CN114500531B - Equipment quality information management and control frame based on alliance block chain - Google Patents

Equipment quality information management and control frame based on alliance block chain Download PDF

Info

Publication number
CN114500531B
CN114500531B CN202210001903.6A CN202210001903A CN114500531B CN 114500531 B CN114500531 B CN 114500531B CN 202210001903 A CN202210001903 A CN 202210001903A CN 114500531 B CN114500531 B CN 114500531B
Authority
CN
China
Prior art keywords
data
layer
cloud
network
nodes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210001903.6A
Other languages
Chinese (zh)
Other versions
CN114500531A (en
Inventor
吴启武
甘波
姜灵芝
单南良
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Engineering University of Chinese Peoples Armed Police Force
Original Assignee
Engineering University of Chinese Peoples Armed Police Force
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Engineering University of Chinese Peoples Armed Police Force filed Critical Engineering University of Chinese Peoples Armed Police Force
Priority to CN202210001903.6A priority Critical patent/CN114500531B/en
Publication of CN114500531A publication Critical patent/CN114500531A/en
Application granted granted Critical
Publication of CN114500531B publication Critical patent/CN114500531B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Abstract

The invention discloses an equipment quality information management and control framework based on a alliance blockchain, which consists of a perception layer, a data layer, a network layer, a consensus layer, a contract layer and an application layer, wherein frame node deployment is mainly carried out by relying on an original 'cloud-side-end' framework of MCS. The method adopts multiple chains and multiple consensus, combines three network states, provides a block chain-based trusted solution for user terminal access control, quality data sharing, quality information storage, artificial intelligent model parameter storage and the like, and can adapt to requirements of severe communication environments on aspects of perception, coordination, decision, time delay, storage and the like.

Description

Equipment quality information management and control frame based on alliance block chain
Technical Field
The invention belongs to the technical field of networks, and particularly relates to an equipment quality information management and control framework based on a alliance block chain.
Background
As more and more information equipment such as sensors and the like are interconnected through the internet of things technology in the future, a large amount of data generated by the information equipment needs to be processed through cloud computing, so that intelligence is provided for the equipment. In traditional cloud computing, all data must be uploaded to a centralized server, and after computation, the results need to be sent back to the sensors and devices. Edge computation may migrate data computation or storage to the "edges" of the network near the battlefield. Compared with the traditional cloud service, the distributed structure can balance network traffic and avoid traffic peaks in the Internet of things network, reduce transmission delay between the edge/cloud server and the end user, and reduce response time of real-time Internet of things application. In addition, the life of the battery-powered limited equipment may be extended. In equipment quality information management, to improve response speed and information processing capability, improvement of information processing and control capability at the edge side is necessarily required.
The edge network is a highly dynamic heterogeneous environment composed of static nodes and mobile nodes, and has the characteristics of being far away from a cloud center, limited in computing capacity and communication resources, dynamic in environment and the like. The mobile cloud service (IoT Edge Oriented Mobile Cloud Service, MCS) model facing the edge of the Internet of things is divided into a mobile self-organizing cloud, a local micro cloud and a remote cloud three-layer architecture from bottom to top as shown in fig. 1, wherein a tactical mobile network is arranged between the mobile self-organizing cloud and the local micro cloud, and a mobile core network is arranged between the local micro cloud and the remote cloud. The basic process is as follows:
(1) when the network condition is good, the edge node unloads the calculation task to a remote cloud server through the wireless base station, so that mobile cloud calculation is realized;
(2) when the system is in a DIL (discrete, interconnected) environment, local cloud computing or preprocessing, caching, scheduling and the like of mobile cloud computing are performed by using local micro cloud nodes which are closer to the edge of a battlefield;
(3) when the connection with the local micro cloud is limited or the load is too heavy, the edge node performs real-time local calculation in a self-organizing cloud mode.
The prior MCS model is designed by combining an edge architecture, a command and a functional architecture, and mainly aims at improving the edge information exchange and processing capacity of the severe communication environment of the Internet of things, but does not relate to mechanisms such as information security, evidence storage tracing, information sharing and the like.
Disclosure of Invention
In order to overcome the defects or shortcomings of the MCS model, the invention aims to provide an equipment quality information management and control framework based on a alliance blockchain.
In order to achieve the above task, the present invention adopts the following technical solutions:
the equipment quality information management and control framework based on the alliance blockchain is characterized by comprising a perception layer, a data layer, a network layer, a consensus layer, a contract layer and an application layer, wherein frame node deployment is mainly carried out by relying on an original 'cloud-edge-end' architecture of MCS, and the framework node deployment comprises the following steps:
the perception layer is mainly responsible for the acquisition of the original data of the surrounding environment and is used as a source for the subsequent running training of the related model, the uplink storage and transmission of the data; the intelligent wearable device comprises intelligent wearable equipment, an unmanned plane, pose monitoring foot pads, a mobile workbench, heart rhythm testing equipment and an intelligent command terminal;
the data layer is a non-tamperable database with distributed characteristics, plays a role in data storage in the framework, and ensures non-tamperability and traceability of data information in the distributed database by utilizing cryptographic algorithms such as asymmetric encryption, hash functions and the like; including blocks, hash functions, asymmetric encryption, merkle trees, digital signatures, and digital certificates;
the network layer mainly faces to a network architecture of tactical edge cloud, and comprises a remote cloud, a local micro cloud, a mobile self-organizing cloud and node deployment, and the network layer is essentially a P2P network;
the consensus layer, namely a consensus algorithm, aims to ensure that each node in the network achieves distributed consistency so as to ensure orderly and reliable account recording of the whole network; selecting two consensus algorithms of PBFT and Raft, and applying the two consensus algorithms according to conditions under different services and networks;
the contract layer mainly comprises various scripts and codes, intelligent contracts and algorithms and can realize business logic programming; by setting constraint conditions, business processing can be realized without third party endorsement;
the application layer comprises four-aspect scene services, namely access control, namely separating access rights of various users to system resources; secondly, data sharing, namely, the terminal performs data sharing under a local micro cloud or a mobile self-organizing cloud; thirdly, information certification, namely certification is carried out on quality information of terminal equipment; fourthly, model parameter evidence storage, namely, the training process parameters of the AI algorithm model are subjected to evidence storage; the different scene services are isolated by constructing multiple chains.
The equipment quality information management and control framework based on the alliance blockchain adopts multiple chains and multiple consensus, combines three network states, provides a trusted solution based on the blockchain for user terminal access control, quality data sharing, quality information storage, artificial intelligent model parameter storage and the like, and can meet the requirements of severe communication environments on the aspects of perception, coordination, decision, time delay, storage and the like.
Drawings
Fig. 1 is a schematic diagram of a mobile cloud service (IoT Edge Oriented Mobile Cloud Service, MCS) model for an internet of things edge;
FIG. 2 is a schematic diagram of the overall architecture of a federated blockchain-based equipment quality information management framework of the present invention;
FIG. 3 is a node deployment relationship diagram;
FIG. 4 is an access control flow diagram;
FIG. 5 is a quality data sharing flow diagram;
FIG. 6 is a flow chart of information forensics;
fig. 7 is a flow chart of model parameter certification.
The present invention will be described in further detail with reference to the accompanying drawings and examples.
Detailed Description
The embodiment provides a quality information management and control framework of equipment based on a alliance block chain, and the alliance chain framework is constructed by combining an MCS framework and relying on an alliance block chain technology, so that the safety defect of the MCS is fully overcome.
The following is a detailed implementation.
1. Frame structure
The equipment quality information management and control framework structure based on the alliance block chain provided by the embodiment is divided into a six-layer structure: a sense layer, a data layer, a network layer, a consensus layer, a contract layer, and an application layer. Wherein:
(1) the perception layer is mainly responsible for the acquisition of the original data of the surrounding environment and serves as a source for the subsequent running training of the related model and the uplink storage and transmission of the data. The intelligent wearable device mainly comprises intelligent wearable equipment, an unmanned aerial vehicle, pose monitoring foot pads, a mobile workbench, heart rhythm testing equipment and an intelligent command terminal. It is noted that the sense layer is not the source of all input data of the system, such as the access control process.
(2) The data layer core is a data base which is not tamperable and has the characteristics of distributed and the like, plays a role of data storage in a framework, and ensures the non-tamperability and traceability of data information in the distributed data base by utilizing cryptographic algorithms such as asymmetric encryption, hash functions and the like; including blocks, hash functions, asymmetric encryption, merkle trees, digital signatures, and digital certificates.
(3) The network layer mainly faces to a network architecture of tactical edge cloud, and comprises a remote cloud, a local micro cloud, a mobile self-organizing cloud and node deployment, and the essence of the network architecture is a P2P network;
(4) the consensus layer is a consensus algorithm, and aims to ensure that each node in the network achieves distributed consistency, so that ordered and reliable account recording of the whole network is ensured. And two consensus algorithms, namely PBFT and Raft, are selected and applied optionally under different service and network conditions.
(5) The contract layer mainly comprises various scripts, intelligent contracts and algorithms, and can realize programming realization of business logic. By setting constraint conditions, business processing can be realized without third party endorsement.
(6) The application layer includes four aspects of scene traffic: firstly, access control, namely separating access rights of various users to system resources; secondly, data sharing, namely, the terminal performs data sharing under a local micro cloud or a mobile self-organizing cloud; thirdly, information certification, namely certification is carried out on quality information of terminal equipment; fourthly, model parameter evidence storage, namely, the training process parameters of the AI algorithm model are subjected to evidence storage. The different scene services are isolated by constructing multiple chains.
The frame node deployment is mainly carried out by relying on the original 'cloud-edge-end' architecture of the MCS. The following four aspects are mainly described in detail:
first, as for the hardware deployment level, the architecture is divided into three layers: remote cloud servers, local micro cloud servers, and internet of things terminals (edge terminals), as shown in fig. 3 (a). The local micro cloud server and the terminal equipment are both located at the edge, and the remote cloud server is located at a position far away from the edge of the network.
Secondly, in terms of public key infrastructure, due to the characteristics of the federation chain node needing to be admitted and the actual situation of user data confidentiality, public key infrastructure needs to be deployed in the architecture, including a Certificate Authority (CA), a Key Management Center (KMC), a Certificate Revocation List (CRL) and the like, and the deployment of the public key infrastructure should be on a remote cloud server with highest security, and although the public key infrastructure leads to a certain centralization, the public key infrastructure is beneficial to the management of a federation chain and the security of a system.
And thirdly, regarding the consensus node level, whether the PBFT algorithm or the Raft algorithm is applied, all nodes such as a remote cloud server, a local micro cloud server and an Internet of things terminal are peer-to-peer, all the nodes are virtual peer-to-peer nodes in tactical mobile cloud, and the distributed consistency is achieved, as shown in fig. 3 (b). When the terminal equipment is disconnected with the local micro cloud server and is in a mobile self-organizing cloud, the mobile cloud marked in the drawing is changed into the mobile self-organizing cloud, and at the moment, in order to reduce communication occupation, part of new service chain blocks such as an information certificate storage chain and the like are generated to be in a suspension state; the rest service chains run in the mobile self-organizing network, and the generation and uplink of the new area block are not affected.
Fourth, in terms of node type level, it is divided into full nodes and light nodes. Wherein the lightweight terminal equipment belongs to a lightweight node, and each time a block appears in the network, the block head is downloaded, and a distributed hash table is used for tracking the prefix node. This can greatly alleviate its storage and communication pressures. The full nodes are arranged on Internet of things equipment, remote cloud servers, local micro cloud servers and the like with higher performance, and all the blockchain data are synchronized. In order to cope with the storage problem, non-server nodes in the whole nodes discard the original data after full data verification and synchronization in certain service chains, and only store the block head, such as an information storage certificate chain and the like.
2. Consensus algorithm
In a P2P network, the role of the consensus algorithm is to make all nodes in the system agree. It is directed to the process of distributed node agreement, with the end result being a steady state of agreement.
The PBFT algorithm can provide (n-1)/3 fault tolerance on the premise of ensuring activity and safety. The Raft algorithm is an easy to understand implementation of the Paxos algorithm. The PBFT algorithm is mainly used for solving the problem of Bayesian-coverage general, namely the situation that nodes are likely to be wrongly charged, so that the capacity of tolerating the Bayesian-coverage nodes is exchanged at the cost of improving the communication complexity through a three-stage protocol; whereas the Raft algorithm is a traditional distributed consistency algorithm, it can only cope with node failure situations, but has no tolerance capability for wrongly nodes. The characteristic pairs are shown in Table 1.
The different services are separated into different service chains according to different services, and the common knowledge is selected differently. For an access control chain and a certification chain, the security requirement is high, the service data volume is small, the communication frequency is low, and the method is suitable for a PBFT algorithm; for a quality data sharing chain, the method has the advantages that the data size is large, the number of nodes is large, and the method is suitable for algorithms with low communication complexity; the second is that the data are all general data, and the security requirement is lower than that of professional data; thirdly, the data is required to be shared in real time, and the delay and TPS requirements are high, so that the method is suitable for a Raft algorithm.
Table 1: PBFT and Raft consensus features
On one hand, the alliance chain facing the Internet of things is network closed, the sensor network of the Internet of things is isolated from the public network, and an attacker cannot access the master node server on the public network, so that the remote attack on the master node server cannot be initiated by using a public network computer; on the other hand, the remote cloud server and the local micro cloud server are provided with encryption links, data are stored in a multi-node backup mode, and the data cannot be tampered. For the common Attack mode aiming at the blockchain at present, the equipment quality information management and control framework based on the alliance blockchain provided by the embodiment can resist, for example, in Sybil Attack, a few nodes can be camouflaged into a large number of nodes to Attack by forging or stealing identities. By establishing a PKI system in a safe environment, the node entering is monitored and authenticated, and the Sybil attack can be effectively prevented. Other safety precautions are shown in table 2.
Table 2: safety precaution measure
3. Business process
The equipment quality information management and control framework based on the alliance block chain in the embodiment adopts multiple chains to divide different services, so that complex services can be met on one hand, and the expansibility of the framework can be increased on the other hand.
The four types of business processes are described below.
(1) Access control flow
Information such as equipment quality data needs to be distinguished according to identities, grades and the like of directors and other personnel. The access control basic principle is: the access right of the commander is higher than that of other personnel, the access right of the upper level is higher than that of the lower level, and the access rights of different groups to information such as field environment, situation and the like are separated.
As shown in fig. 4, the access control policy is stored in the federation chain in the form of an intelligent contract, when a director or other personnel needs to access a certain resource, identity authentication needs to be performed first, and meanwhile, the access control contract is operated to confirm whether the node obtains the authority of the corresponding resource; and then the terminal broadcasts the access information in the common node group, and generates update along with the next block and adds the update into the access control chain.
The access control contracts are stored in the edge terminal equipment in a distributed mode, and malicious nodes can be prevented from being tampered with the access control contracts. If a node is attacked and attempts to tamper with an access control contract, access rights of higher-level resources are acquired, so that a great amount of confidential information stored in the cloud is acquired, and the tampered contract is failed because the tampered contract cannot be accepted by a consensus node group.
(2) Quality data sharing
The data of quality data sharing mainly comprises two types: first, general quality data, the original data of which is to be stored in a quality data sharing chain. Because of the decentralized, multiparty maintenance nature of blockchains, their data is naturally shared by all terminals at the network edge during the uplink process. And the special quality data is mainly quality data generated by multi-unit and multi-party combined actions. The quality data sharing chain is constructed, and the problems in three aspects are mainly solved:
(1) and the data quality is improved. In practical application, the data sources are multiple, particularly in joint action, all parties need to share equipment quality data, and the accuracy and the credibility of the data are difficult to ensure;
(2) tracking data usage. The use condition and the process of the data are difficult to control;
(3) the data contribution is quantized. In multi-party joint actions, the data contributions of the parties are difficult to quantify and to motivate data sharing.
As shown in fig. 5, after each terminal device collects or generates corresponding information, broadcast is performed in the network, and after the other terminals receive the information, verification is performed, and then the information is displayed through the display layer application, and meanwhile, the billing node performs block generation and uplink. In the uplink process, only the digital digest of the original data and the data usage log are uplink. By recording and credible storing field data, the shared data can be ensured not to be tampered, the data call can be tracked, the data contribution can be quantified, and the method has positive effects on quality data tracing, multi-disc, evaluation excitation and the like of actions.
(3) Information evidence-storing process
The information certification mainly relates to certification of quality information of all equipment for executing tasks. Under the network edge, the communication of the nodes becomes a main bottleneck, so the information storage certificate chain out block interval T is set longer, and the generation of new blocks is only carried out when the local micro cloud server is connected, so that the communication requirement among the nodes caused by the information storage certificates is reduced.
As shown in fig. 6, the equipment quality information record is collected by the terminal according to a fixed period T, recorded according to the communication condition and coordinates in the time period, and stored locally. T-T before reaching block generation 0 +t n After the moment, in the networkBroadcasting, each terminal node verifies the record and only stores the record hash locally; and the local micro cloud server stores the original data so as to reduce the storage pressure of the terminal node. If at T-T 0 And when the terminal is disconnected with the local micro cloud server, the process is continued to the next period. Wherein T is 0 To estimate the block uplink duration parameter, t n For the broadcast delay parameter, n is the terminal node sequence number (n=0, 1,2, …), so as to avoid network congestion.
And under the condition of accessing the mobile core network, the local micro cloud server backs up the certification information in the remote cloud. Each terminal node only stores the authentication information of the node and the head of the block, and deletes the record before the aT period to release the storage (a is more than or equal to 6). If the local micro cloud server data is damaged or lost under the condition of no backup, the server re-requests the data from the terminal node, and after the remote cloud is connected, the information storage chain complete data is restored by combining the last backup data.
(4) Model parameter evidence
In the action, models such as an equipment quality dynamic analysis model, a field equipment situation analysis model and the like run on terminal equipment, and immediate and reliable equipment information is provided for the action to assist in command and action. Therefore, the safety and accuracy of the model is critical to the activity. In the joint modeling process of the initial model, once a certain terminal fails or suffers from invasion, the whole model is polluted by inaccurate or misleading input data, and the accuracy of the subsequent model is affected. The gradient parameters, the historical data and the like in each training are stored through the blockchain, so that the problems of tampering, loss and the like caused by centralized storage of a local cloud server can be avoided, and the parameters of an algorithm model are guaranteed to be untampered and traceable. The method can trace the polluted data source under the condition that the global model is polluted, and recover the healthy and accurate combat algorithm model.
In the algorithm model construction of the network edge, as shown in fig. 7, an initial model is issued to a terminal by a remote cloud server or a local micro cloud server, and then each terminal performs local training on the initial model by combining data obtained in training or tasks, so as to reduce the data transmission amount in the severe communication environment of the network edge. And when the server and each terminal iterate the algorithm model in each round, the uplink verification of the model parameters is carried out. The data of the uplink comprises digital fingerprints, model version numbers, terminal codes, training result gradient data and the like of input data. Since the original data cannot be recovered from the digital fingerprint and the gradient data, the safety of the quality data of the overall equipment can be ensured under the condition that the terminal is lost, invaded or the communication is monitored. In addition, a quantitative standard for the equipment quality model construction process can be established through parameter evidence, and each team is stimulated to collect effective data by using the mobile terminal, so that the construction of an overall model is quickened, and the quality of model training is improved.
In summary, the equipment quality information management and control framework based on the alliance blockchain provided by the embodiment adopts multiple chains and multiple consensus, combines three network states, provides a trusted solution based on blockchain for user terminal access control, quality data sharing, quality information certification, artificial intelligent model parameter certification and the like, and can meet the requirements of severe communication environments on aspects of perception, coordination, decision, time delay, storage and the like.

Claims (1)

1. The equipment quality information management and control system based on the alliance blockchain is characterized by comprising a perception layer, a data layer, a network layer, a consensus layer, a contract layer and an application layer, wherein frame node deployment is mainly carried out by relying on an original 'cloud-edge-end' architecture of MCS, and the system comprises the following components:
the perception layer is used for carrying out original data acquisition of surrounding environments and serving as a source for running training, data uplink storage and transmission of a follow-up related model; the intelligent wearable device comprises intelligent wearable equipment, an unmanned plane, pose monitoring foot pads, a mobile workbench, heart rhythm testing equipment and an intelligent command terminal;
the data layer is a non-tamperable database with distributed characteristics, plays a role in data storage in the framework, and ensures non-tamperability and traceability of data information in the distributed database by utilizing an asymmetric encryption and hash function cryptography algorithm; including blocks, hash functions, asymmetric encryption, merkle trees, digital signatures, and digital certificates;
the network layer is a network architecture facing tactical edge cloud, and comprises a remote cloud, a local micro cloud, a mobile self-organizing cloud and node deployment, and is essentially a P2P network;
the consensus layer, namely a consensus algorithm, aims to ensure that each node in the network achieves distributed consistency so as to ensure orderly and reliable account recording of the whole network; selecting two consensus algorithms of PBFT and Raft, and applying the two consensus algorithms according to conditions under different services and networks; wherein:
for an access control chain and a certification chain, the security requirement is high, the service data volume is small, the communication frequency is low, and the method is suitable for a PBFT algorithm; for a quality data sharing chain, the method has the advantages that the data quantity is large, the number of nodes is large, and the method is suitable for algorithms with low communication complexity; the second is that the data are all general data, and the security requirement is lower than that of professional data; thirdly, the data are required to be shared in real time, and the delay and TPS requirements are high, so that the method is suitable for a Raft algorithm;
the contract layer comprises scripts and codes, intelligent contracts and algorithms, and can realize service logic programming; by setting constraint conditions, business processing can be realized without third party endorsement;
the application layer comprises four-aspect scene services, namely access control, namely separating access rights of various users to system resources; secondly, quality data sharing, namely, data sharing is carried out by the terminal under a local micro cloud or a mobile self-organizing cloud; thirdly, information certification, namely certification is carried out on quality information of terminal equipment; fourthly, model parameter evidence storage, namely, the training process parameters of the AI algorithm model are subjected to evidence storage; different scene services are isolated by constructing multiple chains; separating into different service chains according to different services;
the frame node deployment is mainly carried out by relying on the original 'cloud-edge-end' architecture of the MCS, and comprises the following four aspects:
firstly, a hardware deployment layer: the architecture is divided into three layers: the remote cloud server is located at a position far away from the network edge;
second, public key infrastructure layer: due to the characteristics of the alliance chain node needing to be admitted and the actual condition of user data confidentiality, public key infrastructure comprising a certificate issuing mechanism, a key management center and a certificate revocation list is required to be deployed in the architecture, wherein the public key infrastructure is deployed in a remote cloud server with highest security;
third, consensus node level: whether the PBFT algorithm or the Raft algorithm is applied, all nodes of the remote cloud server, the local micro cloud server and the terminal of the Internet of things are peer-to-peer, all the nodes are displayed as virtual peer-to-peer nodes in tactical mobile cloud, and the distributed consistency is achieved; when the terminal equipment and the local micro cloud server are connected to be in a mobile self-organizing cloud, the mobile cloud pair is changed into the mobile self-organizing cloud, and at the moment, in order to reduce communication occupation, a new block of the information certificate chain is generated to be in a suspension state; the access control chain, the quality data sharing chain and the model parameter certification chain run in the mobile self-organizing network, and the generation and uplink of the new area block are not affected;
fourth, node type level: the method comprises the steps of dividing the lightweight terminal equipment into full nodes and light nodes, wherein the lightweight terminal equipment belongs to the light nodes, downloading a block head whenever a block appears in a network, and tracking prefix nodes by using a distributed hash table; the full nodes are arranged on Internet of things equipment, remote cloud and local micro cloud servers with higher performance, and all the blockchain data are synchronized; in order to solve the storage problem, the non-server nodes in the whole nodes discard the original data after the verification and synchronization of the whole data in the information storage certificate chain, and only store the block head.
CN202210001903.6A 2022-01-04 2022-01-04 Equipment quality information management and control frame based on alliance block chain Active CN114500531B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210001903.6A CN114500531B (en) 2022-01-04 2022-01-04 Equipment quality information management and control frame based on alliance block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210001903.6A CN114500531B (en) 2022-01-04 2022-01-04 Equipment quality information management and control frame based on alliance block chain

Publications (2)

Publication Number Publication Date
CN114500531A CN114500531A (en) 2022-05-13
CN114500531B true CN114500531B (en) 2023-10-13

Family

ID=81510483

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210001903.6A Active CN114500531B (en) 2022-01-04 2022-01-04 Equipment quality information management and control frame based on alliance block chain

Country Status (1)

Country Link
CN (1) CN114500531B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109685486A (en) * 2018-11-28 2019-04-26 杭州云象网络技术有限公司 A kind of polymeric chain framework based on block chain technology
CN110071969A (en) * 2019-04-17 2019-07-30 杭州云象网络技术有限公司 A kind of data safety sharing method based on multichain framework
CN112003886A (en) * 2020-07-03 2020-11-27 北京工业大学 Block chain-based Internet of things data sharing system and method
CN112235368A (en) * 2020-09-29 2021-01-15 中国人民武装警察部队工程大学 RFID equipment management system based on alliance block chain
CN112529508A (en) * 2020-12-23 2021-03-19 杭州电子科技大学 Electric power material management system based on PBFT alliance chain
JP2021512525A (en) * 2018-03-21 2021-05-13 南京郵電大学Nanjing University Of Posts And Telecommunications Fog computing architecture in the Internet of Things environment
CN113656495A (en) * 2021-07-28 2021-11-16 复旦大学 Credible edge Internet of things system with deployment of end edge cloud cooperation of block chain
CN113783696A (en) * 2021-08-14 2021-12-10 西安电子科技大学 Internet of things perception data sharing transaction platform, control method, equipment and terminal

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2021512525A (en) * 2018-03-21 2021-05-13 南京郵電大学Nanjing University Of Posts And Telecommunications Fog computing architecture in the Internet of Things environment
CN109685486A (en) * 2018-11-28 2019-04-26 杭州云象网络技术有限公司 A kind of polymeric chain framework based on block chain technology
CN110071969A (en) * 2019-04-17 2019-07-30 杭州云象网络技术有限公司 A kind of data safety sharing method based on multichain framework
CN112003886A (en) * 2020-07-03 2020-11-27 北京工业大学 Block chain-based Internet of things data sharing system and method
CN112235368A (en) * 2020-09-29 2021-01-15 中国人民武装警察部队工程大学 RFID equipment management system based on alliance block chain
CN112529508A (en) * 2020-12-23 2021-03-19 杭州电子科技大学 Electric power material management system based on PBFT alliance chain
CN113656495A (en) * 2021-07-28 2021-11-16 复旦大学 Credible edge Internet of things system with deployment of end edge cloud cooperation of block chain
CN113783696A (en) * 2021-08-14 2021-12-10 西安电子科技大学 Internet of things perception data sharing transaction platform, control method, equipment and terminal

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Falcon:A blockchain-based edge service migration framework in MFC;xiangjun zhang、等;《mobile information systems》;全文 *
移动云计算领域的网络安全解决方案探究;闫莅;;信息技术(01);全文 *

Also Published As

Publication number Publication date
CN114500531A (en) 2022-05-13

Similar Documents

Publication Publication Date Title
WO2021203733A1 (en) Power edge gateway device and device-based sensor data uplink storage method
Ali et al. Secure data provenance in cloud-centric internet of things via blockchain smart contracts
CN109922162B (en) Flat building equipment Internet of things monitoring system and method based on block chain
Aggarwal et al. A new secure data dissemination model in internet of drones
CN112055025B (en) Privacy data protection method based on block chain
CN109919771B (en) Industrial internet transaction device applying hierarchical block chain technology
Li et al. Security and privacy for edge intelligence in 5G and beyond networks: Challenges and solutions
CN111444277A (en) Anti-terrorist information collaborative sharing platform and method based on block chain technology
CN105247529A (en) Synchronizing credential hashes between directory services
CN111752246A (en) Unmanned aerial vehicle bee colony cooperative work platform based on block chain and artificial intelligence drive
CN109194702A (en) Medical data recording method, system, computer equipment and storage medium
CN112214544A (en) Ubiquitous power Internet of things edge data safe storage method based on permission block chain
Zheng et al. Microthingschain: Edge computing and decentralized iot architecture based on blockchain for cross-domain data shareing
Xue et al. Research on key technologies of software-defined network based on blockchain
Putra et al. Towards scalable and trustworthy decentralized collaborative intrusion detection system for iot
Shao et al. Blockchain-based SDN security guaranteeing algorithm and analysis model
Bhattacharjee et al. Blockchain-based secure and reliable manufacturing system
Ni et al. A novel design method of high throughput blockchain for 6g networks: Performance analysis and optimization model
CN116366673A (en) Data analysis and sharing method oriented to management of power grid information machine room
Guo et al. A hierarchical and location-aware consensus protocol for iot-blockchain applications
CN114079567A (en) Block chain-based universal IP tracing system and method
Shao et al. Data Trusted Sharing Delivery: A Blockchain-Assisted Software-Defined Content Delivery Network
Ruggeri et al. An innovative blockchain-based orchestrator for osmotic computing
CN112532753B (en) Data synchronization method, device, medium and electronic equipment of block chain system
Ahamed Ahanger et al. Distributed Blockchain-Based Platform for Unmanned Aerial Vehicles.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant