A (en) * | 2022-03-14 | 2022-06-24 | 北京工业大学 | Electronic data preservation method and system based on HyperLegger Fabric |
| CN114880692A (en) * | 2022-07-05 | 2022-08-09 | 浙江数秦科技有限公司 | Loan contract evidence-saving method based on block chain |
| CN115146598A (en) * | 2022-09-06 | 2022-10-04 | 天津联想协同科技有限公司 | File collaborative editing method and device, network disk and storage medium |
| CN117395474A (en) * | 2023-12-12 | 2024-01-12 | 法序(厦门)信息科技有限公司 | Locally stored tamper-resistant video evidence obtaining and storing method and system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102223374A (en) * | 2011-06-22 | 2011-10-19 | 熊志海 | Third-party authentication security protection system and third-party authentication security protection method based on online security protection of electronic evidence |
| CN108959416A (en) * | 2018-06-08 | 2018-12-07 | 浙江数秦科技有限公司 | A kind of web data automatic evidence-collecting based on block chain and deposit card method |
| US20200151707A1 (en) * | 2018-11-08 | 2020-05-14 | Paypal, Inc. | Card storage handler for tracking of card data storage across service provider platforms |
| CN111159288A (en) * | 2019-12-16 | 2020-05-15 | 郑杰骞 | Method, system, device and medium for storing, verifying and realizing chain structure data |
| WO2020134620A1 (en) * | 2018-12-28 | 2020-07-02 | 阿里巴巴集团控股有限公司 | Method for accepting blockchain evidence storage transaction and system |
| CN112132198A (en) * | 2020-09-16 | 2020-12-25 | 建信金融科技有限责任公司 | Data processing method, device and system and server |
-
2021
- 2021-06-02 CN CN202110617209.2A patent/CN113378236B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102223374A (en) * | 2011-06-22 | 2011-10-19 | 熊志海 | Third-party authentication security protection system and third-party authentication security protection method based on online security protection of electronic evidence |
| CN108959416A (en) * | 2018-06-08 | 2018-12-07 | 浙江数秦科技有限公司 | A kind of web data automatic evidence-collecting based on block chain and deposit card method |
| US20200151707A1 (en) * | 2018-11-08 | 2020-05-14 | Paypal, Inc. | Card storage handler for tracking of card data storage across service provider platforms |
| WO2020134620A1 (en) * | 2018-12-28 | 2020-07-02 | 阿里巴巴集团控股有限公司 | Method for accepting blockchain evidence storage transaction and system |
| CN111159288A (en) * | 2019-12-16 | 2020-05-15 | 郑杰骞 | Method, system, device and medium for storing, verifying and realizing chain structure data |
| CN112132198A (en) * | 2020-09-16 | 2020-12-25 | 建信金融科技有限责任公司 | Data processing method, device and system and server |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113849572A (en) * | 2021-10-11 | 2021-12-28 | 浙江数秦科技有限公司 | Small credit and debt dispute case evidence management system based on block chain |
| CN113886860A (en) * | 2021-12-06 | 2022-01-04 | 山东确信信息产业股份有限公司 | Electronic data security system and method based on mobile terminal |
| CN113886860B (en) * | 2021-12-06 | 2022-03-29 | 确信信息股份有限公司 | Electronic data security system and method based on mobile terminal |
| CN114449197A (en) * | 2021-12-30 | 2022-05-06 | 厦门市美亚柏科信息股份有限公司 | Electronic evidence storage and presentation method and system |
| CN114666060A (en) * | 2022-03-14 | 2022-06-24 | 北京工业大学 | Electronic data preservation method and system based on HyperLegger Fabric |
| CN114666060B (en) * | 2022-03-14 | 2024-03-12 | 北京工业大学 | Hyperledger Fabric-based electronic data security method and system |
| CN114417391A (en) * | 2022-03-31 | 2022-04-29 | 浙江数秦科技有限公司 | Laboratory thesis certificate storage system based on block chain |
| CN114880692A (en) * | 2022-07-05 | 2022-08-09 | 浙江数秦科技有限公司 | Loan contract evidence-saving method based on block chain |
| CN115146598A (en) * | 2022-09-06 | 2022-10-04 | 天津联想协同科技有限公司 | File collaborative editing method and device, network disk and storage medium |
| CN117395474A (en) * | 2023-12-12 | 2024-01-12 | 法序(厦门)信息科技有限公司 | Locally stored tamper-resistant video evidence obtaining and storing method and system |
| CN117395474B (en) * | 2023-12-12 | 2024-02-27 | 法序(厦门)信息科技有限公司 | Locally stored tamper-resistant video evidence obtaining and storing method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113378236B (en) | 2022-09-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113378236B (en) | Evidence data online security notarization platform and security method | |
| CN106878265B (en) | Data processing method and device | |
| CN108040065B (en) | Login-free method and device after webpage skipping, computer equipment and storage medium | |
| CN102077213B (en) | Techniques for ensuring authentication and integrity of communications | |
| CN102325139B (en) | Electronic document processing method, processing system and verification system | |
| CN109194625B (en) | Client application protection method and device based on cloud server and storage medium | |
| CN102484638B (en) | Layered protection and validation of identity data delivered online via multiple intermediate clients | |
| CN106991298B (en) | Access method of application program to interface, authorization request method and device | |
| CN110493258A (en) | Proof of identity method and relevant device based on TOKEN token | |
| CN106571951A (en) | Audit log obtaining, generating and verifying method and system and device | |
| CN108769171A (en) | The copy of distributed storage keeps verification method, device, equipment and storage medium | |
| CN103617402B (en) | A kind of multimedia electronic data forensic report and generation, methods of exhibiting and system | |
| CN112699353B (en) | Financial information transmission method and financial information transmission system | |
| CN108431819B (en) | Method and system for protecting client access to service of DRM agent of video player | |
| CN114615031A (en) | File storage method and device, electronic equipment and storage medium | |
| CN108235067B (en) | Authentication method and device for video stream address | |
| CN110601836B (en) | Key acquisition method, device, server and medium | |
| CN116132041A (en) | Key processing method and device, storage medium and electronic equipment | |
| CN111476014A (en) | Verification method and related device | |
| CN114401117A (en) | Account login verification system based on block chain | |
| CN113642046A (en) | Method and equipment for issuing operation and maintenance lists in batches | |
| CN115688059A (en) | Image data processing method and device, electronic equipment and storage medium | |
| CN110740112B (en) | Authentication method, apparatus and computer readable storage medium | |
| CN111625850A (en) | Access control method, device, electronic equipment and storage medium | |
| CN111681014A (en) | Product non-polar number identity authentication device, system and encryption transmission method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Weng Yuan Inventor after: Zhang Jinlin Inventor after: Gao Hang Inventor after: Yu Xuemai Inventor before: Zhang Jinlin Inventor before: Gao Hang Inventor before: Yu Xuemai |