CN114780943A - Food supply chain management system based on block chain and decentralization attribute password - Google Patents
Food supply chain management system based on block chain and decentralization attribute password Download PDFInfo
- Publication number
- CN114780943A CN114780943A CN202210417005.9A CN202210417005A CN114780943A CN 114780943 A CN114780943 A CN 114780943A CN 202210417005 A CN202210417005 A CN 202210417005A CN 114780943 A CN114780943 A CN 114780943A
- Authority
- CN
- China
- Prior art keywords
- data
- attribute
- information
- link
- chain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000013068 supply chain management Methods 0.000 title claims abstract description 19
- 238000007726 management method Methods 0.000 claims abstract description 26
- 239000002994 raw material Substances 0.000 claims abstract description 22
- 238000013500 data storage Methods 0.000 claims abstract description 13
- 238000013523 data management Methods 0.000 claims abstract description 7
- 239000004744 fabric Substances 0.000 claims abstract description 3
- 230000008520 organization Effects 0.000 claims description 29
- 238000012545 processing Methods 0.000 claims description 22
- 238000011217 control strategy Methods 0.000 claims description 17
- 238000000034 method Methods 0.000 claims description 17
- 238000004519 manufacturing process Methods 0.000 claims description 16
- 230000007246 mechanism Effects 0.000 claims description 16
- 230000008569 process Effects 0.000 claims description 14
- 238000003860 storage Methods 0.000 claims description 9
- 238000013475 authorization Methods 0.000 claims description 6
- 230000007613 environmental effect Effects 0.000 claims description 4
- 239000000969 carrier Substances 0.000 claims description 2
- 238000013480 data collection Methods 0.000 claims description 2
- 238000007689 inspection Methods 0.000 claims description 2
- 238000011084 recovery Methods 0.000 claims description 2
- 238000011144 upstream manufacturing Methods 0.000 claims description 2
- 230000000007 visual effect Effects 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 abstract description 9
- 238000010586 diagram Methods 0.000 description 3
- 239000003643 water by type Substances 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000009313 farming Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/018—Certifying business or products
- G06Q30/0185—Product, service or business identity fraud
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/04—Manufacturing
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Economics (AREA)
- Marketing (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Bioethics (AREA)
- Development Economics (AREA)
- Finance (AREA)
- Accounting & Taxation (AREA)
- Databases & Information Systems (AREA)
- Entrepreneurship & Innovation (AREA)
- Manufacturing & Machinery (AREA)
- Human Resources & Organizations (AREA)
- Primary Health Care (AREA)
- Tourism & Hospitality (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a food supply chain management system based on a block chain and a de-center attribute password. The intelligent contract layer is responsible for operating specific business logic and realizing the attribute and authority management of each role on a chain from a raw material supplier to a manufacturer and a distributor to a retailer and a final consumer and the corresponding food data management; the data storage layer comprises a Hyperhedger Fabric alliance chain and an IPFS distributed database, the data acquisition layer comprises a camera, a sensor, IoT equipment, an article fingerprint and identification device and the like, and the problems of uncontrollable data, privacy disclosure and the like in the existing food supply chain are solved by combining a block chain and an attribute encryption technology, so that safe and controllable sharing of data in the food supply chain is realized.
Description
Technical Field
The invention belongs to the technical field of block chains, and particularly relates to a food supply chain management system based on a block chain and a depocenter attribute password.
Background
The people eat the food as day, and eat the food as first. The food quality safety problem relates to aspects of people's life, and the food supply chain management system records and traces the information transferred in each link of the food industry chain in the whole process from raw material purchase, production processing, packaging and transportation to final purchase and eating by consumers by using the modern information technology. Through participation of each enterprise in the whole industrial chain, data transmission and sharing of the food supply chain are achieved, meanwhile, the data analysis technology is utilized to help consumers to inquire real and effective traceability information and improve production and operation problems of related enterprises in the supply chain. However, in the conventional food supply chain management system, the supply chain data is stored in a centralized database and is centrally managed and maintained by a certain mechanism, so that the data is at risk of being tampered by people, and privacy protection for manufacturers and consumers cannot be realized. Related enterprises and users in the supply chain sometimes have inconsistency of data obtained by two parties of data sharing due to untimely data updating in the data sharing process.
The blockchain technology is a combination of a series of mature technologies, and a decentralized, multi-party writing and common maintenance credible distributed account book is realized by skillfully fusing technologies such as an encryption algorithm, a P2P network, a consensus mechanism and the like. The main characteristics are as follows:
1) tamper resistance: the tamper-proofing of the block chain is ensured by storing and chaining a data structure by taking a block as a unit, which means that all the blocks after the block are required to be modified when the data in one block is required to be modified, and a consensus mechanism ensures that each node in a distributed network agrees with the data of the current new block, and the tamper of the block information can be monitored and corrected within the fault-tolerant range allowed by a block chain system;
2) decentralization: each member node of the running block chain system does not depend on any management organization, is an autonomous running community and ecology, and the specification and the protocol of the running negotiation of the nodes are consistent, so that the system can run correctly in an environment which does not depend on a central node or a third-party node;
3) opening property: the power of each node in the blockchain is equal, data is commonly maintained by all nodes in the system, and meanwhile, each node on the blockchain can access and verify the complete data record stored in the blockchain.
The consensus mechanism, which is one of the important components of the blockchain technology, aims to allow all honest nodes to store the same blockchain data and satisfy both consistency and validity, is also the goal of the consensus mechanism: consistency, the prefix parts of the block chains stored by all honest nodes are completely the same; and the validity is that the information released by a certain honest node is recorded into the block chain of the node by all other honest nodes. The consensus mechanism determines how the participating nodes agree on certain data, and can be divided into a classical distributed consensus mechanism and a blockchain consensus mechanism. In 2008, Nakamoto proposed bitcoin, and the consensus mechanism entered the block chain consensus era. The current block chain consensus can be divided into two categories, one is an authorized consensus (authorized consensus) mechanism, and nodes in an authorized network can participate in a subsequent consensus mechanism only after finishing identity authentication through Public Key Infrastructure (PKI); the other type is an unauthorized consensus (permission consensus) mechanism represented by bitcoin. In an unauthorized network, nodes are added and withdrawn at any time, the number of the nodes is dynamically changed and unpredictable, and unauthorized consensus completes the processes of block provider (block provider) election, block generation, node verification and block chain updating and the like through a specific algorithm.
Shamir and Boheh et al propose an Identity-based Encryption mechanism (1) (IBE), which introduces a brand-new Encryption mechanism and takes the Identity information of a user as the basis of a user key. On the basis of the identity Encryption scheme, Sahai and Waters first introduced the concept of Attribute-based Encryption (2) (ABE) in 2005, which is considered to be an effective Encryption and access control approach. Different from the traditional encryption algorithm, the key of the user and the encrypted ciphertext in the ABE scheme are mutually associated with a certain attribute set, the user can independently construct a specific access structure, and only the user meeting the access structure set by an encryptor can decrypt data, so that fine-grained access control is achieved. Compared with the traditional public key encryption scheme, the ABE represents the identity of a user as an attribute set, and whether a user can decrypt a ciphertext depends on whether the attribute set of the user is matched with an access strategy defined by an encryptor. The ABE scheme mainly comprises two types of Key Policy-based Attribute Encryption (KP-ABE) and ciphertext Policy-based Attribute Encryption (CP-ABE), wherein in the KP-ABE scheme, a Key is closely associated with an access structure, a ciphertext is closely associated with an Attribute set, and a user with the Key can only decrypt a ciphertext specified by an access control Policy of the Key; in the CP-ABE scheme, the ciphertext is closely associated with the access structure, the key is associated with the attribute set, and the user can successfully decrypt the ciphertext only when the attribute satisfies the access structure. Therefore, the CP-ABE scheme is very suitable for an uncertain environment of distributed cloud storage and decryption parties, and utilizes the relevant attributes of users and the mutual trust relationship among objects as authorization bases to design an access structure.
Reference documents:
(1) Shamir A. Identity-Based Cryptosystems and Signature Schemes[M]// Advances in Cryptology. Springer Berlin eidelberg,1984;
(2)Sahai A, Waters B. Fuzzy identity-based encryption [C] // Proc of the 24th Annual Int Conf on Theory and Applications of Cryptographic Techniques. Berlin: Springer, 2005: 457-473。
disclosure of Invention
The invention aims to provide a food supply chain management system based on a block chain and a center-removing attribute password.
The invention provides a food supply chain management system based on a block chain and a de-center attribute password, which comprises four layers of logic structures, namely an application layer, an intelligent contract layer, a data storage layer and a data acquisition layer, wherein:
the application layer provides a visual operation interface for users in the system, and executes specific business logic processing by calling the intelligent contract layer, wherein the specific business logic processing comprises application services such as account management, authority application, quality inspection authentication, food source tracing, information feedback, data sharing, authority issuing and data decryption;
the intelligent contract layer is responsible for running specific business logic, the specific business logic comprises a data management contract and an attribute authority management contract, and the attribute and authority management and the corresponding supply chain data management of all roles in a chain from a raw material supplier to a producer and a distributor and then to a retailer and a final consumer in a food supply chain are realized;
after the data management contract performs identity attribute authorization authentication on each enterprise in the supply chain, encryption and uplink can be performed on the tracing related information in each link of the supply chain according to an attribute encryption algorithm, and finally privacy protection and fine-grained controllable sharing of supply chain data are realized; the attribute authority management contract is a distributed authority management system based on a block chain and a desCENTER attribute password, a user is used as a basic unit of the system and bears different roles according to different execution operations in the process, the same user can play roles in both the body and the part, such as a data sharer or an authentication authorizer, and meanwhile, a plurality of users can also cooperate to form an organization; the block chain and the intelligent contract are used as carriers and have the capabilities of storing public parameters and ciphertexts, executing basic inquiry, user registration operation and the like; the specific operation is as follows:
(1) user registration onto blockchain: the user selects the GID and executes user initialization or declares new attribute operation, and the generated user public key or user attribute is uplink;
(2) multi-user collaborative registration is organized onto block chains: performing organization initialization or new attribute organization declaration cooperatively, wherein the process generates intermediate parameters, the total number of users is n, the threshold value of threshold secret sharing is t, t is greater than n/2, and the occupation ratio of malicious users does not exceed n-t; the organization collects the intermediate parameters generated by the cooperative users through an intelligent contract, combines the intermediate parameters to calculate an organization public key or organization attributes, and publishes the uplink;
(3) the user applies for the attribute: the user can apply the owned attribute to any other user or organization for the purposes of self identity authentication, password recovery, data sharing and the like, and generates a corresponding request and links the chain;
(4) user/organization grant attribute: the applicant judges whether the attribute authentication application of the applicant passes by, if the attribute authentication application passes by, the corresponding secret parameter is returned, and the applicant calculates the attribute private key and stores the attribute private key according to the secret parameter;
(5) data sharing: a user sets a special access control strategy, encrypts data through an attribute encryption algorithm to obtain ciphertext and then uplinks the ciphertext;
(6) data acquisition: the user obtains the ciphertext shared by other users from the block chain, and if the ciphertext meets the access control strategy, the ciphertext can be decrypted by using the self-attribute private key to obtain plaintext data;
the data storage layer comprises a Hyperhedger Fabric alliance chain and an IPFS distributed database, after data are collected by the data collection layer, the data storage layer encrypts private data by using an attribute encryption algorithm, stores a ciphertext into the IPFS data base under the chain, packs and verifies a ciphertext hash address, an access control strategy and other related data by a consensus mechanism, and uploads the ciphertext hash address, the access control strategy and the other related data to the block chain for data synchronization;
the data acquisition layer mainly comprises a camera, a sensor, IoT equipment, an article fingerprint and identification device and other data acquisition and storage equipment, and has the main functions of sensing and acquiring environmental information on a food supply chain, automatically acquiring information through the IoT equipment and ensuring the integrity and accuracy of the information;
various related data on a food supply chain are acquired through a data acquisition layer, the acquired data are uploaded to an IPFS (Internet protocol file system) after being encrypted through related contracts of an intelligent contract layer through a data storage layer, and a ciphertext hash is uploaded to a block chain, so that a final user can inquire the related data on the chain through an application layer.
The invention provides a food supply chain management system based on a block chain and a depocenter attribute password, which comprises six links, namely a raw material production link, a purchasing/processing link, a storage link, a transportation link, a sales link and an inquiry link, and comprises the following concrete steps:
(1) production link of raw materials
As the first link in the food supply chain, the nodes in the system are mainly enterprises related to raw material production; the node firstly completes registration by calling an attribute authority management contract, declares self attributes through a desCENTER attribute cryptographic algorithm, sets an access control strategy, encrypts self related information through the attributes and stores the encrypted information into the IPFS, and stores a hash value of an IPFS ciphertext, the access control strategy of the ciphertext and other information on a block chain; when the food is transited from the raw material production to the purchasing link, the intelligent dating carries out encryption sharing on related data (raw material production environment data, raw material source data, related farming operation data and the like), and broadcasts the data to the block chain network for the follow-up node to check;
(2) purchasing/processing link
The main node of the link is a food processing enterprise, and when a product which is produced in the raw material production link is purchased or processed by the processing enterprise, the processing enterprise node can record related information of purchasing and processing into a data acquisition layer; similar to the raw material production link, the processing enterprise node firstly completes registration by calling an attribute authority management contract, declares self attributes by a de-centering attribute cryptographic algorithm, sets an access control strategy, and performs chain uplink and downlink storage on supply chain information after being encrypted by the de-centering attribute cryptographic algorithm;
(3) storage link
The main node of the link is a warehouse, namely, the raw material enters an application layer, when the raw material is transported to the warehouse after the processing link, the warehouse node enjoys the addition of product information, such as the environmental information of the warehouse, the product inventory information, the warehouse storage information and the like; after the transaction is completed, other nodes in the system perform authentication and account book updating operation on the block information through a consensus algorithm;
(4) transportation link
The main node of the link is a logistics company, namely, the logistics company enters an application layer, and logistics information needs to be updated into a block chain in real time in the process of transporting food, such as transportation place information, transportation company information, transportation path information and the like, so that the source of the food can be traced by subsequent related personnel;
(5) sales link
The main node of this link is the retailer; the method comprises the steps that (1) the food enters an application layer, after the food reaches a retail store through a series of links at the upstream, the store firstly obtains relevant information of the food by calling relevant contracts, and after the information, the purchase order information and real-time sales data of the store are encrypted and linked up after the store confirms that no errors exist;
(6) inquiry link
The main nodes of the link are consumers, related enterprises and supervision authorities; a consumer inquires source tracing information through a functional interface provided by a management platform, a system inquires all transaction IDs in a food supply chain related to the food at the background, acquires related ciphertext hash addresses through the transaction IDs, inquires corresponding ciphertexts in an IPFS (Internet protocol file system) from the addresses, and finally decrypts through a de-centering attribute encryption algorithm to acquire real source tracing data; related enterprises and supervision departments can trace problem products through corresponding interfaces so as to achieve the purpose of quickly tracing responsibility.
The invention has the beneficial effects that: the block chain is combined with a de-centering attribute password technology, mutual authorization between a user and an organization and endorsement identity attribute are utilized to realize trust cost linkage, and attribute passwords are utilized to carry out access control and sharing on data on the chain so as to achieve fine-grained access control and privacy protection. The problems that the authenticity of data of an existing food supply chain management system cannot be guaranteed, privacy is revealed and the like are solved, fine-grained safe and controllable sharing of the data in a food supply chain can be achieved, the authenticity of supply chain transaction is guaranteed, and information asymmetry is reduced.
Drawings
FIG. 1 is a diagram of a food supply chain management system architecture.
FIG. 2 is a flow diagram of an attribute rights management contract operation based on blockchain and de-center attribute cryptography.
Fig. 3 is a data flow diagram of a food supply chain management system.
Fig. 4 is a flow chart of a food supply chain management system.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to specific embodiments and the accompanying drawings, but the scope of the present invention is not limited to the following embodiments.
Example 1:
as shown in fig. 1, the block chain and decentralized attribute password-based food supply chain management system provided by the present invention includes four logical layers, namely an application layer, an intelligent contract layer, a data storage layer and a data acquisition layer. The relationship between the logical structures of the layers is as follows: various related data on a food supply chain are acquired through a data acquisition layer, the acquired data are uploaded to an IPFS (Internet protocol file system) after being encrypted through related contracts of an intelligent contract layer through a data storage layer, and a ciphertext hash is uploaded to a block chain, so that a final user can inquire the related data on the chain through an application layer.
As shown in fig. 2, the attribute authority management contract is a distributed authority management system based on a block chain and a decentralized attribute password, a user serves as a basic unit of the system, and assumes different roles according to different operations executed in a process, and the same user can play roles, such as a data sharer or an authentication authorizer, and a plurality of users can also cooperate to form an organization. The operation flow of the contract mainly comprises links of user registration to a block chain, multi-user cooperative registration and organization to the block chain, user application attribute, user/organization awarding attribute, data sharing, data acquisition and the like.
As shown in fig. 3, the data transfer process of the food supply chain management system mainly includes six links, namely, a raw material production link, a purchasing/processing link, a storage link, a transportation link, a sales link, and an inquiry link.
The work flow of the food supply chain management system is shown in fig. 4, and the specific work flow is as follows:
(1) system initialization
The system executes initialization operation to initialize the basic parameters and generate the public parameters.
(2) User registration
Related enterprises in the food supply chain input related information according to self requirements to carry out identity registration in the system, and simultaneously can declare self related attributes so as to carry out safe and controllable sharing of data in the following process. The consumer who performs only the inquiry function does not need to register, but the consumer who purchases the product and performs the information feedback needs to register in advance to perform the subsequent operation.
(3) User rights management
The invention adopts a distributed authority management system based on block chains and de-center attribute passwords, and the authority information corresponding to the block chains and the de-center attribute passwords is described through the attribute owned by the user, so that fine-grained data access control is realized. The main work at this stage includes management of organization and attributes. The organization management part is responsible for managing and maintaining related information of attribute authorized organizations, such as newly added organization application, new organization examination and approval and the like. After all members agree to join the organization, all members need to submit part-pk, namely, the secret share generated by each member, and finally upload the secret share to an intelligent contract to complete the organization generation process. The attribute management part is mainly responsible for managing and maintaining attribute information of users and attribute authorization organizations, such as operations of declaring attributes of users and organizations under jurisdiction, applying for attributes of other people or organizations, approving the attributes and the like, and finally forming attribute authority information according with the identity of each user.
(4) Data sharing
When data need to be input into a food supply chain management system based on a block chain, relevant nodes carry out data uplink operation by calling corresponding intelligent contracts, at the moment, the intelligent contracts can set corresponding access control strategies according to identity information of the nodes, encrypt the data through an attribute encryption algorithm, store ciphertext data into an IPFS (Internet protocol file system), and carry out uplink on corresponding data hash addresses, access control strategies and other relevant information.
(5) Data query
When a consumer, a related enterprise or a supervisory organization executes a query function, the system firstly searches corresponding records of a transaction in each link of a supply chain process according to a transaction contract address, acquires ciphertext data stored in an IPFS database through a data hash address, and then conducts decryption attempt according to authority information of the system, if attribute authority owned by a user meets an access control strategy set during data encryption, decryption can be successfully conducted, and the query result can display contents such as information of the related link, a signature of an enterprise node, specific information of a product and the like. Otherwise, the user is informed that the user does not have the corresponding authority, and the decryption fails.
The invention has the advantages that: the block chain is combined with a de-center attribute password technology, mutual authorization between a user and an organization and endorsement identity attribute are utilized to realize trust cost linkage, and attribute passwords are utilized to carry out access control and sharing on data on the chain, so that fine-grained access control and privacy protection are achieved. The problems that the authenticity of data of an existing food supply chain management system cannot be guaranteed, privacy is revealed and the like are solved, fine-grained safe and controllable sharing of the data in a food supply chain can be achieved, the authenticity of supply chain transaction is guaranteed, and information asymmetry is reduced.
Claims (2)
1. Food supply chain management system based on block chain and remove central attribute password, including four layers of logical structure, be application layer, intelligent contract layer, data storage layer and data acquisition layer respectively, its characterized in that:
the application layer provides a visual operation interface for users in the system, and executes specific service logic processing by calling the intelligent contract layer, wherein the specific service logic processing comprises account management, authority application, quality inspection authentication, food traceability, information feedback, data sharing, authority issuing and data decryption;
the intelligent contract layer is responsible for running specific business logic, the specific business logic comprises a data management contract and an attribute authority management contract, and the attribute and authority management and the corresponding supply chain data management of each role in a chain from a raw material supplier to a manufacturer and a distributor in a food supply chain and then to a retailer and a final consumer are realized;
after the data management contract performs identity attribute authorization authentication on each enterprise in the supply chain, encryption chaining can be performed on the tracing related information in each link of the supply chain according to an attribute encryption algorithm, and finally privacy protection and fine-grained controllable sharing of supply chain data are realized; the attribute authority management contract is a distributed authority management system based on a block chain and a desCENTER attribute password, a user is used as a basic unit of the system and bears different roles according to different execution operations in the process, the same user can play roles in both the body and the part, such as a data sharer or an authentication authorizer, and meanwhile, a plurality of users can also cooperate to form an organization; the block chain and the intelligent contract are used as carriers and have the capabilities of storing public parameters and ciphertexts, executing basic inquiry, user registration operation and the like; the specific operation is as follows:
(1) user registration onto blockchain: the user selects the GID and executes user initialization or declares new attribute operation, and the generated user public key or user attribute is uplink;
(2) multi-user collaborative registration is organized onto block chains: performing organization initialization or new attribute organization declaration cooperatively, wherein the process generates intermediate parameters, the total number of users is n, the threshold value of threshold secret sharing is t, t is greater than n/2, and the occupation ratio of malicious users does not exceed n-t; the organization collects the intermediate parameters generated by the cooperative users through an intelligent contract, combines the intermediate parameters to calculate an organization public key or organization attributes, and publishes the uplink;
(3) the user applies for the attribute: the user can apply for the owned attribute of any other user or organization to be used for self identity authentication, password recovery, data sharing and the like, and generates a corresponding request and links the chain;
(4) user/organization grant attribute: the applicant judges whether the application passes the attribute authentication of the applicant by self, if the application passes the attribute authentication of the applicant, corresponding secret parameters are returned, and the applicant calculates and stores the attribute private key by self according to the secret parameters;
(5) data sharing: a user sets a special access control strategy, encrypts data through an attribute encryption algorithm to obtain a ciphertext and then chains up the ciphertext;
(6) data acquisition: the user obtains the ciphertext shared by other users from the block chain, and if the ciphertext meets the access control strategy of the ciphertext, the ciphertext can be decrypted by using the self attribute private key to obtain plaintext data;
the data storage layer comprises a HyperLegger Fabric alliance chain and an IPFS distributed database, after the data storage layer collects data through a data collection layer, the data storage layer encrypts the private data by using an attribute encryption algorithm, stores the ciphertext into the database under the IPFS chain, packs and verifies the ciphertext hash address, the access control strategy and other related data through a consensus mechanism, and uploads the ciphertext hash address, the access control strategy and other related data to a block chain for data synchronization;
the data acquisition layer comprises a camera, a sensor, IoT equipment and an article fingerprint and identification device, senses and acquires environmental information on a food supply chain, automatically acquires the information through the IoT equipment, and ensures the integrity and accuracy of the information;
various related data on a food supply chain are acquired through a data acquisition layer, the acquired data are uploaded to an IPFS (Internet protocol file system) after being encrypted through related contracts of an intelligent contract layer through a data storage layer, and a ciphertext hash is uploaded to a block chain, so that a final user can inquire the related data on the chain through an application layer.
2. The system of claim 1, wherein the system comprises six links, namely a raw material production link, a purchasing/processing link, a warehousing link, a transportation link, a sales link, and an inquiry link, and comprises the following steps:
(1) production link of raw materials
As the first link in the food supply chain, the nodes in the system are mainly enterprises related to raw material production; the node firstly completes registration by calling a corresponding attribute authority management contract, declares self attribute by a de-center attribute cryptographic algorithm, sets an access control strategy, encrypts the self relevant information by the attribute and then stores the information into the IPFS, and stores a hash value of an IPFS ciphertext, the access control strategy of the ciphertext and other information on a block chain; when the food is transited from the raw material production to the purchasing link, the intelligent contract date encrypts and shares the related data and broadcasts the data to the block chain network for subsequent nodes to check;
(2) purchasing/processing link
The main node of the link is a food processing enterprise, and when a product which is subjected to the raw material production link is purchased or processed by the processing enterprise, the processing enterprise node can record related information of purchasing and processing into a data acquisition layer; similar to the production link of raw materials, a processing enterprise node firstly completes registration by calling a corresponding attribute authority management contract, declares self attributes through a de-centering attribute cryptographic algorithm, sets an access control strategy, encrypts supply chain information through the de-centering attribute cryptographic algorithm and then stores the supply chain information on the chain;
(3) storage link
The main node of the link is a warehouse which is a data storage layer, when the raw materials are transported to the warehouse after the processing link, the warehouse node enjoys the addition of product information, such as the environmental information of the warehouse, the product inventory information, the warehouse storage information and the like; after the transaction is completed, other nodes in the system perform authentication and account book updating operation on the block information through a consensus algorithm;
(4) transportation link
The main node of the link is a logistics company, namely, the logistics company enters an application layer, and logistics information needs to be updated into a block chain in real time in the process of transporting food, such as transportation place information, transportation company information, transportation path information and the like, so that the source of the food can be traced by subsequent related personnel;
(5) sales link
The main node of this link is the retailer; the method comprises the steps that (1) the food enters an application layer, after the food reaches a retail store through a series of links at the upstream, the store firstly obtains relevant information of the food by calling relevant contracts, and after the relevant contracts are confirmed to be correct, the information of the store, the information of an incoming note and real-time sales data are encrypted and linked up;
(6) inquiry link
The main nodes of the link are consumers, related enterprises and supervision authorities; a consumer inquires source tracing information through a functional interface provided by a management platform, a system inquires all transaction IDs in a food supply chain related to the food at the background, acquires related ciphertext hash addresses through the transaction IDs, inquires corresponding ciphertexts in an IPFS (Internet protocol file system) from the addresses, and finally decrypts through a de-centering attribute encryption algorithm to acquire real source tracing data; related enterprises and supervision doors can trace problem products through corresponding interfaces so as to achieve the purpose of quickly tracing responsibility.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210417005.9A CN114780943B (en) | 2022-04-20 | 2022-04-20 | Food supply chain management system based on block chain and decentralised attribute passwords |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210417005.9A CN114780943B (en) | 2022-04-20 | 2022-04-20 | Food supply chain management system based on block chain and decentralised attribute passwords |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114780943A true CN114780943A (en) | 2022-07-22 |
| CN114780943B CN114780943B (en) | 2024-03-26 |
Family
ID=82431057
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210417005.9A Active CN114780943B (en) | 2022-04-20 | 2022-04-20 | Food supply chain management system based on block chain and decentralised attribute passwords |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114780943B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115941452A (en) * | 2022-11-09 | 2023-04-07 | 北京工业大学 | Decentralized power grid fault tracing system based on Internet of things and block chain technology |
| CN116185974A (en) * | 2023-04-28 | 2023-05-30 | 北京市农林科学院信息技术研究中心 | Fishery germplasm resource data sharing method and system based on block chain |
| CN116319088A (en) * | 2023-05-17 | 2023-06-23 | 深圳前海翼联科技有限公司 | Method for monitoring route node state and collecting information of Internet of things |
| CN116385031A (en) * | 2023-06-07 | 2023-07-04 | 山东科技大学 | Data tracing method based on big data and multiple data sources |
| CN116432207A (en) * | 2023-06-07 | 2023-07-14 | 国网福建省电力有限公司 | Power data authority hierarchical management method based on blockchain |
| CN116664171A (en) * | 2023-08-01 | 2023-08-29 | 中国信息通信研究院 | Block chain-based commodity anti-counterfeiting and controllable anonymous distribution method and device |
| CN116662291A (en) * | 2023-05-15 | 2023-08-29 | 上海交通大学 | Building material supply chain data management system and method based on block chain and IPFS |
| CN117078115A (en) * | 2023-10-17 | 2023-11-17 | 山东省十里香芝麻制品股份有限公司 | Sesame raw material quality inspection management method and system based on blockchain |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20190134296A (en) * | 2018-05-25 | 2019-12-04 | 서강대학교산학협력단 | System and method for managing and tracking a supply network based on a blockchain |
| CN110879902A (en) * | 2019-11-25 | 2020-03-13 | 北京工商大学 | Grain, oil and food full supply chain information safety management system and method based on trusted identification and IPFS |
| US20200169407A1 (en) * | 2019-07-31 | 2020-05-28 | Alibaba Group Holding Limited | Blockchain-based data authorization method and apparatus |
| CN113051609A (en) * | 2021-03-12 | 2021-06-29 | 广西综合交通大数据研究院 | Food material traceability system, method, equipment and storage medium based on block chain |
| WO2021130341A1 (en) * | 2019-12-23 | 2021-07-01 | Farmer Connect Sa | Computer implemented blockchain-based system for agricultural products |
| CN113743955A (en) * | 2021-08-06 | 2021-12-03 | 广西综合交通大数据研究院 | Food material traceability data security access control method based on intelligent contract |
-
2022
- 2022-04-20 CN CN202210417005.9A patent/CN114780943B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20190134296A (en) * | 2018-05-25 | 2019-12-04 | 서강대학교산학협력단 | System and method for managing and tracking a supply network based on a blockchain |
| US20200169407A1 (en) * | 2019-07-31 | 2020-05-28 | Alibaba Group Holding Limited | Blockchain-based data authorization method and apparatus |
| CN110879902A (en) * | 2019-11-25 | 2020-03-13 | 北京工商大学 | Grain, oil and food full supply chain information safety management system and method based on trusted identification and IPFS |
| WO2021130341A1 (en) * | 2019-12-23 | 2021-07-01 | Farmer Connect Sa | Computer implemented blockchain-based system for agricultural products |
| CN113051609A (en) * | 2021-03-12 | 2021-06-29 | 广西综合交通大数据研究院 | Food material traceability system, method, equipment and storage medium based on block chain |
| CN113743955A (en) * | 2021-08-06 | 2021-12-03 | 广西综合交通大数据研究院 | Food material traceability data security access control method based on intelligent contract |
Non-Patent Citations (2)
| Title |
|---|
| 肖博;夏辉;陈明;: "基于联盟链的制造供应链质量追溯研究", 国外电子测量技术, no. 09, 15 September 2020 (2020-09-15), pages 27 - 32 * |
| 许继平;孙鹏程;张新;王小艺;孔建磊;赵峙尧;: "基于区块链的粮油食品全供应链信息安全管理原型系统", 农业机械学报, no. 02, 31 December 2020 (2020-12-31), pages 348 - 356 * |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115941452A (en) * | 2022-11-09 | 2023-04-07 | 北京工业大学 | Decentralized power grid fault tracing system based on Internet of things and block chain technology |
| CN116185974A (en) * | 2023-04-28 | 2023-05-30 | 北京市农林科学院信息技术研究中心 | Fishery germplasm resource data sharing method and system based on block chain |
| CN116185974B (en) * | 2023-04-28 | 2023-08-04 | 北京市农林科学院信息技术研究中心 | Fishery germplasm resource data sharing method and system based on block chain |
| CN116662291A (en) * | 2023-05-15 | 2023-08-29 | 上海交通大学 | Building material supply chain data management system and method based on block chain and IPFS |
| CN116319088A (en) * | 2023-05-17 | 2023-06-23 | 深圳前海翼联科技有限公司 | Method for monitoring route node state and collecting information of Internet of things |
| CN116319088B (en) * | 2023-05-17 | 2023-08-29 | 深圳前海翼联科技有限公司 | Method for monitoring route node state and collecting information of Internet of things |
| CN116385031A (en) * | 2023-06-07 | 2023-07-04 | 山东科技大学 | Data tracing method based on big data and multiple data sources |
| CN116432207A (en) * | 2023-06-07 | 2023-07-14 | 国网福建省电力有限公司 | Power data authority hierarchical management method based on blockchain |
| CN116432207B (en) * | 2023-06-07 | 2023-09-22 | 国网福建省电力有限公司 | Power data authority hierarchical management method based on blockchain |
| CN116664171A (en) * | 2023-08-01 | 2023-08-29 | 中国信息通信研究院 | Block chain-based commodity anti-counterfeiting and controllable anonymous distribution method and device |
| CN116664171B (en) * | 2023-08-01 | 2023-10-20 | 中国信息通信研究院 | Block chain-based commodity anti-counterfeiting and controllable anonymous distribution method and device |
| CN117078115A (en) * | 2023-10-17 | 2023-11-17 | 山东省十里香芝麻制品股份有限公司 | Sesame raw material quality inspection management method and system based on blockchain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114780943B (en) | 2024-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114780943B (en) | Food supply chain management system based on block chain and decentralised attribute passwords | |
| Vangala et al. | Smart secure sensing for IoT-based agriculture: Blockchain perspective | |
| US10789373B2 (en) | System and method for securely storing and sharing information | |
| US11818251B2 (en) | System and method for securely storing and sharing information | |
| Pennekamp et al. | Dataflow challenges in an internet of production: a security & privacy perspective | |
| Qi et al. | Scalable industry data access control in RFID-enabled supply chain | |
| US10630486B2 (en) | Multiparty computation for approving digital transaction by utilizing groups of key shares | |
| US10637670B2 (en) | Multiparty computation of a digital signature of a transaction with advanced approval system | |
| Lam et al. | Textile and apparel supply chain with distributed ledger technology (DLT) | |
| Qiao et al. | Privacy-preserving credit evaluation system based on blockchain | |
| Cha et al. | Blockchain based sensitive data management by using key escrow encryption system from the perspective of supply chain | |
| CN109255250A (en) | A kind of data safety encryption device and application method based on alliance's chain | |
| Liu et al. | A novel logistics data privacy protection method based on blockchain | |
| Zhang et al. | BCST-APTS: Blockchain and CP-ABE empowered data supervision, sharing, and privacy protection scheme for secure and trusted agricultural product traceability system | |
| CN113301018A (en) | Data sharing method based on alliance chain | |
| Sasikumar et al. | Blockchain-Assisted Hierarchical Attribute-Based Encryption Scheme for Secure Information Sharing in Industrial Internet of Things | |
| Alsagheer et al. | Decentralized machine learning governance: Overview, opportunities, and challenges | |
| CN111835687B (en) | Block chain-based security coordination system and security coordination method | |
| CN114741734B (en) | Drug anti-counterfeiting traceability cloud chain data multi-party safe computing method | |
| CN116089968A (en) | Scientific data sharing method and system based on blockchain technology | |
| CN112948846B (en) | Manufacturing cross-domain privacy entity security alignment sharing method based on blockchain | |
| CN115271603A (en) | Supply chain data cooperation method based on block chain | |
| CN103559434A (en) | Generation method for electronic attached sheets in circulation domain | |
| CN114205155A (en) | Supplier risk assessment system and method based on safe multi-party calculation | |
| CN113673893A (en) | Retired power battery management method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |