CN116739729A - Rolling stock return linkage accounting method and system - Google Patents

Abstract

The application provides a rolling stock return linkage accounting method and a system, which relate to a blockchain application technology and can be applied to the financial field and other fields, wherein the method comprises the following steps: acquiring an identity certificate of a rolling stock return linkage accounting merchant by calling member service through an SDK; generating transaction proposal data according to the identity certificate and the data to be processed through a rolling stock return linkage strategy, and providing the transaction proposal data to an endorsement node in a blockchain network for endorsing strategy simulation; carrying out consistency comparison on the simulation result fed back by the endorsement node and the proposal result in the transaction proposal data, and acquiring the transaction type of the transaction proposal data according to the comparison result; and executing corresponding transaction processing according to the transaction type.

Description

Rolling stock return linkage accounting method and system

Technical Field

The application relates to a blockchain application technology, which can be applied to the financial field and other fields, in particular to a rolling stock return linkage accounting method and a system.

Background

Banking business conventionally withdraws money of the line of money of goods returned by rolling, and generally, the money of the line of money corresponding to the merchant of the current month of money is counted by checking report data of the merchant of the current month of money, and formal mails are used for urging and withdrawing related money to the merchant. This approach has the following problems: firstly, the method of manually counting the report data of the current month merchant and counting the money of the current month corresponding to the money of the merchant by the current month money-holding internal user is time-consuming and labor-consuming, and the situation that the sales is inaccurate due to statistics errors is easy to occur. Secondly, the efficiency is low, hidden dangers of fund safety exist, the business provides data to be sold for the merchant to check the pad money balance, the situation that the merchant has multiple pad money and the like due to the fact that false report forms are provided possibly exists, and the merchant has hidden dangers of fund safety. Thirdly, part of the system processing sales data lacks SQL injection prevention inspection, and the condition that malicious parameters are still processed normally is detected, so that the system safety is affected.

Disclosure of Invention

The application aims to provide a rolling stock return linkage accounting method and system, which adopt intelligent contracts to realize the flows of inquiring, transferring to jurisdiction network points, returning to a clearing account for sale, consuming the clearing account for sale, selling an internal account for sale, manually completing, checking business and the like, and strictly controlling the user inquiring and transaction related authorities according to different transactions.

In order to achieve the above purpose, the rolling stock return linkage billing method provided by the application specifically comprises the following steps: acquiring an identity certificate of a rolling stock return linkage accounting merchant by calling member service through an SDK; generating transaction proposal data according to the identity certificate and the data to be processed through a rolling stock return linkage strategy, and providing the transaction proposal data to an endorsement node in a blockchain network for endorsing strategy simulation; carrying out consistency comparison on the simulation result fed back by the endorsement node and the proposal result in the transaction proposal data, and acquiring the transaction type of the transaction proposal data according to the comparison result; and executing corresponding transaction processing according to the transaction type.

In the above-mentioned rolling stock return linkage accounting method, optionally, generating transaction proposal data according to the identity certificate and the data to be processed through a rolling stock return linkage policy includes: according to the transaction type of transaction data in the data to be processed, corresponding execution logic in the rolling stock return linkage strategy is called; obtaining parameter information according to the execution logic and the data to be processed; and obtaining transaction proposal data according to the parameter information and the execution logic.

In the above-mentioned rolling stock return linkage accounting method, optionally, executing corresponding transaction processing according to the transaction type includes: when the transaction type is a query type, acquiring rolling stock return sales data corresponding to the data to be processed, and providing the rolling stock return sales data to a query party providing the data to be processed; the rolling stock return account-selling data comprises one or more combinations of a clearing level number, a clearing level name, an original special unit return account number, a merchant account-selling account number, a rolling stock account-selling amount, a current account-hanging website and jurisdiction website data; and when the transaction type is the reconciliation type, calling the balance of the internal account and the balance of the sales account corresponding to the data to be processed and providing the balance to a query party providing the data to be processed.

In the above-mentioned rolling stock return linkage accounting method, optionally, executing corresponding transaction processing according to the transaction type includes: when the transaction type is a sales account type, combining all transaction data in the data to be processed to generate service data, and providing the service data to a sequencing node in a blockchain network; the transaction data in the service data are subjected to consensus sequencing processing through the sequencing node, and corresponding blocks are generated; and checking each transaction data in the block through a submitting node in the block chain network, and adding the block into the block chain network according to a checking result.

In the above rolling stock return linkage accounting method, optionally, adding the block to the blockchain network according to the verification result further includes: screening and obtaining consensus nodes in the same region and under the same network point according to the node information of the current node; the block is consensus to the consensus node to join a blockchain network.

In the above-mentioned rolling stock return linkage accounting method, optionally, the method further comprises: performing SQL keyword anomaly inspection on input parameters in the data to be processed through a regular expression to obtain an inspection result; and generating abnormal prompt information according to the checking result.

The application also provides a rolling stock return linkage billing system, which comprises a client and an endorsement node; the client side calls member service through SDK to obtain identity certificate of rolling stock return linkage accounting merchant; generating transaction proposal data according to the identity certificate and the data to be processed through a rolling stock return linkage strategy, and providing the transaction proposal data to the endorsement node for endorsing strategy simulation; the simulation result fed back by the endorsement node is compared with the proposal result in the transaction proposal data in consistency, and the transaction type of the transaction proposal data is obtained according to the comparison result; and executing corresponding transaction processing according to the transaction type.

In the above-mentioned rolling stock return linkage billing system, optionally, the system further comprises a sorting node and a submitting node; when the transaction type is a sales account type, the client is further used for combining all transaction data in the data to be processed to generate service data and providing the service data to the ordering node; the sorting node performs consensus sorting processing on the transaction data in the service data and generates a corresponding block; and the submitting node checks each transaction data in the block, and adds the block into a block chain network according to a checking result.

The application also provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the above method when executing the computer program.

The present application also provides a computer readable storage medium storing a computer program for executing the above method.

The application also provides a computer program product comprising a computer program/instruction which, when executed by a processor, implements the steps of the above method.

The beneficial technical effects of the application are as follows: implemented with a Hyperledger Fabric framework. Different transaction parties, merchants and banks are located in different channels, and only users with related private keys have permission to inquire related details, so that the safety of user data is greatly improved. The related business functions are realized by writing corresponding user chain codes, the business chain codes relate to inquiry, transfer to jurisdiction network points, return to goods and clearance account sales, consumption and clearance account sales, internal account sales, manual completion and business check and the like. And an improved PBFT consensus mechanism is used for ensuring that data is recorded into the blockchain according to the ordering of transaction time when the data is recorded into the blockchain, and simultaneously ensuring that relevant information recorded by all non-fault nodes on the chain is consistent. Meanwhile, in order to improve the safety of a financial system, SQL injection prevention is introduced, so that potential safety hazards that sales funds are maliciously tampered and the like caused by detecting malicious parameters are solved, and the normal development of rolling stock return sales under a fund safety environment is effectively ensured.

Drawings

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate and together with the description serve to explain the application. In the drawings:

FIG. 1 is a flow chart of a method for billing in rolling stock return linkage according to an embodiment of the present application;

FIG. 2 is a schematic diagram of a transaction proposal data acquisition process according to an embodiment of the application;

FIG. 3 is a flow chart illustrating a transaction process according to an embodiment of the present application;

FIG. 4 is a schematic diagram of a system for billing in a rolling stock return linkage according to an embodiment of the present application;

fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the application.

Detailed Description

The following will describe embodiments of the present application in detail with reference to the drawings and examples, thereby solving the technical problems by applying technical means to the present application, and realizing the technical effects can be fully understood and implemented accordingly. It should be noted that, as long as no conflict is formed, each embodiment of the present application and each feature of each embodiment may be combined with each other, and the formed technical solutions are all within the protection scope of the present application.

Additionally, the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer executable instructions, and although a logical order is illustrated in the flowcharts, in some cases the steps illustrated or described may be performed in an order other than that herein.

Referring to fig. 1, the method for billing in rolling stock return linkage provided by the present application specifically includes:

s101, calling member service through SDK to obtain identity certificate of rolling stock return linkage accounting merchant;

s102, generating transaction proposal data according to the identity certificate and the data to be processed through a rolling stock return linkage strategy, and providing the transaction proposal data to an endorsement node in a blockchain network for endorsing strategy simulation;

s103, carrying out consistency comparison on the simulation result fed back by the endorsement node and the proposal result in the transaction proposal data, and acquiring the transaction type of the transaction proposal data according to the comparison result;

s104, executing corresponding transaction processing according to the transaction type.

In the embodiment, the rolling stock return linkage accounting method is applied to a blockchain, and a Hyperledger Fabric framework is adopted, wherein the Hyperledger Fabric framework is an open-source, enterprise-level and authority-bearing distributed ledger platform. The design is initially directed to enterprise-level applications, and Hyperledger Fabric has many different characteristics and application fields for other distributed ledger systems or blockchain platforms that are popular in the market. The rolling stock returns goods, namely when a merchant initiates a refund transaction, the system judges whether the accumulated collection amount of the merchant on the same day is larger than the refund amount, if the collection amount of the merchant on the same day is larger than the refund amount, refund is allowed, otherwise, the transaction is refused. The business scenario aims at that the current rolling stock returns to the customer when the current collection amount of the commercial tenant is smaller than the return amount, and the inner user of the pad refunds the amount of money and needs to initiate sales subsequently. Hyperledger Fabric is suitable for the background of this business and is most important because the function of establishing a channel is provided, a participant is allowed to newly establish a separate account book for transactions, only the participant in the same channel can own the account book of the channel, but other participants not in the channel cannot see the account book, and the channel isolation technology brings higher safety, and when related processing of rolling goods and sales accounts is carried out on the network points in different areas, the account records in different areas are located in different channels when processing, so that the safety of sales funds can be greatly improved. Hyperledger Fabric the overall architecture is divided into a network layer, a core layer and an interface layer. The core layer is provided with three parts, namely member service, block chain service and chain code service; the interface layer calls identity, account book, transaction, intelligent contract and other information through the interface and the event; the network layer is responsible for realizing the P2P network and ensuring the consistency of the distributed storage of the block chain. Hyperledger Fabric is logically broken down into different roles, each role assuming a different function. The Peer node is decomposed into an endorsement node and a submitting node, and in Order to achieve the effect of sorting according to the processing time, the role of the Order node is extracted.

Referring to fig. 2, in an embodiment of the present application, generating transaction proposal data according to the identity certificate and the data to be processed through a rolling stock return linkage policy includes:

s201, according to the transaction type of transaction data in the data to be processed, corresponding execution logic in a rolling stock return linkage strategy is called;

s202, parameter information is obtained according to the execution logic and the data to be processed;

s203, obtaining transaction proposal data according to the parameter information and the execution logic.

Specifically, in actual work, the process mainly comprises the steps of calling member service by an application program client through an SDK, registering and registering, and obtaining an identity certificate. Then, the application program client initiates a transaction Proposal (Propos) to the blockchain network through the SDK, and the transaction Proposal sends information such as contract identification (corresponding to inquiry, sales or business reconciliation of the rolling stock return linkage accounting function) to be called by the transaction, contract method (corresponding to inquiry of the rolling stock return linkage accounting function, transfer to jurisdictional network points, sales of the return clearing account, sales of the consumption clearing account, internal account sales, manual completion, business reconciliation and other intelligent contracts) and parameter information (such as inquiry type, accounting start time, accounting deadline, clearing level number, clearing level name and record state) and client signature (capable of uniquely identifying business, client information) to the endorsement node.

Step S103 can be executed on this basis, that is, after the endorsement node (referred to as the Peer node) receives the transaction proposal, the endorsement node verifies the signature (which can uniquely identify the business, the information of the client) and confirms whether the submitter has authority to execute the operation, and simultaneously, the intelligent contract (the inquiry corresponding to the rolling stock return accounting function, the transfer of the jurisdictional website, the return of the goods clearance account sales, the consumption clearance account sales, the internal account sales, the manual completion and the business accounting related intelligent contract) is simulated and executed according to the endorsement policy, and the result and the respective CA certificate signature thereof are returned to the application client. After receiving the transaction signature, the endorsement node verifies the signature and confirms whether the submitter has the right to execute the operation, simultaneously, the intelligent contract is simulated and executed according to the endorsement policy, and the result and the CA signature of the result are returned to the application program client. And after receiving the information returned by the endorsement node, the application program client judges whether the proposal results are consistent or not and whether the proposal results are executed by referring to the appointed endorsement policy or not. If there is not enough endorsement, the process is aborted; otherwise, the application client packages the data together into a transaction and signs it, and sends it to the ordering role (referred to as the Order node).

In one embodiment of the present application, executing the corresponding transaction according to the transaction type includes: when the transaction type is a query type, acquiring rolling stock return sales data corresponding to the data to be processed, and providing the rolling stock return sales data to a query party providing the data to be processed; the rolling stock return account-selling data comprises one or more combinations of a clearing level number, a clearing level name, an original special unit return account number, a merchant account-selling account number, a rolling stock account-selling amount, a current account-hanging website and jurisdiction website data; and when the transaction type is the reconciliation type, calling the balance of the internal account and the balance of the sales account corresponding to the data to be processed and providing the balance to a query party providing the data to be processed. Further, referring to fig. 3, executing the corresponding transaction according to the transaction type includes:

s301, when the transaction type is a sales type, combining all transaction data in the data to be processed to generate service data, and providing the service data to a sequencing node in a blockchain network;

s302, the transaction data in the service data are subjected to consensus sequencing processing through the sequencing node, and corresponding blocks are generated;

s303, checking each transaction data in the block through a submitting node in the block chain network, and adding the block into the block chain network according to a checking result.

Specifically, after receiving the information returned by the endorsement node, the application program client (the rolling stock return linkage billing query and the billing interface) judges whether the proposal results are consistent or not and whether the proposal results are executed with reference to a specified endorsement policy or not. And according to whether the executed intelligent contract is a query class, an account sales class or an account checking class, if the executed intelligent contract is the query class or the account checking class, calling the query intelligent contract (query class) to realize the query of the rolling stock return account sales data, returning the rolling stock return account sales data to the application client, wherein the returned fields relate to clearing level numbers, clearing level names, original special unit return clearing accounts, merchant account sales clearing accounts, rolling stock to-be-sold amounts, current account hanging points and jurisdiction network point data to the application client. And calling a business reconciliation intelligent contract (reconciliation class) to return the balance of the internal account and the balance to be reconciled to the application client, so that the business can check whether the rolling balance and the reconciliation data are leveled. For the sales class intelligent contracts, the application client packages the data together to form a transaction and signs the transaction and sends the transaction to the ordering roles. And the ordering role performs consensus ordering on the received transactions, and finally packages a batch of transactions together according to a block generation strategy to generate a new block and sends the new block to a submitting node (referred to as a Peer node).

After receiving the block, the submitting node checks each transaction in the block, checks whether the input and output of the transaction dependence accords with the state of the current block chain, appends the block to the local block chain after completion, and modifies the world state. The sales intelligent contract is to process the rolling stock and return records to be sold, and the amount of the accounts such as the internal account, the consumption clearing account, the return clearing account and the like is transferred to the money-filling internal account and the records to be sold are updated to be processed. The application judges whether the blockchain detail with repeated indexes exists by newly adding the processed sales records and inquiring the intelligent contract, and returns the latest generated blockchain detail record (the rolling stock return sales records) under the repeated condition. The sales type involves transferring to jurisdictional sites, return clearing account sales, consumption clearing account sales, internal account sales and manual completion. After triggering the intelligent contract of the jurisdiction branch, the branch number of the records of the rolling stock return goods to be sold is adjusted from the account-hanging branch to the jurisdiction branch, and the purpose of doing so is to enable the business with the rolling stock return goods linkage accounting use authority and the account number belonging to the branch for the jurisdiction branch to inquire the sales records and uniformly process the rolling stock return goods to be sold records. The return clearing account is sold, the consumption clearing account is sold and the internal account is sold, the money of the customer (the source selects the return clearing account, the consumption clearing account and the internal account according to different intelligent contracts) is transferred to the internal account pad deposit account, and the record state of the sales record is updated to be processed. The blockchain dimension is to newly add a record of the sales and update the customer account, and the details of the internal customer account. The manual completion is to update the record state of the record to be sold into processed, and the business meaning is that the record to be sold is paid back to the bank in a mode of automatically transferring funds by a client without automatic processing of the record to be sold by a system. After triggering the intelligent contract related to the sales, a record state in the block is newly added as the processed sales record by combining the characteristic that the blockchain is not falsified. When the intelligent contract inquiry is triggered again to inquire the rolling stock return record to be sold, the blockchain data is inquired according to the index information, if repeated data are found, the blockchain data are indicated to trigger the intelligent contract related to the sales, and the latest data inserted into the blockchain are selected to return during inquiry.

Before the blockchain appears, the business recollects the customer repayment by adopting a mode of manually counting the report data of the current-month commercial tenant and counting the money-filling funds of the current-month money-filling internal user corresponding to the commercial tenant. The biggest shortcoming of the adoption of the method is that the hidden danger of unsafe fund is increased by a centralization mechanism, and in order to solve the related problems, the application adopts a Hyperledger Fabric frame to build a rolling stock return linkage accounting device, so that the system safety is improved, the fund safety is ensured, and the block chain system with the characteristics of data tamper prevention, safety and reliability is achieved. When the business uses the rolling stock return linkage billing related interface, an LAMJ frame (which refers to Linux (operating system) +apache (HTTP server) +mysql (database software) +java) is adopted for establishing a web application platform.

In an embodiment of the present application, the identity certificate in the step S101, that is, the rolling stock return linkage account-keeping identity authentication mechanism, mainly applies an MSP module, where the MSP is a module component for managing and verifying identities of constituent members in a network by Hyperledger Fabric, and has the following specific effects: 1, managing user ID (all user ID management mechanisms allowing access to the functions related to the rolling stock return linkage accounting); 2 verifying the node that wants to join the network: each node that wants to join the network must provide its valid and legitimate MSP information. 3 providing credentials for the customer initiated transaction: data transmission between nodes (clients, peers, orderers) requires verification of the signatures of the nodes. It comprises the following structure: RCA refers to the root CA, and the folder contains a self-signed x.509 certificate list of the root CA for self-signing and signing the intermediate CA certificates. ICA refers to an intermediate CA that contains a list of certificates issued by the root CA. OU refers to an organization unit that contains a list of organization units, the members of which are considered part of the organization represented by the MSP. B refers to an administrator, and the folder contains an identification list for defining roles having the role of the organization administrator. For standard MSP types, this list should have one or more X.509 certificates. Reca refers to revoked certificates, information of revoked participants is saved, and business user accounts which are withdrawn for the rolling stock return linkage accounting function should be in a revoked certificate list, and related functions cannot be used. SCA refers to a signature certificate, the endorsement node is a signature certificate in the transaction proposal response, this folder is necessary for the local MSP, and the node must have only one x.509 certificate. KeyStore refers to a private key, this folder is defined for the local MSP of the Peer node or Orderer node, and contains the node's signing key. This key matches in an encrypted manner the signature certificates contained in the SCA folder and is used to sign the data. This folder is necessary for the local MSP and must contain only one private key. TLS root CA: a self-signed x.509 certificate list containing the root CA for TLS communications that the organization trusts. There must be at least one TLS root CA x.509 certificate in this folder. TLS intermediate CA: a list of intermediate certificates issued by the TLS root CA is maintained.

In a blockchain network, transactions written by different participants must be written sequentially into the ledger in the order of generation. How to implement consistency of all nodes to the same proposal or value in a distributed scenario is one problem that blockchain technology must consider and address. To achieve this goal, the transaction order must be properly established and must contain a handling method for the transaction to be tampered with or submitted maliciously. In general, consensus algorithms are solutions to ensure consistent implementation of distributed systems, and are processes used in computer science to achieve consistency between distributed processes or systems for individual data values. The consensus algorithm aims at realizing the reliability of a plurality of unreliable nodes in a network, and solving the problem of consensus is very important in distributed computing and multi-agent systems. The consensus algorithm must satisfy two attributes, security and liveness, respectively, to ensure consistency between nodes. Security means that each node guarantees the same input sequence and produces the same output result at each node. When the nodes receive the same series of transactions, the same state change will occur on each node, and the algorithm must be the same as the execution result of each node system. Liveness refers to the fact that each non-faulty node eventually receives each submitted transaction under normal communication conditions.

In order to ensure that each node can ensure the consistency of the transaction finally and ensure the consistency of the execution result of each node, the application improves the consensus algorithm PBFT used by the Hyperledger Fabric architecture, so that the application is suitable for the normal development of the rolling stock return linkage accounting business. The main flow of the PBFT algorithm is divided into five steps of Request, pre-preparation, commit and Reply, and the PBFT algorithm can work in an asynchronous environment while reducing the complexity of the algorithm from exponential level to polynomial level. There is also a great improvement in confidentiality, and the PBFT algorithm uses encryption techniques to prevent spoofing attacks and replay attacks, as well as to detect corrupted information. The PBFT algorithm has the defects that the communication complexity is too high, the expandability is too low, the performance is greatly reduced when one hundred nodes are generally reached, and meanwhile, the PBFT algorithm has higher delay under the condition that the network is unstable. To this end, in one embodiment of the present application, adding the block to the blockchain network according to the verification result further includes: screening and obtaining consensus nodes in the same region and under the same network point according to the node information of the current node; the block is consensus to the consensus node to join a blockchain network.

Specifically, in order to solve the related problem, when the node is screened in the current consensus process, only the consensus nodes in the same region and the same network point are screened, so that nodes required by consensus are reduced, and the performance is prevented from being greatly reduced due to excessive nodes. In order to solve the problem of high delay caused by unstable network, a mechanism of fast switching standby network segments is used to solve the problem of high delay caused by short-time network faults (only part of nodes are switched and the most basic requirement of n >3f+1 is met), when the network is recovered, the original network segments are switched back, and the transaction occurring in the period of time is shared among the non-switched nodes of the original network segments. In order to solve the problem of too high communication complexity, the application combines the Pre-preparation stage and the preparation stage, optimizes the four processes of Request, recived and Prepare, commit and Reply, sends the verification of the signature received by the master node and the correct Request received by the master node to the common node, and the common node judges that the information from the master node can be received and enters a preparation state to be combined into one step, thereby reducing the communication complexity and improving the efficiency of the device.

The four flows of Request, recived and Prepare, commit and Reply are described in detail as follows:

in the Request phase, the rolling stock return linkage billing related client sends a < Request, o, t, c > message to the master node p and signs. Where o is operation, i.e., the specific operation requested; t is a timestamp added by the client when requested; c is the client, namely the identifier of the client; the REQUEST content includes a message body and a message digest d (m).

At stage Recived and Prepare, the master node p first verifies the signature and when the correct request is received, assigns a number n, which is used to order the requests that may occur to the client. And then sends a piece of broadcast information to other common nodes (the application only aims at the common region and the related node consensus of the same network point). After receiving the information, if all four conditions are met, the relevant common node enters a broadcast state preparation state and sends a signed message to all other nodes including the main node, and the message is recorded in a log.

In the Commit phase, after the master node and the common node receive the message, the following conditions need to be judged:

1 signature correctness of common node in second stage

The view number v of the 2 message is consistent with the current view number of the node

3 sequence number n is in waterline [ H, H ]

When node i receives 2f+1 (including itself) authenticated Prepare messages, indicating that most nodes in the network have received the same information, a signed < COMMIT, v, n, d, i > message is sent to other nodes, including the master node, and the COMMIT message is logged.

In the Reply phase, after receiving the Commit message, the master node and the common node need to judge the following conditions:

the signature of the Commit message by node 1 is correct.

The view number v of the 2 message is consistent with the current view number of the node.

The 3 sequence number n is within the waterline [ H, H ].

If node i receives 2f+1 (including itself) Reply messages that pass the verification, indicating that most nodes in the network have reached consensus, running the request operation o of the client and returning < Reply, v, t, c, i, r > to the client. Where r is the result of the request operation, and if the client receives f+1 identical Reply messages, it indicates that the request initiated by the client has reached the full network consensus.

In an embodiment of the present application, the method may further comprise: performing SQL keyword anomaly inspection on input parameters in the data to be processed through a regular expression to obtain an inspection result; and generating abnormal prompt information according to the checking result. The main purpose of this embodiment is to perform SQL injection prevention, which means that the content of the input is controlled by the user, the user-controlled entry SQL filter should be newly added, filtering inspection on the SQL keywords should be added, and conventionally, input verification is required for the input SQL query parameters, and if malicious parameters are detected, normal exception handling should be performed.

Specifically, the application client-side user-controlled participating SQL filter is not completed, and filtering inspection of SQL keywords needs to be added. And all the input SQL query parameters are input and verified, and if malicious parameters are detected, normal exception handling is required. For the fields (related to clearing level numbers and clearing level names) which are required to be input by the user in the current rolling stock return linkage accounting, the input parameters controlled by the user are limited by SQL keywords, and the verification of the length, the type and the format is not only required, but also the verification of keywords such as SELECT, UPDATE and DROP is required. The checking rules are as follows:

\\b(and|or)\\b.{1,6}？(＝|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+？\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+？SELECT|UPDATE.+？SET|INSERT\\s+INTO.+？VALUES|(SELECT|DELETE).+？FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)。

the regular expression details are seen in the following eight points, and inputs involving these eight points all require rejection of the relevant transaction.

1*\\b(and|or)\\b.{1,6}？(＝|>|<|\\bin\\b|\\blike\\b)

2 \\s \script\b- -, s \represents a null character, b represents a special character string such as a null character, a non-numeric non-letter, and the like; keyword: script(s)

3\bEXEC\b- \b represents special character strings such as empty characters, non-numbers and non-letters; keyword: EXEC,// \\exec

4UNION +? SELECT-, +? Character strings such as null characters and alphabets are represented; keyword: UNION, SELECT

5UPDATE +? SET: - - - - - - - - - - - - - - - - - - - - - - - -, is? Character strings such as null characters and alphabets are represented; keyword: UPDATE, SET

6INSERT\\s+INTO.+ -. Is shown as follows? VALUES-, \\s+ represents an empty character; keyword: INSERT, INTO, VALUES

7 (select|delete).+ -.? From— (represents or, () represents or follows); keyword: SELECT, DELETE, FROM

8 (CREATE ALTER DROP TRUNCATE) \s+ (TABLE DATABASE) - -, s+ represents a null character; keyword: CREATE, ALTER, DROP, TRUNCATE, TABLE, DATABASE

As long as the user can input the clearing account name, the related sensitive fields are manually input by the user in the clearing account number field, input verification is carried out aiming at the input SQL query parameters, and if malicious parameters can be detected, normal exception handling is carried out. For the monetary system, the safety is crucial, the increase of SQL injection attack prevention is helpful for improving the stability of the financial system, and the possibility of funds loss caused by the attack of illegal molecules on the banking system is reduced.

Referring to fig. 4, the application further provides a rolling stock return linkage billing system, which comprises a client and an endorsement node; the client side calls member service through SDK to obtain identity certificate of rolling stock return linkage accounting merchant; generating transaction proposal data according to the identity certificate and the data to be processed through a rolling stock return linkage strategy, and providing the transaction proposal data to the endorsement node for endorsing strategy simulation; the simulation result fed back by the endorsement node is compared with the proposal result in the transaction proposal data in consistency, and the transaction type of the transaction proposal data is obtained according to the comparison result; and executing corresponding transaction processing according to the transaction type. Further, the system also comprises a sorting node and a submitting node; when the transaction type is a sales account type, the client is further used for combining all transaction data in the data to be processed to generate service data and providing the service data to the ordering node; the sorting node performs consensus sorting processing on the transaction data in the service data and generates a corresponding block; and the submitting node checks each transaction data in the block, and adds the block into a block chain network according to a checking result. The specific implementation of each component has been described in detail in the foregoing embodiments, and will not be described in detail herein.

The beneficial technical effects of the application are as follows: implemented with a Hyperledger Fabric framework. Different transaction parties, merchants and banks are located in different channels, and only users with related private keys have permission to inquire related details, so that the safety of user data is greatly improved. The related business functions are realized by writing corresponding user chain codes, the business chain codes relate to inquiry, transfer to jurisdiction network points, return to goods and clearance account sales, consumption and clearance account sales, internal account sales, manual completion and business check and the like. And an improved PBFT consensus mechanism is used for ensuring that data is recorded into the blockchain according to the ordering of transaction time when the data is recorded into the blockchain, and simultaneously ensuring that relevant information recorded by all non-fault nodes on the chain is consistent. Meanwhile, in order to improve the safety of a financial system, SQL injection prevention is introduced, so that potential safety hazards that sales funds are maliciously tampered and the like caused by detecting malicious parameters are solved, and the normal development of rolling stock return sales under a fund safety environment is effectively ensured.

As shown in fig. 5, the electronic device 600 may further include: a communication module 110, an input unit 120, an audio processing unit 130, a display 160, a power supply 170. It is noted that the electronic device 600 need not include all of the components shown in fig. 5; in addition, the electronic device 600 may further include components not shown in fig. 5, to which reference is made to the prior art.

As shown in fig. 5, the central processor 100, sometimes also referred to as a controller or operational control, may include a microprocessor or other processor device and/or logic device, which central processor 100 receives inputs and controls the operation of the various components of the electronic device 600.

The memory 140 may be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable device. The information about failure may be stored, and a program for executing the information may be stored. And the central processor 100 can execute the program stored in the memory 140 to realize information storage or processing, etc.

The input unit 120 provides an input to the central processor 100. The input unit 120 is, for example, a key or a touch input device. The power supply 170 is used to provide power to the electronic device 600. The display 160 is used for displaying display objects such as images and characters. The display may be, for example, but not limited to, an LCD display.

The memory 140 may be a solid state memory such as Read Only Memory (ROM), random Access Memory (RAM), SIM card, or the like. But also a memory which holds information even when powered down, can be selectively erased and provided with further data, an example of which is sometimes referred to as EPROM or the like. Memory 140 may also be some other type of device. Memory 140 includes a buffer memory 141 (sometimes referred to as a buffer). The memory 140 may include an application/function storage 142, the application/function storage 142 for storing application programs and function programs or a flow for executing operations of the electronic device 600 by the central processor 100.

Memory 140 may also include a data store (data 143) for storing data, such as contacts, digital data, pictures, sounds, and/or any other data used by the electronic device. The driver store (driver 144) of the memory 140 may include various drivers of the electronic device for communication functions and/or for performing other functions of the electronic device (e.g., messaging applications, address book applications, etc.).

The communication module 110 is a transmitter/receiver 110 that transmits and receives signals via an antenna 111. A communication module (transmitter/receiver) 110 is coupled to the central processor 100 to provide an input signal and receive an output signal, which may be the same as in the case of a conventional mobile communication terminal.

Based on different communication technologies, a plurality of communication modules 110, such as a cellular network module, a bluetooth module, and/or a wireless local area network module, etc., may be provided in the same electronic device. The communication module (transmitter/receiver) 110 is also coupled to a speaker 131 and a microphone 132 via an audio processor 130 to provide audio output via the speaker 131 and to receive audio input from the microphone 132 to implement usual telecommunication functions. The audio processor 130 may include any suitable buffers, decoders, amplifiers and so forth. In addition, the audio processor 130 is also coupled to the central processor 100 so that sound can be recorded locally through the microphone 132 and so that sound stored locally can be played through the speaker 131.

It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

The foregoing description of the embodiments has been provided for the purpose of illustrating the general principles of the application, and is not meant to limit the scope of the application, but to limit the application to the particular embodiments, and any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the application are intended to be included within the scope of the application.

Claims (11)

1. A method for billing a return of stock in a rolling stock linkage, the method comprising:

acquiring an identity certificate of a rolling stock return linkage accounting merchant by calling member service through an SDK;

generating transaction proposal data according to the identity certificate and the data to be processed through a rolling stock return linkage strategy, and providing the transaction proposal data to an endorsement node in a blockchain network for endorsing strategy simulation;

carrying out consistency comparison on the simulation result fed back by the endorsement node and the proposal result in the transaction proposal data, and acquiring the transaction type of the transaction proposal data according to the comparison result;

and executing corresponding transaction processing according to the transaction type.

2. The method of claim 1, wherein generating transaction proposal data from the identity certificate and the data to be processed via a stock return linkage policy comprises:

according to the transaction type of transaction data in the data to be processed, corresponding execution logic in the rolling stock return linkage strategy is called;

obtaining parameter information according to the execution logic and the data to be processed;

and obtaining transaction proposal data according to the parameter information and the execution logic.

3. The method of claim 1, wherein performing the corresponding transaction according to the transaction type comprises:

when the transaction type is a query type, acquiring rolling stock return sales data corresponding to the data to be processed, and providing the rolling stock return sales data to a query party providing the data to be processed; the rolling stock return account-selling data comprises one or more combinations of a clearing level number, a clearing level name, an original special unit return account number, a merchant account-selling account number, a rolling stock account-selling amount, a current account-hanging website and jurisdiction website data;

and when the transaction type is the reconciliation type, calling the balance of the internal account and the balance of the sales account corresponding to the data to be processed and providing the balance to a query party providing the data to be processed.

4. The method of claim 1, wherein performing the corresponding transaction according to the transaction type comprises:

when the transaction type is a sales account type, combining all transaction data in the data to be processed to generate service data, and providing the service data to a sequencing node in a blockchain network;

the transaction data in the service data are subjected to consensus sequencing processing through the sequencing node, and corresponding blocks are generated;

and checking each transaction data in the block through a submitting node in the block chain network, and adding the block into the block chain network according to a checking result.

5. The method of claim 4, wherein adding the block to the blockchain network based on the verification result further comprises:

screening and obtaining consensus nodes in the same region and under the same network point according to the node information of the current node;

the block is consensus to the consensus node to join a blockchain network.

6. The method of billing in a rolling stock return linkage of claim 1 further comprising:

performing SQL keyword anomaly inspection on input parameters in the data to be processed through a regular expression to obtain an inspection result;

and generating abnormal prompt information according to the checking result.

7. A rolling stock return linkage accounting system, which is characterized by comprising a client and an endorsement node;

the client side calls member service through SDK to obtain identity certificate of rolling stock return linkage accounting merchant; generating transaction proposal data according to the identity certificate and the data to be processed through a rolling stock return linkage strategy, and providing the transaction proposal data to the endorsement node for endorsing strategy simulation; the simulation result fed back by the endorsement node is compared with the proposal result in the transaction proposal data in consistency, and the transaction type of the transaction proposal data is obtained according to the comparison result; and executing corresponding transaction processing according to the transaction type.

8. The system of claim 7, further comprising a sequencing node and a submit node;

when the transaction type is a sales account type, the client is further used for combining all transaction data in the data to be processed to generate service data and providing the service data to the ordering node;

the sorting node performs consensus sorting processing on the transaction data in the service data and generates a corresponding block;

and the submitting node checks each transaction data in the block, and adds the block into a block chain network according to a checking result.

9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any of claims 1 to 6 when executing the computer program.

10. A computer readable storage medium, characterized in that the computer readable storage medium stores a computer program for executing the method of any one of claims 1 to 6 by a computer.

11. A computer program product comprising computer programs/instructions which, when executed by a processor, implement the steps of the method of any of claims 1 to 6.