CN110018924A - A kind of file damage preventing method based on block chain and correcting and eleting codes - Google Patents

A kind of file damage preventing method based on block chain and correcting and eleting codes Download PDF

Info

Publication number
CN110018924A
CN110018924A CN201910128898.3A CN201910128898A CN110018924A CN 110018924 A CN110018924 A CN 110018924A CN 201910128898 A CN201910128898 A CN 201910128898A CN 110018924 A CN110018924 A CN 110018924A
Authority
CN
China
Prior art keywords
files
blocks
file
block
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910128898.3A
Other languages
Chinese (zh)
Inventor
何朝民
夏宗春
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tsinghua Tongfang Co Ltd
Tongfang Co Ltd
Original Assignee
Tongfang Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tongfang Co Ltd filed Critical Tongfang Co Ltd
Priority to CN201910128898.3A priority Critical patent/CN110018924A/en
Publication of CN110018924A publication Critical patent/CN110018924A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/08Error detection or correction by redundancy in data representation, e.g. by using checking codes
    • G06F11/10Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's
    • G06F11/1004Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's to protect a block of data words, e.g. CRC or checksum
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1458Management of the backup or restore process
    • G06F11/1469Backup restoration techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Abstract

A kind of file damage preventing method based on block chain and correcting and eleting codes, is related to computer information management system field.The part for being related to encryption in the method for the present invention file is all made of rivest, shamir, adelman;Construct a distributed storage system;By a file division at multiple blocks of files comprising correcting and eleting codes, each blocks of files is unique file of the random storage in different PC servers after encryption;Construct a file management system based on block chain;Data public key encryption in metadata account book, can only could be decrypted and reading of content with private key.The method of the present invention includes five parts, is respectively as follows: the storage of (one) file, (two) file is read, (three) recovery is tampered file, (four) restore missing blocks of files, (five) restore blocks of files on failed storage node.Compared with the existing technology, present invention incorporates block chain can not tamper and correcting and eleting codes Data Protection Technologies, considerably increased by the solution of system file storage safety.

Description

A kind of file damage preventing method based on block chain and correcting and eleting codes
Technical field
The present invention relates to computer information management system field, the file for being based particularly on block chain and correcting and eleting codes is tamper-proof Method.
Background technique
In the system that a meeting generates heap file, as internet log retains system, video monitoring system, charge system Data file is being generated all the time Deng, these systems, these data files can be left concentratedly into a storage system.For It prevents these files from unexpectedly being destroyed, in the prior art, has following mode mainly to carry out the protection of file.
Protection for file storage medium rank.In a memory node, storage system can do some redundancy protectings Measure is such as RAID-5 to disk, does redundancy backup etc. to the controller of storage.The protection of these safeguard measures is when storage is situated between When matter breaks down not available, the file being stored on these storage mediums still can normally be read.
Protection for document storing section point rank.A storage section is only protected and is prevented in the protection of storage medium rank File caused by storage media failure in point is unavailable, and memory node once breaks down, and the file in the node is still It can be unavailable.It is by a file generated multiple copies that common protection, which is handled, and each copy is stored in different memory nodes On.Or offline backup is carried out to the file on entire memory node.
Protection for file content rank, generally can be by protecting file encryption.Those are wanted to file in this way Carry out the people that distorts of malice and only taken the key of decryption by file decryption and could to distort.
Still there are some problems in these above-mentioned safeguard measures, be mainly manifested in the following aspects:
Problem 1, file are stored in file system, if file system is traditional file system, a file is It stores as a whole in one position.If file system is distributed file system, a file be by It is divided into multiple blocks of files to be respectively stored on different memory nodes, has these in the management node of distributed file system The metadata of file storage location positions each blocks of files by metadata.Regardless of using which type of file system, file Generally using readable strong naming method, such hacker once invades in file system, will be easier to navigate to name The file for needing to delete or distort, to implement distorting or deleting to file.
Problem 2, according to problem 1, if file is encryption, once hacker has grasped key, so that it may to file content It is distorted.Since the storage location of file does not change, only file content is changed, and this variation file system is certainly What body can not be discovered.Even if doing backup before this document, due to being difficult to find that file is tampered, would not carry out in time The recovery of file is used always so as to cause the file being tampered.
Problem 3, according to problem 1, hacker once deletes some file, if this document before not yet carry out in time it is standby Part, it is permanently lost then the delete operation of hacker will lead to this document.
Problem 4 is such as ordered using random code according to problem 1 even if filename uses readable not strong naming method Name, the file management system for generally having a concentration are corresponding between this random code filename and actual file name to record Relationship.This file management system is once hacked, so that it may distort or delete these corresponding relationships.Even if hacker at this time File is distorted or deleted to the node that file storage can not be invaded, the entanglement of file corresponding relationship in this file management system Also resulting in file can not be by normal use.
Problem 5 is stored using more copies, and carrying cost can increase severely, and above-mentioned problem 1, problem 2 and problem 3 is still In the presence of.Using offline backup scheme, since there is the time differences between file generated to file backup, if in this time File has occurred in difference to be maliciously tampered or delete, then this will be permanent, it is expendable.
Summary of the invention
In view of the above-mentioned problems of the prior art, the object of the present invention is to provide a kind of based on block chain and correcting and eleting codes File damage preventing method.It combine block chain can not tamper and correcting and eleting codes Data Protection Technologies, pass through the solution of system Certainly scheme come considerably increase file storage safety.
In order to achieve the above object of the invention, technical solution of the present invention is realized as follows:
A kind of file damage preventing method based on block chain and correcting and eleting codes, its method and step are as follows: be related to encryption in file Part is all made of rivest, shamir, adelman, and the account of system manager possesses public key and private key, and ordinary file generates and storage Account only possesses public key;Multiple pc server node stored as a file is networked, a distributed storage is constructed System;By a file division at multiple blocks of files comprising correcting and eleting codes, each blocks of files is the random storage after encryption Unique file in different PC servers, the encryption of file are encrypted with public key, and decryption is decrypted by private key;Building One file management system based on block chain, the metadata information of file are stored on block chain, form file metadata Account book records the information of each blocks of files, total block including filename belonging to blocks of files, file in metadata account book Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should The version number of item record;Data public key encryption in metadata account book, can only could be decrypted and reading of content with private key;It is wrapped Include five parts, the specific steps of each part are as follows: it includes five parts, the specific steps of each part are as follows:
(1) the step of file stores is as follows:
1) combine correcting and eleting codes technology by file division at N number of blocks of files;
2) each blocks of files is digitally signed with public key;
3) with each blocks of files of public key encryption;
4) filename of each encrypted blocks of files is named using the random code that system generates at random;
5) N number of memory node is found out at random in distributed memory system;
6) each blocks of files is stored on different memory nodes;
7) in the metadata account book of block chain filename belonging to storage file block, the total block data of file, this document block volume Number, the filename of this document block, the storage location of this document block, the digital signature of this document block and this record version number.
(2) the step of file is read is as follows:
1) the file account book on block chain is read, the information of the All Files block of this document is found;
2) it is searched in distributed memory system according to the information of blocks of files and returns to all blocks of files;
3) each blocks of files is decrypted with private key;
4) digital signature of each blocks of files is verified;
5) judge whether file number of blocks is correct, if file number of blocks is correct, then follow the steps 6), if file number of blocks is not Correctly, it thens follow the steps 8);
6) judge whether digital signature is correct, be to then follow the steps 7), otherwise execute step 9);
7) merge All Files block and form a complete file, whole process terminates;
8) blocks of files of label missing, return step 6);
9) the incorrect blocks of files of flag data signature;
10) correcting and eleting codes are enabled and restores missing or the incorrect blocks of files of digital signature, return step 7).
(3) it is as follows to restore the step of being tampered file:
1) find that the digital signature of blocks of files is incorrect;
2) label this document block cancels, synchronous to execute step 11);
3) correcting and eleting codes are enabled to restore this document block;
4) random code that system generates at random is come to the blocks of files name of recovery;
5) blocks of files of recovery is digitally signed with public key;
6) blocks of files after being restored with public key encryption;
7) in the node of distributed file system, other of the node and file where the incorrect blocks of files of the signature are excluded After the node of blocks of files storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
8) blocks of files of recovery is stored on selected memory node, and deletes original blocks of files;
9) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should The version number of item record;
10) system message that the file distorted is reconditioned is issued, whole process terminates;
11) alarm information that file is tampered is issued.
(4) the step of restoring missing blocks of files is as follows:
Memory node where 1 discovery blocks of files missing or blocks of files is inaccessible;
2) label this document block cancels, synchronous to execute step 11);
3) correcting and eleting codes are enabled to restore this document block;
4) random code that system generates at random is come to the blocks of files name of recovery;
5) blocks of files of recovery is digitally signed with public key;
6) blocks of files after being restored with public key encryption;
7) in the node of distributed file system, node and the alternative document block of file where the blocks of files of missing is excluded and is deposited After the node of storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
8) blocks of files of recovery is stored on selected memory node;
9) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should The version number of item record;
10) system message that the blocks of files lost has been restored is issued, whole process terminates;
11) alarm information of file lost block is issued.
(5) the step of restoring blocks of files on failed storage node is as follows:
1) find that the memory node where blocks of files is inaccessible;
2) memory node can not be repaired, and administrator issues the instruction for restoring file on the node;
3) the All Files block message on all nodes is found in the file account book of block chain, these blocks of files is marked to lose It loses, and generates a file access pattern list;
4) start to restore the blocks of files in list;
5) correcting and eleting codes are enabled to restore this document block;
6) random code that system generates at random is come to the blocks of files name of recovery;
7) blocks of files of recovery is digitally signed with public key;
8) blocks of files after, being restored with public key encryption;
9) in the node of distributed file system, node and the alternative document block of file where the blocks of files of missing is excluded and is deposited After the node of storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
10) blocks of files of recovery is stored on selected memory node;
11) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should The version number of item record;
12) judge whether that all files are recovered, if all files are recovered, then follow the steps 13), such as 4) fruit thens follow the steps there are also the file not restored;
13) all end of resuming work, program exit.
Compared with prior art, document storage management technical solution of the invention has apparent advantage:
1) metadata that file stores is stored in block chain network in the form of block chain account book, utilizes the anti-tamper of block chain The processing of mechanism and encryption, it is possible to prevente effectively from the risk that the metadata of these files is maliciously tampered.File store metadata It is encryption storage in block chain, data are encrypted by public key, could only be decrypted with private key, and private key only rests in pipe In reason person's hand, the risk of private key leakage is greatly reduced, to increase the safety of data.As long as in addition in block chain network As soon as having a node online, then this metadata can be used always.Above measure has greatly ensured the safety, steady of metadata Qualitative and system robustness.
2) storage mode of file is the mode to break the whole up into parts, i.e., by a file division at multiple blocks of files, Mei Gewen Part block is respectively stored on different memory nodes.This dispersion storage mode can guarantee the safety of file storage, that is, work as When some memory node breaks down, as long as other memory nodes are still normal, then on this memory node for breaking down File can voluntarily restore by means of the present invention, so that it is guaranteed that file will not can not because of the system failure With.
3) another beneficial effect of this storage mode to break the whole up into parts is that file is difficult completely to be deleted.Due to one File is divided into muti-piece dispersion storage, and hacker, which will delete a file and have to realize, knows which All Files block is stored in On node, these nodes are invaded respectively then to delete, increase invasion difficulty, cost and the time of hacker in this way, thus Play the role of file protection.The partial document block that hacker deletes a file is to will not influence using for this document, is led to Deleted file block can be restored by crossing method of the invention, to guarantee the complete availability of file.
4) present invention can effectively have found and file is prevented to be maliciously tampered.When the content of some blocks of files is maliciously tampered Afterwards, it is generally hardly perceivable this document to be changed, but the digital signature of this document block can change.Due to the present invention Scheme be the original digital signature of All Files block to be stored in the metadata of file, and the tamper-resistance properties of block chain can It can not be tampered with the digital signature guaranteed in metadata, therefore by comparing the present digital signature of this document and first number According to the fast original digital signature of this document of middle storage, just it is very easy to find this document block and has been tampered with.Once it was found that text The content of part block is tampered, system just will start Restoration Mechanism, restores the blocks of files being tampered by means of the present invention, from And ensure entire file or original content.,
The present invention will be further described with reference to the accompanying drawings and detailed description.
Detailed description of the invention
Fig. 1 is the file Stored Procedure figure in the method for the present invention;
Fig. 2 is that the file in the method for the present invention reads flow chart;
Fig. 3 is the flow chart for the file that the recovery in the method for the present invention is tampered;
Fig. 4 is the flow chart for the file that the recovery in the method for the present invention is destroyed;
Fig. 5 is the flow chart that the batch save in the method for the present invention is stored in the All Files on memory node that break down.
Specific embodiment
Referring to Fig. 1 to Fig. 5, the present invention is based on the file damage preventing methods of block chain and correcting and eleting codes, it will be involved in file It is all made of rivest, shamir, adelman to the part of encryption, the account of system manager possesses public key and private key, and ordinary file generates Only possess public key with the account of storage.Multiple pc server node stored as a file is networked, a distribution is constructed The storage system of formula;By a file division at multiple blocks of files comprising correcting and eleting codes, each blocks of files is after encryption Unique file of the random storage in different PC servers, the encryption of file are encrypted with public key, decryption be by private key Lai Decryption.A file management system based on block chain is constructed, the metadata information of file is stored on block chain, forms file The account book of metadata records the information of each blocks of files in metadata account book, including filename belonging to blocks of files, file Total block data, the number of this document block, the filename of this document block, the storage location of this document block, this document block number label The version number etc. of name and this record.Data public key encryption in metadata account book can only could be decrypted and be read with private key Content.The method of the present invention includes five parts, the specific steps of each part are as follows:
(1) the step of file stores is as follows:
1) combine correcting and eleting codes technology by file division at N number of blocks of files;
2) each blocks of files is digitally signed with public key;
3) with each blocks of files of public key encryption;
4) filename of each encrypted blocks of files is named using the random code that system generates at random;
5) N number of memory node is found out at random in distributed memory system;
6) each blocks of files is stored on different memory nodes;
7) in the metadata account book of block chain filename belonging to storage file block, the total block data of file, this document block volume Number, the filename of this document block, the storage location of this document block, the digital signature of this document block and this record version number.
(2) the step of file is read is as follows:
1) the file account book on block chain is read, the information of the All Files block of this document is found;
2) it is searched in distributed memory system according to the information of blocks of files and returns to all blocks of files;
3) each blocks of files is decrypted with private key;
4) digital signature of each blocks of files is verified;
5) judge whether file number of blocks is correct, if file number of blocks is correct, then follow the steps 6), if file number of blocks is not Correctly, it thens follow the steps 8);
6) judge whether digital signature is correct, be to then follow the steps 7), otherwise execute step 9);
7) merge All Files block and form a complete file, whole process terminates;
8) blocks of files of label missing, return step 6);
9) the incorrect blocks of files of flag data signature;
10) correcting and eleting codes are enabled and restores missing or the incorrect blocks of files of digital signature, return step 7).
(3) it is as follows to restore the step of being tampered file:
1) find that the digital signature of blocks of files is incorrect;
2) label this document block cancels, synchronous to execute step 11);
3) correcting and eleting codes are enabled to restore this document block;
4) random code that system generates at random is come to the blocks of files name of recovery;
5) blocks of files of recovery is digitally signed with public key;
6) blocks of files after being restored with public key encryption;
7) in the node of distributed file system, other of the node and file where the incorrect blocks of files of the signature are excluded After the node of blocks of files storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
8) blocks of files of recovery is stored on selected memory node, and deletes original blocks of files;
9) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should The version number of item record;
10) system message that the file distorted is reconditioned is issued, whole process terminates;
11) alarm information that file is tampered is issued.
(4) the step of restoring missing blocks of files is as follows:
Memory node where 1 discovery blocks of files missing or blocks of files is inaccessible;
2) label this document block cancels, synchronous to execute step 11);
3) correcting and eleting codes are enabled to restore this document block;
4) random code that system generates at random is come to the blocks of files name of recovery;
5) blocks of files of recovery is digitally signed with public key;
6) blocks of files after being restored with public key encryption;
7) in the node of distributed file system, node and the alternative document block of file where the blocks of files of missing is excluded and is deposited After the node of storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
8) blocks of files of recovery is stored on selected memory node;
9) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should The version number of item record;
10) system message that the blocks of files lost has been restored is issued, whole process terminates;
11) alarm information of file lost block is issued.
(5) the step of restoring blocks of files on failed storage node is as follows:
1) find that the memory node where blocks of files is inaccessible;
2) memory node can not be repaired, and administrator issues the instruction for restoring file on the node;
3) the All Files block message on all nodes is found in the file account book of block chain, these blocks of files is marked to lose It loses, and generates a file access pattern list;
4) start to restore the blocks of files in list;
5) correcting and eleting codes are enabled to restore this document block;
6) random code that system generates at random is come to the blocks of files name of recovery;
7) blocks of files of recovery is digitally signed with public key;
8) blocks of files after, being restored with public key encryption;
9) in the node of distributed file system, node and the alternative document block of file where the blocks of files of missing is excluded and is deposited After the node of storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
10) blocks of files of recovery is stored on selected memory node;
11) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should The version number of item record;
12) judge whether that all files are recovered, if all files are recovered, then follow the steps 13), such as 4) fruit thens follow the steps there are also the file not restored;
13) all end of resuming work, program exit.
In the present invention, in order to ensure the safety and integrity of file, prevent file by malice by technological means It distorts or destroys, when file is maliciously distorted or destroyed, file is restored by technological means.Block chain is a kind of use Cryptography guarantees transmission and access safety, can be realized data and unanimously stores, is difficult to tamper with, preventing the book keeping operation technology denied.It entangles Deleting code is a kind of input tolerant for Chinese technology, is to solve the problems, such as that partial data is lost in the transmission in the communications industry earliest.It is asymmetric Encryption Algorithm needs two keys: public-key cryptography (publickey) and private cipher key (privatekey).Public-key cryptography with it is privately owned Key is a pair, if encrypted with public-key cryptography to data, could only be decrypted with corresponding private cipher key;If with private There is data key to be encrypted, then could only be decrypted with corresponding public-key cryptography.The present invention includes five parts, respectively Illustrated with embodiment.
Embodiment 1:
The method of file storage, referring to Fig. 1, detailed step is described as follows:
1) combine correcting and eleting codes technology by file division at N number of blocks of files.
Correcting and eleting codes use RS code, and parameter (n, m) is configured according to system is unified.It is more that parameter n indicates that original document will be divided into Few part, parameter m indicate how many verification blocks of files needed.Divide a file by the RS code that parameter is (n, m), segmentation File number of blocks afterwards is n+m.In n+m blocks of files, it is only necessary to which wherein any n data block can restore entire text Part.Such as it is configured to (6,3), then it represents that file can be divided into 6 parts, 3 verification blocks of files be needed, then eventually generating 9 A blocks of files.At most allow there are 3 blocks of files to be destroyed in this 9 blocks of files, in this quantitative range, can restore entire File.
2) each blocks of files is digitally signed with public key.
The message digest of blocks of files is obtained using SHA secure Hash serial algorithm.This algorithm can guarantee two differences Input data will not generate identical cryptographic Hash, once that is, input data change the cryptographic Hash of output also can be different, because This can be by verification data cryptographic Hash come verification of data integrity.After blocks of files Hash, elliptic curve encryption algorithm is used Public key cryptographic Hash is encrypted, formed digital signature.
3) with each blocks of files of public key encryption.
The content of blocks of files is encrypted using the public key of elliptic curve encryption algorithm.
4) filename of each encrypted blocks of files is named using the random code that system generates at random.
The filename of encrypted blocks of files uses step 2(102) in cryptographic Hash as filename, can ensure that institute in this way There is filename not repeat.
5) N number of memory node is found out at random in distributed memory system.
The number of N referring to RS code parameter, such as RS code parameter configuration at (6,3), then 9 files will be generated Block, it is necessary to find out 9 memory nodes at random.
6) each blocks of files is stored on different memory nodes.
By 9 files in step 5) example by P2P agreement, or it is transmitted and stored at by RPC agreement different On memory node.
7) filename belonging to storage file block, the total block data of file, this document block in the metadata account book of block chain Number, the filename of this document block, the storage location of this document block, the digital signature of this document block and this record version Number etc..
In the part transactions of the block body of block chain, stored using the data structure of Key-Value form Above-mentioned information.Exemplary contents such as table 1(example does not guarantee the reasonability of data value only for indicating data structure):
Key Value
FileName ABIS_20180603123540_2051_000.dat
TotalBlocks 9
BlockID 1
BlockName QTEIUTPJ[LOLSXJGFBNCVMN
BlockLocation node4:///data/2018/06/03
DigitalSignature QSAWXECFEVFTVUTNBIUNIJLM
Version 1
Table 1
Data in deposit block chain are encrypted using the public key of elliptic curve encryption algorithm.These encrypted data only have It could be decrypted using the private key of elliptic curve encryption algorithm.
Through the above steps, 9 different storage sections will be stored encrypted in respectively by a file declustering at 9 parts On point, in this 9 parts of files, it is only necessary to which any 6 parts of files can revert to original complete file, i.e., once having some file not Can with or be tampered, system can be recovered according to alternative document original file come.
Embodiment 2:
The step of file provided by the invention is read, referring to 2, detailed step is described as follows:
1) the file account book on block chain is read, the information of the All Files block of this document is found.
The file account book on block chain is decrypted by the private key of elliptic curve encryption algorithm, in block body In transactions data structure, the value for finding out all FileName fields is the record for needing the filename read, example Such as all records that FileName field is ABIS_20180603123540_2051_000.dat, and finishing screen selects maximum The record of Version value.
2) it is searched in distributed memory system according to the information of blocks of files and returns to all blocks of files.
In above-mentioned steps 1) query result in, according to the value of BlockName, BlockLocation field from corresponding By P2P agreement on memory node, or each blocks of files is obtained by RPC agreement.
3) each blocks of files is decrypted with private key.
Each blocks of files is decrypted with the private key of elliptic curve encryption algorithm.
4) digital signature of each blocks of files is verified.
The message digest that blocks of files is obtained using SHA secure Hash serial algorithm, then find out this document block it is corresponding on State step 1(201) query result in DigitalSignature field, the value of the field is decrypted with private key, obtains this The original message digest of blocks of files.The two message digests are compared, judge whether the two is identical.
5) judge whether file number of blocks is correct, if file number of blocks is correct, then follow the steps 6), if file block number It measures incorrect, thens follow the steps 8).
According to the blocks of files that step 2 returns, the query result of step 1) is compared, checks whether All Files block all Or it obtains.
6) continue to judge that digital signature is correct.If blocks of files digital signature is correct, then follow the steps 7), if blocks of files Digital signature is incorrect, thens follow the steps 9).
According to step 4) as a result, checking whether the digital signature of All Files block is correct.
7) merge All Files block and form a complete file, whole process terminates.
If the verifying of step 5) and the verifying of step 6) all pass through, all blocks of files are closed by correcting and eleting codes technology And at a complete file, complete file is returned to the reading side of file, whole process terminates.
8) blocks of files of label missing, return step 6).
If the verifying of step 5) does not pass through, in a list that the blocks of files of missing is recorded in memory, then Return step 6).
9) the incorrect blocks of files of flag data signature.
If the verifying of step 6) does not pass through, the incorrect blocks of files of digital signature is recorded to a column in memory In table, then proceed to execute step 10).
10) correcting and eleting codes are enabled and restores missing or the incorrect blocks of files of digital signature, return step 7).
Using correcting and eleting codes technology, restore missing or the incorrect blocks of files of digital signature by correct blocks of files, most All blocks of files are obtained afterwards, then return step 7).
Embodiment 3:
The method provided by the invention for restoring to be tampered file, referring to 3, detailed step is described as follows:
1) that, it is found that the digital signature of blocks of files is incorrect.
In example 2, if it find that the digital signature of some blocks of files is incorrect, then illustrate that this document block is tampered It crosses, then this blocks of files cannot then be used.
2) label this document block cancels, synchronous to execute step 11).
In the list that the incorrect blocks of files of digital signature is recorded in memory, this document block is considered as scarce by system Mistake state.System is performed simultaneously step 11), issues alarm information.
3) correcting and eleting codes are enabled to restore this document block.
Using correcting and eleting codes technology, restores the incorrect blocks of files of the digital signature by correct blocks of files, obtain original The blocks of files of beginning state.
4) random code that system generates at random is come to the blocks of files name of recovery.
Come referring to the method for step 4) in embodiment 1 to the blocks of files name after recovery.
5) blocks of files of recovery is digitally signed with public key.
Come referring to the method for step 4) in embodiment 1 to the blocks of files name after recovery.
6) blocks of files after being restored with public key encryption.
To give file block encryption referring to the method for step 3) in embodiment 1.
7) in the node of distributed file system, node where the incorrect blocks of files of the signature and file are excluded After the node of alternative document block storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random.
This document is passed through to P2P agreement fastly, or is transmitted and stored on selected memory node by RPC agreement.It deposits The principle of storage node selection is cannot be identical as the node that this document block originally stored, can not be with the alternative document of original document The memory node of block is identical.
8) blocks of files of recovery is stored on selected memory node, and deletes original blocks of files.
After blocks of files after recovery being stored on selected memory node, system can be by the blocks of files being tampered from original Memory node on complete deletion.
9) record for increasing blocks of files in the file account book of block chain newly, records filename belonging to blocks of files, file Total block data, the number of this document block, the filename of this document block, the storage location of this document block, the digital signature of this document block With the version number etc. of this record.
In the part transactions of the block body of block chain, stored using the data structure of Key-Value form The information of the blocks of files of recovery.Referring to embodiment 1, exemplary contents such as table 2(example does not guarantee only for indicating data structure The reasonability of data value):
Key Value
FileName ABIS_20180603123540_2051_000.dat
TotalBlocks 9
BlockID 1
BlockName QTEIUTPJ[LOLSXJGFBNCVMN
BlockLocation node8:///data/2018/06/03
DigitalSignature QSAWXECFEVFTVUTNBIUNIJLM
Version 2
Table 2
That there are two o'clocks is different for the content of the data structure and original content, one be BlockLocation field content, by Original " node4: ///data/2018/06/03 " is changed to " node8: ///data/2018/06/03 ".The other is The content of Version field is changed to " 2 " by original " 1 ".
10) system message that the file distorted is reconditioned is issued, whole process terminates.
System issues the message that file is successfully restored, and then terminates whole process.
11) alarm information that file is tampered is issued.
System issues alarm information, and the content for alerting some blocks of files is tampered, and this document block is unavailable, and system is just certainly In dynamic recovery.
Embodiment 4:
The method provided by the invention for restoring missing blocks of files, referring to fig. 4, specific operating method is referring to implementation for detailed step Method in the same steps of example 3:
1) the storage point where finding blocks of files missing or blocks of files is inaccessible.
Specific operating method is referring to step 1) in embodiment 3.
2) label this document block cancels, synchronous to execute step 11).
Specific operating method is referring to step 2 in embodiment 3.
3) correcting and eleting codes are enabled to restore this document block.
Specific operating method is referring to step 3) in embodiment 3.
4) random code that system generates at random is come to the blocks of files name of recovery.
Specific operating method is referring to step 4) in embodiment 3.
5) blocks of files of recovery is digitally signed with public key.
Specific operating method is referring to step 5) in embodiment 3.
6) blocks of files after being restored with public key encryption.
Specific operating method is referring to step 6) in embodiment 3.
7) in the node of distributed file system, exclude missing blocks of files where node and file alternative document After the node of block storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random.
Specific operating method is referring to step 7) in embodiment 3.
8) blocks of files of recovery is stored on selected memory node.
Specific operating method is referring to step 8) in embodiment 3.
9) record for increasing blocks of files in the file account book of block chain newly, records filename belonging to blocks of files, file Total block data, the number of this document block, the filename of this document block, the storage location of this document block, the digital signature of this document block With the version number etc. of this record.
Specific operating method is referring to step 9) in embodiment 3.
10) the recovered system message of the blocks of files of missing is issued.
Specific operating method is referring to step 10) in embodiment 3.
Step 11) issues the alarm information of file lost block.
Specific operating method is referring to the step 11) in embodiment 3.
Embodiment 5:
The method provided by the invention for restoring blocks of files on failed storage node, referring to Fig. 5, detailed step is described as follows, In some specific operating methods referring to the correspondence step in embodiment 3 method:
1) find that the memory node where blocks of files is inaccessible.
2) memory node can not be repaired, and administrator issues the instruction for restoring file on the node.
3) the All Files block message on all nodes is found in the file account book of block chain, marks these blocks of files It loses, and generates a file access pattern list.
The file account book on block chain is read, the information of the All Files block on malfunctioning node is found.Pass through elliptic curve File account book on the private key decryption block chain of Encryption Algorithm is found out in the transactions data structure of block body The value of all FileLocation fields includes the record of malfunctioning node, such as includes node4's in FileLocation field All records, and finishing screen selects the record of maximum Version value.All records filtered out are formed into a column in memory Table, it is subsequent that file is restored according to this list one by one.
4) start to restore the blocks of files in list.
5) correcting and eleting codes are enabled to restore this document block.
Specific operating method is referring to step 3) in embodiment 3.
6) random code that system generates at random is come to the blocks of files name of recovery.
Specific operating method is referring to step 4) in embodiment 3.
7) blocks of files of recovery is digitally signed with public key.
Specific operating method is referring to the step 5) in embodiment 3.
8) blocks of files after being restored with public key encryption.
Specific operating method is referring to step 6) in embodiment 3.
9) in the node of distributed file system, exclude missing blocks of files where node and file alternative document After the node of block storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random.
Specific operating method is referring to step 7) in embodiment 3.
10) blocks of files of recovery is stored on selected memory node.
Specific operating method is referring to step 8) in embodiment 3.
11) record for increasing blocks of files in the file account book of block chain newly, records filename belonging to blocks of files, file Total block data, the number of this document block, the filename of this document block, the storage location of this document block, the digital signature of this document block With the version number etc. of this record.
Specific operating method is referring to step 9) in embodiment 3.
12) judge whether that all files are recovered, if all files are recovered, then follow the steps 13), if there are also the file not restored, return step 4);
13) all end of resuming work, program exit.
All the above embodiment is only the preferred embodiments of the invention, and implementation model of the invention is not limited with this It encloses, therefore all shapes according to the present invention, changes made by principle, should all be included within the scope of protection of the present invention.

Claims (1)

1. a kind of file damage preventing method based on block chain and correcting and eleting codes, its method and step are as follows: be related to encrypting in file Part be all made of rivest, shamir, adelman, the account of system manager possesses public key and private key, and ordinary file generates and storage Account only possess public key;Multiple pc server node stored as a file is networked, building one is distributed to deposit Storage system;By a file division at multiple blocks of files comprising correcting and eleting codes, each blocks of files is deposited at random after encryption The unique file in different PC servers is stored up, the encryption of file is encrypted with public key, and decryption is decrypted by private key;Structure The file management system based on block chain is built, the metadata information of file is stored on block chain, forms file metadata Account book, the information of each blocks of files, total block including filename belonging to blocks of files, file are record in metadata account book Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should The version number of item record;Data public key encryption in metadata account book, can only could be decrypted and reading of content with private key;It is wrapped Include five parts, the specific steps of each part are as follows:
(1) the step of file stores is as follows:
1) combine correcting and eleting codes technology by file division at N number of blocks of files;
2) each blocks of files is digitally signed with public key;
3) with each blocks of files of public key encryption;
4) filename of each encrypted blocks of files is named using the random code that system generates at random;
5) N number of memory node is found out at random in distributed memory system;
6) each blocks of files is stored on different memory nodes;
7) in the metadata account book of block chain filename belonging to storage file block, the total block data of file, this document block volume Number, the filename of this document block, the storage location of this document block, the digital signature of this document block and this record version number;
(2) the step of file is read is as follows:
1) the file account book on block chain is read, the information of the All Files block of this document is found;
2) it is searched in distributed memory system according to the information of blocks of files and returns to all blocks of files;
3) each blocks of files is decrypted with private key;
4) digital signature of each blocks of files is verified;
5) judge whether file number of blocks is correct, if file number of blocks is correct, then follow the steps 6), if file number of blocks is not Correctly, it thens follow the steps 8);
6) judge whether digital signature is correct, be to then follow the steps 7), otherwise execute step 9);
7) merge All Files block and form a complete file, whole process terminates;
8) blocks of files of label missing, return step 6);
9) the incorrect blocks of files of flag data signature;
10) correcting and eleting codes are enabled and restores missing or the incorrect blocks of files of digital signature, return step 7);
(3) it is as follows to restore the step of being tampered file:
1) find that the digital signature of blocks of files is incorrect;
2) label this document block cancels, synchronous to execute step 11);
3) correcting and eleting codes are enabled to restore this document block;
4) random code that system generates at random is come to the blocks of files name of recovery;
5) blocks of files of recovery is digitally signed with public key;
6) blocks of files after being restored with public key encryption;
7) in the node of distributed file system, other of the node and file where the incorrect blocks of files of the signature are excluded After the node of blocks of files storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
8) blocks of files of recovery is stored on selected memory node, and deletes original blocks of files;
9) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should The version number of item record;
10) system message that the file distorted is reconditioned is issued, whole process terminates;
11) alarm information that file is tampered is issued;
(4) the step of restoring missing blocks of files is as follows:
Memory node where 1 discovery blocks of files missing or blocks of files is inaccessible;
2) label this document block cancels, synchronous to execute step 11);
3) correcting and eleting codes are enabled to restore this document block;
4) random code that system generates at random is come to the blocks of files name of recovery;
5) blocks of files of recovery is digitally signed with public key;
6) blocks of files after being restored with public key encryption;
7) in the node of distributed file system, node and the alternative document block of file where the blocks of files of missing is excluded and is deposited After the node of storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
8) blocks of files of recovery is stored on selected memory node;
9) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should The version number of item record;
10) system message that the blocks of files lost has been restored is issued, whole process terminates;
11) alarm information of file lost block is issued;
(5) the step of restoring blocks of files on failed storage node is as follows:
1) find that the memory node where blocks of files is inaccessible;
2) memory node can not be repaired, and administrator issues the instruction for restoring file on the node;
3) the All Files block message on all nodes is found in the file account book of block chain, these blocks of files is marked to lose It loses, and generates a file access pattern list;
4) start to restore the blocks of files in list;
5) correcting and eleting codes are enabled to restore this document block;
6) random code that system generates at random is come to the blocks of files name of recovery;
7) blocks of files of recovery is digitally signed with public key;
8) blocks of files after, being restored with public key encryption;
9) in the node of distributed file system, node and the alternative document block of file where the blocks of files of missing is excluded and is deposited After the node of storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
10) blocks of files of recovery is stored on selected memory node;
11) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should The version number of item record;
12) judge whether that all files are recovered, if all files are recovered, then follow the steps 13), such as 4) fruit thens follow the steps there are also the file not restored;
13) all end of resuming work, program exit.
CN201910128898.3A 2019-02-21 2019-02-21 A kind of file damage preventing method based on block chain and correcting and eleting codes Pending CN110018924A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910128898.3A CN110018924A (en) 2019-02-21 2019-02-21 A kind of file damage preventing method based on block chain and correcting and eleting codes

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910128898.3A CN110018924A (en) 2019-02-21 2019-02-21 A kind of file damage preventing method based on block chain and correcting and eleting codes

Publications (1)

Publication Number Publication Date
CN110018924A true CN110018924A (en) 2019-07-16

Family

ID=67189115

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910128898.3A Pending CN110018924A (en) 2019-02-21 2019-02-21 A kind of file damage preventing method based on block chain and correcting and eleting codes

Country Status (1)

Country Link
CN (1) CN110018924A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110633580A (en) * 2019-09-20 2019-12-31 徐州医科大学附属医院 Secure distributed storage method oriented to XML data
CN110674511A (en) * 2019-08-30 2020-01-10 深圳壹账通智能科技有限公司 Offline data protection method and system based on elliptic curve encryption algorithm
CN111209262A (en) * 2020-01-10 2020-05-29 浪潮天元通信信息系统有限公司 Large-scale distributed safe storage system based on block chain
CN112800450A (en) * 2021-02-05 2021-05-14 北京众享比特科技有限公司 Data storage method, system, device, equipment and storage medium
CN113360315A (en) * 2020-03-06 2021-09-07 科大国盾量子技术股份有限公司 Data center
US11307927B2 (en) 2019-10-15 2022-04-19 Alipay (Hangzhou) Information Technology Co., Ltd. Indexing and recovering encoded blockchain data
CN115801289A (en) * 2023-02-09 2023-03-14 大唐电商技术有限公司 Method for monitoring data based on block chain

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107273410A (en) * 2017-05-03 2017-10-20 上海点融信息科技有限责任公司 Distributed storage based on block chain
CN107360156A (en) * 2017-07-10 2017-11-17 广东工业大学 P2P network method for cloud storage based on block chain under a kind of big data environment
US20180217898A1 (en) * 2017-01-31 2018-08-02 Acronis International Gmbh System and method for supporting integrity of data storage with erasure coding
CN109087180A (en) * 2018-08-28 2018-12-25 天津闪速炼铁技术有限公司 The product sale and product manufacturing system constructed based on network and block chain technology
CN109194466A (en) * 2018-10-29 2019-01-11 南开大学 A kind of cloud data integrity detection method and system based on block chain
CN109361952A (en) * 2018-12-14 2019-02-19 司马大大(北京)智能系统有限公司 Video management method, apparatus, system and electronic equipment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180217898A1 (en) * 2017-01-31 2018-08-02 Acronis International Gmbh System and method for supporting integrity of data storage with erasure coding
CN107273410A (en) * 2017-05-03 2017-10-20 上海点融信息科技有限责任公司 Distributed storage based on block chain
CN107360156A (en) * 2017-07-10 2017-11-17 广东工业大学 P2P network method for cloud storage based on block chain under a kind of big data environment
CN109087180A (en) * 2018-08-28 2018-12-25 天津闪速炼铁技术有限公司 The product sale and product manufacturing system constructed based on network and block chain technology
CN109194466A (en) * 2018-10-29 2019-01-11 南开大学 A kind of cloud data integrity detection method and system based on block chain
CN109361952A (en) * 2018-12-14 2019-02-19 司马大大(北京)智能系统有限公司 Video management method, apparatus, system and electronic equipment

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110674511A (en) * 2019-08-30 2020-01-10 深圳壹账通智能科技有限公司 Offline data protection method and system based on elliptic curve encryption algorithm
CN110633580A (en) * 2019-09-20 2019-12-31 徐州医科大学附属医院 Secure distributed storage method oriented to XML data
US11307927B2 (en) 2019-10-15 2022-04-19 Alipay (Hangzhou) Information Technology Co., Ltd. Indexing and recovering encoded blockchain data
CN111209262A (en) * 2020-01-10 2020-05-29 浪潮天元通信信息系统有限公司 Large-scale distributed safe storage system based on block chain
CN111209262B (en) * 2020-01-10 2023-06-16 浪潮通信信息系统有限公司 Large-scale distributed secure storage system based on block chain
CN113360315A (en) * 2020-03-06 2021-09-07 科大国盾量子技术股份有限公司 Data center
CN112800450A (en) * 2021-02-05 2021-05-14 北京众享比特科技有限公司 Data storage method, system, device, equipment and storage medium
CN112800450B (en) * 2021-02-05 2022-02-18 北京众享比特科技有限公司 Data storage method, system, device, equipment and storage medium
CN115801289A (en) * 2023-02-09 2023-03-14 大唐电商技术有限公司 Method for monitoring data based on block chain

Similar Documents

Publication Publication Date Title
CN110018924A (en) A kind of file damage preventing method based on block chain and correcting and eleting codes
CN108647523B (en) Block chain-based electronic certification system and certificate storage and file recovery method
US20200374126A1 (en) Method for storing an object on a plurality of storage nodes
Zafar et al. A survey of cloud computing data integrity schemes: Design challenges, taxonomy and future trends
CN108076057B (en) Data security system and method based on block chain
CN101278298B (en) System and method for performing a trust-preserving migration of data objects from a source to a target
US8135135B2 (en) Secure data protection during disasters
US20080162589A1 (en) Weakly-consistent distributed collection compromised replica recovery
US20090092252A1 (en) Method and System for Identifying and Managing Keys
US9256499B2 (en) Method and apparatus of securely processing data for file backup, de-duplication, and restoration
AU2010258678A1 (en) Secure and private backup storage and processing for trusted computing and data services
JP2008250369A (en) Management method of secrete data file, management system and proxy server therefor
CN109995505A (en) A kind of mist calculates data safety machining system and method, cloud storage platform under environment
US20220269807A1 (en) Detecting unauthorized encryptions in data storage systems
Virvilis et al. A cloud provider-agnostic secure storage protocol
Shekhtman et al. EngraveChain: Tamper-proof distributed log system
Rani et al. Tampering detection of distributed databases using blockchain technology
KR20050032016A (en) Method of managing file structure in memory card and its related technology
Shu et al. Secure storage system and key technologies
JP7234096B2 (en) Security management system and security management method
Song et al. Techniques to audit and certify the long-term integrity of digital archives
Burns et al. Verifiable audit trails for a versioning file system
Harman et al. Cyber resiliency automation using blockchain
CN111404662B (en) Data processing method and device
Khan et al. Comprehensive analysis of data storage security in cloud

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20190716