CN117478418A - System manager data transaction method and system based on blockchain - Google Patents
System manager data transaction method and system based on blockchain Download PDFInfo
- Publication number
- CN117478418A CN117478418A CN202311561198.6A CN202311561198A CN117478418A CN 117478418 A CN117478418 A CN 117478418A CN 202311561198 A CN202311561198 A CN 202311561198A CN 117478418 A CN117478418 A CN 117478418A
- Authority
- CN
- China
- Prior art keywords
- transaction
- data
- system manager
- blockchain
- proposal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 57
- 230000007246 mechanism Effects 0.000 claims description 42
- 230000008569 process Effects 0.000 claims description 23
- 239000004744 fabric Substances 0.000 claims description 12
- 230000008520 organization Effects 0.000 claims description 7
- 238000012795 verification Methods 0.000 claims description 7
- 238000004806 packaging method and process Methods 0.000 claims description 6
- 238000004458 analytical method Methods 0.000 claims description 3
- 230000002457 bidirectional effect Effects 0.000 claims description 3
- 238000012360 testing method Methods 0.000 description 9
- 238000010586 diagram Methods 0.000 description 3
- 239000000463 material Substances 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 238000002474 experimental method Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000011056 performance test Methods 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
- H04L67/1059—Inter-group management mechanisms, e.g. splitting, merging or interconnection of groups
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
- H04L67/1074—Peer-to-peer [P2P] networks for supporting data block transmission mechanisms
- H04L67/1078—Resource delivery mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a data transaction method and a data transaction system of a system manager based on a blockchain, which relate to the technical field of information security transaction.
Description
Technical Field
The invention relates to the technical field of information security transaction, in particular to a block chain-based system manager data transaction method and system.
Background
In the traditional data system management mode, a third party is usually adopted to intervene or perform centralized supervision, and a large amount of manpower and material resource is required to be consumed in the mode, so that the problems of high cost, low efficiency and the like are faced. Furthermore, a large amount of private information may be exposed to risk of disclosure during the interaction. In traditional data hierarchy management modes, problems often faced by introducing third party intervention or employing centralized supervision include possible single point of failure, as the entire system relies on a single centralized management, which failure or attack may result in a service outage. Security is also a challenge and centralized management is easily targeted for attacks, which once hacked may result in sensitive data leakage or misuse of rights. In addition, data consistency errors may occur because control of all data is concentrated in one place, and errors or conflicts in the center may result in data inconsistencies.
For the traditional Hyperledger Fabric alliance blockchain platform, challenges in terms of complexity, performance issues, scalability, privacy protection, and the like exist. This includes the technical complexity of setting up and maintaining the network, possible performance bottlenecks, the need for scalability to accommodate the ever-increasing number of transactions, and the need for stronger privacy protection in certain business scenarios.
Disclosure of Invention
In order to solve the above-mentioned shortcomings in the background art, the present invention is directed to a data transaction method and system for a system manager based on blockchain, which solves the problems of insufficient trust and security risk in the current data transaction system.
In a first aspect, the object of the present invention can be achieved by the following technical solutions: a blockchain-based system manager data transaction method, comprising:
the admission request and the data transaction request are sent to a matching mechanism, and after receiving the admission permission and the transaction permission sent by the matching mechanism, the data transaction request is negotiated with a data provider to achieve transaction consensus;
receiving a transaction order generated by the matching mechanism, generating a transaction proposal according to the transaction order, judging the consistency of the transaction proposal, and if the transaction is illegal, re-carrying out a new round of consensus or overruling the transaction; if the transaction rule sends the transaction proposal to the blockchain network, the transaction is packed and counted into an account book according to the time sequence through the ordering node, and the transaction authentication is completed.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes:
the data provider and system manager are considered two organizations in the Fabric alliance chain network, org1 and Org2, and each organization has at least two peer nodes in the Fabric alliance chain network.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes:
the process of the data provider and system manager sending an admission request to the matching organization:
the system operator and the data provider sign the identity by using a private key, wherein the signing process is based on an SM9 identification algorithm signing process, and the signature and the public key are sent to a matching mechanism;
the matching mechanism verifies the signature, and sends the admission permission to the data provider and the system manager after the signature passes the verification, and the system manager carries out digital signature by using the private key of the private side of the business and the public key of the public side of the business, and returns a certificate and an account number and a password required for logging in the Fabric network client.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes:
after the system manager and the data provider obtain the admission license, the system manager and the data provider also obtain the public key of the opposite party with the digital signature of the matching mechanism, and the public key of the matching mechanism is used for verifying the digital signature in the admission license of the opposite party, so that the bidirectional identity authentication is realized.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes:
the process of sending data transaction requests by the system manager and the data provider:
when sending a data transaction request, the system manager and the data provider send related transaction information containing data requirements and data supply to the matching mechanism together;
the matching mechanism verifies the validity of the related transaction information of the data demand and the data supply after receiving the data transaction request, and sends a transaction permission certificate to the system manager and the data provider;
after the matching mechanism finds out the proper pairing information, negotiating with the system manager and the data provider, and after the two parties reach consensus, generating a transaction order.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes:
the process of generating the trade proposal according to the trade order comprises the following steps: a transaction proposal is generated using the API constructs provided by the corresponding SDKs, the transaction proposal containing channel information, and data read and written into the account book is determined through a call request to the chain code information.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes:
the transaction proposal comprises: transaction contract identification, transaction contract execution methods, client signature information, and parameters.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes:
the process of judging the consistency of the transaction proposal comprises the following steps: the transaction proposal is input to an Endorser endorsement node, signature verification operation is carried out, whether the identity information submitting the signature can be authorized to execute the transaction operation is determined, node signature, value set and endorsement result packaging are output, the node signature, value set and endorsement result packaging are returned to the client SDK as proposal results, and whether the transaction is continued is judged through analysis.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes:
orders in the blockchain network order received transactions in a fixed time interval order, then package a batch of transactions together according to a blockgeneration strategy to be checked into an account book, generate a new block, and broadcast to a system manager and a master node of a data provider by using gRPC protocol.
In a second aspect, to achieve the above object, the present invention discloses a blockchain-based system manager data transaction system, which includes:
the transaction permission module is used for sending the admission request and the data transaction request to the matching mechanism, receiving the admission permission and the transaction permission sent by the matching mechanism, and negotiating with the data provider to achieve transaction consensus;
the transaction authentication module is used for receiving the transaction order generated by the matching mechanism, generating a transaction proposal according to the transaction order, judging the consistency of the transaction proposal, and re-carrying out a new round of consensus or overruling the transaction if the transaction is illegal; if the transaction rule sends the transaction proposal to the blockchain network, the transaction is packed and counted into an account book according to the time sequence through the ordering node, and the transaction authentication is completed.
The invention has the beneficial effects that:
the distributed data transaction security model method is realized by using the alliance blockchain, in a decentralised data transaction network, the security and the non-falsifiability of data are ensured, and compared with the traditional data transaction process, the blockchain-based data transaction method reduces the storage pressure, brings higher security and convenience, and ensures the authenticity and the legality of the identity of the participators.
Meanwhile, the introduction of advanced organization architecture technology promotes more participants to access a data transaction system, and more subjects can be admitted to the data market to participate in the transaction. The data in the transaction market is accessible only by internal personnel, the transaction process is limited to the internal nodes, the reliability is higher, the transaction is safer and more reliable, transparent and efficient, and the transaction demand of the existing data market is more adapted.
The throughput and average delay indexes in the experimental test show that the novel method has stronger stability compared with the traditional Fabric block chain platform. Meanwhile, compared with the situation of the model designed by the invention and the traditional HyperledgerFabric alliance blockchain platform in the aspect of average memory consumption, the model scheme provided by the invention has the advantages that the average memory consumption value fluctuates in a reasonable range along with the increase of the experiment times, but the consumed memory is less and is generally lower than that of the traditional HyperledgerFabric blockchain platform.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described, and it will be obvious to those skilled in the art that other drawings can be obtained according to these drawings without inventive effort;
FIG. 1 is a schematic diagram of a system mode of the present invention;
FIG. 2 is a lane diagram of the process of the chain-based application in the model of the present invention;
FIG. 3 is a lane diagram of the chain storage process in the model of the present invention;
FIG. 4 is a graph of the model transaction throughput and average delay trend of the present invention;
FIG. 5 is a graph of average memory consumption rate in the model of the present invention.
FIG. 6 is a schematic flow chart of the method of the invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Embodiment one:
the following description is made of the relevant terms related to the embodiments of the present application:
blockchain: a blockchain is a chain of blocks one by one. Each block holds certain information which is linked in a chain according to the time sequence of their respective generation. This chain is kept in all servers, and the entire blockchain is secure as long as one server in the entire system can work. These servers, referred to as nodes in the blockchain system, provide storage space and computational support for the entire blockchain system. If the information in the blockchain is to be modified, it is necessary to sign consent of more than half of the nodes and modify the information in all the nodes, which are usually held in different subject hands, so it is an extremely difficult thing to tamper with the information in the blockchain. Compared with the traditional network, the blockchain has two main core characteristics: firstly, the data is difficult to tamper, and secondly, the data is decentralised. Based on the two characteristics, the information recorded by the blockchain is more real and reliable, and can help solve the problem that people are not trusted each other.
SDK: SDK is an abbreviation for Software Development Kit and chinese means [ software development kit ]. This is a fairly broad term covering, which can be said to be: the collection of related documents, examples, and tools that assist in developing a certain class of software may be referred to as an SDK.
Public key private key: the public key is the non-secret half of the key pair used with the private key algorithm. The public key is typically used to encrypt a session key, verify a digital signature, or encrypt data that may be decrypted with a corresponding private key. The public key and the private key are a key pair (namely a public key and a private key) obtained by an algorithm, wherein one of the key pair is disclosed to the outside and is called a public key; and the other is reserved by itself and is called a private key.
Endorsement "this word source comes from bank bill business, and endorsement in the traditional sense means that people with a certain public trust are clearly signed on the back of the bill to express the strengthening and supporting of credit, namely, other people provide credit and influence to support, and endorsed (endorsed) people or things are enabled to improve the credibility and have more public trust. It should be noted that endorsements are not vouches, but rather prove or claim meanings. Endorsement in blockchain can be understood as a process and mechanism for carrying out transaction information verification on the blockchain transaction by a node bearing an endorsement task and declaring that the transaction is legal for the verified transaction. Not all blockchains employ an endorsement mechanism, and HyperledgerFabric in the alliance chain employs an endorsement mechanism.
Endorsement node: the nodes in the blockchain that take on the endorsement tasks are endorsement nodes. The endorsement node must prove its legitimacy by a valid signature of the expected information of the valid certificate.
As shown in fig. 1, a blockchain-based system manager data transaction method includes:
the admission request and the data transaction request are sent to a matching mechanism, and after receiving the admission permission and the transaction permission sent by the matching mechanism, the data transaction request is negotiated with a data provider to achieve transaction consensus;
the data provider and the system manager are regarded as two organizations in the Fabric alliance chain network, org1 and Org2, and each organization has at least two peer nodes in the Fabric alliance chain network;
the process of the data provider and system manager sending an admission request to the matching organization:
the system operator and the data provider sign the identity by using a private key, wherein the signing process is based on an SM9 identification algorithm signing process, and the signature and the public key are sent to a matching mechanism;
the matching mechanism verifies the signature, and sends the admission permission to the data provider and the system manager after the signature passes the verification, and the system manager carries out digital signature by using the private key of the private side of the business and the public key of the public side of the business, and returns a certificate and an account number and a password required for logging in the Fabric network client.
After the system manager and the data provider obtain the admission license, the system manager and the data provider also obtain the public key of the opposite party with the digital signature of the matching mechanism, and the public key of the matching mechanism is used for verifying the digital signature in the admission license of the opposite party, so that the bidirectional identity authentication is realized.
Receiving a transaction order generated by the matching mechanism, generating a transaction proposal according to the transaction order, judging the consistency of the transaction proposal, and if the transaction is illegal, re-carrying out a new round of consensus or overruling the transaction; if the transaction rule sends the transaction proposal to the blockchain network, the transaction is packed and counted into an account book according to the time sequence through the ordering node, and the transaction authentication is completed.
Wherein, the process of generating the trade proposal according to the trade order: a transaction proposal is generated using the API constructs provided by the corresponding SDKs, the transaction proposal containing channel information, and data read and written into the account book is determined through a call request to the chain code information. The transaction proposal may be packaged with the SDK and a unique signature generated for the transaction proposal using the user's cryptographic credentials.
Wherein, the process of carrying out the consistency judgment of the transaction proposal is as follows: the transaction proposal is input to an Endorser endorsement node, signature verification operation is carried out, whether the identity information submitting the signature can be authorized to execute the transaction operation is determined, node signature, value set and endorsement result packaging are output, the node signature, value set and endorsement result packaging are returned to the client SDK as proposal results, and whether the transaction is continued is judged through analysis.
Wherein, the transaction proposal includes: transaction contract identification, transaction contract execution methods, client signature information, and parameters.
Orders in the blockchain network order received transactions in a fixed time interval order, then package a batch of transactions together according to a blockgeneration strategy to be checked into an account book, generate a new block, and broadcast to a system manager and a master node of a data provider by using gRPC protocol.
The process of sending data transaction requests by the system manager and the data provider:
when sending a data transaction request, the system manager and the data provider send related transaction information containing data requirements and data supply to the matching mechanism together;
the matching mechanism verifies the validity of the related transaction information of the data demand and the data supply after receiving the data transaction request, and sends a transaction permission certificate to the system manager and the data provider;
after the matching mechanism finds out the proper pairing information, negotiating with the system manager and the data provider, and after the two parties reach consensus, generating a transaction order.
Wherein the blockchain network is broadcast to the master nodes of the system manager and the data provider using the gRPC protocol. Throughout the transaction process, the ordering nodes participate primarily in the transaction ordering, while there is no authority to intervene for the specific billing process.
And after receiving gRPC protocol broadcast, the master node of the data provider and the system manager checks each transaction in the block, and adds the block to the local block chain and modifies the state database after the transaction is completed. If not, the transaction is recorded as an invalid transaction, and the state database is not updated.
The throughput and average delay in the experimental test of the invention show that the novel method has stronger stability compared with the traditional Fabric block chain platform, as shown in figure 4. Meanwhile, compared with the situation of the model designed by the invention and the traditional HyperledgerFabric alliance blockchain platform in the aspect of average memory consumption, the model scheme provided by the invention has the advantages that the average memory consumption value fluctuates in a reasonable range along with the increase of the experiment times, but the consumed memory is less and is generally lower than that of the HyperledgerFabric blockchain platform, as shown in the figure 5.
Hyperledger Caliper is a generic set of blockchain performance test frameworks that can support all frames under Hyperledger. The invention uses the tool to conduct data testing, wherein the testing is divided into two stages, the first stage is a preparation stage, the block chain network is initialized, relevant configuration files are read, and the deployment work of intelligent contracts is completed. The second stage is a testing stage, which starts the client terminal process according to the defined benchmark configuration file, executes the corresponding test and returns the statistical result. Including average latency, throughput, and memory consumption.
The test initiates 2000 transactions to the blockchain network, continuously adjusts the sending rate in the test process, and compares the changes of throughput, average delay and memory consumption in the test state.
Embodiment two: in another aspect, as shown in fig. 6, the present invention further discloses a blockchain-based system manager data transaction system, which is characterized by comprising:
the transaction permission module is used for sending the admission request and the data transaction request to the matching mechanism, receiving the admission permission and the transaction permission sent by the matching mechanism, and negotiating with the data provider to achieve transaction consensus;
the transaction authentication module is used for receiving the transaction order generated by the matching mechanism, generating a transaction proposal according to the transaction order, judging the consistency of the transaction proposal, and re-carrying out a new round of consensus or overruling the transaction if the transaction is illegal; if the transaction rule sends the transaction proposal to the blockchain network, the transaction is packed and counted into an account book according to the time sequence through the ordering node, and the transaction authentication is completed.
Based on the same inventive concept, the present invention also provides a computer apparatus comprising: one or more processors, and memory for storing one or more computer programs; the program includes program instructions and the processor is configured to execute the program instructions stored in the memory. The processor may be a central processing unit (Central Processing Unit, CPU), but may also be other general purpose processors, digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application SpecificIntegrated Circuit, ASIC), field-Programmable gate arrays (FPGAs) or other Programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc., which are the computational core and control core of the terminal for implementing one or more instructions, in particular for loading and executing one or more instructions within a computer storage medium to implement the methods described above.
It should be further noted that, based on the same inventive concept, the present invention also provides a computer storage medium having a computer program stored thereon, which when executed by a processor performs the above method. The storage media may take the form of any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electrical, magnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
In the description of the present specification, the descriptions of the terms "one embodiment," "example," "specific example," and the like, mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present disclosure. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The foregoing has shown and described the basic principles, principal features, and advantages of the present disclosure. It will be understood by those skilled in the art that the present disclosure is not limited to the embodiments described above, which have been described in the foregoing and description merely illustrates the principles of the disclosure, and that various changes and modifications may be made therein without departing from the spirit and scope of the disclosure, which is defined in the appended claims.
Claims (10)
1. A blockchain-based system manager data transaction method, comprising:
the admission request and the data transaction request are sent to a matching mechanism, and after receiving the admission permission and the transaction permission sent by the matching mechanism, the data transaction request is negotiated with a data provider to achieve transaction consensus;
receiving a transaction order generated by the matching mechanism, generating a transaction proposal according to the transaction order, judging the consistency of the transaction proposal, and if the transaction is illegal, re-carrying out a new round of consensus or overruling the transaction; if the transaction rule sends the transaction proposal to the blockchain network, the transaction is packed and counted into an account book according to the time sequence through the ordering node, and the transaction authentication is completed.
2. The blockchain-based system manager data transaction method of claim 1, wherein the data provider and system manager are considered two organizations in a Fabric alliance chain network, org1 and Org2, and each organization has at least two peer nodes in the Fabric alliance chain network.
3. The blockchain-based system manager data transaction method of claim 2, wherein the data provider and system manager send an admission request to a matching organization:
the system operator and the data provider sign the identity by using a private key, wherein the signing process is based on an SM9 identification algorithm signing process, and the signature and the public key are sent to a matching mechanism;
the matching mechanism verifies the signature, and sends the admission permission to the data provider and the system manager after the signature passes the verification, and the system manager carries out digital signature by using the private key of the private side of the business and the public key of the public side of the business, and returns a certificate and an account number and a password required for logging in the Fabric network client.
4. A blockchain-based system manager data transaction method according to claim 3, wherein after the system manager and the data provider obtain the admission license, the system manager and the data provider also obtain a public key of the counterpart with a digital signature of the matching mechanism, and the public key of the matching mechanism is used to verify the digital signature in the admission license of the counterpart, so as to realize bidirectional identity authentication.
5. The blockchain-based system manager data transaction method of claim 1, wherein the system manager and the data provider send the data transaction request:
when sending a data transaction request, the system manager and the data provider send related transaction information containing data requirements and data supply to the matching mechanism together;
the matching mechanism verifies the validity of the related transaction information of the data demand and the data supply after receiving the data transaction request, and sends a transaction permission certificate to the system manager and the data provider;
after the matching mechanism finds out the proper pairing information, negotiating with the system manager and the data provider, and after the two parties reach consensus, generating a transaction order.
6. The blockchain-based system manager data transaction method of claim 1, wherein the generating a transaction proposal from a transaction order: a transaction proposal is generated using the API constructs provided by the corresponding SDKs, the transaction proposal containing channel information, and data read and written into the account book is determined through a call request to the chain code information.
7. The blockchain-based system manager data transaction method of claim 6, wherein the transaction proposal includes: transaction contract identification, transaction contract execution methods, client signature information, and parameters.
8. The blockchain-based system manager data transaction method of claim 1, wherein the step of performing a transaction proposal consistency determination: the transaction proposal is input to an Endorser endorsement node, signature verification operation is carried out, whether the identity information submitting the signature can be authorized to execute the transaction operation is determined, node signature, value set and endorsement result packaging are output, the node signature, value set and endorsement result packaging are returned to the client SDK as proposal results, and whether the transaction is continued is judged through analysis.
9. The blockchain-based system manager data transaction method of claim 1, wherein the received transactions are ordered in a fixed time interval order by Orderers within the blockchain network, and then a batch of transactions are packaged together according to a blockgeneration policy to be credited to a ledger, a new blockis generated, and broadcast to a system manager and a master node of a data provider using the gRPC protocol.
10. A blockchain-based system manager data transaction system, comprising:
the transaction permission module is used for sending the admission request and the data transaction request to the matching mechanism, receiving the admission permission and the transaction permission sent by the matching mechanism, and negotiating with the data provider to achieve transaction consensus;
the transaction authentication module is used for receiving the transaction order generated by the matching mechanism, generating a transaction proposal according to the transaction order, judging the consistency of the transaction proposal, and re-carrying out a new round of consensus or overruling the transaction if the transaction is illegal; if the transaction rule sends the transaction proposal to the blockchain network, the transaction is packed and counted into an account book according to the time sequence through the ordering node, and the transaction authentication is completed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311561198.6A CN117478418A (en) | 2023-11-22 | 2023-11-22 | System manager data transaction method and system based on blockchain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311561198.6A CN117478418A (en) | 2023-11-22 | 2023-11-22 | System manager data transaction method and system based on blockchain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117478418A true CN117478418A (en) | 2024-01-30 |
Family
ID=89625530
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311561198.6A Pending CN117478418A (en) | 2023-11-22 | 2023-11-22 | System manager data transaction method and system based on blockchain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117478418A (en) |
-
2023
- 2023-11-22 CN CN202311561198.6A patent/CN117478418A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110268678B (en) | PKI-based login method for authentication agent user and server using same | |
| AU2019203848B2 (en) | Methods and devices for protecting sensitive data of transaction activity based on smart contract in blockchain | |
| CN111316615B (en) | System and method for ensuring correct execution of a computer program using a mediator computer system | |
| US20220318907A1 (en) | Systems and methods for generating secure, encrypted communications across distributed computer networks for authorizing use of cryptography-based digital repositories in order to perform blockchain operations in decentralized applications | |
| CN111316278B (en) | Secure identity and profile management system | |
| KR101816651B1 (en) | Method for providing login flow via authentication based on public key infrastructure in response to user’s login request for using service provided by service provider server in use of blockchain database with unspent transaction output based protocol and server using the same | |
| WO2019214311A1 (en) | Blockchain-based information supervision method and device | |
| US9264232B2 (en) | Cryptographic device that binds an additional authentication factor to multiple identities | |
| AU2017225928A1 (en) | Systems and methods for distributed data sharing with asynchronous third-party attestation | |
| CN108965342B (en) | Authentication method and system for data requester to access data source | |
| CN112199721A (en) | Authentication information processing method, device, equipment and storage medium | |
| KR101816652B1 (en) | Method for providing login flow via authentication based on public key infrastructure in response to user’s login request for using service provided by service provider server in use of merkle tree structure on the basis of unspent transaction output protocol and server using the same | |
| US20090319795A1 (en) | Digitally signing documents using identity context information | |
| CN111881483A (en) | Resource account binding method, device, equipment and medium based on block chain | |
| CN112235301B (en) | Access right verification method and device and electronic equipment | |
| Kwame et al. | V-chain: A blockchain-based car lease platform | |
| CN111612452A (en) | Intellectual property management system and method based on block chain | |
| Chen et al. | TrustBuilder: A non-repudiation scheme for IoT cloud applications | |
| CN111311259A (en) | Bill processing method, device, terminal and computer readable storage medium | |
| Xie et al. | A novel blockchain-based and proxy-oriented public audit scheme for low performance terminal devices | |
| CN110910110A (en) | Data processing method and device and computer storage medium | |
| CN112381634A (en) | Tax statistics and settlement method, device, equipment and storage medium | |
| CN110276693B (en) | Insurance claim settlement method and system | |
| CN114900334B (en) | NFT authority control method, system, computer readable storage medium and terminal equipment | |
| CN116975901A (en) | Identity verification method, device, equipment, medium and product based on block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |