CN110018924A - A kind of file damage preventing method based on block chain and correcting and eleting codes - Google Patents
A kind of file damage preventing method based on block chain and correcting and eleting codes Download PDFInfo
- Publication number
- CN110018924A CN110018924A CN201910128898.3A CN201910128898A CN110018924A CN 110018924 A CN110018924 A CN 110018924A CN 201910128898 A CN201910128898 A CN 201910128898A CN 110018924 A CN110018924 A CN 110018924A
- Authority
- CN
- China
- Prior art keywords
- files
- blocks
- file
- block
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/08—Error detection or correction by redundancy in data representation, e.g. by using checking codes
- G06F11/10—Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's
- G06F11/1004—Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's to protect a block of data words, e.g. CRC or checksum
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1458—Management of the backup or restore process
- G06F11/1469—Backup restoration techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Abstract
A kind of file damage preventing method based on block chain and correcting and eleting codes, is related to computer information management system field.The part for being related to encryption in the method for the present invention file is all made of rivest, shamir, adelman;Construct a distributed storage system;By a file division at multiple blocks of files comprising correcting and eleting codes, each blocks of files is unique file of the random storage in different PC servers after encryption;Construct a file management system based on block chain;Data public key encryption in metadata account book, can only could be decrypted and reading of content with private key.The method of the present invention includes five parts, is respectively as follows: the storage of (one) file, (two) file is read, (three) recovery is tampered file, (four) restore missing blocks of files, (five) restore blocks of files on failed storage node.Compared with the existing technology, present invention incorporates block chain can not tamper and correcting and eleting codes Data Protection Technologies, considerably increased by the solution of system file storage safety.
Description
Technical field
The present invention relates to computer information management system field, the file for being based particularly on block chain and correcting and eleting codes is tamper-proof
Method.
Background technique
In the system that a meeting generates heap file, as internet log retains system, video monitoring system, charge system
Data file is being generated all the time Deng, these systems, these data files can be left concentratedly into a storage system.For
It prevents these files from unexpectedly being destroyed, in the prior art, has following mode mainly to carry out the protection of file.
Protection for file storage medium rank.In a memory node, storage system can do some redundancy protectings
Measure is such as RAID-5 to disk, does redundancy backup etc. to the controller of storage.The protection of these safeguard measures is when storage is situated between
When matter breaks down not available, the file being stored on these storage mediums still can normally be read.
Protection for document storing section point rank.A storage section is only protected and is prevented in the protection of storage medium rank
File caused by storage media failure in point is unavailable, and memory node once breaks down, and the file in the node is still
It can be unavailable.It is by a file generated multiple copies that common protection, which is handled, and each copy is stored in different memory nodes
On.Or offline backup is carried out to the file on entire memory node.
Protection for file content rank, generally can be by protecting file encryption.Those are wanted to file in this way
Carry out the people that distorts of malice and only taken the key of decryption by file decryption and could to distort.
Still there are some problems in these above-mentioned safeguard measures, be mainly manifested in the following aspects:
Problem 1, file are stored in file system, if file system is traditional file system, a file is
It stores as a whole in one position.If file system is distributed file system, a file be by
It is divided into multiple blocks of files to be respectively stored on different memory nodes, has these in the management node of distributed file system
The metadata of file storage location positions each blocks of files by metadata.Regardless of using which type of file system, file
Generally using readable strong naming method, such hacker once invades in file system, will be easier to navigate to name
The file for needing to delete or distort, to implement distorting or deleting to file.
Problem 2, according to problem 1, if file is encryption, once hacker has grasped key, so that it may to file content
It is distorted.Since the storage location of file does not change, only file content is changed, and this variation file system is certainly
What body can not be discovered.Even if doing backup before this document, due to being difficult to find that file is tampered, would not carry out in time
The recovery of file is used always so as to cause the file being tampered.
Problem 3, according to problem 1, hacker once deletes some file, if this document before not yet carry out in time it is standby
Part, it is permanently lost then the delete operation of hacker will lead to this document.
Problem 4 is such as ordered using random code according to problem 1 even if filename uses readable not strong naming method
Name, the file management system for generally having a concentration are corresponding between this random code filename and actual file name to record
Relationship.This file management system is once hacked, so that it may distort or delete these corresponding relationships.Even if hacker at this time
File is distorted or deleted to the node that file storage can not be invaded, the entanglement of file corresponding relationship in this file management system
Also resulting in file can not be by normal use.
Problem 5 is stored using more copies, and carrying cost can increase severely, and above-mentioned problem 1, problem 2 and problem 3 is still
In the presence of.Using offline backup scheme, since there is the time differences between file generated to file backup, if in this time
File has occurred in difference to be maliciously tampered or delete, then this will be permanent, it is expendable.
Summary of the invention
In view of the above-mentioned problems of the prior art, the object of the present invention is to provide a kind of based on block chain and correcting and eleting codes
File damage preventing method.It combine block chain can not tamper and correcting and eleting codes Data Protection Technologies, pass through the solution of system
Certainly scheme come considerably increase file storage safety.
In order to achieve the above object of the invention, technical solution of the present invention is realized as follows:
A kind of file damage preventing method based on block chain and correcting and eleting codes, its method and step are as follows: be related to encryption in file
Part is all made of rivest, shamir, adelman, and the account of system manager possesses public key and private key, and ordinary file generates and storage
Account only possesses public key;Multiple pc server node stored as a file is networked, a distributed storage is constructed
System;By a file division at multiple blocks of files comprising correcting and eleting codes, each blocks of files is the random storage after encryption
Unique file in different PC servers, the encryption of file are encrypted with public key, and decryption is decrypted by private key;Building
One file management system based on block chain, the metadata information of file are stored on block chain, form file metadata
Account book records the information of each blocks of files, total block including filename belonging to blocks of files, file in metadata account book
Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should
The version number of item record;Data public key encryption in metadata account book, can only could be decrypted and reading of content with private key;It is wrapped
Include five parts, the specific steps of each part are as follows: it includes five parts, the specific steps of each part are as follows:
(1) the step of file stores is as follows:
1) combine correcting and eleting codes technology by file division at N number of blocks of files;
2) each blocks of files is digitally signed with public key;
3) with each blocks of files of public key encryption;
4) filename of each encrypted blocks of files is named using the random code that system generates at random;
5) N number of memory node is found out at random in distributed memory system;
6) each blocks of files is stored on different memory nodes;
7) in the metadata account book of block chain filename belonging to storage file block, the total block data of file, this document block volume
Number, the filename of this document block, the storage location of this document block, the digital signature of this document block and this record version number.
(2) the step of file is read is as follows:
1) the file account book on block chain is read, the information of the All Files block of this document is found;
2) it is searched in distributed memory system according to the information of blocks of files and returns to all blocks of files;
3) each blocks of files is decrypted with private key;
4) digital signature of each blocks of files is verified;
5) judge whether file number of blocks is correct, if file number of blocks is correct, then follow the steps 6), if file number of blocks is not
Correctly, it thens follow the steps 8);
6) judge whether digital signature is correct, be to then follow the steps 7), otherwise execute step 9);
7) merge All Files block and form a complete file, whole process terminates;
8) blocks of files of label missing, return step 6);
9) the incorrect blocks of files of flag data signature;
10) correcting and eleting codes are enabled and restores missing or the incorrect blocks of files of digital signature, return step 7).
(3) it is as follows to restore the step of being tampered file:
1) find that the digital signature of blocks of files is incorrect;
2) label this document block cancels, synchronous to execute step 11);
3) correcting and eleting codes are enabled to restore this document block;
4) random code that system generates at random is come to the blocks of files name of recovery;
5) blocks of files of recovery is digitally signed with public key;
6) blocks of files after being restored with public key encryption;
7) in the node of distributed file system, other of the node and file where the incorrect blocks of files of the signature are excluded
After the node of blocks of files storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
8) blocks of files of recovery is stored on selected memory node, and deletes original blocks of files;
9) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file
Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should
The version number of item record;
10) system message that the file distorted is reconditioned is issued, whole process terminates;
11) alarm information that file is tampered is issued.
(4) the step of restoring missing blocks of files is as follows:
Memory node where 1 discovery blocks of files missing or blocks of files is inaccessible;
2) label this document block cancels, synchronous to execute step 11);
3) correcting and eleting codes are enabled to restore this document block;
4) random code that system generates at random is come to the blocks of files name of recovery;
5) blocks of files of recovery is digitally signed with public key;
6) blocks of files after being restored with public key encryption;
7) in the node of distributed file system, node and the alternative document block of file where the blocks of files of missing is excluded and is deposited
After the node of storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
8) blocks of files of recovery is stored on selected memory node;
9) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file
Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should
The version number of item record;
10) system message that the blocks of files lost has been restored is issued, whole process terminates;
11) alarm information of file lost block is issued.
(5) the step of restoring blocks of files on failed storage node is as follows:
1) find that the memory node where blocks of files is inaccessible;
2) memory node can not be repaired, and administrator issues the instruction for restoring file on the node;
3) the All Files block message on all nodes is found in the file account book of block chain, these blocks of files is marked to lose
It loses, and generates a file access pattern list;
4) start to restore the blocks of files in list;
5) correcting and eleting codes are enabled to restore this document block;
6) random code that system generates at random is come to the blocks of files name of recovery;
7) blocks of files of recovery is digitally signed with public key;
8) blocks of files after, being restored with public key encryption;
9) in the node of distributed file system, node and the alternative document block of file where the blocks of files of missing is excluded and is deposited
After the node of storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
10) blocks of files of recovery is stored on selected memory node;
11) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file
Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should
The version number of item record;
12) judge whether that all files are recovered, if all files are recovered, then follow the steps 13), such as
4) fruit thens follow the steps there are also the file not restored;
13) all end of resuming work, program exit.
Compared with prior art, document storage management technical solution of the invention has apparent advantage:
1) metadata that file stores is stored in block chain network in the form of block chain account book, utilizes the anti-tamper of block chain
The processing of mechanism and encryption, it is possible to prevente effectively from the risk that the metadata of these files is maliciously tampered.File store metadata
It is encryption storage in block chain, data are encrypted by public key, could only be decrypted with private key, and private key only rests in pipe
In reason person's hand, the risk of private key leakage is greatly reduced, to increase the safety of data.As long as in addition in block chain network
As soon as having a node online, then this metadata can be used always.Above measure has greatly ensured the safety, steady of metadata
Qualitative and system robustness.
2) storage mode of file is the mode to break the whole up into parts, i.e., by a file division at multiple blocks of files, Mei Gewen
Part block is respectively stored on different memory nodes.This dispersion storage mode can guarantee the safety of file storage, that is, work as
When some memory node breaks down, as long as other memory nodes are still normal, then on this memory node for breaking down
File can voluntarily restore by means of the present invention, so that it is guaranteed that file will not can not because of the system failure
With.
3) another beneficial effect of this storage mode to break the whole up into parts is that file is difficult completely to be deleted.Due to one
File is divided into muti-piece dispersion storage, and hacker, which will delete a file and have to realize, knows which All Files block is stored in
On node, these nodes are invaded respectively then to delete, increase invasion difficulty, cost and the time of hacker in this way, thus
Play the role of file protection.The partial document block that hacker deletes a file is to will not influence using for this document, is led to
Deleted file block can be restored by crossing method of the invention, to guarantee the complete availability of file.
4) present invention can effectively have found and file is prevented to be maliciously tampered.When the content of some blocks of files is maliciously tampered
Afterwards, it is generally hardly perceivable this document to be changed, but the digital signature of this document block can change.Due to the present invention
Scheme be the original digital signature of All Files block to be stored in the metadata of file, and the tamper-resistance properties of block chain can
It can not be tampered with the digital signature guaranteed in metadata, therefore by comparing the present digital signature of this document and first number
According to the fast original digital signature of this document of middle storage, just it is very easy to find this document block and has been tampered with.Once it was found that text
The content of part block is tampered, system just will start Restoration Mechanism, restores the blocks of files being tampered by means of the present invention, from
And ensure entire file or original content.,
The present invention will be further described with reference to the accompanying drawings and detailed description.
Detailed description of the invention
Fig. 1 is the file Stored Procedure figure in the method for the present invention;
Fig. 2 is that the file in the method for the present invention reads flow chart;
Fig. 3 is the flow chart for the file that the recovery in the method for the present invention is tampered;
Fig. 4 is the flow chart for the file that the recovery in the method for the present invention is destroyed;
Fig. 5 is the flow chart that the batch save in the method for the present invention is stored in the All Files on memory node that break down.
Specific embodiment
Referring to Fig. 1 to Fig. 5, the present invention is based on the file damage preventing methods of block chain and correcting and eleting codes, it will be involved in file
It is all made of rivest, shamir, adelman to the part of encryption, the account of system manager possesses public key and private key, and ordinary file generates
Only possess public key with the account of storage.Multiple pc server node stored as a file is networked, a distribution is constructed
The storage system of formula;By a file division at multiple blocks of files comprising correcting and eleting codes, each blocks of files is after encryption
Unique file of the random storage in different PC servers, the encryption of file are encrypted with public key, decryption be by private key Lai
Decryption.A file management system based on block chain is constructed, the metadata information of file is stored on block chain, forms file
The account book of metadata records the information of each blocks of files in metadata account book, including filename belonging to blocks of files, file
Total block data, the number of this document block, the filename of this document block, the storage location of this document block, this document block number label
The version number etc. of name and this record.Data public key encryption in metadata account book can only could be decrypted and be read with private key
Content.The method of the present invention includes five parts, the specific steps of each part are as follows:
(1) the step of file stores is as follows:
1) combine correcting and eleting codes technology by file division at N number of blocks of files;
2) each blocks of files is digitally signed with public key;
3) with each blocks of files of public key encryption;
4) filename of each encrypted blocks of files is named using the random code that system generates at random;
5) N number of memory node is found out at random in distributed memory system;
6) each blocks of files is stored on different memory nodes;
7) in the metadata account book of block chain filename belonging to storage file block, the total block data of file, this document block volume
Number, the filename of this document block, the storage location of this document block, the digital signature of this document block and this record version number.
(2) the step of file is read is as follows:
1) the file account book on block chain is read, the information of the All Files block of this document is found;
2) it is searched in distributed memory system according to the information of blocks of files and returns to all blocks of files;
3) each blocks of files is decrypted with private key;
4) digital signature of each blocks of files is verified;
5) judge whether file number of blocks is correct, if file number of blocks is correct, then follow the steps 6), if file number of blocks is not
Correctly, it thens follow the steps 8);
6) judge whether digital signature is correct, be to then follow the steps 7), otherwise execute step 9);
7) merge All Files block and form a complete file, whole process terminates;
8) blocks of files of label missing, return step 6);
9) the incorrect blocks of files of flag data signature;
10) correcting and eleting codes are enabled and restores missing or the incorrect blocks of files of digital signature, return step 7).
(3) it is as follows to restore the step of being tampered file:
1) find that the digital signature of blocks of files is incorrect;
2) label this document block cancels, synchronous to execute step 11);
3) correcting and eleting codes are enabled to restore this document block;
4) random code that system generates at random is come to the blocks of files name of recovery;
5) blocks of files of recovery is digitally signed with public key;
6) blocks of files after being restored with public key encryption;
7) in the node of distributed file system, other of the node and file where the incorrect blocks of files of the signature are excluded
After the node of blocks of files storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
8) blocks of files of recovery is stored on selected memory node, and deletes original blocks of files;
9) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file
Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should
The version number of item record;
10) system message that the file distorted is reconditioned is issued, whole process terminates;
11) alarm information that file is tampered is issued.
(4) the step of restoring missing blocks of files is as follows:
Memory node where 1 discovery blocks of files missing or blocks of files is inaccessible;
2) label this document block cancels, synchronous to execute step 11);
3) correcting and eleting codes are enabled to restore this document block;
4) random code that system generates at random is come to the blocks of files name of recovery;
5) blocks of files of recovery is digitally signed with public key;
6) blocks of files after being restored with public key encryption;
7) in the node of distributed file system, node and the alternative document block of file where the blocks of files of missing is excluded and is deposited
After the node of storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
8) blocks of files of recovery is stored on selected memory node;
9) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file
Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should
The version number of item record;
10) system message that the blocks of files lost has been restored is issued, whole process terminates;
11) alarm information of file lost block is issued.
(5) the step of restoring blocks of files on failed storage node is as follows:
1) find that the memory node where blocks of files is inaccessible;
2) memory node can not be repaired, and administrator issues the instruction for restoring file on the node;
3) the All Files block message on all nodes is found in the file account book of block chain, these blocks of files is marked to lose
It loses, and generates a file access pattern list;
4) start to restore the blocks of files in list;
5) correcting and eleting codes are enabled to restore this document block;
6) random code that system generates at random is come to the blocks of files name of recovery;
7) blocks of files of recovery is digitally signed with public key;
8) blocks of files after, being restored with public key encryption;
9) in the node of distributed file system, node and the alternative document block of file where the blocks of files of missing is excluded and is deposited
After the node of storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
10) blocks of files of recovery is stored on selected memory node;
11) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file
Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should
The version number of item record;
12) judge whether that all files are recovered, if all files are recovered, then follow the steps 13), such as
4) fruit thens follow the steps there are also the file not restored;
13) all end of resuming work, program exit.
In the present invention, in order to ensure the safety and integrity of file, prevent file by malice by technological means
It distorts or destroys, when file is maliciously distorted or destroyed, file is restored by technological means.Block chain is a kind of use
Cryptography guarantees transmission and access safety, can be realized data and unanimously stores, is difficult to tamper with, preventing the book keeping operation technology denied.It entangles
Deleting code is a kind of input tolerant for Chinese technology, is to solve the problems, such as that partial data is lost in the transmission in the communications industry earliest.It is asymmetric
Encryption Algorithm needs two keys: public-key cryptography (publickey) and private cipher key (privatekey).Public-key cryptography with it is privately owned
Key is a pair, if encrypted with public-key cryptography to data, could only be decrypted with corresponding private cipher key;If with private
There is data key to be encrypted, then could only be decrypted with corresponding public-key cryptography.The present invention includes five parts, respectively
Illustrated with embodiment.
Embodiment 1:
The method of file storage, referring to Fig. 1, detailed step is described as follows:
1) combine correcting and eleting codes technology by file division at N number of blocks of files.
Correcting and eleting codes use RS code, and parameter (n, m) is configured according to system is unified.It is more that parameter n indicates that original document will be divided into
Few part, parameter m indicate how many verification blocks of files needed.Divide a file by the RS code that parameter is (n, m), segmentation
File number of blocks afterwards is n+m.In n+m blocks of files, it is only necessary to which wherein any n data block can restore entire text
Part.Such as it is configured to (6,3), then it represents that file can be divided into 6 parts, 3 verification blocks of files be needed, then eventually generating 9
A blocks of files.At most allow there are 3 blocks of files to be destroyed in this 9 blocks of files, in this quantitative range, can restore entire
File.
2) each blocks of files is digitally signed with public key.
The message digest of blocks of files is obtained using SHA secure Hash serial algorithm.This algorithm can guarantee two differences
Input data will not generate identical cryptographic Hash, once that is, input data change the cryptographic Hash of output also can be different, because
This can be by verification data cryptographic Hash come verification of data integrity.After blocks of files Hash, elliptic curve encryption algorithm is used
Public key cryptographic Hash is encrypted, formed digital signature.
3) with each blocks of files of public key encryption.
The content of blocks of files is encrypted using the public key of elliptic curve encryption algorithm.
4) filename of each encrypted blocks of files is named using the random code that system generates at random.
The filename of encrypted blocks of files uses step 2(102) in cryptographic Hash as filename, can ensure that institute in this way
There is filename not repeat.
5) N number of memory node is found out at random in distributed memory system.
The number of N referring to RS code parameter, such as RS code parameter configuration at (6,3), then 9 files will be generated
Block, it is necessary to find out 9 memory nodes at random.
6) each blocks of files is stored on different memory nodes.
By 9 files in step 5) example by P2P agreement, or it is transmitted and stored at by RPC agreement different
On memory node.
7) filename belonging to storage file block, the total block data of file, this document block in the metadata account book of block chain
Number, the filename of this document block, the storage location of this document block, the digital signature of this document block and this record version
Number etc..
In the part transactions of the block body of block chain, stored using the data structure of Key-Value form
Above-mentioned information.Exemplary contents such as table 1(example does not guarantee the reasonability of data value only for indicating data structure):
Key | Value |
FileName | ABIS_20180603123540_2051_000.dat |
TotalBlocks | 9 |
BlockID | 1 |
BlockName | QTEIUTPJ[LOLSXJGFBNCVMN |
BlockLocation | node4:///data/2018/06/03 |
DigitalSignature | QSAWXECFEVFTVUTNBIUNIJLM |
Version | 1 |
Table 1
Data in deposit block chain are encrypted using the public key of elliptic curve encryption algorithm.These encrypted data only have
It could be decrypted using the private key of elliptic curve encryption algorithm.
Through the above steps, 9 different storage sections will be stored encrypted in respectively by a file declustering at 9 parts
On point, in this 9 parts of files, it is only necessary to which any 6 parts of files can revert to original complete file, i.e., once having some file not
Can with or be tampered, system can be recovered according to alternative document original file come.
Embodiment 2:
The step of file provided by the invention is read, referring to 2, detailed step is described as follows:
1) the file account book on block chain is read, the information of the All Files block of this document is found.
The file account book on block chain is decrypted by the private key of elliptic curve encryption algorithm, in block body
In transactions data structure, the value for finding out all FileName fields is the record for needing the filename read, example
Such as all records that FileName field is ABIS_20180603123540_2051_000.dat, and finishing screen selects maximum
The record of Version value.
2) it is searched in distributed memory system according to the information of blocks of files and returns to all blocks of files.
In above-mentioned steps 1) query result in, according to the value of BlockName, BlockLocation field from corresponding
By P2P agreement on memory node, or each blocks of files is obtained by RPC agreement.
3) each blocks of files is decrypted with private key.
Each blocks of files is decrypted with the private key of elliptic curve encryption algorithm.
4) digital signature of each blocks of files is verified.
The message digest that blocks of files is obtained using SHA secure Hash serial algorithm, then find out this document block it is corresponding on
State step 1(201) query result in DigitalSignature field, the value of the field is decrypted with private key, obtains this
The original message digest of blocks of files.The two message digests are compared, judge whether the two is identical.
5) judge whether file number of blocks is correct, if file number of blocks is correct, then follow the steps 6), if file block number
It measures incorrect, thens follow the steps 8).
According to the blocks of files that step 2 returns, the query result of step 1) is compared, checks whether All Files block all
Or it obtains.
6) continue to judge that digital signature is correct.If blocks of files digital signature is correct, then follow the steps 7), if blocks of files
Digital signature is incorrect, thens follow the steps 9).
According to step 4) as a result, checking whether the digital signature of All Files block is correct.
7) merge All Files block and form a complete file, whole process terminates.
If the verifying of step 5) and the verifying of step 6) all pass through, all blocks of files are closed by correcting and eleting codes technology
And at a complete file, complete file is returned to the reading side of file, whole process terminates.
8) blocks of files of label missing, return step 6).
If the verifying of step 5) does not pass through, in a list that the blocks of files of missing is recorded in memory, then
Return step 6).
9) the incorrect blocks of files of flag data signature.
If the verifying of step 6) does not pass through, the incorrect blocks of files of digital signature is recorded to a column in memory
In table, then proceed to execute step 10).
10) correcting and eleting codes are enabled and restores missing or the incorrect blocks of files of digital signature, return step 7).
Using correcting and eleting codes technology, restore missing or the incorrect blocks of files of digital signature by correct blocks of files, most
All blocks of files are obtained afterwards, then return step 7).
Embodiment 3:
The method provided by the invention for restoring to be tampered file, referring to 3, detailed step is described as follows:
1) that, it is found that the digital signature of blocks of files is incorrect.
In example 2, if it find that the digital signature of some blocks of files is incorrect, then illustrate that this document block is tampered
It crosses, then this blocks of files cannot then be used.
2) label this document block cancels, synchronous to execute step 11).
In the list that the incorrect blocks of files of digital signature is recorded in memory, this document block is considered as scarce by system
Mistake state.System is performed simultaneously step 11), issues alarm information.
3) correcting and eleting codes are enabled to restore this document block.
Using correcting and eleting codes technology, restores the incorrect blocks of files of the digital signature by correct blocks of files, obtain original
The blocks of files of beginning state.
4) random code that system generates at random is come to the blocks of files name of recovery.
Come referring to the method for step 4) in embodiment 1 to the blocks of files name after recovery.
5) blocks of files of recovery is digitally signed with public key.
Come referring to the method for step 4) in embodiment 1 to the blocks of files name after recovery.
6) blocks of files after being restored with public key encryption.
To give file block encryption referring to the method for step 3) in embodiment 1.
7) in the node of distributed file system, node where the incorrect blocks of files of the signature and file are excluded
After the node of alternative document block storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random.
This document is passed through to P2P agreement fastly, or is transmitted and stored on selected memory node by RPC agreement.It deposits
The principle of storage node selection is cannot be identical as the node that this document block originally stored, can not be with the alternative document of original document
The memory node of block is identical.
8) blocks of files of recovery is stored on selected memory node, and deletes original blocks of files.
After blocks of files after recovery being stored on selected memory node, system can be by the blocks of files being tampered from original
Memory node on complete deletion.
9) record for increasing blocks of files in the file account book of block chain newly, records filename belonging to blocks of files, file
Total block data, the number of this document block, the filename of this document block, the storage location of this document block, the digital signature of this document block
With the version number etc. of this record.
In the part transactions of the block body of block chain, stored using the data structure of Key-Value form
The information of the blocks of files of recovery.Referring to embodiment 1, exemplary contents such as table 2(example does not guarantee only for indicating data structure
The reasonability of data value):
Key | Value |
FileName | ABIS_20180603123540_2051_000.dat |
TotalBlocks | 9 |
BlockID | 1 |
BlockName | QTEIUTPJ[LOLSXJGFBNCVMN |
BlockLocation | node8:///data/2018/06/03 |
DigitalSignature | QSAWXECFEVFTVUTNBIUNIJLM |
Version | 2 |
Table 2
That there are two o'clocks is different for the content of the data structure and original content, one be BlockLocation field content, by
Original " node4: ///data/2018/06/03 " is changed to " node8: ///data/2018/06/03 ".The other is
The content of Version field is changed to " 2 " by original " 1 ".
10) system message that the file distorted is reconditioned is issued, whole process terminates.
System issues the message that file is successfully restored, and then terminates whole process.
11) alarm information that file is tampered is issued.
System issues alarm information, and the content for alerting some blocks of files is tampered, and this document block is unavailable, and system is just certainly
In dynamic recovery.
Embodiment 4:
The method provided by the invention for restoring missing blocks of files, referring to fig. 4, specific operating method is referring to implementation for detailed step
Method in the same steps of example 3:
1) the storage point where finding blocks of files missing or blocks of files is inaccessible.
Specific operating method is referring to step 1) in embodiment 3.
2) label this document block cancels, synchronous to execute step 11).
Specific operating method is referring to step 2 in embodiment 3.
3) correcting and eleting codes are enabled to restore this document block.
Specific operating method is referring to step 3) in embodiment 3.
4) random code that system generates at random is come to the blocks of files name of recovery.
Specific operating method is referring to step 4) in embodiment 3.
5) blocks of files of recovery is digitally signed with public key.
Specific operating method is referring to step 5) in embodiment 3.
6) blocks of files after being restored with public key encryption.
Specific operating method is referring to step 6) in embodiment 3.
7) in the node of distributed file system, exclude missing blocks of files where node and file alternative document
After the node of block storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random.
Specific operating method is referring to step 7) in embodiment 3.
8) blocks of files of recovery is stored on selected memory node.
Specific operating method is referring to step 8) in embodiment 3.
9) record for increasing blocks of files in the file account book of block chain newly, records filename belonging to blocks of files, file
Total block data, the number of this document block, the filename of this document block, the storage location of this document block, the digital signature of this document block
With the version number etc. of this record.
Specific operating method is referring to step 9) in embodiment 3.
10) the recovered system message of the blocks of files of missing is issued.
Specific operating method is referring to step 10) in embodiment 3.
Step 11) issues the alarm information of file lost block.
Specific operating method is referring to the step 11) in embodiment 3.
Embodiment 5:
The method provided by the invention for restoring blocks of files on failed storage node, referring to Fig. 5, detailed step is described as follows,
In some specific operating methods referring to the correspondence step in embodiment 3 method:
1) find that the memory node where blocks of files is inaccessible.
2) memory node can not be repaired, and administrator issues the instruction for restoring file on the node.
3) the All Files block message on all nodes is found in the file account book of block chain, marks these blocks of files
It loses, and generates a file access pattern list.
The file account book on block chain is read, the information of the All Files block on malfunctioning node is found.Pass through elliptic curve
File account book on the private key decryption block chain of Encryption Algorithm is found out in the transactions data structure of block body
The value of all FileLocation fields includes the record of malfunctioning node, such as includes node4's in FileLocation field
All records, and finishing screen selects the record of maximum Version value.All records filtered out are formed into a column in memory
Table, it is subsequent that file is restored according to this list one by one.
4) start to restore the blocks of files in list.
5) correcting and eleting codes are enabled to restore this document block.
Specific operating method is referring to step 3) in embodiment 3.
6) random code that system generates at random is come to the blocks of files name of recovery.
Specific operating method is referring to step 4) in embodiment 3.
7) blocks of files of recovery is digitally signed with public key.
Specific operating method is referring to the step 5) in embodiment 3.
8) blocks of files after being restored with public key encryption.
Specific operating method is referring to step 6) in embodiment 3.
9) in the node of distributed file system, exclude missing blocks of files where node and file alternative document
After the node of block storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random.
Specific operating method is referring to step 7) in embodiment 3.
10) blocks of files of recovery is stored on selected memory node.
Specific operating method is referring to step 8) in embodiment 3.
11) record for increasing blocks of files in the file account book of block chain newly, records filename belonging to blocks of files, file
Total block data, the number of this document block, the filename of this document block, the storage location of this document block, the digital signature of this document block
With the version number etc. of this record.
Specific operating method is referring to step 9) in embodiment 3.
12) judge whether that all files are recovered, if all files are recovered, then follow the steps
13), if there are also the file not restored, return step 4);
13) all end of resuming work, program exit.
All the above embodiment is only the preferred embodiments of the invention, and implementation model of the invention is not limited with this
It encloses, therefore all shapes according to the present invention, changes made by principle, should all be included within the scope of protection of the present invention.
Claims (1)
1. a kind of file damage preventing method based on block chain and correcting and eleting codes, its method and step are as follows: be related to encrypting in file
Part be all made of rivest, shamir, adelman, the account of system manager possesses public key and private key, and ordinary file generates and storage
Account only possess public key;Multiple pc server node stored as a file is networked, building one is distributed to deposit
Storage system;By a file division at multiple blocks of files comprising correcting and eleting codes, each blocks of files is deposited at random after encryption
The unique file in different PC servers is stored up, the encryption of file is encrypted with public key, and decryption is decrypted by private key;Structure
The file management system based on block chain is built, the metadata information of file is stored on block chain, forms file metadata
Account book, the information of each blocks of files, total block including filename belonging to blocks of files, file are record in metadata account book
Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should
The version number of item record;Data public key encryption in metadata account book, can only could be decrypted and reading of content with private key;It is wrapped
Include five parts, the specific steps of each part are as follows:
(1) the step of file stores is as follows:
1) combine correcting and eleting codes technology by file division at N number of blocks of files;
2) each blocks of files is digitally signed with public key;
3) with each blocks of files of public key encryption;
4) filename of each encrypted blocks of files is named using the random code that system generates at random;
5) N number of memory node is found out at random in distributed memory system;
6) each blocks of files is stored on different memory nodes;
7) in the metadata account book of block chain filename belonging to storage file block, the total block data of file, this document block volume
Number, the filename of this document block, the storage location of this document block, the digital signature of this document block and this record version number;
(2) the step of file is read is as follows:
1) the file account book on block chain is read, the information of the All Files block of this document is found;
2) it is searched in distributed memory system according to the information of blocks of files and returns to all blocks of files;
3) each blocks of files is decrypted with private key;
4) digital signature of each blocks of files is verified;
5) judge whether file number of blocks is correct, if file number of blocks is correct, then follow the steps 6), if file number of blocks is not
Correctly, it thens follow the steps 8);
6) judge whether digital signature is correct, be to then follow the steps 7), otherwise execute step 9);
7) merge All Files block and form a complete file, whole process terminates;
8) blocks of files of label missing, return step 6);
9) the incorrect blocks of files of flag data signature;
10) correcting and eleting codes are enabled and restores missing or the incorrect blocks of files of digital signature, return step 7);
(3) it is as follows to restore the step of being tampered file:
1) find that the digital signature of blocks of files is incorrect;
2) label this document block cancels, synchronous to execute step 11);
3) correcting and eleting codes are enabled to restore this document block;
4) random code that system generates at random is come to the blocks of files name of recovery;
5) blocks of files of recovery is digitally signed with public key;
6) blocks of files after being restored with public key encryption;
7) in the node of distributed file system, other of the node and file where the incorrect blocks of files of the signature are excluded
After the node of blocks of files storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
8) blocks of files of recovery is stored on selected memory node, and deletes original blocks of files;
9) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file
Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should
The version number of item record;
10) system message that the file distorted is reconditioned is issued, whole process terminates;
11) alarm information that file is tampered is issued;
(4) the step of restoring missing blocks of files is as follows:
Memory node where 1 discovery blocks of files missing or blocks of files is inaccessible;
2) label this document block cancels, synchronous to execute step 11);
3) correcting and eleting codes are enabled to restore this document block;
4) random code that system generates at random is come to the blocks of files name of recovery;
5) blocks of files of recovery is digitally signed with public key;
6) blocks of files after being restored with public key encryption;
7) in the node of distributed file system, node and the alternative document block of file where the blocks of files of missing is excluded and is deposited
After the node of storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
8) blocks of files of recovery is stored on selected memory node;
9) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file
Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should
The version number of item record;
10) system message that the blocks of files lost has been restored is issued, whole process terminates;
11) alarm information of file lost block is issued;
(5) the step of restoring blocks of files on failed storage node is as follows:
1) find that the memory node where blocks of files is inaccessible;
2) memory node can not be repaired, and administrator issues the instruction for restoring file on the node;
3) the All Files block message on all nodes is found in the file account book of block chain, these blocks of files is marked to lose
It loses, and generates a file access pattern list;
4) start to restore the blocks of files in list;
5) correcting and eleting codes are enabled to restore this document block;
6) random code that system generates at random is come to the blocks of files name of recovery;
7) blocks of files of recovery is digitally signed with public key;
8) blocks of files after, being restored with public key encryption;
9) in the node of distributed file system, node and the alternative document block of file where the blocks of files of missing is excluded and is deposited
After the node of storage, an available memory node is looked for be used to the blocks of files of recovery of stomge at random;
10) blocks of files of recovery is stored on selected memory node;
11) record for increasing blocks of files newly in the file account book of block chain, records total block of filename belonging to blocks of files, file
Number, the number of this document block, the filename of this document block, the storage location of this document block, this document block digital signature and should
The version number of item record;
12) judge whether that all files are recovered, if all files are recovered, then follow the steps 13), such as
4) fruit thens follow the steps there are also the file not restored;
13) all end of resuming work, program exit.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910128898.3A CN110018924A (en) | 2019-02-21 | 2019-02-21 | A kind of file damage preventing method based on block chain and correcting and eleting codes |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910128898.3A CN110018924A (en) | 2019-02-21 | 2019-02-21 | A kind of file damage preventing method based on block chain and correcting and eleting codes |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110018924A true CN110018924A (en) | 2019-07-16 |
Family
ID=67189115
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910128898.3A Pending CN110018924A (en) | 2019-02-21 | 2019-02-21 | A kind of file damage preventing method based on block chain and correcting and eleting codes |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110018924A (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110633580A (en) * | 2019-09-20 | 2019-12-31 | 徐州医科大学附属医院 | Secure distributed storage method oriented to XML data |
CN110674511A (en) * | 2019-08-30 | 2020-01-10 | 深圳壹账通智能科技有限公司 | Offline data protection method and system based on elliptic curve encryption algorithm |
CN111209262A (en) * | 2020-01-10 | 2020-05-29 | 浪潮天元通信信息系统有限公司 | Large-scale distributed safe storage system based on block chain |
CN112800450A (en) * | 2021-02-05 | 2021-05-14 | 北京众享比特科技有限公司 | Data storage method, system, device, equipment and storage medium |
CN113360315A (en) * | 2020-03-06 | 2021-09-07 | 科大国盾量子技术股份有限公司 | Data center |
US11307927B2 (en) | 2019-10-15 | 2022-04-19 | Alipay (Hangzhou) Information Technology Co., Ltd. | Indexing and recovering encoded blockchain data |
CN115801289A (en) * | 2023-02-09 | 2023-03-14 | 大唐电商技术有限公司 | Method for monitoring data based on block chain |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107273410A (en) * | 2017-05-03 | 2017-10-20 | 上海点融信息科技有限责任公司 | Distributed storage based on block chain |
CN107360156A (en) * | 2017-07-10 | 2017-11-17 | 广东工业大学 | P2P network method for cloud storage based on block chain under a kind of big data environment |
US20180217898A1 (en) * | 2017-01-31 | 2018-08-02 | Acronis International Gmbh | System and method for supporting integrity of data storage with erasure coding |
CN109087180A (en) * | 2018-08-28 | 2018-12-25 | 天津闪速炼铁技术有限公司 | The product sale and product manufacturing system constructed based on network and block chain technology |
CN109194466A (en) * | 2018-10-29 | 2019-01-11 | 南开大学 | A kind of cloud data integrity detection method and system based on block chain |
CN109361952A (en) * | 2018-12-14 | 2019-02-19 | 司马大大(北京)智能系统有限公司 | Video management method, apparatus, system and electronic equipment |
-
2019
- 2019-02-21 CN CN201910128898.3A patent/CN110018924A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20180217898A1 (en) * | 2017-01-31 | 2018-08-02 | Acronis International Gmbh | System and method for supporting integrity of data storage with erasure coding |
CN107273410A (en) * | 2017-05-03 | 2017-10-20 | 上海点融信息科技有限责任公司 | Distributed storage based on block chain |
CN107360156A (en) * | 2017-07-10 | 2017-11-17 | 广东工业大学 | P2P network method for cloud storage based on block chain under a kind of big data environment |
CN109087180A (en) * | 2018-08-28 | 2018-12-25 | 天津闪速炼铁技术有限公司 | The product sale and product manufacturing system constructed based on network and block chain technology |
CN109194466A (en) * | 2018-10-29 | 2019-01-11 | 南开大学 | A kind of cloud data integrity detection method and system based on block chain |
CN109361952A (en) * | 2018-12-14 | 2019-02-19 | 司马大大(北京)智能系统有限公司 | Video management method, apparatus, system and electronic equipment |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110674511A (en) * | 2019-08-30 | 2020-01-10 | 深圳壹账通智能科技有限公司 | Offline data protection method and system based on elliptic curve encryption algorithm |
CN110633580A (en) * | 2019-09-20 | 2019-12-31 | 徐州医科大学附属医院 | Secure distributed storage method oriented to XML data |
US11307927B2 (en) | 2019-10-15 | 2022-04-19 | Alipay (Hangzhou) Information Technology Co., Ltd. | Indexing and recovering encoded blockchain data |
CN111209262A (en) * | 2020-01-10 | 2020-05-29 | 浪潮天元通信信息系统有限公司 | Large-scale distributed safe storage system based on block chain |
CN111209262B (en) * | 2020-01-10 | 2023-06-16 | 浪潮通信信息系统有限公司 | Large-scale distributed secure storage system based on block chain |
CN113360315A (en) * | 2020-03-06 | 2021-09-07 | 科大国盾量子技术股份有限公司 | Data center |
CN112800450A (en) * | 2021-02-05 | 2021-05-14 | 北京众享比特科技有限公司 | Data storage method, system, device, equipment and storage medium |
CN112800450B (en) * | 2021-02-05 | 2022-02-18 | 北京众享比特科技有限公司 | Data storage method, system, device, equipment and storage medium |
CN115801289A (en) * | 2023-02-09 | 2023-03-14 | 大唐电商技术有限公司 | Method for monitoring data based on block chain |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110018924A (en) | A kind of file damage preventing method based on block chain and correcting and eleting codes | |
CN108647523B (en) | Block chain-based electronic certification system and certificate storage and file recovery method | |
US20200374126A1 (en) | Method for storing an object on a plurality of storage nodes | |
Zafar et al. | A survey of cloud computing data integrity schemes: Design challenges, taxonomy and future trends | |
CN108076057B (en) | Data security system and method based on block chain | |
CN101278298B (en) | System and method for performing a trust-preserving migration of data objects from a source to a target | |
US8135135B2 (en) | Secure data protection during disasters | |
US20080162589A1 (en) | Weakly-consistent distributed collection compromised replica recovery | |
US20090092252A1 (en) | Method and System for Identifying and Managing Keys | |
US9256499B2 (en) | Method and apparatus of securely processing data for file backup, de-duplication, and restoration | |
AU2010258678A1 (en) | Secure and private backup storage and processing for trusted computing and data services | |
JP2008250369A (en) | Management method of secrete data file, management system and proxy server therefor | |
CN109995505A (en) | A kind of mist calculates data safety machining system and method, cloud storage platform under environment | |
US20220269807A1 (en) | Detecting unauthorized encryptions in data storage systems | |
Virvilis et al. | A cloud provider-agnostic secure storage protocol | |
Shekhtman et al. | EngraveChain: Tamper-proof distributed log system | |
Rani et al. | Tampering detection of distributed databases using blockchain technology | |
KR20050032016A (en) | Method of managing file structure in memory card and its related technology | |
Shu et al. | Secure storage system and key technologies | |
JP7234096B2 (en) | Security management system and security management method | |
Song et al. | Techniques to audit and certify the long-term integrity of digital archives | |
Burns et al. | Verifiable audit trails for a versioning file system | |
Harman et al. | Cyber resiliency automation using blockchain | |
CN111404662B (en) | Data processing method and device | |
Khan et al. | Comprehensive analysis of data storage security in cloud |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190716 |