CN106612285B - Distributed cloud data management method and system based on peer-to-peer network - Google Patents

Distributed cloud data management method and system based on peer-to-peer network Download PDF

Info

Publication number
CN106612285B
CN106612285B CN201611269919.6A CN201611269919A CN106612285B CN 106612285 B CN106612285 B CN 106612285B CN 201611269919 A CN201611269919 A CN 201611269919A CN 106612285 B CN106612285 B CN 106612285B
Authority
CN
China
Prior art keywords
encrypted data
peer
data
user node
target encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201611269919.6A
Other languages
Chinese (zh)
Other versions
CN106612285A (en
Inventor
何志安
朱信杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
TCL Research America Inc
Original Assignee
TCL Research America Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by TCL Research America Inc filed Critical TCL Research America Inc
Priority to CN201611269919.6A priority Critical patent/CN106612285B/en
Publication of CN106612285A publication Critical patent/CN106612285A/en
Application granted granted Critical
Publication of CN106612285B publication Critical patent/CN106612285B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • H04L63/0218Distributed architectures, e.g. distributed firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention belongs to the technical field of electronics, and provides a distributed cloud data management method and a distributed cloud data management system based on a peer-to-peer network. The invention can realize large data storage by encrypting the data and storing the data in the user nodes of the peer-to-peer network in a distributed manner, so as to expand the existing storage space and effectively ensure the storage safety of the data.

Description

Distributed cloud data management method and system based on peer-to-peer network
Technical Field
The embodiment of the invention belongs to the technical field of electronics, and particularly relates to a distributed cloud data management method and system based on a peer-to-peer network.
Background
With the increasing popularity of various electronic terminals, electronic terminals such as mobile phones, tablet computers, and personal computers have become indispensable life and learning tools in daily life, and people are accustomed to storing data in the electronic terminals. Due to the limited storage capacity of personal electronic terminals, people usually save data on the storage space of a third-party server (such as a network cloud disk) to expand the existing storage space, so as to store more data.
However, the data is stored in the third-party server with a great potential safety hazard, and the private data used for the data is possibly stolen or tampered by the third-party server operator, so that the data storage method is very unsafe.
Disclosure of Invention
The embodiment of the invention provides a distributed cloud data management method and system based on a peer-to-peer network, which can realize large data storage by encrypting data and storing the data in a user node of the peer-to-peer network in a distributed manner, so that the existing storage space is expanded and the storage safety of the data is effectively ensured.
An aspect of an embodiment of the present invention provides a distributed cloud data management method based on a peer-to-peer network, where the peer-to-peer network includes a plurality of user nodes, the distributed cloud data management method is applied to a first user node, and the distributed cloud data management method includes:
receiving a storage request, wherein the storage request is used for distributively storing first target data to user nodes in the peer-to-peer network;
generating a first encryption key corresponding to the first target data, wherein the first encryption key comprises a first public key and a first private key;
encrypting the first target data according to the first public key to obtain first target encrypted data, and dividing the first target encrypted data into at least one encrypted data block;
writing the metadata information of the first target encrypted data into a preset metadata storage area, wherein the preset metadata storage area and the plurality of user nodes have preset communication connection relations;
generating a first storage contract corresponding to the first target encrypted data, and acquiring signing information of all second user nodes signing the first storage contract, wherein the first storage contract is used for defining the storage requirement and the storage benefit of the first target encrypted data;
and storing the at least one encrypted data block in all second user nodes in a distributed manner, and writing the storage path of the first target encrypted data block and the contract signing information of the first storage contract into the preset metadata storage area.
In another aspect, an embodiment of the present invention further provides a distributed cloud data management system based on a peer-to-peer network, where the peer-to-peer network includes a plurality of user nodes, the distributed cloud data management system is applied to a first user node, and the distributed cloud data management system includes:
the system comprises a human-computer interaction module, a storage module and a data processing module, wherein the human-computer interaction module is used for receiving a storage request, and the storage request is used for storing first target data to user nodes in the peer-to-peer network in a distributed manner;
the key management module is used for generating a first encryption key corresponding to the first target data, and the first encryption key comprises a first public key and a first private key;
the data encryption and decryption module is used for encrypting the first target data according to the first public key to obtain first target encrypted data and dividing the first target encrypted data into at least one encrypted data block;
the metadata storage module is used for writing the metadata information of the first target encrypted data into a preset metadata storage area, and the preset metadata storage area and the plurality of user nodes have preset communication connection relations;
the contract management module is used for generating a first storage contract corresponding to the first target encrypted data and acquiring signing information of all second user nodes signing the first storage contract, wherein the first storage contract is used for defining the storage requirement and the storage profit of the first target encrypted data;
and the distributed data storage module is used for storing the at least one encrypted data block in all the second user nodes in a distributed manner, and writing the storage path of the first target encrypted data block and the signing information of the first storage contract into the preset metadata storage area.
The embodiment of the invention can realize large data storage by encrypting the data and storing the data in the user nodes of the peer-to-peer network in a distributed manner, so as to expand the existing storage space and effectively ensure the storage safety of the data.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart of a distributed cloud data management method based on a peer-to-peer network according to an embodiment of the present invention;
fig. 2 is a flowchart of a distributed cloud data management method based on a peer-to-peer network according to an embodiment of the present invention;
fig. 3 is a flowchart of a distributed cloud data management method based on a peer-to-peer network according to an embodiment of the present invention;
fig. 4 is a flowchart of a distributed cloud data management method based on a peer-to-peer network according to an embodiment of the present invention;
fig. 5 is a flowchart of a distributed cloud data management method based on a peer-to-peer network according to an embodiment of the present invention;
fig. 6 is a flowchart of a distributed cloud data management method based on a peer-to-peer network according to an embodiment of the present invention;
fig. 7 is a flowchart of a distributed cloud data management method based on a peer-to-peer network according to an embodiment of the present invention;
fig. 8 is a block diagram of a distributed cloud data management system based on a peer-to-peer network according to an embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood by those skilled in the art, the technical solutions in the embodiments of the present invention will be clearly described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some embodiments of the present invention, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "comprises" and "comprising," and any variations thereof, in the description and claims of this invention and the above-described drawings are intended to cover non-exclusive inclusions. For example, a process, method, or system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus. Furthermore, the terms "first," "second," and "third," etc. are used to distinguish between different objects and are not used to describe a particular order.
As shown in fig. 1, an embodiment of the present invention provides a distributed cloud data management method based on a Peer-to-Peer network (P2P), where the Peer-to-Peer network includes a plurality of user nodes.
In this embodiment, the user node specifically refers to a client connected to the peer-to-peer network and having a physical storage function, for example: mobile phones, tablet computers, personal PC clients, etc. The first user node refers to any user node in the peer-to-peer network, and the second user node refers to any user node except the first user node in the peer-to-peer network. Any user node in the peer-to-peer network can store data to other user nodes in a distributed manner, so that the storage space is expanded.
The distributed cloud data management method is described in detail below with a first user node as an execution subject, and includes:
step S101: receiving a storage request for distributively storing first target data to user nodes in the peer-to-peer network.
In a specific application, the first target data refers to data that the current user needs to store to the peer-to-peer network. Step S101 may be specifically executed by a human-computer interaction interface of the first user node, where the current user inputs a storage request through the human-computer interaction interface of the first user node, where the storage request may be specifically realized by clicking or pressing a virtual or entity button on the human-computer interaction interface, or may be input in a text or voice manner.
In one embodiment, step S101 is preceded by:
and receiving a file selection instruction, and selecting first target data needing to be uploaded to the peer-to-peer network.
Step S102: generating a first encryption key corresponding to the first target data, the first encryption key comprising a first public key and a first private key.
In this embodiment, the first encryption key is specifically an encryption key based on an asymmetric encryption algorithm, and data encrypted by the current user through the first public key of the first encryption key can only be decrypted through the first private key set by the current user.
In a specific application, when a user needs to upload a plurality of data to a peer-to-peer network for storage, a corresponding encryption key may be generated for each data, so as to implement individual encryption of each data.
Step S103: and encrypting the first target data according to the first public key to obtain first target encrypted data, and dividing the first target encrypted data into at least one encrypted data block.
In a specific application, the data size of the encrypted data block and the redundancy of the block division of the target encrypted data can be adjusted according to the needs of the user. For example, a target encrypted data having a data size of 1000 Megabits (MB) may be divided into 10 encrypted data blocks, each of which has a size of 100 megabits; the redundancy means the number of the target encrypted data that needs to be backed up by the user, for example, if the user needs three backups in total (including the target encrypted data itself and two copied target encrypted data), taking the target encrypted data with a data size of 1000 Megabits (MB) as an example, the data size of the target encrypted data that needs to be distributively stored in the entire peer-to-peer network is 1000 × 3 to 3000 megabits, and if each target encrypted data is divided into 10 encrypted data blocks, the number of the encrypted data blocks distributively stored in the entire peer-to-peer network is 10 × 3 to 30. .
Step S104: and writing the metadata information of the first target encrypted data into a preset metadata storage area, wherein the preset metadata storage area and the plurality of user nodes have preset communication connection relations.
In a specific application, Metadata (also called intermediary data, relay data) is data (data about data) describing data, mainly information describing data property (property), and is used to support functions such as indicating storage location, history data, resource search, file record, and the like.
In this embodiment, the predetermined metadata storage area specifically refers to a blockchain system commonly maintained by all user nodes in the peer-to-peer network. Any user node connected to the peer-to-peer network establishes a communication connection with the blockchain system, and can access but has no authority to modify data in the blockchain system at will.
Step S105: and generating a first storage contract corresponding to the first target encrypted data, and acquiring signing information of all second user nodes signing the first storage contract, wherein the first storage contract is used for defining the storage requirement and the storage benefit of the first target encrypted data.
In a specific application, the storage contract is mainly used for defining, in the form of an electronic contract, a storage condition to be followed and a storage benefit to be obtained when the second user node stores data uploaded by the first user node, where the storage condition may specifically include a data privacy protocol, a data integrity protection protocol, and the like, the storage benefit may specifically include a reward, an award, and the like, the reward may specifically be electronic money, and the award may specifically be awarding that the second user node can store data of a certain size to the peer-to-peer network for free. The user can be more willing to save the data uploaded by other user nodes through the user node by setting the storage benefit. The user can modify the storage condition and the storage profit of the storage contract according to the actual need.
In a specific application, signing a first storage contract specifically refers to receiving a storage condition and a storage benefit defined by the contract, the signing information produced by signing the first storage contract is stored in a blockchain system commonly maintained by all user nodes, that is, a preset metadata storage area, the first user node can check which second users sign the first storage contract through the blockchain system, and the signing information can also be stored in a local hardware or software module for signing the contract by the second user node (that is, a contract management module in the following system).
Step S106: and storing the at least one encrypted data block in all second user nodes in a distributed manner, and writing the storage path of the first target encrypted data block and the contract signing information of the first storage contract into the preset metadata storage area.
According to the embodiment, the data is encrypted and stored in the user nodes of the peer-to-peer network in a distributed manner, so that the storage safety of the data can be effectively ensured while the existing storage space is expanded by large data storage.
In an embodiment of the present invention, the current user may download the data stored in the peer-to-peer network, and in this embodiment, the first target encrypted data is taken as an example to describe the process of downloading the first target encrypted data in detail.
In some embodiments of the present invention, based on the method steps in the embodiment corresponding to fig. 1, the distributed cloud data management method may further include method steps for downloading, deleting, sharing, or trading data stored in a distributed manner in the peer-to-peer network.
As shown in fig. 2, this embodiment specifically includes a method step of downloading data stored in a distributed manner in a peer-to-peer network, and in this embodiment, the distributed cloud data management method provided in the embodiment corresponding to fig. 1 further includes:
step S201: receiving a download request for downloading the first target encrypted data distributedly stored in the peer-to-peer network.
In a specific application, step S201 may be performed by a human-computer interaction interface of the first user node, and the current user inputs the download request through the human-computer interaction interface of the first user node. The download request can be specifically realized by clicking or pressing a virtual or entity button on a human-computer interaction interface, and can also be input in a text or voice mode.
In one embodiment, step S201 is preceded by:
and receiving a file selection instruction, and selecting the first target encrypted data needing to be downloaded from the peer-to-peer network.
Step S202: reading a storage path of the first target encrypted data written in the preset metadata storage area;
step S203: downloading the first target encrypted data pointed by the storage path of the first target encrypted data block, and writing a downloading operation record into the preset metadata storage area;
step S204: acquiring the first private key;
step S205: decrypting the first target encrypted data by the first private key.
In the embodiment, the encrypted data uploaded to the peer-to-peer network by the current user is downloaded and decrypted, so that the current user can download the data stored in the peer-to-peer network from the peer-to-peer network at any time and any place according to the self requirement.
In an embodiment of the present invention, the current user may delete the data stored in the peer-to-peer network, and in this embodiment, the first target encrypted data is taken as an example to describe the process of deleting the first target encrypted data in detail.
As shown in fig. 3, this embodiment specifically includes a method step of deleting data stored in a distributed manner in a peer-to-peer network, and in this embodiment, the distributed cloud data management method provided in the embodiment corresponding to fig. 1 further includes:
step S301: receiving a deletion request for deleting the first target encrypted data distributedly stored in the peer-to-peer network.
In a specific application, step S301 may be performed by a human-computer interaction interface of the first user node, and the current user inputs the deletion request through the human-computer interaction interface of the first user node. The deletion request can be specifically realized by clicking or pressing a virtual or entity button on a human-computer interaction interface, and can also be input in a text or voice mode.
In one embodiment, step S301 is preceded by:
and receiving a file selection instruction, and selecting the first target encrypted data needing to be deleted from the peer-to-peer network.
Step S302: reading a storage path of the first target encrypted data block written in the preset metadata storage area;
step S303: and deleting the first target encrypted data pointed by the storage path of the first target encrypted data, and writing a deletion operation record into the preset metadata storage area.
In the embodiment, the encrypted data uploaded to the peer-to-peer network by the current user is deleted, so that the current user can delete the data stored in the peer-to-peer network from the peer-to-peer network anytime and anywhere according to the own needs.
In an embodiment of the present invention, a current user may share data stored in a peer-to-peer network with other users, and may also obtain data shared by other users in the peer-to-peer network.
As shown in fig. 4, this embodiment specifically includes a method step of sharing data stored in a distributed manner in a peer-to-peer network to other users, and in this embodiment, the distributed cloud data management method provided in the embodiment corresponding to fig. 1 further includes:
step S401: and receiving a first sharing request sent by the second user node, wherein the first sharing request is used for sharing the first target encrypted data which is distributed and stored in the peer-to-peer network to the second user node.
In a specific application, step S401 may be executed by a human-computer interaction interface of the first user node, and when receiving the first sharing request, the human-computer interaction interface of the first user node displays the first sharing request, and the current user may respond to the first sharing request by clicking or pressing a virtual or entity button on the human-computer interaction interface, or may respond to the first sharing request by inputting in a text or voice manner.
In one embodiment, step 401 is preceded by:
and receiving a file selection instruction, and selecting first target encrypted data which needs to be shared to a second user node in the peer-to-peer network.
Step S402: if the first sharing request is responded, a second public key sent by the second user node is obtained;
step S403: and encrypting the first encryption key through the second public key and sending the first encryption key to the second user node.
In the embodiment, the encrypted data uploaded to the peer-to-peer network by the current user is shared with other users, so that the current user can share the data stored by the current user anytime and anywhere according to the own needs.
In an embodiment of the present invention, a current user may obtain data shared by other users in a peer-to-peer network, and in this embodiment, a process of obtaining second target encrypted data shared by a second user node is described in detail by taking second target encrypted data shared by the second user node to the peer-to-peer network as an example.
As shown in fig. 5, this embodiment specifically includes a method step of acquiring data shared by other users to be distributed and stored in a peer-to-peer network, in this embodiment, the distributed cloud data management method provided in the embodiment corresponding to fig. 1 further includes:
step S501: and sending a second sharing request to the second user node, wherein the second sharing request is used for acquiring second target encrypted data distributed and stored in the peer-to-peer network by the second user node.
In a specific application, step S501 may be performed by a human-computer interaction interface of a first user node, and a current user inputs a second sharing request through the human-computer interaction interface of the first user node and sends the second sharing request to a second user node. The second sharing request can be specifically input by clicking or pressing a virtual or entity button on a human-computer interaction interface, and can also be input in a text or voice mode.
In one embodiment, step 501 is preceded by:
and receiving a file selection instruction, and selecting second target encrypted data which needs to be acquired and is shared by the second user node in the peer-to-peer network.
Step S502: if the second user node is detected to respond to the second sharing request, downloading the second target encrypted data;
step S503: sending the first public key to the second user node, and obtaining a second encryption key which is fed back by the second user node and is encrypted by the first public key, wherein the second encryption key comprises a second public key and a second private key;
step S504: and decrypting the second encrypted key by the first private key and decrypting the second target encrypted data according to the second private key.
In the embodiment, the encrypted data uploaded to the peer-to-peer network by other users is acquired, so that the current user can acquire the data shared by other users to the peer-to-peer network at any time and any place according to the self needs.
In an embodiment of the present invention, a current user may use data uploaded to a peer-to-peer network as a transaction object to perform a transaction with another user.
As shown in fig. 6, this embodiment specifically includes a method step of performing a transaction with another user by using data stored in a distributed manner in a peer-to-peer network as a transaction object, and in this embodiment, the distributed cloud data management method provided in the embodiment corresponding to fig. 1 further includes:
step S601: and receiving a first transaction request sent by the second user node, wherein the first transaction request is used for performing transaction with the second user node by taking the first target encrypted data which is distributed and stored in the peer-to-peer network as a transaction object.
In a specific application, step S601 may be executed by a human-computer interaction interface of the first user node, and when receiving the first sharing request, the human-computer interaction interface of the first user node displays the first transaction request, and the current user may respond to the first transaction request by clicking or pressing a virtual or entity button on the human-computer interaction interface, or may respond to the first transaction request by inputting in a text or voice manner.
In one embodiment, step 601 is preceded by:
and receiving a file selection instruction, and selecting the first target encrypted data needing to be transacted with the second user node.
Step S602: if the first transaction request is responded, generating a first transaction contract corresponding to the first target encrypted data, and writing contract information of the first transaction contract into the preset metadata storage area, wherein the first transaction contract is used for defining transaction conditions of the first target encrypted data;
step S603: acquiring a second public key sent by the second user node;
step S604: and encrypting the first encryption key through the second public key and sending the first encryption key to the second user node.
In a specific application, the first encryption key is encrypted through the second public key, so that only the user of the second user node can decrypt the first encryption key through the second private key corresponding to the second public key, and other users cannot decrypt the first encryption key, and the user of the second user node can decrypt the first target encryption file through the first encryption key.
In the embodiment, the data transaction is performed with other users, so that the current user can perform the transaction with other users by using the data shared to the peer-to-peer network by the current user as a transaction object according to the self requirement at any time and any place.
In an embodiment of the present invention, a current user may trade with another user for data that is uploaded to a peer-to-peer network by another user and is used as a trade object.
As shown in fig. 7, this embodiment specifically includes a method step of performing a transaction with another user by using data stored in a peer-to-peer network in a distributed manner by another user as a transaction object, and in this embodiment, the distributed cloud data management method provided in the embodiment corresponding to fig. 1 further includes:
step S701: sending a second transaction request to the second user node, wherein the second transaction request is used for performing transaction with the second user node to obtain second target encrypted data;
in a specific application, step S701 may be performed by a human-computer interaction interface of the first user node, and the current user inputs the second transaction request through the human-computer interaction interface of the first user node and sends the second transaction request to the second user node. The second transaction request may be specifically input by clicking or pressing a virtual or physical button on the human-computer interaction interface, or may be input by text or voice.
In one embodiment, step 701 is preceded by:
and receiving a file selection instruction, and selecting second target encrypted data needing to be transacted with the second user node.
Step S702: if the second user node is detected to respond to the second transaction request, downloading the second target encrypted data;
step S703: sending the first public key to the second user node, and obtaining a second encryption key which is fed back by the second user node and is encrypted by the first public key, wherein the second encryption key comprises a second public key and a second private key;
step S704: decrypting the second encrypted key by the first private key and decrypting the second target encrypted data by the second private key;
step S705: and acquiring contract information of the second trading contract from the preset metadata storage area, and executing the second trading contract according to trading conditions defined by the contract information of the second trading contract.
In a specific application, the transaction principles of the data uploaded to the peer-to-peer network for transaction are the same, and therefore, the preset metadata storage area stores a second transaction contract corresponding to the second target encrypted data, and the second transaction contract is used for defining the transaction conditions of the second target encrypted data.
In the embodiment, the data transaction is performed with other users, so that the current user can perform the transaction with other users by using the data shared by other users to the peer-to-peer network as a transaction object at any time and any place according to the self needs.
As shown in fig. 8, an embodiment of the present invention provides a distributed cloud data management system 100 based on a peer-to-peer network, configured to perform the method steps in the embodiment corresponding to fig. 1. The distributed cloud data management system 100 is applied to a first user node, and includes:
a human-computer interaction module 101, configured to receive a storage request, where the storage request is used to store first target data in a distributed manner to a user node in the peer-to-peer network;
the key management module 102 is configured to generate a first encryption key corresponding to the first target data, where the first encryption key includes a first public key and a first private key;
the data encryption and decryption module 103 is configured to encrypt the first target data according to the first public key to obtain first target encrypted data, and divide the first target encrypted data into at least one encrypted data block;
a metadata storage module 104, configured to write metadata information of the first target encrypted data into a preset metadata storage area, where a preset communication connection relationship exists between the preset metadata storage area and the plurality of user nodes;
a contract management module 105, configured to generate a first storage contract corresponding to the first target encrypted data, and obtain subscription information of all second user nodes that subscribe to the first storage contract, where the first storage contract is used to define a storage requirement and a storage benefit of the first target encrypted data;
a distributed data storage module 106, configured to store the at least one encrypted data block in a distributed manner in all the second user nodes, and write a storage path of the first target encrypted data block and subscription information of the first storage contract into the preset metadata storage area.
In a specific application, the user node specifically refers to a client connected to the peer-to-peer network and having a physical storage function, for example: mobile phones, tablet computers, personal PC clients, etc. The human-computer interaction module 101 may specifically include a touch display screen or a keyboard.
According to the embodiment, the data is encrypted and stored in the user nodes of the peer-to-peer network in a distributed manner, so that the storage safety of the data can be effectively ensured while the existing storage space is expanded by large data storage.
In an embodiment of the present invention, the distributed cloud data management system 100 shown in fig. 8 may be further configured to execute the method steps in the embodiments corresponding to fig. 2 to 7.
When the distributed cloud data management system 100 is used to perform the method steps in the embodiment corresponding to fig. 2:
the human-computer interaction module 101 is configured to receive a download request, where the download request is used to download the first target encrypted data stored in the peer-to-peer network in a distributed manner;
the metadata storage module 104 is configured to read a storage path of the first target encrypted data written in the preset metadata storage area;
the distributed data storage module 106 is configured to download the first target encrypted data pointed by the storage path of the first target encrypted data block, and write a download operation record into the preset metadata storage area;
the key management module 102 is configured to obtain the first private key;
the data encryption and decryption module 103 is configured to decrypt the first target encrypted data through the first private key.
When the distributed cloud data management system 100 is used to perform the method steps in the embodiment corresponding to fig. 3:
the human-computer interaction module 101 is configured to receive a deletion request, where the deletion request is used to delete the first target encrypted data distributedly stored in the peer-to-peer network;
the metadata storage module 104 is configured to read a storage path of the first target encrypted data block written in the preset metadata storage area;
the distributed data storage module 106 is configured to delete the first target encrypted data pointed by the storage path of the first target encrypted data, and write a deletion operation record into the preset metadata storage area.
When the distributed cloud data management system 100 is used to perform the method steps in the embodiment corresponding to fig. 4:
the human-computer interaction module 101 is configured to receive a first sharing request sent by the second user node, where the first sharing request is used to share the first target encrypted data that is distributedly stored in the peer-to-peer network to the second user node;
the key management module 102 is configured to obtain a second public key sent by the second user node if the first sharing request is responded to;
the data encryption and decryption module 103 is configured to encrypt the first encryption key by using the second public key and send the first encryption key to the second user node.
When the distributed cloud data management system 100 is used to perform the method steps in the embodiment corresponding to fig. 5:
the human-computer interaction module 101 is configured to send a second sharing request to the second user node, where the second sharing request is used to obtain second target encrypted data that is distributed by the second user node and stored in the peer-to-peer network;
the distributed data storage module 106 is configured to download the second target encrypted data if it is detected that the second user node responds to the second sharing request;
the key management module 102 is configured to send the first public key to the second user node, and obtain a second encryption key that is fed back by the second user node and encrypted by the first public key, where the second encryption key includes a second public key and a second private key;
the data encryption and decryption module 103 is configured to decrypt the second encrypted key through the first private key, and decrypt the second target encrypted data according to the second private key.
When the distributed cloud data management system 100 is used to perform the method steps in the embodiment corresponding to fig. 6:
the human-computer interaction module 101 is configured to receive a first transaction request sent by the second user node, where the first transaction request is used to perform a transaction with the second user node by using the first target encrypted data stored in the peer-to-peer network in a distributed manner as a transaction object;
the contract management module 105 is configured to generate a first transaction contract corresponding to the first target encrypted data if the first transaction request is responded, and write contract information of the first transaction contract into the preset metadata storage area, where the first transaction contract is used to define a transaction condition of the first target encrypted data;
the key management module 102 is configured to obtain a second public key sent by the second user node;
the data encryption and decryption module 103 is configured to encrypt the first encryption key by using the second public key and send the first encryption key to the second user node.
When the distributed cloud data management system 100 is used to perform the method steps in the embodiment corresponding to fig. 7:
the human-computer interaction module 101 is configured to send a second transaction request to the second user node, where the second transaction request is used to perform a transaction with the second user node to obtain second target encrypted data;
the distributed data storage module 106 is further configured to download the second target encrypted data if it is detected that the second user node responds to the second transaction request;
the key management module 102 is configured to send the first public key to the second user node and obtain a second encryption key, which is fed back by the second user node and encrypted by the first public key, if it is detected that the second user node responds to the second transaction request, where the second encryption key includes a second public key and a second private key;
the data encryption and decryption module 103 is configured to decrypt the second encrypted key through the first private key, and decrypt the second target encrypted data through the second private key;
the contract management module 105 is configured to obtain contract information of the second trading contract from the preset metadata storage area, and execute the second trading contract according to trading conditions defined by the contract information of the second trading contract.
The modules in all embodiments of the present invention may be implemented by a general-purpose integrated circuit, such as a CPU (central processing Unit), or an ASIC (Application Specific integrated circuit).
All the user nodes in the invention have the same working principle and structure.
The steps in the method of the embodiment of the invention can be sequentially adjusted, combined and deleted according to actual needs.
The modules in the device provided by the embodiment of the invention can be combined, divided and deleted according to actual needs.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (10)

1. A distributed cloud data management method based on a peer-to-peer network, wherein the peer-to-peer network comprises a plurality of user nodes, and the distributed cloud data management method is applied to a first user node, and comprises the following steps:
receiving a storage request, wherein the storage request is used for distributively storing first target data to user nodes in the peer-to-peer network;
generating a first encryption key corresponding to the first target data, wherein the first encryption key comprises a first public key and a first private key;
encrypting the first target data according to the first public key to obtain first target encrypted data, and dividing the first target encrypted data into at least one encrypted data block;
writing the metadata information of the first target encrypted data into a preset metadata storage area, wherein the preset metadata storage area and the plurality of user nodes have a preset communication connection relation, and the preset metadata storage area is a block chain system commonly maintained by all user nodes in the peer-to-peer network;
generating a first storage contract corresponding to the first target encrypted data, and acquiring signing information of all second user nodes signing the first storage contract, wherein the first storage contract is used for defining the storage requirement and the storage benefit of the second user nodes for storing the first target encrypted data in the form of an electronic contract;
and storing the at least one encrypted data block in all second user nodes in a distributed manner, and writing the storage path of the first target encrypted data block and the contract signing information of the first storage contract into the preset metadata storage area.
2. The peer-to-peer network based distributed cloud data management method of claim 1, wherein said distributed cloud data management method further comprises:
receiving a download request, wherein the download request is used for downloading the first target encrypted data which is distributedly stored in the peer-to-peer network;
reading a storage path of the first target encrypted data written in the preset metadata storage area;
downloading the first target encrypted data pointed by the storage path of the first target encrypted data block, and writing a downloading operation record into the preset metadata storage area;
acquiring the first private key;
decrypting the first target encrypted data by the first private key.
3. The peer-to-peer network based distributed cloud data management method of claim 1, wherein said distributed cloud data management method further comprises:
receiving a deletion request for deleting the first target encrypted data distributedly stored in the peer-to-peer network;
reading a storage path of the first target encrypted data block written in the preset metadata storage area;
and deleting the first target encrypted data pointed by the storage path of the first target encrypted data, and writing a deletion operation record into the preset metadata storage area.
4. The peer-to-peer network based distributed cloud data management method of claim 1, wherein said distributed cloud data management method further comprises:
receiving a first sharing request sent by the second user node, wherein the first sharing request is used for sharing the first target encrypted data which is distributed and stored in the peer-to-peer network to the second user node;
if the first sharing request is responded, a second public key sent by the second user node is obtained;
encrypting the first encryption key through the second public key and sending the first encryption key to the second user node;
sending a second sharing request to the second user node, wherein the second sharing request is used for acquiring second target encrypted data distributed and stored in the peer-to-peer network by the second user node;
if the second user node is detected to respond to the second sharing request, downloading the second target encrypted data;
sending the first public key to the second user node, and obtaining a second encryption key which is fed back by the second user node and is encrypted by the first public key, wherein the second encryption key comprises a second public key and a second private key;
and decrypting the second encrypted key by the first private key and decrypting the second target encrypted data according to the second private key.
5. The peer-to-peer network based distributed cloud data management method of claim 1, wherein said distributed cloud data management method further comprises:
receiving a first transaction request sent by the second user node, wherein the first transaction request is used for performing transaction with the second user node by taking the first target encrypted data which is distributed and stored in the peer-to-peer network as a transaction object;
if the first transaction request is responded, generating a first transaction contract corresponding to the first target encrypted data, and writing contract information of the first transaction contract into the preset metadata storage area, wherein the first transaction contract is used for defining transaction conditions of the first target encrypted data;
acquiring a second public key sent by the second user node;
encrypting the first encryption key through the second public key and sending the first encryption key to the second user node;
sending a second transaction request to the second user node, wherein the second transaction request is used for performing transaction with the second user node to obtain second target encrypted data;
if the second user node is detected to respond to the second transaction request, downloading the second target encrypted data;
sending the first public key to the second user node, and obtaining a second encryption key which is fed back by the second user node and is encrypted by the first public key, wherein the second encryption key comprises a second public key and a second private key; decrypting the second encrypted key by the first private key and decrypting the second target encrypted data by the second private key;
and acquiring contract information of the second trading contract from the preset metadata storage area, and executing the second trading contract according to trading conditions defined by the contract information of the second trading contract.
6. A distributed cloud data management system based on a peer-to-peer network, the peer-to-peer network including a plurality of user nodes, the distributed cloud data management system being applied to a first user node, the distributed cloud data management system comprising:
the system comprises a human-computer interaction module, a storage module and a data processing module, wherein the human-computer interaction module is used for receiving a storage request, and the storage request is used for storing first target data to user nodes in the peer-to-peer network in a distributed manner;
the key management module is used for generating a first encryption key corresponding to the first target data, and the first encryption key comprises a first public key and a first private key;
the data encryption and decryption module is used for encrypting the first target data according to the first public key to obtain first target encrypted data and dividing the first target encrypted data into at least one encrypted data block;
the metadata storage module is used for writing metadata information of the first target encrypted data into a preset metadata storage area, and the preset metadata storage area and the plurality of user nodes have a preset communication connection relation, wherein the preset metadata storage area is a block chain system commonly maintained by all the user nodes in the peer-to-peer network;
the contract management module is used for generating a first storage contract corresponding to the first target encrypted data and acquiring signing information of all second user nodes signing the first storage contract, and the first storage contract is used for defining the storage requirement and the storage benefit of the second user nodes for storing the first target encrypted data in the form of an electronic contract;
and the distributed data storage module is used for storing the at least one encrypted data block in all the second user nodes in a distributed manner, and writing the storage path of the first target encrypted data block and the signing information of the first storage contract into the preset metadata storage area.
7. The peer-to-peer network based distributed cloud data management system of claim 6, wherein:
the man-machine interaction module is further used for receiving a downloading request, and the downloading request is used for downloading the first target encrypted data stored in the peer-to-peer network in a distributed manner;
the metadata storage module is further configured to read a storage path of the first target encrypted data written in the preset metadata storage area;
the distributed data storage module is further configured to download the first target encrypted data pointed by the storage path of the first target encrypted data block, and write a download operation record into the preset metadata storage area;
the key management module is further used for acquiring the first private key;
the data encryption and decryption module is further used for decrypting the first target encrypted data through the first private key.
8. The peer-to-peer network based distributed cloud data management system of claim 6, wherein:
the man-machine interaction module is further used for receiving a deletion request, and the deletion request is used for deleting the first target encrypted data which is distributedly stored in the peer-to-peer network;
the metadata storage module is further configured to read a storage path of the first target encrypted data block written in the preset metadata storage area;
the distributed data storage module is further configured to delete the first target encrypted data pointed by the storage path of the first target encrypted data, and write a deletion operation record into the preset metadata storage area.
9. The peer-to-peer network based distributed cloud data management system of claim 6, wherein:
the human-computer interaction module is further configured to receive a first sharing request sent by the second user node, where the first sharing request is used to share the first target encrypted data that is distributedly stored in the peer-to-peer network to the second user node;
the key management module is further configured to obtain a second public key sent by the second user node if the first sharing request is responded;
the data encryption and decryption module is further configured to encrypt the first encryption key through the second public key and send the first encryption key to the second user node;
the man-machine interaction module is further configured to send a second sharing request to the second user node, where the second sharing request is used to obtain second target encrypted data that is distributed by the second user node and stored in the peer-to-peer network;
the distributed data storage module is further configured to download the second target encrypted data if it is detected that the second user node responds to the second sharing request;
the key management module is further configured to send the first public key to the second user node, and obtain a second encryption key, which is fed back by the second user node and encrypted by the first public key, where the second encryption key includes a second public key and a second private key;
the data encryption and decryption module is further configured to decrypt the second encrypted key through the first private key, and decrypt the second target encrypted data according to the second private key.
10. The peer-to-peer network based distributed cloud data management system of claim 6, wherein:
the man-machine interaction module is further used for receiving a first transaction request sent by the second user node, and the first transaction request is used for performing transaction with the second user node by taking the first target encrypted data which is distributed and stored in the peer-to-peer network as a transaction object;
the contract management module is further used for generating a first trading contract corresponding to the first target encrypted data if the first trading request is responded, and writing contract information of the first trading contract into the preset metadata storage area, wherein the first trading contract is used for defining trading conditions of the first target encrypted data;
the key management module is further configured to obtain a second public key sent by the second user node;
the data encryption and decryption module is further configured to encrypt the first encryption key through the second public key and send the first encryption key to the second user node;
the man-machine interaction module is further used for sending a second transaction request to the second user node, wherein the second transaction request is used for performing transaction with the second user node to obtain second target encrypted data;
the distributed data storage module is further configured to download the second target encrypted data if it is detected that the second user node responds to the second transaction request;
the key management module is further configured to send the first public key to the second user node, and obtain a second encryption key, which is fed back by the second user node and encrypted by the first public key, where the second encryption key includes a second public key and a second private key;
the data encryption and decryption module is further used for decrypting the second encryption key through the first private key and decrypting the second target encrypted data through the second private key;
the contract management module is further configured to obtain contract information of the second trading contract from the preset metadata storage area, and execute the second trading contract according to trading conditions defined by the contract information of the second trading contract.
CN201611269919.6A 2016-12-30 2016-12-30 Distributed cloud data management method and system based on peer-to-peer network Active CN106612285B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611269919.6A CN106612285B (en) 2016-12-30 2016-12-30 Distributed cloud data management method and system based on peer-to-peer network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611269919.6A CN106612285B (en) 2016-12-30 2016-12-30 Distributed cloud data management method and system based on peer-to-peer network

Publications (2)

Publication Number Publication Date
CN106612285A CN106612285A (en) 2017-05-03
CN106612285B true CN106612285B (en) 2020-05-19

Family

ID=58636834

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611269919.6A Active CN106612285B (en) 2016-12-30 2016-12-30 Distributed cloud data management method and system based on peer-to-peer network

Country Status (1)

Country Link
CN (1) CN106612285B (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107948253B (en) * 2017-11-10 2021-03-02 江苏通付盾科技有限公司 Decentralized data storage method and system, electronic device and storage medium
CN109995715A (en) * 2017-12-29 2019-07-09 百度在线网络技术(北京)有限公司 Private data encipher-decipher method, device, equipment and the storage medium of block chain
CN108647230B (en) * 2018-03-29 2021-10-08 深圳市网心科技有限公司 Distributed storage method, electronic device, and storage medium
CN108710643B (en) * 2018-04-20 2020-11-24 广东省科技基础条件平台中心 Data sharing method and device, computer equipment and storage medium
CN110990407B (en) * 2018-04-27 2020-11-10 腾讯科技(深圳)有限公司 Block chain based data storage method and device, server and storage medium
CN108718341B (en) * 2018-05-30 2021-06-01 北京阿尔山区块链联盟科技有限公司 Method for sharing and searching data
CN108854077B (en) * 2018-07-17 2021-05-18 广州瞪羚信息科技有限公司 Cross-game item circulation method based on block chain technology
CN109241756B (en) * 2018-08-20 2020-01-31 深圳市腾讯网络信息技术有限公司 Data processing method, system, server and medium based on block chain
CN109117096B (en) * 2018-09-03 2020-04-21 安徽太阳石科技有限公司 Block chain based distributed data storage method and system
CN109379184A (en) * 2018-09-28 2019-02-22 北京金山安全软件有限公司 Block chain private key storage method and device and electronic equipment
CN109271115B (en) * 2018-10-11 2021-07-30 重庆晨鲸科技有限公司 Storage sharing method and device and block chain distributed network topology
CN109492419B (en) * 2018-11-27 2022-07-01 众安信息技术服务有限公司 Method, device and storage medium for acquiring data in block chain
CN109618190A (en) * 2018-12-07 2019-04-12 深圳市云歌人工智能技术有限公司 Based on the method, apparatus and storage medium for promoting video setting and acquisition reward
CN111382458A (en) * 2018-12-28 2020-07-07 富泰华工业(深圳)有限公司 Data batch sealing method and device and computer storage medium
CN109862119A (en) * 2019-03-15 2019-06-07 深圳市网心科技有限公司 Memory capacity sharing method, device, service server, user terminal and system
CN112291356B (en) * 2020-11-02 2022-01-04 大连理工大学 Self-verification variable name distributed storage method based on CNFS protocol
CN113157207B (en) * 2021-04-07 2022-03-08 橙色云互联网设计有限公司 Data processing method, device and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101192924A (en) * 2006-11-24 2008-06-04 北京大学 P2P storage system coding method based on Reed-Solomon code
CN101605148A (en) * 2009-05-21 2009-12-16 何吴迪 The framework method of the parallel system of cloud storage
CN103034814A (en) * 2012-12-11 2013-04-10 浙江大学 Data access method
CN103442057A (en) * 2013-08-27 2013-12-11 玉林师范学院 Cloud storage system based on user collaboration cloud

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101192924A (en) * 2006-11-24 2008-06-04 北京大学 P2P storage system coding method based on Reed-Solomon code
CN101605148A (en) * 2009-05-21 2009-12-16 何吴迪 The framework method of the parallel system of cloud storage
CN103034814A (en) * 2012-12-11 2013-04-10 浙江大学 Data access method
CN103442057A (en) * 2013-08-27 2013-12-11 玉林师范学院 Cloud storage system based on user collaboration cloud

Also Published As

Publication number Publication date
CN106612285A (en) 2017-05-03

Similar Documents

Publication Publication Date Title
CN106612285B (en) Distributed cloud data management method and system based on peer-to-peer network
US10762229B2 (en) Secure searchable and shareable remote storage system and method
CN110210246B (en) Personal data service method and system based on safety calculation
CN109214201B (en) Data sharing method, terminal equipment and computer readable storage medium
CN112818380A (en) Method, device, equipment and system for backtracking processing of business behaviors
JP2016532956A (en) Technology for managing unsynchronized content items on unlinked devices
CN110661748B (en) Log encryption method, log decryption method and log encryption device
CN109565518B (en) Method and system for interchangeable content retrieval
CN111132150A (en) Method and device for protecting data, storage medium and electronic equipment
CN106778295B (en) File storage method, file display method, file storage device, file display device and terminal
US11120160B2 (en) Distributed personal data storage and encrypted personal data service based on secure computation
KR20200127643A (en) Method and Apparatus for Distributed Processing of Data for Document Management
CN114598671B (en) Session message processing method, device, storage medium and electronic equipment
CN112380568A (en) Data management method and device, computer equipment and storage medium
CN110474764B (en) Ciphertext data set intersection calculation method, device, system, client, server and medium
CN110046000B (en) Applet running method and device
CN112069525A (en) Encryption method, device and equipment for generating key based on attribute of information
CN103399875A (en) File managing method and device
JP6272546B2 (en) Data storage device, data processing method, and data processing program
CN116107520B (en) S3 object storage protocol encrypted data storage method and system
KR102287729B1 (en) System and method for managing user information based on blockchain
CN116401222A (en) File synchronization method, device, system, equipment and storage medium
US10043015B2 (en) Method and apparatus for applying a customer owned encryption
CN114996577A (en) Service management method, device, apparatus, storage medium, and program product
KR102133764B1 (en) Method for providing contents and server of contents business operator for executing the same

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant