CN116192867A - Knowledge resource reliable protection method based on alliance chain network - Google Patents

Knowledge resource reliable protection method based on alliance chain network Download PDF

Info

Publication number
CN116192867A
CN116192867A CN202310192206.8A CN202310192206A CN116192867A CN 116192867 A CN116192867 A CN 116192867A CN 202310192206 A CN202310192206 A CN 202310192206A CN 116192867 A CN116192867 A CN 116192867A
Authority
CN
China
Prior art keywords
homogeneous
pass
nodes
chain network
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310192206.8A
Other languages
Chinese (zh)
Inventor
马维纲
祁嘉奇
王周恺
王一川
黑新宏
朱磊
樊星
王菁
于亚萍
胡登方
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian University of Technology
Original Assignee
Xian University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian University of Technology filed Critical Xian University of Technology
Priority to CN202310192206.8A priority Critical patent/CN116192867A/en
Publication of CN116192867A publication Critical patent/CN116192867A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1044Group management mechanisms 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Theoretical Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a knowledge resource reliable protection method based on a alliance chain network, which comprises the following steps: constructing an IPFS private network comprising 7 nodes, and selecting the optimal storage node and backup node; establishing a alliance chain network; based on ERC-1155 standard, establishing a non-homogeneous pass for the knowledge resource file, storing the non-homogeneous pass in the alliance chain network, allowing a user to perform operation on the non-homogeneous pass, and storing non-homogeneous pass data and transaction records generated by the operation in nodes of the alliance chain network; all transaction records in nodes of the federation chain network are interacted with the public infrastructure network BSN. Thereby solving the problem of ensuring that the rights and interests of the user about the knowledge resource file are not infringed.

Description

Knowledge resource reliable protection method based on alliance chain network
Technical Field
The invention belongs to the technical field of knowledge resource storage methods, and relates to a reliable protection method for knowledge resources based on a alliance chain network.
Background
With the continuous development of network information technology, more and more knowledge resources adopt an electronic storage mode. Due to the large increase in electronic data, in order to save local storage space, many universities and institutions host data to a third-party cloud server for storage, and the cloud server provides flexible and convenient services for users. However, when a large amount of data is requested concurrently, the cloud server generates problems of high delay, high error rate or low quality reply due to the problems of overload of the server, insufficient memory resources, insufficient thread resources and the like, so that a series of cascading failures are generated to influence the user experience; in actual application, the data on the cloud server is lack of control, and a malicious cloud server can directly extract the data without being found by a user under the unauthorized condition, so that the information of the user is revealed and lost; the data stored on the cloud server cannot detect redundant information, and along with the continuous increase of the data, a large amount of redundancy may exist in the stored data, so that the storage space is wasted; the cloud server can only utilize the computer hardware resources in the cluster, and cannot additionally utilize the computer hardware resources outside the cluster, so that certain hardware resources are wasted; the cloud service centralized storage is invisible to an operation user of knowledge resource data, is easy to copy or forward for many times, and cannot guarantee the rights and interests of the user about knowledge resource files.
Disclosure of Invention
The invention aims to provide a reliable protection method for knowledge resources based on a alliance chain network, which solves the problem that the rights and interests of users about knowledge resource files cannot be infringed in the prior art.
The technical scheme adopted by the invention is that the knowledge resource reliable protection method based on the alliance chain network comprises the following steps:
step 1, an IPFS private network comprising 7 nodes is built, the node with the largest actual storage space in the IPFS private network is used as a storage node, when the fact that the file is successfully uploaded to the IPFS network is detected, a hash value based on a content unique identifier is returned, and the node with the largest actual storage space in the nodes except the storage node is used as a backup node;
step 2, setting 3 Orderer nodes and 2 organizations in Hyperledger fabric, configuring 2 nodes for each organization, generating certificate files and generation blocks of all nodes, and respectively mounting the certificate files and the generation blocks as data volumes in 7 corresponding containers to obtain a alliance chain network;
step 3, establishing a non-homogeneous pass for the knowledge resource file based on ERC-1155 standard, storing the non-homogeneous pass in a alliance chain network, allowing a user to perform operation on the non-homogeneous pass, and storing non-homogeneous pass data and transaction records generated by the operation in nodes of the alliance chain network;
and 4, interacting all transaction records in the nodes of the alliance chain network with the BSN.
The invention is also characterized in that:
the step 2 specifically comprises the following steps:
step 2.1, downloading Hyperledger fabric, modifying the crypto-config.yaml configuration file; 3 Orderer nodes are configured in Spics under OrderOrgs option, two organizations of an Org1 organization and an Org2 organization are configured under PeerOrgs option, wherein the Org1 organization belongs to an authority, an internal user has the authority of initializing contracts and adding chain codes, 2 nodes are configured in Template option in each organization, and the four nodes are divided into endorsement nodes, a master node and slave nodes according to roles;
step 2.2, generating certificate files of all nodes in the alliance chain network by using a cryptogen tool;
step 2.3, generating an creation block by using a configtxgen-profile SampleMultiNodeEtcdRaft-output block < genessisblock-path > command;
and 2.4, respectively mounting the certificate file and the creation block file as data volumes in 7 corresponding containers to obtain a alliance chain network, wherein each container comprises 1 node in the alliance chain network and 1 IPFS node.
The operation of the non-homogeneous pass in the step 3 comprises the steps of generating different types of non-homogeneous pass in batches, destroying the non-homogeneous pass, transferring the non-homogeneous pass and returning the number of the non-homogeneous pass; and before the operation of the non-homogeneous pass card, identity confirmation and chain code initialization are carried out.
The generation process of the non-homogeneous general evidence in the step 3 is as follows:
writing main functions, and importing an interface of ERC-1155 standard;
calling a GetClientIdentity (). GetMSPID () function to acquire the identity of a client, if the node belongs to the node in Org1, allowing the chain code initialization operation, otherwise, refusing to perform the chain code initialization operation;
generating a non-homogeneous pass of the knowledge resource file by utilizing the hash value returned in the step 1 and the summary information of the knowledge resource to be protected; and records the user address, the non-homogeneous pass in the nodes of the federated chain network.
The process of generating different types of heterogeneous certificates in batches comprises the following steps: defining two arrays id and amounts with the same size n, wherein an element k in the id represents the type of the non-homogeneous pass, and an element v in the amounts represents the number of corresponding non-homogeneous passes; and calling a MintBatch function, and generating a non-homogeneous pass list according to the user address, the non-homogeneous pass, the id [ i ] and the amounti.
The process of destroying the non-homogeneous general evidence comprises the following steps: if the user address holds a type of non-homogeneous pass, finding the non-homogeneous pass according to the user address and reducing the non-homogeneous pass to the specified number; if the user address holds at least two types of non-homogeneous pass, finding a non-homogeneous pass list held by the user according to the user address, traversing the whole list, finding the type of the non-homogeneous pass to be destroyed, and reducing the type to the appointed number.
The process of destroying the non-homogeneous general evidence in batches comprises the following steps: if the user address holds at least two types of non-homogeneous pass, finding a non-homogeneous pass list held by the user according to the user address, traversing the whole list, and reducing the number of v corresponding to k to the appointed number when k is the type of the non-homogeneous pass to be destroyed.
The transfer process of the non-homogeneous general evidence comprises the following steps: judging whether the user address of the sender is the same as the user address of the receiver, if so, not allowing operation, and if not, finding out the appointed non-homogeneous pass according to the user address of the sender, and reducing the number by v; and then finding out the non-homogeneous pass of the appointed type according to the user address of the receiver, and increasing the number by v.
The batch transfer process of the non-homogeneous general evidence comprises the following steps: traversing the id array and the amountarray of the sender, reducing the number of the corresponding type of the non-homogeneous pass by v, then traversing the id array and the amountarray of the receiver, if the receiver holds the type of the non-homogeneous pass, increasing the number of the corresponding non-homogeneous pass by v, and if the receiver does not hold the type of the non-homogeneous pass, recording the type and the number of the non-homogeneous pass in the id array and the amountarray of the receiver.
The interaction comprises periodic interaction and quantitative interaction, wherein the method for periodic interaction comprises the following steps: setting a timer, and when the timer reaches a specified time, calling a Set method to deliver all transaction information in a self-built chain to the BSN for storage;
the quantitative interaction method comprises the following steps: setting a constant s, counting the number m of all transaction information, and directly delivering m pieces of transaction information newly generated in a self-built chain to a BSN for storage through a Set method when s is equal to m and the timer does not reach the designated time, and resetting the time of the timer and restarting to count.
The beneficial effects of the invention are as follows: according to the knowledge resource reliable protection method based on the alliance chain network, the IPFS private network is built, only the nodes with the network keys can be added into the IPFS network, unauthorized users are prevented from checking or revealing private data in the network, and reliable storage of knowledge resource files is achieved; the distributed storage of the knowledge resource file is realized through the interstellar file system IPFS, so that the knowledge resource file is permanent, redundancy-removed and tamper-proof; through the point-to-point distributed storage technology, computer disk resources of all nodes in the IPFS network can provide services for the network, and meanwhile, load balancing of the nodes in the network is ensured through selection of optimal nodes; establishing a alliance chain network, wherein only the users belonging to the university or the institution after the identity passes the authentication can join the blockchain network and enjoy the service provided by the network, and the illegal users are isolated outside the blockchain network, so that the data is prevented from being stolen by the illegal users; based on ERC-1155 standard, establishing a non-homogeneous pass for the knowledge resource file, storing in a blockchain network, allowing a user to perform batch operation on the non-homogeneous pass, ensuring rights and interests attribution of the knowledge resource file, and reducing the number of direct interaction with the blockchain; recording all operation records and the results after the operation in a self-built blockchain network, and maintaining all nodes in the blockchain network to realize the decentralization storage of transaction records and avoid the problem of single-point faults; storing the knowledge resource file uploaded by the user in the IPFS (under-chain storage), and simultaneously storing a unique index (hash value) of the knowledge resource file in the IPFS and a non-homogeneous certificate in the blockchain network (on-chain storage), and reducing data accumulation in the blockchain network and the cost for maintaining the blockchain network by utilizing a double storage mode on the chain and under the chain; all transaction information in the self-built blockchain network is interacted with the public infrastructure network BSN, so that all users in the blockchain network can check the states of all transactions in the self or current network at any time, the problem of leakage of data by malicious users is avoided, and meanwhile, the data stored in the blockchain network is guaranteed to be non-tamperable and traceable; thereby solving the problem of ensuring that the rights and interests of the user about the knowledge resource file are not infringed.
Drawings
FIG. 1 is a schematic diagram of a federated chain network in a method for reliably protecting knowledge resources based on federated chain networks in accordance with the present invention;
FIG. 2 is a flow chart of establishing a non-homogeneous pass in a method for reliably protecting knowledge resources based on a federated chain network in accordance with the present invention;
FIG. 3 is an initialization flow chart in the federated-link-network-based knowledge resource reliability protection method of the present invention;
FIG. 4 is a flow chart of destroying non-homogeneous pass in the method for reliably protecting knowledge resources based on a federated chain network in the invention;
FIG. 5 is a flow chart of transferring non-homogeneous pass in the method for reliably protecting knowledge resources based on a federated chain network in the present invention;
FIG. 6 is a flow chart of returning the number of heterogeneous certificates in the method for reliably protecting knowledge resources based on a federated chain network of the present invention.
Detailed Description
The invention will be described in detail below with reference to the drawings and the detailed description.
A knowledge resource reliable protection method based on a alliance chain network comprises the following steps:
step 1, an IPFS private network is built, and an optimal node for storing and backing up files is selected from the IPFS private network;
step 1.1, downloading a key creation tool IPFS-swarm-key-gen, generating a key file, running 7 IPFS nodes in a dock, initializing an IPFS network, and placing the key file in an IPFS default configuration folder (-/. IPFS) corresponding to each node; checking the address of the node by using an IPFS id command, and then sequentially connecting all nodes by using a IPFS bootstrap add < id > command to obtain an IPFS private network;
and 1.2, when a user uploads a file, the node with the largest actual storage space is used as a storage node, the file is stored in a local warehouse of the current node, a distributed hash table in the whole network is updated, when the fact that the file is successfully uploaded to the IPFS network is detected, a hash value based on a unique content identifier is returned, the node with the largest actual storage space in nodes except the storage node is used as a backup node, and as long as the storage node or all backup nodes have one node active in the network, the file can be searched, so that the problem of single point failure is avoided.
Step 2, setting 3 Orderer nodes and 2 organizations in Hyperledger fabric, configuring 2 nodes for each organization, generating certificate files and creation blocks of all nodes, and respectively mounting the certificate files and the creation blocks as data volumes in 7 corresponding containers to obtain a alliance chain network, as shown in fig. 1;
step 2.1, downloading Hyperledger fabric, modifying a crypto-config.yaml configuration file, wherein the configuration file comprises generation paths of each node certificate, identity and tls certificate; 3 Orderer nodes are configured in Spics under the OrderOrgs option, the Orderer nodes are used for sequencing all transactions and generating new blocks, and an Org1 organization and an Org2 organization are configured under the PeerOrgs option, wherein the Org1 organization belongs to an authority, an internal user of the authority has the authority of initializing contracts and adding chain codes, the Org2 organization belongs to a general organization, and the authority of the internal user is lower. Configuring 2 nodes in a Template option in each organization, and dividing the four nodes into an endorsement node, a master node and a slave node according to roles; the endorsement node is responsible for endorsing the transaction and simulating the transaction result, the master node is responsible for broadcasting the latest block information to other nodes in the organization, interacting with the Orderer node, and the slave node is responsible for receiving the transaction information from the client. The peer0 nodes in the Org1 organization and the Org2 organization are set as master nodes for communicating with the Orderer nodes, and the master nodes are endorsed nodes in the organization at the same time, and the other nodes are slave nodes.
Step 2.2, generating certificate files of all nodes in the alliance chain network by using a cryptogen tool;
step 2.3, generating an creation block by using a configtxgen-profile SampleMultiNodeEtcdRaft-output block < genessisblock-path > command;
step 2.4, respectively mounting the certificate file and the creation block file as data volumes in 7 corresponding containers to obtain a alliance chain network; the 7 containers represent correspondingly 7 nodes in the federated chain network and 7 IPFS nodes.
In step 2, the 3 nodes in the Orderer organization are respectively an Orderer1 node, an Orderer2 node and an Orderer3 node. The 3 Orderer nodes adopt a shift consensus protocol, specifically: only one leader node exists in one period, and the rest nodes are all following nodes. When the leader node receives the message from the leader node, the message is firstly sent to all the following nodes, the following nodes perform log copying after receiving the message, and then respond to the message from the leader node, so that the message is correctly received and log copying is performed. After receiving more than half of acknowledgement information from the following nodes, the leader node randomly records the information of the client into the account book, updates the network state, and sends the information to all the following nodes again to indicate that the account book state is updated, and the following nodes immediately update own account book state after receiving the information, so that the main node information is recorded in the blockchain network, and the record cannot be tampered. When the following node does not receive the heartbeat message from the leader node within a specified time, the following node automatically becomes a candidate node, voting information is sent to all nodes, and the candidate node with the highest voting number selects the leader node in the next period.
The interactive protocols of Org1 organization and Org2 organization are: when receiving the message from the client, the slave node firstly sends the message to the endorsement node for endorsing, and the endorsement node returns the information to the slave node together with the result of the simulated transaction after endorsing the information. The slave node then sends the back-written message to the master node together with the result of the simulated transaction, and interacts with the Orderer nodes through the master node, specifically, the interaction protocol between the 3 Orderer nodes is as described above. When a new record has been recorded in the blockchain network, the Orderer node sends a new ledger state to the master node, which broadcasts it to the rest of the slave nodes within the organization via the Gossip protocol, and the ledger state of all nodes within the organization is updated to the latest state.
Step 3, establishing a non-homogeneous pass for the knowledge resource file based on ERC-1155 standard, storing the non-homogeneous pass in a alliance chain network, allowing a user to perform operation on the non-homogeneous pass, and storing non-homogeneous pass data and transaction records generated by the operation in nodes of the alliance chain network; before the operation of the non-homogeneous pass card, identity confirmation and initialization are carried out; operations on the non-homogenous pass include batch generation of different types of non-homogenous pass, destruction of the non-homogenous pass, transfer of the non-homogenous pass, and return of the number of non-homogenous passes.
The process of establishing a knowledge resource file oriented non-homogeneous pass is as follows, as shown in FIG. 2:
a. writing main functions, and importing an interface of ERC-1155 standard;
b. as shown in fig. 3, calling GetClientIdentity (). GetMSPID () function to obtain the identity of the client, if the node belongs to the node in Org1, allowing the initialization operation, otherwise refusing to perform the initialization operation; acquiring a value with a key value of name from the world state, if the value exists, indicating that the chain code initialization operation is executed, not allowing the execution again, and if the value does not exist, storing a key-value key value pair with a key value of namekey, value as name in a alliance chain network;
c. calling a Mint function to generate a random 256bit as a private key, and mapping the private key (32 bytes) into a public key (65 bytes) by adopting an elliptic curve digital signature algorithm ECDSA-secp256k1 according to the private key; generating a non-homogeneous pass of the knowledge resource file by utilizing the returned hash value and the summary information of the knowledge resource to be protected; recording a user address wall (public key) and a non-homogeneous certificate in a node of a alliance chain network;
the method for generating different types of heterogeneous certificates in batches comprises the following steps: firstly, carrying out identity confirmation and initialization according to the method in the step b, and defining two array ids and amounts with the same size n, wherein an element k in the id represents the type of the non-homogeneous pass, and an element v in the amounts represents the number of the corresponding non-homogeneous pass; calling a MintBatch function, generating a non-homogeneous pass list according to wallet, NFT, id [ i ] and amounti [ i ], and storing the non-homogeneous pass list in nodes of a alliance chain network, wherein i is more than or equal to 0 and less than n;
the process of destroying the non-homogeneous general evidence comprises the following steps: as shown in fig. 4, firstly, identity confirmation and initialization are performed according to the method in the step b, if a user address holds a type of non-homogeneous pass, a Burn function is called, the non-homogeneous pass is found according to the user address and reduced to a specified number, and meanwhile, the non-homogeneous pass is recorded in a node of a alliance chain network; if the user address holds at least two types of non-homogeneous pass, a BurnBatch function is called, a non-homogeneous pass list held by the user is found according to the user address, the whole list is traversed, the types of the non-homogeneous pass to be destroyed are found, the types are reduced to the appointed number, and meanwhile the types are stored in nodes of the alliance chain network.
The process of destroying the non-homogeneous general evidence in batches comprises the following steps: b, firstly carrying out identity confirmation and initialization according to the method in the step b, calling a burn-batch function, finding a non-homogeneous pass list held by a user according to a user address, traversing the whole list, reducing the number of v corresponding to k to the appointed number when k is the type of the non-homogeneous pass to be destroyed, and storing the v in a node of a alliance chain network.
The transfer process of the non-homogeneous general evidence comprises the following steps: as shown in fig. 5, firstly, identity confirmation and initialization are performed according to the method in the step b, whether the address of the sender is the same as the address of the receiver is judged, if the address is the same as the address of the receiver, operation is not allowed, if the address is different, a transfer from function is called, and under the condition that the chain code is initialized and the chain code is authorized to operate, the appointed non-homogeneous pass is found according to the address of the sender, the number of the appointed non-homogeneous pass is reduced by v, wherein k is less than or equal to the total number n of the non-homogeneous pass; and then finding out the non-homogeneous certificate of the specified type according to the address of the receiver, increasing the number by v, and storing the number in the node of the alliance chain network.
The batch transfer process of the non-homogeneous general evidence comprises the following steps: firstly, carrying out identity confirmation and initialization according to the method in the step b, calling a transfer from batch function, traversing the id array and the amount array of a sender, reducing the number of the non-homogeneous pass of the corresponding type by v, then traversing the id array and the amount array of a receiver, if the receiver holds the non-homogeneous pass of the type, increasing the number of the corresponding non-homogeneous pass by v, and if the receiver does not hold the non-homogeneous pass of the type, recording the type and the number of the non-homogeneous pass in the id array and the amount array of the receiver, and simultaneously storing the type and the number of the non-homogeneous pass in a node of a alliance chain network.
The process of returning the number of non-homogeneous pass is as follows: as shown in fig. 6, identity confirmation and initialization are performed according to the method in step b, a BalanceOf or banlandeofbatch function is called, and the number of non-homogeneous pass of a specified type or different types is returned according to the user address, and is stored in the node of the federation chain network.
The specific storage method of the transaction record generated by the non-homogeneous communication data and operation comprises the following steps: defining a TransferSingle structure, when Mint, mintBatch, burn, burnBatch, transferForm and transferform batch operations in step 3 are called, storing each non-homogeneous pass data and transaction records generated by the operation thereof in the TransferSingle structure in a key-value pair mode through a SetEvent function, and storing the TransferSingle structure in nodes of a coalition chain network, wherein key is a character string constant and is used for retrieving NFT data and transaction records stored in a self-built chain, and value is a structure.
And 5, interacting all transaction information in the alliance chain network with the public infrastructure network BSN. Specifically, the interaction comprises periodic interaction and quantitative interaction, wherein the periodic interaction method comprises the following steps: setting a timer, and when the timer reaches a specified time, calling a Set method to deliver all transaction information in a self-built chain to the BSN for storage; the quantitative interaction method comprises the following steps: setting a constant k, counting the number n of all transaction information, and directly delivering n transaction information newly generated in a self-built chain to a BSN for storage through a Set method when n is equal to k and the timer does not reach the designated time, and resetting the time of the timer and restarting the timing.
By the method, the knowledge resource reliable protection method based on the alliance chain network builds the IPFS private network, and only the nodes with the network keys can be added into the IPFS network, so that unauthorized users are prevented from checking or revealing private data in the network, and the knowledge resource file is reliably stored; the distributed storage of the knowledge resource file is realized through the interstellar file system IPFS, so that the knowledge resource file is permanent, redundancy-removed and tamper-proof; through the point-to-point distributed storage technology, computer disk resources of all nodes in the IPFS network can provide services for the network, and meanwhile, load balancing of the nodes in the network is ensured through selection of optimal nodes; establishing a alliance chain network, wherein only the users belonging to the university or the institution after the identity passes the authentication can join the blockchain network and enjoy the service provided by the network, and the illegal users are isolated outside the blockchain network, so that the data is prevented from being stolen by the illegal users; based on ERC-1155 standard, establishing a non-homogeneous pass for the knowledge resource file, storing in a blockchain network, allowing a user to perform batch operation on the non-homogeneous pass, ensuring rights and interests attribution of the knowledge resource file, and reducing the number of direct interaction with the blockchain; recording all operation records and the results after the operation in a self-built blockchain network, and maintaining all nodes in the blockchain network to realize the decentralization storage of transaction records and avoid the problem of single-point faults; storing the knowledge resource file uploaded by the user in the IPFS (under-chain storage), and simultaneously storing a unique index (hash value) of the knowledge resource file in the IPFS and a non-homogeneous certificate in the blockchain network (on-chain storage), and reducing data accumulation in the blockchain network and the cost for maintaining the blockchain network by utilizing a double storage mode on the chain and under the chain; all transaction information in the self-built blockchain network is interacted with the public infrastructure network BSN, so that all users in the blockchain network can check the states of all transactions in the self or current network at any time, the problem of leakage of data by malicious users is avoided, and meanwhile, the data stored in the blockchain network is guaranteed to be untampered and traceable.

Claims (10)

1. The knowledge resource reliable protection method based on the alliance chain network is characterized by comprising the following steps of:
step 1, an IPFS private network comprising 7 nodes is built, the node with the largest actual storage space in the IPFS private network is used as a storage node, when the fact that the file is successfully uploaded into the IPFS network is detected, a hash value based on a content unique identifier is returned, and the node with the largest actual storage space in the nodes except the storage node is used as a backup node;
step 2, setting 3 Orderer nodes and 2 organizations in Hyperledger fabric, configuring 2 nodes for each organization, generating certificate files and creation blocks of all nodes, and respectively mounting the certificate files and the creation blocks as data volumes in 7 corresponding containers to obtain a alliance chain network;
step 3, establishing a non-homogeneous pass for the knowledge resource file based on ERC-1155 standard, storing the non-homogeneous pass in a alliance chain network, allowing a user to perform operation on the non-homogeneous pass, and storing non-homogeneous pass data and transaction records generated by the operation in nodes of the alliance chain network;
and 4, interacting all transaction records in the nodes of the alliance chain network with a public infrastructure network BSN.
2. The method for protecting the knowledge resources reliably based on the alliance chain network according to claim 1, wherein the step 2 specifically comprises the following steps:
step 2.1, downloading Hyperledger fabric, modifying the crypto-config.yaml configuration file; 3 Orderer nodes are configured in Spics under OrderOrgs option, two organizations of an Org1 organization and an Org2 organization are configured under PeerOrgs option, wherein the Org1 organization belongs to an authority, an internal user has the authority of initializing contracts and adding chain codes, 2 nodes are configured in Template option in each organization, and the four nodes are divided into endorsement nodes, a master node and slave nodes according to roles;
step 2.2, generating certificate files of all nodes in the alliance chain network by using a cryptogen tool;
step 2.3, generating an creation block by using a configtxgen-profile SampleMultiNodeEtcdRaft-output block < genessisblock-path > command;
and 2.4, respectively mounting the certificate file and the creation block file as data volumes in 7 corresponding containers to obtain a alliance chain network, wherein each container comprises 1 node in the alliance chain network and 1 IPFS node.
3. The method for reliably protecting knowledge resources based on a federated chain network according to claim 1, wherein the operations related to heterogeneous passaging in step 3 include generating heterogeneous passaging of different types in batch, destroying the heterogeneous passaging, transferring the heterogeneous passaging, and returning the number of the heterogeneous passaging; and before the operation of the non-homogeneous pass card, identity confirmation and chain code initialization are carried out.
4. The method for reliably protecting knowledge resources based on a federated chain network according to claim 3, wherein the generation process of the non-homogeneous communication certificate in step 3 is as follows:
writing main functions, and importing an interface of ERC-1155 standard;
calling a GetClientIdentity (). GetMSPID () function to acquire the identity of a client, if the node belongs to the node in Org1, allowing the chain code initialization operation, otherwise, refusing to perform the chain code initialization operation;
generating a non-homogeneous pass of the knowledge resource file by utilizing the hash value returned in the step 1 and the summary information of the knowledge resource to be protected; and records the user address, the non-homogeneous pass in the nodes of the federated chain network.
5. The method for reliably protecting knowledge resources based on a federated chain network according to claim 4, wherein the process of generating heterogeneous certificates of different types in batches is as follows: defining two arrays id and amounts with the same size n, wherein an element k in the id represents the type of the non-homogeneous pass, and an element v in the amounts represents the number of corresponding non-homogeneous passes; and calling a MintBatch function, and generating a non-homogeneous pass list according to the user address, the non-homogeneous pass, the id [ i ] and the amounti.
6. The method for reliably protecting knowledge resources based on a federated chain network according to claim 4, wherein the process of destroying non-homogeneous evidence comprises: if the user address holds a type of non-homogeneous pass, finding the non-homogeneous pass according to the user address and reducing the non-homogeneous pass to the specified number; if the user address holds at least two types of non-homogeneous pass, finding a non-homogeneous pass list held by the user according to the user address, traversing the whole list, finding the type of the non-homogeneous pass to be destroyed, and reducing the type to the appointed number.
7. The method for reliably protecting knowledge resources based on a federated chain network according to claim 4, wherein the process of destroying non-homogeneous certificates in batches is as follows: if the user address holds at least two types of non-homogeneous pass, finding a non-homogeneous pass list held by the user according to the user address, traversing the whole list, and reducing the number of v corresponding to k to the appointed number when k is the type of the non-homogeneous pass to be destroyed.
8. The method for reliably protecting knowledge resources based on a federated chain network according to claim 4, wherein the transferring of the non-homogeneous pass is performed by: judging whether the user address of the sender is the same as the user address of the receiver, if so, not allowing operation, and if not, finding out the appointed non-homogeneous pass according to the user address of the sender, and reducing the number by v; and then finding out the non-homogeneous pass of the appointed type according to the user address of the receiver, and increasing the number by v.
9. The method for reliably protecting knowledge resources based on a federated chain network according to claim 4, wherein the process of batch transfer of the non-homogeneous pass is as follows: traversing the id array and the amountarray of the sender, reducing the number of the corresponding type of the non-homogeneous pass by v, then traversing the id array and the amountarray of the receiver, if the receiver holds the type of the non-homogeneous pass, increasing the number of the corresponding non-homogeneous pass by v, and if the receiver does not hold the type of the non-homogeneous pass, recording the type and the number of the non-homogeneous pass in the id array and the amountarray of the receiver.
10. The method for reliably protecting knowledge resources based on a federated chain network according to claim 1, wherein the interactions include periodic interactions and quantitative interactions, and the method for periodic interactions is as follows: setting a timer, and when the timer reaches a specified time, calling a Set method to deliver all transaction information in a self-built chain to the BSN for storage;
the quantitative interaction method comprises the following steps: setting a constant s, counting the number m of all transaction information, and directly delivering m pieces of transaction information newly generated in a self-built chain to a BSN for storage through a Set method when s is equal to m and the timer does not reach the designated time, and resetting the time of the timer and restarting to count.
CN202310192206.8A 2023-03-02 2023-03-02 Knowledge resource reliable protection method based on alliance chain network Pending CN116192867A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310192206.8A CN116192867A (en) 2023-03-02 2023-03-02 Knowledge resource reliable protection method based on alliance chain network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310192206.8A CN116192867A (en) 2023-03-02 2023-03-02 Knowledge resource reliable protection method based on alliance chain network

Publications (1)

Publication Number Publication Date
CN116192867A true CN116192867A (en) 2023-05-30

Family

ID=86442155

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310192206.8A Pending CN116192867A (en) 2023-03-02 2023-03-02 Knowledge resource reliable protection method based on alliance chain network

Country Status (1)

Country Link
CN (1) CN116192867A (en)

Similar Documents

Publication Publication Date Title
CN111480157B (en) System and method for adding nodes in a blockchain network
CN111183625B (en) System and method for deleting nodes in a blockchain network
CN109002725B (en) Data processing system based on block chain
US11657171B2 (en) Large network attached storage encryption
KR101542707B1 (en) Distributed replica storage system with web services interface
US8185614B2 (en) Systems, methods, and apparatus for identifying accessible dispersed digital storage vaults utilizing a centralized registry
CN104603740A (en) Archival data identification
CN104520822A (en) Data storage application programming interface
CN111213340A (en) Selecting and securing attestation delegations for cryptographic functions
CN104580395B (en) A kind of cloudy collaboration Storage Middleware Applying system based on existing cloud storage platform
Ali et al. Blockstack: A new decentralized internet
JP5801482B2 (en) Method and system for storing and retrieving data from key-value storage
US10558581B1 (en) Systems and techniques for data recovery in a keymapless data storage system
US20200218815A1 (en) Systems and methods for distributed ledger management
US20200136809A1 (en) Systems and methods for decentralized distributed storage using blockchain
CN108289074B (en) User account login method and device
CN112116349B (en) High-throughput-rate-oriented random consensus method and device for drawing account book
CN111339551B (en) Data verification method and related device and equipment
CN111367923A (en) Data processing method, data processing device, node equipment and storage medium
CN110807209B (en) Data processing method, device and storage medium
Ali et al. Blockstack technical whitepaper
CN116192867A (en) Knowledge resource reliable protection method based on alliance chain network
CN115935414A (en) Block chain based data verification method and device, electronic equipment and storage medium
US10348705B1 (en) Autonomous communication protocol for large network attached storage
CN115589298A (en) Method, device, system, equipment and medium for verifying information of block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination