CN109190410A - A kind of log behavior auditing method based on block chain under cloud storage environment - Google Patents

A kind of log behavior auditing method based on block chain under cloud storage environment Download PDF

Info

Publication number
CN109190410A
CN109190410A CN201811126706.7A CN201811126706A CN109190410A CN 109190410 A CN109190410 A CN 109190410A CN 201811126706 A CN201811126706 A CN 201811126706A CN 109190410 A CN109190410 A CN 109190410A
Authority
CN
China
Prior art keywords
user
data file
intelligent contract
data
cloud storage
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811126706.7A
Other languages
Chinese (zh)
Other versions
CN109190410B (en
Inventor
周可
李春花
邓虹雨
胡家琦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huazhong University of Science and Technology
Original Assignee
Huazhong University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huazhong University of Science and Technology filed Critical Huazhong University of Science and Technology
Priority to CN201811126706.7A priority Critical patent/CN109190410B/en
Publication of CN109190410A publication Critical patent/CN109190410A/en
Application granted granted Critical
Publication of CN109190410B publication Critical patent/CN109190410B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6272Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Abstract

The invention discloses the log behavior auditing methods based on block chain under a kind of cloud storage environment, each interface needed for this method process is write by intelligent contract, guarantee that both sides can not deny its behavior, so that the log recording in block chain network is completely believable.The audit interface that intelligent contract is called when there is audit demand, returns result to the user to file a request after being examined by intelligent contract log recording.The present invention from cloud storage provider is transferred to block chain by storing cloud log, using the decentralization of block chain, the features such as going trustization and high reliability, ensure that the safety and integrality of daily record data;Block chain network is set to provide the read-write interface and audit structure of log using intelligent contract, and for the data access process of the interaction design between user and cloud service provider, it can guarantee that log can be fully recorded in block chain network by user and cloud storage both sides, and log recording can not be denied and be distorted.

Description

A kind of log behavior auditing method based on block chain under cloud storage environment
Technical field
The invention belongs to cloud storage security technology area, more particularly, under a kind of cloud storage environment based on block The log behavior auditing method of chain.
Background technique
User can be allowed to seek help from independence when needing and examining outer bag data using the public auditing service that cloud data store Auditing by third party person (TPA).TPA possesses professional knowledge not available for user and ability, can represent user's periodical audit It is stored in the integrality of all data in cloud storage service device, so that the mode of more simple economy is provided for user, to ensure Its data can be correctly stored in cloud.In addition, other than the risk for the cloud storage service that user can be helped to assess its order, The auditing result of TPA additionally aids cloud storage provider and improves its service platform based on cloud, it might even be possible to be realized using TPA only Vertical arbitration purpose.To sum up, public auditing service will play a significant role in this emerging cloud storage field, and having can The important way for establishing trusting relationship between user and cloud storage provider can be become.
No matter data owner or ordinary user all rely on a trusted third party and authenticate and authorize, but in recent years Come some leaking datas for repeatedly occurring and the safety problems such as distort and be enough to show: trusted third party be not always it is credible, They may can betray the security information such as data or the access control of user for interests.On the other hand, user is also possible to dislike Meaning declares loss of data to ask for great number reparation to service provider.Trust missing between cloud storage platform and user has influenced To the development of cloud storage technology, need current to solve the problems, such as with some new methods and new technological means.
It is at present in terms of data integrity, to cloud data manipulation behavior auditing mostly to the research of cloud Data Audit Research it is less, the audit of operation behavior based on log recording is non-for confirmation attribution of liability, retrospect user data and limitation Method operation etc. all has very great help, and can effectively alleviate the trust problem between user and cloud storage provider.
Summary of the invention
In view of the drawbacks of the prior art, it is an object of the invention to solve prior art cloud Data Audit dependent on third Side lacks the technical issues of audit to cloud data manipulation behavior.
To achieve the above object, in a first aspect, the embodiment of the invention provides under a kind of cloud storage environment based on block The log behavior auditing method of chain, method includes the following steps:
S1. data owner and cloud service provider confer an intelligent contract jointly, and the intelligent contract is deployed to In block chain network, if deployment success, it is transferred to step S2, otherwise, is terminated;
S2. for data owner, after uploading data file to cloud storage service device end, call intelligent contract to block Chain network adds log recording;
S3. for ordinary user, intelligent contract input is called to want the behaviour carried out to data file on cloud storage service device Make solicited message, intelligent contract returns to the metadata information of data file described in ordinary user, is transferred to step S4;
S4. ordinary user initiates operation requests simultaneously to cloud storage service device according to operation requests information and metadata information Log recording is sent, judges that the operation requests are that read operation request or write operation requests are then transferred to if write operation requests Step S5;If read operation request, then step S6 is transferred to;
S5. cloud storage provider calls intelligent contract to authenticate the log recording, writes described in intelligent contract agreement receiving After the feedback of operation requests, corresponding write operation is executed according to the write operation requests, and call intelligent contract to block chain Log recording is added in network;
S6. cloud storage provider calls intelligent contract to authenticate the log recording, agrees to the reading receiving intelligent contract After the feedback of operation requests, corresponding read operation is executed according to the read operation request, the data file of request is returned to Ordinary user, and intelligent contract is called to add log recording into block chain network, it is transferred to step S7;
S7. the data file obtained when the data file of cloud storage service device return and before by intelligent contract is inconsistent When, ordinary user calls intelligent contract to initiate audit request to the data file.
More specifically, the intelligence contract includes multiple interfaces, it is specific as follows:
Upload: data owner will upload to the metadata of the data file of cloud service provider by the interface Information is recorded to block chain network, and generates the initial access record of the data file, the log note after being signed by private key for user Record is broadcasted in block chain network, and is packed up in block and is reached common understanding in block chain network;
Getfile: user obtains data file in the address L of cloud storage service device by this interface, and user is in Xiang Yuncun When storing up the server end long-range read/write requests of sending, need to obtain address and an interim token by the interface;
VerifyRequest: the interface is supplied to cloud storage provider and uses and can only be called by cloud storage provider, when It when cloud storage provider receives the operation requests of user, calls whether interface polls user has access authority first, simultaneously should Interface can obtain the accessing request information of user, and be stored in block chain network as log recording;
Grant: ordinary user is arranged to the number oneself deposited on cloud storage service device by the interface in data owner According to access authority, the interface for give ordinary user authorization, that is, assign the user to the access limit of data file;
Revoke: data owner deposits in cloud storage service to oneself by assigning ordinary user before interface revocation The access limit of data file on device;
Audit: audit user by the interface track data file life cycle, that is, know the data file when by Creation and destroy, when by ordinary user access and be performed which operation;
Logging: the interface is used to broadcast ordinary user in block chain network and accesses data file generation access log Record, and the log recording is stored to the addition of block chain, it is completed jointly by above-mentioned interface.
More specifically, the address L is url.
More specifically, step S2 is specific as follows:
S201. data owner is that each data file to be uploaded creates a number fid, and by the data file It is uploaded to cloud storage provider;
S202. data owner calls the Upload interface of intelligent contract to record the metadata information of data file to area Block chain network;
S203. data owner sends the log recording (uid, fid, type, H (X0), OPM, ts, sign) after signature Give cloud storage provider;
S204. cloud storage provider audit log records the correctness of each field, if all correct, calls intelligent conjunction Log recording is added in block chain network by Logging interface about, otherwise, terminates process;
Wherein, uid is user's unique identification number of remote access data, and fid is the unique of accessed data file Mark, type are action type of the user to data file, and H (X0) is by preoperative data cryptographic Hash;Ts is current time Stamp;Sign is the signature that the user of current accessed data generates access record using its private key;OPM is that open data are traced to the source Model.
More specifically, the operation requests information is (type, fid), wherein type is operation of the user to data file Type, type have tri- kinds of Create, Read, Write, respectively indicate and upload data, read data and write data;Fid is accessed Data file unique identification;The metadata information of the data file includes ground of the data file on cloud storage service device Location L, data file are by preoperative cryptographic Hash and token token.
More specifically, the read operation request be (read, L, H (X0), token), the write operation requests be (write, L,H(Xn),token);Log recording described in step S4 by access record (uid, fid, type, H (X0), H (Xn), OPM, Ts, sign) private key signature generation;
Wherein, uid is user's unique identification number of remote access data, and fid is the unique of accessed data file Mark, type are action type of the user to data file, and H (X0) is by preoperative data cryptographic Hash;H (Xn) is to be operated Data cryptographic Hash afterwards;Ts is current time stamp;Sign is that the user of current accessed data gives birth to access record using its private key At signature;OPM is that open data are traced to the source model.
More specifically, step S5 is specific as follows:
S501. after cloud storage provider receives the request of ordinary user, audit log records the correctness of each field, If all correct, it is transferred to step S502, otherwise, terminates process;
S502. the VerifyRequest interface of intelligent contract is called to verify the identity of ordinary user, in intelligent conjunction The about access control policy of internal queries corresponding data file agrees to the request if user identity is eligible, and is transferred to step Rapid S503 refuses the request of user if not meeting, and terminates process;
S503. cloud storage provider is after receiving intelligent contract and agreeing to the feedback of the write operation requests, according to user's Request executes corresponding write operation;
S504. the log recording is added in block chain network by intelligent contract.
More specifically, step S6 is specific as follows:
S601. after cloud storage provider receives the request of user, audit log records the correctness of each field, if It is all correct, then it is transferred to step S602, otherwise, terminates process;
S602. the VerifyRequest interface of intelligent contract is called to verify the identity of the user, in intelligent contract The access control policy of internal queries corresponding data file agrees to the request, and be transferred to step if user identity is eligible Otherwise S603 refuses the request of user, and terminate process;
S603. cloud storage provider is after receiving intelligent contract and agreeing to the feedback of the read operation request, according to user's Request executes corresponding read operation, and the data file of request is returned to ordinary user;
S604. the log recording is added in block chain network by intelligent contract, is transferred to step S7.
More specifically, step S7 is specific as follows:
Ordinary user first calculates its hash value after the data file for receiving the transmission of cloud storage service device, then with before The newest hash value H (X0) of the data file obtained by intelligent contract is compared, and if they are the same, then proves the data file read It is correctly, otherwise, to illustrate that data file is tampered or is not newest version, user can call the Audit of intelligent contract Interface initiates audit request to the data file.
Second aspect, the embodiment of the invention provides a kind of computer readable storage medium, the computer-readable storage mediums Computer program is stored in matter, which realizes log behavior described in above-mentioned first aspect when being executed by processor Auditing method.
In general, through the invention it is contemplated above technical scheme is compared with the prior art, have below beneficial to effect Fruit:
1. the present invention is transferred to block chain by storing cloud log from cloud storage provider, center is gone to using block chain The features such as changing, going trustization and high reliability, ensure that the safety and integrality of daily record data.
2. the present invention makes block chain network provide the read-write interface and audit structure of log using intelligent contract, and is directed to Interaction design between user and cloud service provider data access process, it is ensured that user and cloud storage both sides can be by days Will is fully recorded in block chain network, and can not log recording be denied and be distorted.
Detailed description of the invention
Fig. 1 is the log behavior audit model signal based on block chain under a kind of cloud storage environment provided by the invention Figure;
Fig. 2 is the log behavior auditing method process based on block chain under a kind of cloud storage environment provided by the invention Figure;
Fig. 3 is the flow chart of step S2 provided by the invention;
Fig. 4 is the flow chart provided by the invention that the data for being stored in cloud storage service device are carried out with long-range write operation;
Fig. 5 is the flow chart provided by the invention that the data for being stored in cloud storage service device are carried out with long-range read operation.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and It is not used in the restriction present invention.
Fig. 1 is the log behavior audit model signal based on block chain under a kind of cloud storage environment provided by the invention Figure.As shown in Figure 1, the log behavior audit model includes consisting of part:
Cloud storage user: being made of data owner and ordinary user's these two types, can be individual or tissue.Data are gathered around The person of havingData can be uploaded to cloud storage provider, while broadcast this upload operation in block chain network and being remembered by block chain Record the lower operation log;Ordinary userThen mainly cloud data are written and read, while being broadcasted in block chain network And record its operation note.
Cloud storage provider: according to the demand of user, the resource virtualized is with memory resource pool by cloud storage provider Mode be supplied to user and freely use.User can upload data to cloud data server and carry out remote read-write behaviour to data Make, while cloud storage provider is added block chain network and verifies together with user to log recording.
Block chain network: user and cloud storage provider are as the entire block chain network of node composition, each node equality Ground receives the information of the operation note of user node broadcast, enters block for information package is recorded by digging mine algorithm.Entire block chain Network stores operation behavior log as a distributed data base.
Auditing by third party person: possessing professional knowledge not available for user and ability, can represent user's periodical audit and deposit The integrality for storing up all data in cloud storage service device, so that the mode of more simple economy is provided for user, to ensure it Data can be correctly stored in cloud.
Log recording cannot be denied to make cloud storage user and cloud storage provider both sides, at record one The confirmation for needing to obtain both sides when log, the present invention provides the log behaviors based on block chain under a kind of cloud storage environment to examine Meter method, each interface needed for this method process are write by intelligent contract, guarantee that both sides can not deny its behavior, from And the log recording in block chain network is made to be completely believable.
Fig. 2 is the log behavior auditing method process based on block chain under a kind of cloud storage environment provided by the invention Figure.As shown in Fig. 2, method includes the following steps:
S1. data owner and cloud service provider confer an intelligent contract jointly, and the intelligent contract is deployed to In block chain network, if deployment success, it is transferred to step S2, otherwise, is terminated;
S2. for data owner, after uploading data file to cloud storage service device end, call intelligent contract to block Chain network adds log recording;
S3. for ordinary user, intelligent contract input is called to want the behaviour carried out to data file on cloud storage service device Make solicited message, intelligent contract returns to the metadata information of data file described in ordinary user, is transferred to step S4;
S4. ordinary user initiates operation requests simultaneously to cloud storage service device according to operation requests information and metadata information Log recording is sent, judges that the operation requests are that read operation request or write operation requests are then transferred to if write operation requests Step S5;If read operation request, then step S6 is transferred to;
S5. cloud storage provider calls intelligent contract to authenticate the log recording, writes described in intelligent contract agreement receiving After the feedback of operation requests, corresponding write operation is executed according to the write operation requests, and call intelligent contract to block chain Log recording is added in network;
S6. cloud storage provider calls intelligent contract to authenticate the log recording, agrees to the reading receiving intelligent contract After the feedback of operation requests, corresponding read operation is executed according to the read operation request, the data file of request is returned to Ordinary user, and intelligent contract is called to add log recording into block chain network, it is transferred to step S7;
S7. the data file obtained when the data file of cloud storage service device return and before by intelligent contract is inconsistent When, ordinary user calls intelligent contract to initiate audit request to the data file.
Step S1. data owner and cloud service provider confer an intelligent contract jointly, by the intelligent contract portion In administration to block chain network, if deployment success, it is transferred to step S2, otherwise, is terminated.
Firstly, system is initialized, an intelligent contract rule is conferred by user and cloud service provider jointly, Then this contract is deployed in block chain network, the process of contract deployment is to initiate one to receive the transaction that address is 0, the friendship Easy data field can include the contract code for being compiled into bytecode.The transaction is broadcasted in block chain network, by node It receives and is packaged into block, a unique contract address can be obtained at this time, we can pass through this call by location contract.Due to Transaction comprising contract code is packed up in block, and reaches common understanding in the whole network, thus contract code cannot be tampered, we It can trust that this section of code is bound to go to run according to the rule that we are worked out.The process can be provided to user terminal and cloud service Side returns to intelligent contract address.
Intelligent contract includes multiple interfaces, and user, cloud storage provider and evidence obtaining investigation side with lower interface by being realized Log recording and audit work:
Upload: data owner will upload to the metadata of the data file of cloud service provider by the interface Information is recorded to block chain network, and generates the initial access record of the data file, the log note after being signed by private key for user Record is broadcasted in block chain network, and is packed up in block and is reached common understanding in block chain network.
Log recording is considered transaction data and is packaged into block.
Getfile: user obtains data file in the address L of cloud storage service device by this interface, and user is in Xiang Yuncun When storing up the server end long-range read/write requests of sending, need to obtain address and an interim token by the interface.
Preferably, the address L is url.Intelligent contract will record this behavior as one after receiving the request and ask in advance Log is asked, is audited for subsequent to user's operation behavior, while token can prevent user from directly calling using last The url that Getfile interface obtains files a request to cloud storage service device.
VerifyRequest: the interface is supplied to cloud storage provider and uses and can only be called by cloud storage provider, when It when cloud storage provider receives the operation requests of user, calls whether interface polls user has access authority first, simultaneously should Interface can obtain the accessing request information of user, and be stored in block chain network as log recording.
Grant: ordinary user is arranged to the number oneself deposited on cloud storage service device by the interface in data owner According to access authority, the interface for give ordinary user authorization, that is, assign the user to the access limit of data file.
Revoke: data owner deposits in cloud storage service to oneself by assigning ordinary user before interface revocation The access limit of data file on device.
Audit: audit user by the interface track data file life cycle, that is, know the data file when by Creation and destroy, when by ordinary user access and be performed which operation.
Logging: the interface is used to broadcast ordinary user in block chain network and accesses data file generation access log Record, and the log recording is stored to the addition of block chain, it is completed jointly by above-mentioned interface.
Step S2. is for data owner, after uploading data file to cloud storage service device end, call intelligent contract to Block chain network adds log recording.
Create access operation of the step S2 corresponding data owner to data.After contract deployment success, system is i.e. Initialization is completed.Next, can all call the Upload interface of intelligent contract after data owner uploads data to cloud It uploads file metadata and a log recording is written, calling the process of intelligent contract is to broadcast one in block chain network The process of transaction, this transaction receive address as intelligent contract address, contain the parameter of sender's offer in data field, Transaction simultaneously includes the signature of sender and can be by other node verification.
When transaction will execute this intelligent contract by the reception of other nodes and save corresponding state variable, quilt of then trading Be packaged into block, and reach common understanding in the whole network, this intelligent postrun state of contract is just confirmed by the whole network, therefore file metadata and Log recording can be written into block chain and can not be tampered.
Data owner can also be paper formulation access control policy by Grant interface and Revoke interface.When this In the broadcast of block chain network, receiving node can verify the signature of transaction and only data owner can formulate plan for transaction Slightly, otherwise this time calling can be considered as invalid operation.
Fig. 3 is the flow chart of step S2 provided by the invention.As shown in figure 3, step S2 is specific as follows:
S201. data owner is that each data file to be uploaded creates a number fid, and by the data file It is uploaded to cloud storage provider;
S202. data owner calls the Upload interface of intelligent contract to record the metadata information of data file to area Block chain network.
S203. data owner sends the log recording (uid, fid, type, H (X0), OPM, ts, sign) after signature Give cloud storage provider.
Subsidiary user's signature may insure that user can not deny this operation behavior on log recording.
S204. cloud storage provider audit log records the correctness of each field, if all correct, calls intelligent conjunction Log recording is added in block chain network by Logging interface about, otherwise, terminates process;
Wherein, uid is user's unique identification number of remote access data, and fid is the unique of accessed data file Mark, type are action type of the user to data file, and H (X0) is by preoperative data cryptographic Hash;Ts is current time Stamp;Sign is the signature that the user of current accessed data generates access record using its private key;OPM is that open data are traced to the source Model.
For example, checking whether user uid is correct, and whether action type corresponds to, then verifies the validity of user's signature, finally Whether the cryptographic Hash for calculating data file is identical as H (X0), if being all that correctly, can call the Logging of intelligent contract Log recording is written in block chain network interface.
Step S3. calls intelligent contract input to want to carry out data file on cloud storage service device ordinary user Operation requests information, intelligent contract returns to the metadata information of data file described in ordinary user, is transferred to step S4;
Specifically, the operation requests information is (type, fid), wherein type is operation class of the user to data file Type, type have tri- kinds of Create, Read, Write, respectively indicate and upload data, read data and write data;Fid is accessed The unique identification of data file.The metadata information of the data file includes address of the data file on cloud storage service device L, data file is by preoperative cryptographic Hash and token token.File owners are further comprised to specified by file simultaneously Access control policy is realized using an accesses control list in the present system.
Step S4. ordinary user initiates operation to cloud storage service device and asks according to operation requests information and metadata information Log recording is sought and sent, judges that the operation requests are read operation request or write operation requests, if write operation requests, then It is transferred to step S5;If read operation request, then step S6 is transferred to.
Specifically, read operation request be (read, L, H (X0), token), write operation requests be (write, L, H (Xn), token);Log recording described in step S4 is private by access record (uid, fid, type, H (X0), H (Xn), OPM, ts, sign) Key signature generates;
Wherein, uid is user's unique identification number of remote access data, and fid is the unique of accessed data file Mark, type are action type of the user to data file, and H (X0) is by preoperative data cryptographic Hash;H (Xn) is to be operated Data cryptographic Hash afterwards;Ts is current time stamp;Sign is that the user of current accessed data gives birth to access record using its private key At signature;OPM is that open data are traced to the source model.
Step S5. cloud storage provider calls intelligent contract to authenticate the log recording, agrees to institute receiving intelligent contract After the feedback for stating write operation requests, corresponding write operation is executed according to the write operation requests, and call intelligent contract to area Log recording is added in block chain network.
Fig. 4 is the flow chart provided by the invention that the data for being stored in cloud storage service device are carried out with long-range write operation.Such as Shown in Fig. 4, step S5 is specific as follows:
S501. after cloud storage provider receives the request of ordinary user, audit log records the correctness of each field, If all correct, it is transferred to step S502, otherwise, terminates process;
S502. the VerifyRequest interface of intelligent contract is called to verify the identity of ordinary user, in intelligent conjunction The about access control policy of internal queries corresponding data file agrees to the request if user identity is eligible, and is transferred to step Rapid S503 refuses the request of user if not meeting, and terminates process;
S503. cloud storage provider is after receiving intelligent contract and agreeing to the feedback of the write operation requests, according to user's Request executes corresponding write operation;
S504. the log recording is added in block chain network by intelligent contract.
Step S6. cloud storage provider calls intelligent contract to authenticate the log recording, agrees to institute receiving intelligent contract After the feedback for stating read operation request, corresponding read operation is executed according to the read operation request, the data file of request is returned Back to ordinary user, and intelligent contract is called to add log recording into block chain network, is transferred to step S7.
Fig. 5 is the flow chart provided by the invention that the data for being stored in cloud storage service device are carried out with long-range read operation.Such as Shown in Fig. 5, step S6 is specific as follows:
S601. after cloud storage provider receives the request of user, audit log records the correctness of each field, if It is all correct, then it is transferred to step S602, otherwise, terminates process;
S602. the VerifyRequest interface of intelligent contract is called to verify the identity of the user, in intelligent contract The access control policy of internal queries corresponding data file agrees to the request, and be transferred to step if user identity is eligible Otherwise S603 refuses the request of user, and terminate process;
S603. cloud storage provider is after receiving intelligent contract and agreeing to the feedback of the read operation request, according to user's Request executes corresponding read operation, and the data file of request is returned to ordinary user;
S604. the log recording is added in block chain network by intelligent contract, is transferred to step S7.
Step S7. works as the data file that cloud storage service device returns and passes through the data file of intelligent contract acquisition before not When consistent, ordinary user calls intelligent contract to initiate audit request to the data file.
Ordinary user first calculates its hash value after the data for receiving the transmission of cloud storage service device, then with pass through before The newest hash value H (X0) of data that intelligent contract obtains is compared, if they are the same, then prove the data read be it is correct, it is no Then, illustrate that data are tampered or are not newest versions, at this point, user can call the Audit interface of intelligent contract to this Data file initiates audit request.
Only can just be concerned about whether data are destroyed or malice is distorted when reading data, there is no this to need when writing data It asks, but intelligent contract is also provided with interface, user can carry out integrality audit to data by the interface at any time. It can be based on the extraction and analysis to log recording to the audit of data operation behavior.Call intelligence first when there is audit demand The audit interface of contract, returns result to the user to file a request after being examined by intelligent contract log recording.
The present invention provides three audit functions, and it is open to all users to can be used as public audit interface Audit.It can To be called by auditing by third party person, it is also possible to other any users.These three audit functions are respectively: obtaining file Life Cycle Phase, inquiry illegal user and verifying file integrality.
It obtains file life cycle one data file is provided and be deleted all operation notes experienced from uploading to.
Which user inquiry illegal user, which is provided with, attempts to carry out illegal operation, so as to take one to these users A little punitive measures or the in time permission of revocation malicious user.By comparing the Getfile request issued and VerifyRequest Whether the request of sending is consistent, and illustrates that user has initiated illegal request if the request of the two operation is inconsistent, should User is illegal user.
Verifying file integrality be supplied to user's checking its obtain file whether be tampered with.By by the Kazakhstan of data Uncommon value is compared with the data cryptographic Hash in state-of-the-art record, if it is inconsistent, illustrating that the integrality of data is destroyed.
More than, the only preferable specific embodiment of the application, but the protection scope of the application is not limited thereto, and it is any Within the technical scope of the present application, any changes or substitutions that can be easily thought of by those familiar with the art, all answers Cover within the scope of protection of this application.Therefore, the protection scope of the application should be subject to the protection scope in claims.

Claims (10)

1. the log behavior auditing method based on block chain under a kind of cloud storage environment, which is characterized in that this method include with Lower step:
S1. data owner and cloud service provider confer an intelligent contract jointly, and the intelligent contract is deployed to block In chain network, if deployment success, it is transferred to step S2, otherwise, is terminated;
S2. for data owner, after uploading data file to cloud storage service device end, call intelligent contract to block link network Network adds log recording;
S3. for ordinary user, intelligent contract input is called to want to ask the operation that data file on cloud storage service device carries out Information is sought, intelligent contract returns to the metadata information of data file described in ordinary user, is transferred to step S4;
S4. ordinary user initiates operation requests to cloud storage service device and sends according to operation requests information and metadata information Log recording judges that the operation requests are that read operation request or write operation requests if write operation requests are then transferred to step S5;If read operation request, then step S6 is transferred to;
S5. cloud storage provider calls intelligent contract to authenticate the log recording, agrees to the write operation receiving intelligent contract After the feedback of request, corresponding write operation is executed according to the write operation requests, and call intelligent contract to block chain network Middle addition log recording;
S6. cloud storage provider calls intelligent contract to authenticate the log recording, agrees to the read operation receiving intelligent contract After the feedback of request, corresponding read operation is executed according to the read operation request, the data file of request is returned to commonly User, and intelligent contract is called to add log recording into block chain network, it is transferred to step S7;
S7. the data file obtained when the data file of cloud storage service device return and before by intelligent contract is inconsistent, general Intelligent contract is called to initiate audit request to the data file in general family.
2. log behavior auditing method as described in claim 1, which is characterized in that the intelligence contract includes multiple interfaces, It is specific as follows:
Upload: data owner will upload to the metadata information of the data file of cloud service provider by the interface It records to block chain network, and generates the initial access record of the data file, the log recording after being signed by private key for user exists Block chain network is broadcasted, and is packed up in block and is reached common understanding in block chain network;
Getfile: user obtains data file in the address L of cloud storage service device by this interface, and user takes to cloud storage When the device end long-range read/write requests of sending of being engaged in, need to obtain address and an interim token by the interface;
VerifyRequest: the interface is supplied to cloud storage provider and uses and can only be called by cloud storage provider, when cloud is deposited When storage provider receives the operation requests of user, call whether interface polls user has access authority, while the interface first The accessing request information of user can be obtained, and is stored in block chain network as log recording;
Grant: ordinary user is arranged to the data oneself deposited on cloud storage service device by the interface in data owner Access authority, the interface are used to authorize to ordinary user, that is, assign the user to the access limit of data file;
Revoke: data owner is by assigning ordinary user to oneself depositing on cloud storage service device before interface revocation Data file access limit;
Audit: audit user tracks the life cycle of data file by the interface, that is, knows when the data file is created It is operated with destroying, when which accessing and was performed by ordinary user;
Logging: the interface is used to broadcast ordinary user in block chain network and accesses data file generation access log record, And the log recording is stored to the addition of block chain, it is completed jointly by above-mentioned interface.
3. log behavior auditing method as claimed in claim 2, which is characterized in that the address L is url.
4. log behavior auditing method as claimed in claim 2, which is characterized in that step S2 is specific as follows:
S201. data owner is that each data file to be uploaded creates a number fid, and the data file is uploaded To cloud storage provider;
S202. data owner calls the Upload interface of intelligent contract to record the metadata information of data file to block chain Network;
S203. the log recording (uid, fid, type, H (X0), OPM, ts, sign) after signature is sent to cloud by data owner Store provider;
S204. cloud storage provider audit log records the correctness of each field, if all correct, calls intelligent contract Log recording is added in block chain network by Logging interface, otherwise, terminates process;
Wherein, uid is user's unique identification number of remote access data, and fid is the unique identification of accessed data file, Type is action type of the user to data file, and H (X0) is by preoperative data cryptographic Hash;Ts is current time stamp; Sign is the signature that the user of current accessed data generates access record using its private key;OPM is that open data are traced to the source mould Type.
5. log behavior auditing method as claimed in claim 2, which is characterized in that the operation requests information be (type, Fid), wherein type is action type of the user to data file, and type has tri- kinds of Create, Read, Write, respectively indicates Data are uploaded, data is read and writes data;Fid is the unique identification of accessed data file;The metadata of the data file Information includes address L of the data file on cloud storage service device, data file by preoperative cryptographic Hash and token token。
6. log behavior auditing method as claimed in claim 5, which is characterized in that read operation request be (read, L, H (X0), Token), write operation requests are (write, L, H (Xn), token);Log recording described in step S4 by access record (uid, Fid, type, H (X0), H (Xn), OPM, ts, sign) private key signature generation;
Wherein, uid is user's unique identification number of remote access data, and fid is the unique identification of accessed data file, Type is action type of the user to data file, and H (X0) is by preoperative data cryptographic Hash;H (Xn) is after being operated Data cryptographic Hash;Ts is current time stamp;Sign is that the user of current accessed data generates access record using its private key Signature;OPM is that open data are traced to the source model.
7. log behavior auditing method as claimed in claim 2, which is characterized in that step S5 is specific as follows:
S501. after cloud storage provider receives the request of ordinary user, audit log records the correctness of each field, if It is all correct, then it is transferred to step S502, otherwise, terminates process;
S502. the VerifyRequest interface of intelligent contract is called to verify the identity of ordinary user, in intelligent contract The access control policy of portion's inquiry corresponding data file agrees to the request, and be transferred to step if user identity is eligible S503 refuses the request of user if not meeting, and terminates process;
S503. cloud storage provider is after receiving intelligent contract and agreeing to the feedback of the write operation requests, according to the request of user Execute corresponding write operation;
S504. the log recording is added in block chain network by intelligent contract.
8. log behavior auditing method as claimed in claim 2, which is characterized in that step S6 is specific as follows:
S601. after cloud storage provider receives the request of user, audit log records the correctness of each field, if all just Really, then it is transferred to step S602, otherwise, terminates process;
S602. the VerifyRequest interface of intelligent contract is called to verify the identity of the user, inside intelligent contract The access control policy of inquiry corresponding data file agrees to the request, and be transferred to step if user identity is eligible Otherwise S603 refuses the request of user, and terminate process;
S603. cloud storage provider is after receiving intelligent contract and agreeing to the feedback of the read operation request, according to the request of user Corresponding read operation is executed, and the data file of request is returned into ordinary user;
S604. the log recording is added in block chain network by intelligent contract, is transferred to step S7.
9. log behavior auditing method as claimed in claim 2, which is characterized in that step S7 is specific as follows:
Ordinary user first calculates its hash value after the data file for receiving the transmission of cloud storage service device, then with pass through before The newest hash value H (X0) of data file that intelligent contract obtains is compared, and if they are the same, then proves that the data file read is just It is true, otherwise, illustrate that data file is tampered or is not newest version, user can call the Audit interface of intelligent contract Audit request is initiated to the data file.
10. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has computer journey Sequence, the computer program realize log behavior auditing party as described in any one of claim 1 to 9 when being executed by processor Method.
CN201811126706.7A 2018-09-26 2018-09-26 Log behavior auditing method based on block chain in cloud storage environment Active CN109190410B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811126706.7A CN109190410B (en) 2018-09-26 2018-09-26 Log behavior auditing method based on block chain in cloud storage environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811126706.7A CN109190410B (en) 2018-09-26 2018-09-26 Log behavior auditing method based on block chain in cloud storage environment

Publications (2)

Publication Number Publication Date
CN109190410A true CN109190410A (en) 2019-01-11
CN109190410B CN109190410B (en) 2020-05-19

Family

ID=64907256

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811126706.7A Active CN109190410B (en) 2018-09-26 2018-09-26 Log behavior auditing method based on block chain in cloud storage environment

Country Status (1)

Country Link
CN (1) CN109190410B (en)

Cited By (54)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109815203A (en) * 2019-02-12 2019-05-28 山东超越数控电子股份有限公司 A kind of log audit method and system based on block chain
CN109829334A (en) * 2019-01-30 2019-05-31 复旦大学 Data box configuration, use and bookkeeping methods and its operation system based on block chain
CN109862103A (en) * 2019-02-26 2019-06-07 上海南潮信息科技有限公司 File data secure sharing method and device based on block chain
CN109903046A (en) * 2019-02-02 2019-06-18 中国互联网络信息中心 User data management and device based on block chain
CN109902074A (en) * 2019-04-17 2019-06-18 江苏全链通信息科技有限公司 Log storing method and system based on data center
CN109977089A (en) * 2019-03-13 2019-07-05 深圳壹账通智能科技有限公司 Blog management method, device, computer equipment and computer readable storage medium
CN110048828A (en) * 2019-04-17 2019-07-23 江苏全链通信息科技有限公司 Log storing method and system based on data center
CN110138733A (en) * 2019-04-03 2019-08-16 华南理工大学 Object storage system based on block chain is credible to deposit card and access right control method
CN110263584A (en) * 2019-06-19 2019-09-20 华中科技大学 A kind of data integrity auditing method and system based on block chain
CN110365766A (en) * 2019-07-12 2019-10-22 全链通有限公司 Cloud storage method, equipment and computer readable storage medium based on block chain
CN110417909A (en) * 2019-08-07 2019-11-05 中国联合网络通信集团有限公司 Wireless network remote entry method and system
CN110414270A (en) * 2019-08-01 2019-11-05 谈建中 A kind of personal data protection system and method based on block chain
CN110430248A (en) * 2019-07-23 2019-11-08 平安科技(深圳)有限公司 Block chain building method, apparatus, medium and electronic equipment based on cloud service
CN110457875A (en) * 2019-07-31 2019-11-15 阿里巴巴集团控股有限公司 Data grant method and device based on block chain
CN110457898A (en) * 2019-07-29 2019-11-15 阿里巴巴集团控股有限公司 Operation note storage method, device and equipment based on credible performing environment
CN110473096A (en) * 2019-07-31 2019-11-19 阿里巴巴集团控股有限公司 Data grant method and device based on intelligent contract
CN110473094A (en) * 2019-07-31 2019-11-19 阿里巴巴集团控股有限公司 Data grant method and device based on block chain
CN110677407A (en) * 2019-09-26 2020-01-10 北京笔新互联网科技有限公司 Safety control method of lightweight block chain platform
CN110798478A (en) * 2019-11-06 2020-02-14 中国联合网络通信集团有限公司 Data processing method and device
CN111092745A (en) * 2019-10-12 2020-05-01 深圳壹账通智能科技有限公司 Log processing method and device based on block chain, computer equipment and storage medium
CN111131191A (en) * 2019-12-10 2020-05-08 山东超越数控电子股份有限公司 Method and system for auditing cloud storage service operation and cloud storage system
CN111177096A (en) * 2019-12-11 2020-05-19 招银云创(深圳)信息技术有限公司 Log management method and device, computer equipment and storage medium
CN111339550A (en) * 2020-02-01 2020-06-26 成都理工大学 Comment information credibility method based on block chain technology
CN111428207A (en) * 2020-04-23 2020-07-17 重庆邮电大学 Digital copyright registration and transaction method based on block chain technology
CN111448565A (en) * 2020-02-14 2020-07-24 支付宝(杭州)信息技术有限公司 Data authorization based on decentralized identity
CN111611614A (en) * 2020-04-29 2020-09-01 南京财经大学 Block chain based malicious auditor resistant cloud storage public auditing method and system
CN111698278A (en) * 2020-04-10 2020-09-22 湖南大学 Multi-cloud data storage method based on block chain
US10783054B2 (en) 2019-07-29 2020-09-22 Alibaba Group Holding Limited Method, apparatus, and device for storing operation record based on trusted execution environment
CN111797142A (en) * 2020-07-06 2020-10-20 北京荷月科技有限公司 Method and system for auditing data on link
CN111950020A (en) * 2020-07-20 2020-11-17 北京思特奇信息技术股份有限公司 Block chain based data sharing system, method, computing device and storage medium
CN111949651A (en) * 2019-05-17 2020-11-17 国际商业机器公司 Trace data transmission
CN112134698A (en) * 2020-09-10 2020-12-25 江苏大学 Block chain-based vehicle-to-vehicle rapid communication authentication method and system for Internet of vehicles
CN112134869A (en) * 2020-09-16 2020-12-25 北方工业大学 Cloud service examination system and examination method based on block chain
CN112307233A (en) * 2020-10-30 2021-02-02 圆通速递有限公司 Repeated image deleting method and system in cloud storage based on block chain
CN112306983A (en) * 2020-11-18 2021-02-02 武汉德尔达科技有限公司 Ship electronic turbine log system and data protection method
CN112417496A (en) * 2020-10-28 2021-02-26 北京八分量信息科技有限公司 Method for realizing white list based on intelligent contract based on deep learning
US10936581B2 (en) 2019-08-30 2021-03-02 Advanced New Technologies Co., Ltd. Blockchain transaction processing method and apparatus
CN112434040A (en) * 2020-11-30 2021-03-02 泰康保险集团股份有限公司 Data storage method, data acquisition method, device, system and equipment
WO2021036170A1 (en) * 2019-08-30 2021-03-04 创新先进技术有限公司 Blockchain transaction processing method and apparatus
CN112448946A (en) * 2020-11-09 2021-03-05 北京工业大学 Log auditing method and device based on block chain
CN112527825A (en) * 2019-09-19 2021-03-19 上海哔哩哔哩科技有限公司 Data storage method and device and computer equipment
CN112564985A (en) * 2020-12-24 2021-03-26 南京联成科技发展股份有限公司 Safe operation and maintenance management method based on block chain
WO2021057165A1 (en) * 2019-09-25 2021-04-01 支付宝(杭州)信息技术有限公司 Method for concurrently executing transactions in blockchain, and device
US11057189B2 (en) 2019-07-31 2021-07-06 Advanced New Technologies Co., Ltd. Providing data authorization based on blockchain
CN113094754A (en) * 2021-05-08 2021-07-09 重庆银行股份有限公司 Big data platform data modification system and modification, response, cache and verification method
WO2021154157A1 (en) * 2020-01-31 2021-08-05 Agency For Science, Technology And Research Blockchain-based data exchange
CN113285812A (en) * 2021-07-26 2021-08-20 西南石油大学 Cloud storage self-auditing method based on SGX and Ether house block chain
CN113382073A (en) * 2021-06-08 2021-09-10 重庆邮电大学 Monitoring system and method for edge nodes in cloud edge-side industrial control system
CN113486082A (en) * 2021-06-28 2021-10-08 电子科技大学 Outsourcing data access control system based on block chain
CN113836237A (en) * 2021-09-30 2021-12-24 北京中经惠众科技有限公司 Method and device for auditing data operation of database
US11251963B2 (en) 2019-07-31 2022-02-15 Advanced New Technologies Co., Ltd. Blockchain-based data authorization method and apparatus
US11252166B2 (en) 2019-07-31 2022-02-15 Advanced New Technologies Co., Ltd. Providing data authorization based on blockchain
US11310051B2 (en) 2020-01-15 2022-04-19 Advanced New Technologies Co., Ltd. Blockchain-based data authorization method and apparatus
US11768821B1 (en) 2022-03-23 2023-09-26 International Business Machines Corporation Blockchain based multi vendor change monitoring system

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110084069B (en) * 2019-04-17 2021-05-11 江苏全链通信息科技有限公司 Server log monitoring method and system based on block chain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106650478A (en) * 2016-12-28 2017-05-10 上海优刻得信息科技有限公司 Data operation management device and method
US20170163733A1 (en) * 2015-12-02 2017-06-08 Olea Networks, Inc. System and method for data management structure using auditable delta records in a distributed environment
CN107707410A (en) * 2017-10-26 2018-02-16 上海点融信息科技有限责任公司 Configure method, information processor and the readable storage medium storing program for executing of system audit service
CN108446407A (en) * 2018-04-12 2018-08-24 北京百度网讯科技有限公司 Database audit method based on block chain and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170163733A1 (en) * 2015-12-02 2017-06-08 Olea Networks, Inc. System and method for data management structure using auditable delta records in a distributed environment
CN106650478A (en) * 2016-12-28 2017-05-10 上海优刻得信息科技有限公司 Data operation management device and method
CN107707410A (en) * 2017-10-26 2018-02-16 上海点融信息科技有限责任公司 Configure method, information processor and the readable storage medium storing program for executing of system audit service
CN108446407A (en) * 2018-04-12 2018-08-24 北京百度网讯科技有限公司 Database audit method based on block chain and device

Cited By (73)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109829334A (en) * 2019-01-30 2019-05-31 复旦大学 Data box configuration, use and bookkeeping methods and its operation system based on block chain
CN109829334B (en) * 2019-01-30 2022-12-20 复旦大学 Block chain-based data box configuration, use and accounting method and operation system thereof
CN109903046A (en) * 2019-02-02 2019-06-18 中国互联网络信息中心 User data management and device based on block chain
CN109815203A (en) * 2019-02-12 2019-05-28 山东超越数控电子股份有限公司 A kind of log audit method and system based on block chain
CN109862103A (en) * 2019-02-26 2019-06-07 上海南潮信息科技有限公司 File data secure sharing method and device based on block chain
CN109977089A (en) * 2019-03-13 2019-07-05 深圳壹账通智能科技有限公司 Blog management method, device, computer equipment and computer readable storage medium
CN110138733A (en) * 2019-04-03 2019-08-16 华南理工大学 Object storage system based on block chain is credible to deposit card and access right control method
CN109902074A (en) * 2019-04-17 2019-06-18 江苏全链通信息科技有限公司 Log storing method and system based on data center
CN110048828A (en) * 2019-04-17 2019-07-23 江苏全链通信息科技有限公司 Log storing method and system based on data center
CN111949651A (en) * 2019-05-17 2020-11-17 国际商业机器公司 Trace data transmission
CN110263584A (en) * 2019-06-19 2019-09-20 华中科技大学 A kind of data integrity auditing method and system based on block chain
CN110365766A (en) * 2019-07-12 2019-10-22 全链通有限公司 Cloud storage method, equipment and computer readable storage medium based on block chain
CN110430248B (en) * 2019-07-23 2022-03-25 平安科技(深圳)有限公司 Block chain construction method, device, medium and electronic equipment based on cloud service
CN110430248A (en) * 2019-07-23 2019-11-08 平安科技(深圳)有限公司 Block chain building method, apparatus, medium and electronic equipment based on cloud service
CN110457898A (en) * 2019-07-29 2019-11-15 阿里巴巴集团控股有限公司 Operation note storage method, device and equipment based on credible performing environment
US10783054B2 (en) 2019-07-29 2020-09-22 Alibaba Group Holding Limited Method, apparatus, and device for storing operation record based on trusted execution environment
US11057189B2 (en) 2019-07-31 2021-07-06 Advanced New Technologies Co., Ltd. Providing data authorization based on blockchain
CN110473094B (en) * 2019-07-31 2021-05-18 创新先进技术有限公司 Data authorization method and device based on block chain
US11831656B2 (en) 2019-07-31 2023-11-28 Advanced New Technologies Co., Ltd. Providing data authorization based on blockchain
CN110473094A (en) * 2019-07-31 2019-11-19 阿里巴巴集团控股有限公司 Data grant method and device based on block chain
CN110457875A (en) * 2019-07-31 2019-11-15 阿里巴巴集团控股有限公司 Data grant method and device based on block chain
CN110473096A (en) * 2019-07-31 2019-11-19 阿里巴巴集团控股有限公司 Data grant method and device based on intelligent contract
US11398914B2 (en) 2019-07-31 2022-07-26 Advanced New Technologies Co., Ltd. Blockchain-based data authorization method and apparatus
US11251963B2 (en) 2019-07-31 2022-02-15 Advanced New Technologies Co., Ltd. Blockchain-based data authorization method and apparatus
US11252166B2 (en) 2019-07-31 2022-02-15 Advanced New Technologies Co., Ltd. Providing data authorization based on blockchain
CN110414270B (en) * 2019-08-01 2022-12-06 谈建中 Personal data protection system and method based on block chain
CN110414270A (en) * 2019-08-01 2019-11-05 谈建中 A kind of personal data protection system and method based on block chain
CN110417909B (en) * 2019-08-07 2022-04-08 中国联合网络通信集团有限公司 Wireless network remote login method and system
CN110417909A (en) * 2019-08-07 2019-11-05 中国联合网络通信集团有限公司 Wireless network remote entry method and system
US10936581B2 (en) 2019-08-30 2021-03-02 Advanced New Technologies Co., Ltd. Blockchain transaction processing method and apparatus
WO2021036170A1 (en) * 2019-08-30 2021-03-04 创新先进技术有限公司 Blockchain transaction processing method and apparatus
CN112527825A (en) * 2019-09-19 2021-03-19 上海哔哩哔哩科技有限公司 Data storage method and device and computer equipment
WO2021057165A1 (en) * 2019-09-25 2021-04-01 支付宝(杭州)信息技术有限公司 Method for concurrently executing transactions in blockchain, and device
CN110677407A (en) * 2019-09-26 2020-01-10 北京笔新互联网科技有限公司 Safety control method of lightweight block chain platform
CN111092745A (en) * 2019-10-12 2020-05-01 深圳壹账通智能科技有限公司 Log processing method and device based on block chain, computer equipment and storage medium
WO2021068488A1 (en) * 2019-10-12 2021-04-15 深圳壹账通智能科技有限公司 Blockchain-based log processing method and apparatus, computer device, and storage medium
CN110798478B (en) * 2019-11-06 2022-04-15 中国联合网络通信集团有限公司 Data processing method and device
CN110798478A (en) * 2019-11-06 2020-02-14 中国联合网络通信集团有限公司 Data processing method and device
CN111131191A (en) * 2019-12-10 2020-05-08 山东超越数控电子股份有限公司 Method and system for auditing cloud storage service operation and cloud storage system
CN111177096A (en) * 2019-12-11 2020-05-19 招银云创(深圳)信息技术有限公司 Log management method and device, computer equipment and storage medium
US11310051B2 (en) 2020-01-15 2022-04-19 Advanced New Technologies Co., Ltd. Blockchain-based data authorization method and apparatus
WO2021154157A1 (en) * 2020-01-31 2021-08-05 Agency For Science, Technology And Research Blockchain-based data exchange
CN111339550B (en) * 2020-02-01 2023-08-29 温州理工学院 Comment information credibility method based on blockchain technology
CN111339550A (en) * 2020-02-01 2020-06-26 成都理工大学 Comment information credibility method based on block chain technology
CN111448565B (en) * 2020-02-14 2024-04-05 支付宝(杭州)信息技术有限公司 Data authorization based on decentralised identification
CN111448565A (en) * 2020-02-14 2020-07-24 支付宝(杭州)信息技术有限公司 Data authorization based on decentralized identity
CN111698278A (en) * 2020-04-10 2020-09-22 湖南大学 Multi-cloud data storage method based on block chain
CN111428207B (en) * 2020-04-23 2023-11-14 重庆邮电大学 Digital copyright registration and transaction method based on blockchain technology
CN111428207A (en) * 2020-04-23 2020-07-17 重庆邮电大学 Digital copyright registration and transaction method based on block chain technology
CN111611614B (en) * 2020-04-29 2023-09-08 南京财经大学 Cloud storage public auditing method and system for resisting malicious auditors based on blockchain
CN111611614A (en) * 2020-04-29 2020-09-01 南京财经大学 Block chain based malicious auditor resistant cloud storage public auditing method and system
CN111797142A (en) * 2020-07-06 2020-10-20 北京荷月科技有限公司 Method and system for auditing data on link
CN111950020A (en) * 2020-07-20 2020-11-17 北京思特奇信息技术股份有限公司 Block chain based data sharing system, method, computing device and storage medium
CN111950020B (en) * 2020-07-20 2024-04-19 北京思特奇信息技术股份有限公司 Block chain-based data sharing system, method, computing device and storage medium
CN112134698A (en) * 2020-09-10 2020-12-25 江苏大学 Block chain-based vehicle-to-vehicle rapid communication authentication method and system for Internet of vehicles
CN112134869A (en) * 2020-09-16 2020-12-25 北方工业大学 Cloud service examination system and examination method based on block chain
CN112417496A (en) * 2020-10-28 2021-02-26 北京八分量信息科技有限公司 Method for realizing white list based on intelligent contract based on deep learning
CN112307233A (en) * 2020-10-30 2021-02-02 圆通速递有限公司 Repeated image deleting method and system in cloud storage based on block chain
CN112448946A (en) * 2020-11-09 2021-03-05 北京工业大学 Log auditing method and device based on block chain
CN112448946B (en) * 2020-11-09 2024-03-19 北京工业大学 Log auditing method and device based on block chain
CN112306983B (en) * 2020-11-18 2024-04-09 武汉德尔达科技有限公司 Ship electronic turbine log system and data protection method
CN112306983A (en) * 2020-11-18 2021-02-02 武汉德尔达科技有限公司 Ship electronic turbine log system and data protection method
CN112434040B (en) * 2020-11-30 2023-09-22 泰康保险集团股份有限公司 Data storage method, data acquisition method, device, system and equipment
CN112434040A (en) * 2020-11-30 2021-03-02 泰康保险集团股份有限公司 Data storage method, data acquisition method, device, system and equipment
CN112564985A (en) * 2020-12-24 2021-03-26 南京联成科技发展股份有限公司 Safe operation and maintenance management method based on block chain
CN113094754A (en) * 2021-05-08 2021-07-09 重庆银行股份有限公司 Big data platform data modification system and modification, response, cache and verification method
CN113094754B (en) * 2021-05-08 2022-11-01 重庆银行股份有限公司 Big data platform data modification system and modification, response, cache and verification method
CN113382073A (en) * 2021-06-08 2021-09-10 重庆邮电大学 Monitoring system and method for edge nodes in cloud edge-side industrial control system
CN113486082B (en) * 2021-06-28 2023-03-28 电子科技大学 Outsourcing data access control system based on block chain
CN113486082A (en) * 2021-06-28 2021-10-08 电子科技大学 Outsourcing data access control system based on block chain
CN113285812A (en) * 2021-07-26 2021-08-20 西南石油大学 Cloud storage self-auditing method based on SGX and Ether house block chain
CN113836237A (en) * 2021-09-30 2021-12-24 北京中经惠众科技有限公司 Method and device for auditing data operation of database
US11768821B1 (en) 2022-03-23 2023-09-26 International Business Machines Corporation Blockchain based multi vendor change monitoring system

Also Published As

Publication number Publication date
CN109190410B (en) 2020-05-19

Similar Documents

Publication Publication Date Title
CN109190410A (en) A kind of log behavior auditing method based on block chain under cloud storage environment
Ocheja et al. Managing lifelong learning records through blockchain
CN108023894B (en) Visa information system based on block chain and processing method thereof
CN110024357B (en) System and method for data processing using distributed ledgers
CN109376528B (en) Trusted identity management system and method based on block chain
US20170250816A1 (en) Secure sharing
CN104978239B (en) A kind of method, apparatus and system realizing more Backup Data dynamics and updating
CN108960825A (en) Electric endorsement method and device, electronic equipment based on block chain
CN108923932A (en) A kind of decentralization co-verification model and verification algorithm
CN107579958A (en) Data managing method, apparatus and system
CN105516110A (en) Mobile equipment secure data transmission method
CN103535007B (en) The administrative authentication of distributed network
CN109003185A (en) A kind of method for building up, device, calculating equipment and the storage medium of intelligence contract
CN111177252A (en) Service data processing method and device
CN109446259B (en) Data processing method and device, processor and storage medium
CN110046156A (en) Content Management System and method, apparatus, electronic equipment based on block chain
CN109242404B (en) Resume information management method, resume information management device, computer equipment and readable storage medium
CN101827101A (en) Information asset protection method based on credible isolated operating environment
CN109040024A (en) A kind of resource access right control method and system
US20210042748A1 (en) Blockchain-based secure resource management
WO2022237588A1 (en) Blockchain-based data evidence storage method and apparatus, device, and storage medium
CN109272324A (en) A kind of business function implementation method, system, equipment and computer storage medium
Razali et al. Secure Blockchain-Based Data-Sharing Model and Adoption among Intelligence Communities.
CN114357490A (en) Data sharing method, device and system based on block chain
Singh et al. Ring signature and improved multi‐transaction mode consortium blockchain‐based private information retrieval for privacy‐preserving smart parking system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant