CN116151826B - Power transaction terminal trust management method based on blockchain - Google Patents
Power transaction terminal trust management method based on blockchain Download PDFInfo
- Publication number
- CN116151826B CN116151826B CN202310348083.2A CN202310348083A CN116151826B CN 116151826 B CN116151826 B CN 116151826B CN 202310348083 A CN202310348083 A CN 202310348083A CN 116151826 B CN116151826 B CN 116151826B
- Authority
- CN
- China
- Prior art keywords
- trust
- node
- terminal
- factor
- value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000007726 management method Methods 0.000 title claims abstract description 32
- 238000011156 evaluation Methods 0.000 claims abstract description 39
- 238000000034 method Methods 0.000 claims abstract description 20
- 230000003993 interaction Effects 0.000 claims description 22
- 238000004891 communication Methods 0.000 claims description 12
- 238000009826 distribution Methods 0.000 claims description 10
- 238000004364 calculation method Methods 0.000 claims description 5
- 102000016550 Complement Factor H Human genes 0.000 claims description 4
- 108010053085 Complement Factor H Proteins 0.000 claims description 4
- 230000001105 regulatory effect Effects 0.000 claims description 4
- 230000004927 fusion Effects 0.000 claims description 3
- 238000011084 recovery Methods 0.000 claims description 3
- 238000004445 quantitative analysis Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 abstract description 6
- 238000012854 evaluation process Methods 0.000 abstract description 3
- 230000006399 behavior Effects 0.000 description 16
- 238000005516 engineering process Methods 0.000 description 6
- 230000007246 mechanism Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 241001481828 Glyptocephalus cynoglossus Species 0.000 description 1
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/06—Energy or water supply
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S10/00—Systems supporting electrical power generation, transmission or distribution
- Y04S10/50—Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Health & Medical Sciences (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- Economics (AREA)
- Public Health (AREA)
- Water Supply & Treatment (AREA)
- General Health & Medical Sciences (AREA)
- Human Resources & Organizations (AREA)
- Marketing (AREA)
- Primary Health Care (AREA)
- Tourism & Hospitality (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a high-efficiency reliable block-chain-based power transaction terminal trust management method, which aims at the problem of insufficient trust evaluation factor consideration in the trust evaluation process in the trust value collection stage, utilizes a terminal agent to collect multidimensional trust factors of users, quantitatively analyzes the security state of a terminal by using the trust evaluation method, and can effectively relieve the security problem of internal threat. In the trust value release stage, the process of enabling the state of the blockchain and the data to reach consistency through a consensus protocol ensures that the trust value cannot be tampered, and solves the problem of single point collapse of traditional centralized trust management. Meanwhile, an improved PBFT algorithm based on the trusted priority queue is provided, and the performance and reliability of the system are greatly improved. In the storage stage of the trust value, the invention optimizes the storage structure of the blockchain and pertinently adjusts the storage structure of the Merkle, so that the storage structure can ensure that the trust value cannot be tampered.
Description
Technical Field
The invention relates to the technical field of power transaction networks, in particular to a block chain-based power transaction terminal trust management method (Efficient and Reliable Blockchain-based Trust Management model in electricity trading terminal, ERBTM).
Background
The electric power transaction platform is used as one of key information systems in the energy field, and plays a key supporting role for electric power business. Once corrupted or data compromised, can have a significant impact on national security and civil interests. There are a large number of heterogeneous terminal devices in the private network for 5G power transactions. The terminal devices have the functions of data acquisition, transmission, processing, storage and the like. However, the environment in which the terminal device is located is open and complex, and security threats are accompanied. Internal attacks are more critical than external attacks in terms of the security of the 5G power trading private network. Internal attacks include defamation attacks from malicious and counterfeit terminals, black hole attacks, flooding attacks, witches attacks, etc. If an attack invades the power trading center system, the usability and integrity of the system will be destroyed, bringing a tremendous damage to the power trading system.
In the current electric power transaction private network, the security of data is ensured by establishing a virtual private network and the trust among different main bodies is established by an authentication technology based on a traditional identity public key technology, and the traditional defending measures based on authentication and encryption do not consider the influence of multiple trust factors of a terminal environment on the trust of the terminal, only external problems can be defended, and internal threats cannot be defended. This approach lacks an effective means of defending against intra-network attacks, since people within the network typically have system keys.
Trust management refers to establishing and maintaining trust relationships between various principals in the communication and interaction processes in a network to ensure network security and data trustworthiness. In a power trading private network, interactions between various principals often require the establishment of mutually trusted relationships, including the mutual trust between users and service providers, devices, and the like.
Social-based network node trust evaluation technology is an important way to solve internal threats. Trust evaluation techniques secure the entire system by restricting or isolating nodes with low trust values. It is widely used in wireless sensor networks, cloud services and mobile ad hoc networks. However, existing trust management is often implemented by trusted third parties, with the problem of single point of failure. Later distributed trust management techniques solve the problem of single point failure, but malicious nodes in the distributed network easily tamper with locally stored trust value data, so that a trust management method based on blockchain has emerged.
The existing trust management scheme based on the blockchain is mainly divided into three stages: first is the trust evaluation phase. Obtaining a trust value of the current terminal equipment through a proper trust evaluation algorithm, and uploading the trust value, namely related data, to the edge equipment; and secondly, a miner election and block generation stage. The edge equipment packages the collected data and then selects a master node release block based on a consensus algorithm; finally, a distributed consensus phase. The correctness of the newly issued block is verified together by the consensus node.
However, most of the consensus algorithms of the prior art for managing the trust of the terminal based on the blockchain adopt a consensus algorithm of a workload proving mechanism or a practical Bayesian-to-busy fault-tolerant algorithm, and the algorithm has advantages when the system scale is smaller, but the maintenance cost of the blockchain is increased sharply in a large-scale scene, and the time consumption for completing one-time trust value storage or inquiry is increased sharply; while a few trust management technologies adopting related improved algorithms relieve the pressure on performance, due to the lack of a mechanism for performing security protection on the consensus node, when a hacker initiates network attacks such as DDos aiming at vulnerabilities of intelligent contracts, the current technology is difficult to successfully complete trust management in such network environments, and a corresponding mechanism needs to be added to increase the robustness of the trust management technologies.
Disclosure of Invention
Aiming at the defects of long time consumption and insufficient robustness in the prior art, the invention provides the trust management method of the electric power transaction terminal based on the blockchain, so that the electric power transaction terminal originally exposed under the security threat can finish reliable trust evaluation, and internal malicious personnel are prevented from tampering trust evaluation data, thereby improving the security of the whole electric power transaction system. Meanwhile, compared with other trust management schemes, the scheme has lower time complexity and can finish authentication in shorter time.
In order to achieve the above object, the present invention provides the following technical solutions:
the invention provides a block chain-based power transaction terminal trust management method, which comprises three stages of terminal trust value collection, terminal trust value release and terminal trust value storage, wherein:
in the terminal trust value collection stage, a terminal proxy is utilized to collect the multidimensional trust factors of the user, wherein the multidimensional trust factors comprise the trust factors of the user authentication times per unit timeSimilarity trust factor of authentication information>Whether or not the user logs in the trust factor Tr from a different location offsite Device security assessment trust factor->Trust evaluation trust factor of terminal communication behavior>Respectively carrying out quantitative analysis on the multidimensional trust factors, dynamically calculating trust factor weights based on information entropy in a multidimensional trust factor fusion stage, and finally determining a terminal trust value;
in the terminal trust value release stage, feedback trust factor Rep between nodes is comprehensively considered i Node liveness trust factor P i And node integrity trust factor H i The trust values of the nodes are calculated by three trust factors, all the nodes are sequenced according to the trust values, a trusted priority queue is formed, and a practical Bayesian fault-tolerant algorithm based on the trusted priority queue is adopted to ensure that all the nodes in the whole system are one for the information recorded in the blockchainAnd (3) causing;
in the terminal trust value storage stage, the block is composed of a block head and a block body, wherein the block head comprises the hash value of the previous block, and the block body is organized by adopting a data structure based on a Merkle tree.
Further, the trust factor of the number of user authentications per unit timeExpressed as:
where time is expressed as the total number of times the user performs authentication within Δt, which is the time difference between time t and time t-1.
Further, a trust factor for the similarity of authentication informationExpressed as:
wherein the method comprises the steps ofAuthentication information for the user at time t, +.>The information is validated for the user at time t-1.
Further, the trust factor Tr of whether the user logs in from different places offsite Expressed as:
further, trust factors for device security assessment
Further, trust factor for trust evaluation of terminal communication behaviorA bayesian model is used, expressed as:
wherein the method comprises the steps ofRepresenting the success rate of each interaction of node i and node j, beta represents the Beta distribution (Beta Distribution),>representing the number of successful interactions between node i and node j, < >>Representing the number of interaction failures between node i and node j, f representing the interaction success rate +.>The probability density function of (2) is calculated by the following steps:
where u is a variable in the function and ranges from 0 to 1.
Further, the user behavior trust value of the terminal at time t is expressed as:
wherein omega i Representing trust causesWeights of children, omega 1 、ω 2 、ω 3 、ω 4 Trust factors respectively representing the number of user authentications per unit timeTrust factor of similarity with authentication information>Trust factor Tr for product and user login from different places offsite Trust factor for device security assessment>Trust factor for trust evaluation of terminal communication behavior>The weight of (2) is dynamically determined by adopting an information entropy theory;
the comprehensive trust value calculation formula of the terminal is as follows:
wherein μ controls the magnitude of the influence of the historical behavior on the current trust value, μ being set to 0.5; Δt is the time difference between time t and time t-1.
Further, during the trust value distribution phase, the system selectsAnd when the trust value of the consensus node is lower than the system parameter sigma, the system deletes the consensus node, then adds the deleted consensus node into a recovery pool, and then re-becomes the candidate node after initialization.
Further, the node feedback trust factor is expressed as:
DT ij representing feedback, delta, between node i and node j ij Representing the number of successful interactions between node i and node j ε ij Representing the number of failed interactions between node i and node j, rep i Representing a feedback trust factor for node i;
the honest trust factor of a node is expressed as:
n represents the number of times node i participates in consensus, and θ represents the number of times node successfully completes consensus;
the liveness trust factor of a node is expressed as:
n represents the number of times node i participates in consensus, α is used to regulate the growth rate, and β is responsible for regulating the threshold of node liveness, 0 < β < 1.
Further, the trust value of node i is expressed as:
T i =ω 5 Rep i +ω 6 H i +ω 7 P i
wherein omega i Weights, ω, representing trust factors 5 、ω 6 、ω 7 Feedback trust factor Rep respectively representing nodes i Honest trust factor H of node i Liveness trust factor P for a node i And the weight of the (2) is dynamically determined by adopting an information entropy theory.
Compared with the prior art, the invention has the following beneficial effects:
(1) In the trust value collection stage, aiming at the problem of insufficient consideration of the trust evaluation factor in the trust evaluation process, the multi-dimensional trust factor of the user is collected by using the terminal agent, and then the security state of the terminal is quantitatively analyzed by using the trust evaluation method, so that the security problem of internal threat can be effectively relieved, and the security of the power transaction terminal is ensured. In the multi-dimensional trust factor fusion stage, the trust factor weight is dynamically calculated based on the information entropy, the credibility is determined, and the identity management of the terminal user is facilitated.
(2) In the trust value release stage, the invention ensures that the trust value cannot be tampered in the process of enabling the state of the block chain and the data to be consistent through the consensus protocol, and solves the problem of single point collapse of the traditional centralized trust management. Meanwhile, aiming at the problems in the original PBFT algorithm, the feedback trust factor between nodes, the node activity trust factor and the node honesty trust factor are comprehensively considered, an improved practical Bayesian-busy fault-tolerant consensus (PBFT) algorithm based on a trusted priority queue is provided, the algorithm adopts a trust evaluation method to select proper nodes as a main node and a consensus node, and screens out untrusted nodes based on the trusted priority queue, so that Sybil attack and DDos attack can be effectively conducted, and the system is more robust. And by the number of nodes participating in consensus, the time consumed by the nodes to complete consensus is reduced by at least 50%. Compared with other trust management schemes, the time complexity is lower, authentication can be completed in a shorter time, and the performance and reliability of the system are greatly improved.
(3) In the storage stage of the trust value, the invention optimizes the storage structure of the blockchain and pertinently adjusts the storage structure of the Merkle, so that the storage structure can ensure that the trust value cannot be tampered.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present invention, and other drawings may be obtained according to these drawings for a person having ordinary skill in the art.
Fig. 1 is a system frame diagram of a highly efficient and reliable blockchain-based power transaction terminal trust management method according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of a trusted priority queue flow according to an embodiment of the present invention.
FIG. 3 is a block chain memory block diagram according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The efficient and reliable block chain-based power transaction terminal trust management method provided by the invention is used for evaluating and managing the trust degree of the power transaction terminal. The system framework of the method is shown in fig. 1 and consists of a terminal layer (device layer), an edge layer and a blockchain layer.
The terminal layer includes a power transaction terminal and proxy software running on the terminal. The proxy software is responsible for collecting various evidences for the trust evaluation of the terminal. The devices of the terminal layer are different from some of the devices of the blockchain layer and those of the edge layer. The terminal device carries all operations of the user, and other devices mainly provide services for the system. Therefore, for this difference, the system should provide different trust evaluation methods for the terminal device and incorporate user behavior factors into the trust evaluation methods to effectively identify malicious nodes.
The edge layer includes edge devices (edge nodes), authentication servers (authentication centers), and trusted computing servers that support access of terminals to the private power transaction network. The edge node is often composed of a 5G router and a 5G base station, so that the terminal device accesses a power transaction private network logically isolated from the public network. It is the first checkpoint to ensure system security. The authentication server verifies the identity information of the user through the public key provided by the user, and the trust value of the user which cannot pass the verification is zero. The trusted computing server is a client of the blockchain system that uploads data to the blockchain system to compute trust values through smart contracts.
The blockchain layer mainly includes servers that maintain blockchains, and intelligent contracts. And providing trust value calculation, storage and query services for the system based on the blockchain and the intelligent contract, ensuring that the trust evaluation result is not tamperable, and providing a consistent data source for trust evaluation.
The efficient and reliable block chain-based power transaction terminal trust management method comprises three stages of terminal trust value collection, terminal trust value release and terminal trust value storage.
1. Terminal trust value collection
The power transaction terminal bears all user behaviors, so that the trust evaluation of the terminal is different from that of the blockchain node, more factors related to the user behaviors need to be considered, and a terminal trust evaluation method also needs to be considered. Because of the relevant regulations, the terminals of the system can only conduct transactions over an internal private network, and thus trust assessment mechanisms are mainly used for internal threats. Internal threats generally refer to network attacks initiated from an enterprise intranet by an enterprise or government internal employee, a third party service provider, a contractor, or the like. In the face of internal threat, when evaluating the trust of the terminal, the behavior characteristics and the communication characteristics of the terminal need to be comprehensively considered, and the behavior record and the equipment data transmission characteristics of the user are incorporated into an evidence system of trust evaluation. User behavior logs are collected herein using proxy software on the terminal, including the number of user authentications per unit time, similarity of authentication information, whether the user logs in from different places, and device security evaluations. After uploading the information over the private network, the system calculates a trust value based on the user's behavior via the smart contract.
A user with a legal identity can normally pass identity authentication successfully. The more the number of user authentication times, the more the number of user authentication failures, the lower the user's credibility. Tr factor associated with user authentication time times Can be expressed as:
where time is expressed as the total number of times the user is authenticated within Δt.
The pure number of verifications is not sufficient to accurately represent the trust value of the user's behavior. In general, when user authentication fails, the larger the gap between the input authentication information i and the correct authentication j information, the greater the likelihood that the user is a malicious user. We use cosine similarity to calculate the similarity of both at time tThe calculation method is as follows:
wherein the method comprises the steps ofAuthentication information for the user at time t, +.>The information is validated for the user at time t-1.
The user's telnet is also an important factor affecting the user's trustworthiness. Telnet involves changing the terminal device or the location of the anomaly. This will greatly reduce the user's trust value and require the user to re-authenticate the user more tightly, which is relevant to telnet. The trust value may be expressed as:
the device security assessment is mainly performed by proxy software installed on the terminal, and is mainly based on information such as a software version and an operating system version of the system. TrustFactors of
The trust evaluation modeling of the terminal communication behavior adopts the Bayesian model, namely:
wherein the method comprises the steps ofRepresents the success rate of each interaction of node i and node j,/->Representing the number of successful interactions between node i and node j, < >>Representing the number of interaction failures between node i and node j, f representing the interaction success rate +.>The probability formula of (2) is calculated by the following steps:
where u is a variable in the function, and the value range is from 0 to 1.
In summary, the user behavior trust value of the terminal at time t is expressed as:
wherein omega i The weight of the trust factor is dynamically determined by adopting an information entropy theory, and the calculation formula of the information entropy of the random variable x is as follows:
wherein p (x) i ) Representing random event x i The information entropy may represent the value of the information, and when the probability of occurrence of an information is higher, it is indicated that it is spread more widely and has higher value, so that trust factors with higher information entropy should be given more weight. Assuming that an evaluator exists in the system, the evaluator's evaluation of a device according to a certain trust factor can be classified into trusted and untrusted, using F i Trust value representing trust factor, probability of evaluating trust as F i The probability of being evaluated as untrusted is 1-F i The method can obtain:
H(F i )=-F i ln(F i )-(1-F i )ln(1-F i )
according to this theory, dynamic weights ω i Can be expressed as:
in order to calculate the comprehensive trust value of the terminal, it is necessary to consider the current influence of historical experience, and the method can be used for obtaining
Where μ controls the magnitude of the impact of historical behavior on the current trust value, the present invention sets μ to 0.5.Δt is the time difference between time t and time t-1.
2 trust value publication
The trust value is released by using the blockchain, and the consistency of all nodes in the whole system to the information recorded in the blockchain is ensured by a consensus algorithm. The PBFT consensus algorithm is often used for solving the consensus problem of the distributed system in the alliance chain environment, but the PBFT algorithm has a plurality of problems. First, the communication complexity of the algorithm is at the polynomial level, and it is difficult to expand the number of consensus nodes. And secondly, the main node replacement strategy of the algorithm is sequentially selected according to the node numbers. The lack of consensus node joining and exiting policies makes the system vulnerable to Sybil attacks and DDos attacks. Because these problems make the original mechanism unable to secure the trust value distribution process, a trust-based practical Bayesian-tolerant algorithm (Trusted-PBFT) is proposed herein to solve these problems.
As shown in FIG. 2, the system adopts a trust evaluation method for all nodes to quantify the reliability of each node, then establishes a trust priority queue according to the trust value, and places the node with the highest trust value in the forefront queue as a main node. System selectionThe individual nodes are considered as consensus nodes, and the remaining nodes are considered as candidate nodes. The specific process is similar to the PBFT algorithm. When the master node fails, the system takes the first node in the trust priority queue as a new master node. When the trust value of the consensus node is lower than the system parameter sigma (the invention is set to 0.7), the system deletes the consensus node, then adds the consensus node into a recovery pool, and becomes a candidate node again after initialization.
The trusted priority queue is the core of the algorithm and is realized based on trust evaluation. Trust is the subjective belief of one entity to another, determined by the nature of that entity, and is dynamic. The dynamics of blockchain distributed nodes is a great challenge for their trust evaluation. The reliability of the node is calculated by comprehensively considering three trust factors of node feedback, node honesty and node liveness.
And (5) feeding back the nodes. Ganeriwal et al use bayesian theory to evaluate trust, they state that the reputation and beta distributions can be fitted with bayesian formulas, and finally with the statistical expected representation of the reputation distribution, we use this method to calculate the feedback trust factor, namely:
DT ij representing feedback between node i and node j, beta represents Beta distribution, delta ij Representing the number of successful interactions between node i and node j ε ij Representing the number of failed interactions between node i and node j, rep i The feedback trust factor for node i is represented, which takes feedback between node i and all nodes into account.
The honest of the nodes can be calculated through the consensus completion rate, the honest nodes vote normally in each round of consensus ground process, so that the nodes with high consensus completion rate are honest, and the trust factor is expressed as:
n represents the number of times node i participates in the consensus, and θ represents the number of times the node successfully completes the consensus.
Liveness of a node refers to the frequency at which the node participates in consensus for a period of time, the trust factor being expressed as:
n represents the number of times node i participates in consensus, alpha can regulate the growth rate, and beta (0 < beta < 1) is responsible for regulating the threshold of node liveness.
Therefore, when observing normal and abnormal communication, the average credibility of the data sent by the node is calculated, the data credibility and the communication behavior credibility are combined to obtain the comprehensive credibility of the node, and the trust value of the node i is expressed as:
T i =ω 5 Rep i +ω 6 H i +ω 7 P i
ω i is the weight of the trust factor, the weight is adoptedAnd determining by using the trust entropy method.
According to the above formula, we can sort all nodes according to the trust value to form a trusted priority queue, and the algorithm pseudo code of the trusted priority queue is shown as algorithm 1.
The algorithm is implemented based on a heap data structure, with the element to be inserted into the queue inserted at the end of the heap, then comparing it to the parent node, and if it is smaller than the parent node, exchanging it with the parent node until its parent node is smaller than it or it has become the root node. When an element is to be fetched from the queue, the root node of the heap may be fetched and returned, then the last node of the heap is moved to the root node location and compared to the child nodes, and if it is larger than the child nodes, it is swapped with the child nodes until it is smaller than all of the child nodes or it has no child nodes.
3. Storage of terminal trust values
Blockchains are essentially both chain-structured and de-centralized databases. The system comprises a plurality of blocks generated by a cryptography method, wherein each block comprises transaction information of the whole network in a period of time. Transaction information in the block is packaged by the master node and verified by a consensus algorithm and stored in a distributed ledger of the blockchain. The block designed herein consists of a block header and a block body. The block structure is shown in fig. 3, and is divided into a block head part and a block body part.
The block header contains information such as the hash value of the last block, the root node hash value of the Merkle tree, the time of block generation, the number of the block, the digital signature of the block generator, etc. The block header contains a hash value of the previous block that ensures the non-tamper-ability of the blockchain.
The zone blocks are organized using Merkle tree based data structures. Merkle is used to verify whether data in a large data set has been tampered with. The basic idea of the Merkle tree is to divide a large amount of data into small blocks, perform hash operation on each small block to obtain hash values, and perform hash operation on the hash values again until a root hash value is finally obtained, wherein the root hash value is the root node of the Merkle tree. In the Merkle tree, each leaf node is a hash value of a block of data and each non-leaf node is a hash value of the hash value of its child node. Since the hash algorithm has the characteristics of irreversibility and uniqueness, the hash value of the data block changes whenever the data block is changed, so that the hash value of the root node of the Merkle tree also changes. Thus, only the root hash value needs to be compared to judge whether the data is tampered or not. As shown in fig. 3, the merkle_root is a ROOT Hash value of the Merkle tree, hash12 represents a Hash value obtained by performing Hash operation on Hash1 and Hash2, hash34 represents a Hash value obtained by performing Hash operation on Hash3 and Hash4, and Hash1, hash2, hash3, and Hash4 represent Hash values obtained by performing Hash operation on evaluation data.
The node public key is the identity of the node and the digital signature assurance block is generated by the designated node. The trust evaluation data structure is shown in figure 3. We use the public key to represent the unique identity of the entity in the system, with the identities of the node under evaluation, the edge node and the user being represented by their public keys. The node type identifies whether the node is an end node or a blockchain node. Comprehensive trust is the result of node trust evaluation. The time stamp records the time of the trust evaluation. The hash value of the last evaluated data is a pointer to the data at the time the node last trusted evaluation. The trust factor is the input data for the trust evaluation where the hash value is stored, due to the exact length of the hash value, which is easy to implement.
The invention quantitatively analyzes the safety state of the terminal by using a trust evaluation method, can effectively relieve the safety problem of internal threat and ensures the safety of the power transaction terminal; the invention uses the advantage of the blockchain, overcomes the problem of single point collapse of traditional centralized trust management, and ensures that the trust evaluation process and result cannot be tampered; aiming at the problem of low efficiency and poor reliability of the existing consensus algorithm, the invention quantitatively analyzes the credibility of the consensus nodes, screens out the unreliable nodes based on the credible priority queue, and greatly improves the performance and the reliability of the system.
The above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may be modified or some technical features may be replaced with others, which may not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims (8)
1. A block chain-based power transaction terminal trust management method is characterized by comprising the following steps of
Terminal trust value collection, terminal trust value release and terminal trust value storage;
in the terminal trust value collection stage, a terminal proxy is utilized to collect the multidimensional trust factors of the user, wherein the multidimensional trust factors comprise the trust factors of the user authentication times per unit timeSimilarity trust factor of authentication information>Whether or not the user logs in the trust factor Tr from a different location offsite Device security assessment trust factor->Trust evaluation trust factor of terminal communication behavior>Respectively carrying out quantitative analysis on the multidimensional trust factors, dynamically calculating trust factor weights based on information entropy in a multidimensional trust factor fusion stage, and mostDetermining a terminal trust value;
in the terminal trust value release stage, feedback trust factor Rep between nodes is comprehensively considered i Node liveness trust factor P i And node integrity trust factor H i The trust values of the nodes are calculated by the three trust factors, all the nodes are sequenced according to the trust values, a trusted priority queue is formed, and the fact that all the nodes in the whole system are consistent with information recorded in a blockchain is ensured by adopting a practical Bayesian fault-tolerant algorithm based on the trusted priority queue;
the node feedback trust factor is expressed as:
DT ij representing feedback, delta, between node i and node j ij Representing the number of successful interactions between node i and node j ε ij Representing the number of failed interactions between node i and node j, rep i Representing a feedback trust factor for node i; p is p ij Representing the success rate of each interaction of node i and node j, beta represents the Beta distribution, E (Beta (delta) ij ,ε ij ) Beta (delta) is expressed ij ,ε ij ) Is f represents the interaction success rate p ij The probability density function of (a) is expressed as:
wherein u is a variable in the function, and the value range is 0 to 1;
the honest trust factor of a node is expressed as:
n represents the number of times node i participates in consensus, and θ represents the number of times node successfully completes consensus;
the liveness trust factor of a node is expressed as:
n represents the number of times node i participates in consensus, alpha is used for regulating the growth speed, beta is responsible for regulating the threshold value of node liveness, and 0 < beta < 1;
the trust value of node i is expressed as:
T i =ω 5 Rep i +ω 6 H i +ω 7 P i
wherein omega 5 、ω 6 、ω 7 Feedback trust factor Rep respectively representing nodes i Honest trust factor H of node i Liveness trust factor P for a node i The weight of (2) is dynamically determined by adopting an information entropy theory;
in the terminal trust value storage stage, the block is composed of a block head and a block body, wherein the block head comprises the hash value of the previous block, and the block body is organized by adopting a data structure based on a Merkle tree.
2. The blockchain-based power transaction terminal trust management method of claim 1, wherein the trust factor of the number of user authentications per unit timeExpressed as:
where time is expressed as the total number of times the user performs authentication within Δt, which is the time difference between time t and time t-1.
3. The blockchain-based power transaction terminal trust management method of claim 1, wherein the trust factor of similarity of authentication informationExpressed as:
wherein the method comprises the steps ofAuthentication information of the user representing time t, +.>The information is validated for the user at time t-1.
4. The blockchain-based power transaction terminal trust management method of claim 1, wherein the trust factor Tr of whether a user logs in from different places offsite Expressed as:
5. the blockchain-based power transaction terminal trust management method of claim 1, wherein a trust factor for device security assessment
6. The blockchain-based power transaction terminal trust management method of claim 1, wherein,trust factor for trust evaluation of terminal communication behaviorA bayesian model is used, expressed as:
wherein the method comprises the steps ofRepresenting the success rate of each interaction of node i and node j, beta representing the Beta distribution, ++>Representing the number of successful interactions between node i and node j, < >>Representing the number of interaction failures between node i and node j, f representing the interaction success rate +.>The probability density function of (2) is calculated by the following steps:
where u is a variable in the function and ranges from 0 to 1.
7. The blockchain-based power transaction terminal trust management method of claim 1, wherein the user behavior trust value of the terminal at time t is expressed as:
wherein omega 1 、ω 2 、ω 3 、ω 4 Trust factors respectively representing the number of user authentications per unit timeTrust factor of similarity with authentication information>Trust factor Tr for product and user login from different places offsite Trust factor for device security assessment>Trust factor for trust evaluation of terminal communication behavior>The weight of (2) is dynamically determined by adopting an information entropy theory;
the comprehensive trust value calculation formula of the terminal is as follows:
wherein μ controls the magnitude of the influence of the historical behavior on the current trust value, μ being set to 0.5; Δt is the time difference between time t and time t-1.
8. The blockchain-based power transaction terminal trust management method of claim 1, wherein during the trust value distribution phase, the system selectsThe personal node is used as a consensus node, the rest nodes are used as candidate nodes, when the main node fails, the system takes the first node in the trust priority queue as a new main node, and when the trust value of the consensus node is lower than the system parameterAnd when sigma is generated, deleting the common node by the system, adding the deleted common node into a recovery pool, and turning the node into a candidate node again after initialization.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310348083.2A CN116151826B (en) | 2023-04-04 | 2023-04-04 | Power transaction terminal trust management method based on blockchain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310348083.2A CN116151826B (en) | 2023-04-04 | 2023-04-04 | Power transaction terminal trust management method based on blockchain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116151826A CN116151826A (en) | 2023-05-23 |
| CN116151826B true CN116151826B (en) | 2023-08-01 |
Family
ID=86339122
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310348083.2A Active CN116151826B (en) | 2023-04-04 | 2023-04-04 | Power transaction terminal trust management method based on blockchain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116151826B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112860482A (en) * | 2021-01-27 | 2021-05-28 | 西南林业大学 | Block chain consensus performance optimization method |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP6931999B2 (en) * | 2017-02-06 | 2021-09-08 | 株式会社日立製作所 | Credit management system and credit management method |
| CN109871279B (en) * | 2019-03-11 | 2021-10-01 | 京东方科技集团股份有限公司 | Consensus task coordination method and device, block chain system and storage medium |
| CN111209585B (en) * | 2020-02-11 | 2020-12-18 | 广州电力交易中心有限责任公司 | Data processing method and system based on electric power transaction |
| EP3866010A1 (en) * | 2020-02-12 | 2021-08-18 | Siemens Aktiengesellschaft | Method and system for processing transactions in a block-chain network |
-
2023
- 2023-04-04 CN CN202310348083.2A patent/CN116151826B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112860482A (en) * | 2021-01-27 | 2021-05-28 | 西南林业大学 | Block chain consensus performance optimization method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116151826A (en) | 2023-05-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Xu et al. | A blockchain-enabled deduplicatable data auditing mechanism for network storage services | |
| Tian et al. | Block-DEF: A secure digital evidence framework using blockchain | |
| Zhang et al. | Blockchain-based public integrity verification for cloud storage against procrastinating auditors | |
| CN109639632B (en) | User information management method based on block chain, electronic equipment and storage medium | |
| Ramachandran et al. | Using blockchain and smart contracts for secure data provenance management | |
| Zikratov et al. | Ensuring data integrity using blockchain technology | |
| CN110008720B (en) | Dynamic data tracing method and device for Internet of things based on alliance chain | |
| Maniatis et al. | The LOCKSS peer-to-peer digital preservation system | |
| Feng et al. | A blockchain-based collocation storage architecture for data security process platform of WSN | |
| CN113779605A (en) | Industrial internet Handle identification system analysis authentication method based on alliance chain | |
| Lu et al. | Accelerating at the edge: A storage-elastic blockchain for latency-sensitive vehicular edge computing | |
| Goodrich et al. | Super-efficient verification of dynamic outsourced databases | |
| Vance et al. | Cybersecurity in the blockchain era: a survey on examining critical infrastructure protection with blockchain-based technology | |
| Li et al. | Retracted: Design of multimedia blockchain privacy protection system based on distributed trusted communication | |
| Miao et al. | Blockchain assisted multi-copy provable data possession with faults localization in multi-cloud storage | |
| Acar et al. | A privacy‐preserving multifactor authentication system | |
| CN116405187A (en) | Distributed node intrusion situation sensing method based on block chain | |
| Xu et al. | Trustworthy and transparent third-party authority | |
| Qiu | Ciphertext database audit technology under searchable encryption algorithm and blockchain technology | |
| Zhao et al. | Secure hierarchical processing and logging of sensing data and IoT events with blockchain | |
| Zhou et al. | A scalable blockchain-based integrity verification scheme | |
| CN113886817A (en) | Host intrusion detection method and device, electronic equipment and storage medium | |
| CN111506661B (en) | Content access management method, device and storage medium | |
| Li et al. | Blockchain-Based Data Integrity Verification Scheme in AIoT Cloud–Edge Computing Environment | |
| Qi et al. | Blockchain-Based Light-Weighted Provable Data Possession for Low Performance Devices. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |