Specific embodiment
In order to make those skilled in the art more fully understand the technical solution in this specification embodiment, below in conjunction with this
Attached drawing in specification embodiment is described in detail the technical solution in this specification embodiment, it is clear that described
Embodiment is only a part of the embodiment of this specification, instead of all the embodiments.The embodiment of base in this manual,
Those of ordinary skill in the art's every other embodiment obtained, all should belong to the range of protection.
Firstly the need of explanation, in current server architecture, database server can be the visitor directly docked
Family end personal user is also possible to dock client personal user by some application servers, and database server then docks
The application server.As shown in Figure 1, the schematic diagram of system architecture involved in Fig. 1 current techniques.
Therefore, in this specification embodiment, when user is application server, database service provider can be figure
Database server shown in 1;And when user is client personal user, database service provider is also possible to by answering
The server-side constituted with server and database server is whole.But no matter in that case, all it is for the storage of data
It is completed in database service provider, and the instruction for being also based on user for the operation of data (change including additions and deletions look into etc.) exists
Database service provider carries out, and user data and is stored in database service provider to the operating result of data, uses
The data cannot be stored in family and other equipment.In other words, the database service provider in this specification be with
The form of centralization provides data service.
Below in conjunction with attached drawing, the technical solution that each embodiment of this specification provides is described in detail.As shown in Fig. 2, Fig. 2 is this
A kind of flow diagram for data verification method that specification embodiment provides, the process specifically comprise the following steps:
S201, receives the verifying instruction of user, includes the cryptographic Hash or data block of data record in the verifying instruction
It is high.
Which specifically, verifying instruction can be initiated by user, needed by the way that parameter is specified to data in verifying instruction
Block initiates verifying, for example, a data block can be specified by cryptographic Hash or block height, before or after the data block
Whether multiple data blocks are initiated correctly to verify;Alternatively, specifying a data record by cryptographic Hash, a data record is verified
With the presence or absence of in database.Following exemplary gives several verification modes provided by this specification embodiment:
The first, input cryptographic Hash, data block is determined by cryptographic Hash, verifying is executed to the data block, be verified as a result,
Specifically, can be realized by verifying instruction VERIFY (' khash ' , &v).
Second, cryptographic Hash is inputted, corresponding data block is determined by cryptographic Hash or determines that the corresponding data of cryptographic Hash are remembered
The locating data block of record, is verified up to initial data block forward from determining data BOB(beginning of block), specifically, can be referred to by verifying
VERIFY (' khash ', -1) is enabled to realize, it is however generally that, original block a height of " 0 " or " 1 ", therefore, therein -1 can also be with
It is other less than the high value of original block, so that service side is not it is recognised that this parameter is an especially small block high level, meaning
Need to verify always to initial data block.
The third, inputs cryptographic Hash, determines corresponding data block by cryptographic Hash, verify forward from determining data BOB(beginning of block)
The data block of specified number, specifically, can be realized by verifying instruction VERIFY (' khash ' , &v, blknum).
4th kind, the quantity that input block height and needs are verified verifies forward specified number by the high corresponding data BOB(beginning of block) of block
Continuous multiple data blocks of amount, specifically, can be realized by verifying instruction VERIFY (blkh , &v, blknum).
S203 verifies data record corresponding to the cryptographic Hash of the data record in the verifying instruction with the presence or absence of described
In database;Alternatively, whether the data block of verifying specified quantity determined by the data block height is correct.
Service side is after receiving verifying instruction, it can analyzes the instruction and obtain corresponding certificate parameter, including block height
And cryptographic Hash, scheduled verifying logic is then executed according to block height or cryptographic Hash.For example, the verification mode for data block can
To be, from the data BOB(beginning of block) of verifying instruction, calculate the current cryptographic Hash of each data block, and in data block
The cryptographic Hash for the data block for including is matched, if not exactly the same, authentication failed.
When parsing obtains cryptographic Hash, service side can carry out traversal queries to verify whether the Hash corresponds to some data
Record;Alternatively, inquiry obtains the height of block corresponding to the cryptographic Hash and offset, the block then obtained according to reading from concordance list
High and offset obtains Data Data in plain text, and is further verified according to data clear text.
S205 returns to verification result to user.Verify obtain the result is that one " having " or "None", and " correct " or
Metadata as person's " incorrect ".
Under the scene for carrying out the storage of centralization to data record in a manner of data block chain in service side, each data block
In include the cryptographic Hash of the data block determined by the cryptographic Hash and the data record that itself is included of last data block, data
The provider of service can not easily make a change the data of storage.User can be verified by input cryptographic Hash at any time
Data record corresponding to cryptographic Hash whether there is, and the data for specifying specific data block to carry out entirely or partially are complete
Property verifying, ensure that the integrality of user data, improve user experience.
The database service provider of the centralization involved by this specification embodiment, data block are preparatory in the following way
It generates:
Data record to be stored is received, determines the cryptographic Hash of each data record.The data record of to be stored, can herein
To be the various consumer records of client personal user, it is also possible to instruction of the application server based on user, in the business of execution
Business result, intermediate state and operation note for being generated when logic etc..Specific business scenario may include consumer record,
Audit log, supply chain, government regulation record, medical records etc..
When reaching preset blocking condition, each data record in data block to be written is determined, generating includes data block
Cryptographic Hash and data record n-th data block.
The preset blocking condition includes: that data record quantity to be stored reaches amount threshold, for example, often receiving
When 1000 datas record, a new data block is generated, 1,000 datas are recorded in write-in block;Alternatively, apart from the last time at
The time interval at block moment reaches time threshold, for example, a new data block was generated every 5 minutes, it will be inscribed at this 5 minutes
In the data record write-in block received.
N herein refers to the serial number of data block, and in other words, in this specification embodiment, data block is with block chain
Form, the sequence based on Chunky Time successively arrange, and have very strong temporal aspect.Wherein, the block height of data block is based on blocking
The sequencing monotonic increase of time.Block height can be serial number, and the block height of n-th data block is N at this time;Block height can also be with it
Its mode generates.
As N=1, i.e., data block at this time is initial data block.The cryptographic Hash and block height of initial data block are based on pre-
If mode is given.For example, not including data record in initial data block, cryptographic Hash is then any given cryptographic Hash, and block is high
Blknum=0;In another example the generation trigger condition of initial data block is consistent with the trigger condition of other data blocks, but it is initial
The cryptographic Hash of data block is by taking Hash to determine all the elements in initial data block.
As N > 1, since content and the cryptographic Hash of last data block are it has been determined that then at this point it is possible to be based on last data
The cryptographic Hash of block (i.e. the N-1 data block) generates the cryptographic Hash of current data block (n-th data block), for example, a kind of feasible
Mode be to determine that the cryptographic Hash of the data record in n-th block will be written in each, according to putting in order in block,
A Merkel tree is generated, the cryptographic Hash of the root cryptographic Hash of Merkel tree and last data block is stitched together, is used again
Hash algorithm generates the cryptographic Hash of current block.In another example can also be spliced according to the sequence of data record in block and take Kazakhstan
The uncommon cryptographic Hash for obtaining overall data record splices the cryptographic Hash of last data block and the cryptographic Hash of overall data record, and right
Splice obtained word string and carry out Hash operation, generates the cryptographic Hash of data block.
By the generating mode of data block above-mentioned, each data block is determined by cryptographic Hash, the cryptographic Hash of data block
It is determined by the cryptographic Hash of the content of the data record in data block, sequence and last data block.User can be at any time based on number
Verifying is initiated according to the cryptographic Hash of block, for content any in data block (including for data record content in data block or suitable
The modification of sequence) cryptographic Hash of the modification when cryptographic Hash of data block being calculated in verifying and data block can all be caused to generate
It is inconsistent, and lead to authentication failed, thus can not distort under realizing centralization.
When user needs through block height come specific authentication, whole test is carried out as previously mentioned, can be from initial BOB(beginning of block)
Card, can also carry out the verifying of part, and verifying is can be traversed according to serial number, can also carry out out of order, for example, with
Machine fishes for any data block, is verified to give to mark and no longer fish for, until all data blocks verify.
Specific verification mode are as follows: be directed to any determined data block, obtain the data record of the data block and previous
The cryptographic Hash of data block.The data block is calculated according to the cryptographic Hash of the data record of the data block and last data block
Current cryptographic Hash, the mode for calculating current cryptographic Hash herein and the mode of cryptographic Hash for generating data block should be consistent.
For example, the calculation when generating the cryptographic Hash of data block are as follows: according to the cryptographic Hash and sequence of data record in block
The Merkel tree of data block is generated, splices the cryptographic Hash of last data block and the root cryptographic Hash of Merkel tree, and obtain to splicing
Word string carry out Hash operation, generate the cryptographic Hash of data block.Then at this time, it should also calculate also according to which current
Cryptographic Hash.If the calculation when generating the cryptographic Hash of data block are as follows: spliced and taken according to the sequence of data record in block
Hash obtains the cryptographic Hash of overall data record, splices the cryptographic Hash of last data block and the cryptographic Hash of overall data record, and
Hash operation is carried out to the word string that splicing obtains, generates the cryptographic Hash of data block, it should also be calculated also according to which
Current cryptographic Hash.
Whether the cryptographic Hash of the current cryptographic Hash and the data block of verifying the data block is identical, and then verifying is logical if they are the same
It crosses, otherwise, authentication failed.
Service side can also add the signature of service side, the concrete mode of signature in this process at this time are as follows: using clothes
Business device private key encrypts the verification result, generates server to the private key signature of the verification result;Return to the private
Key signature and verification result to user, so that user is verified using private key signature described in corresponding public key decryptions, thus with
Family can be confirmed that the verification result is that service side is recognized.It is needed specifically, can arbitrarily verify instruction end and characterization is added
The parameter " CERT " for wanting service side to sign, such as: VERIFY (' khash ' , &v, blknum, CERT), so that service side can be
After verification result comes out, sign in returning the result with service side.
After being stored to data record, some relevant index informations can also be resettled, for example, due to
What is saved in data block is data record, without the cryptographic Hash of data record.Therefore, in order to which finding of can be convenient is any
Data record, can establish using the cryptographic Hash of data record as key, and with the block of data block locating for data record, high, data are recorded in
Offset in locating data block is the index of value, is stored.Data record is inquired to more can be convenient.It needs
It is noted that the creation of above-mentioned index information is relative to blocking can be asynchronous progress, and, above-mentioned index information can be with
Backup is sent to user, thus user also can be convenient any data record is inquired or is verified according to index.
In query process, the block of data block locating for data record can be obtained based on the cryptographic Hash inquiry that user inputs
High, data are recorded in offset or data record plaintext in locating data block, alternatively, inquiry obtains the cryptographic Hash of data block
The block of corresponding data block is high, and returns to query result.
Specific inquiry mode can be realized by inquiry instruction.Include the to be checked of user's input in inquiry instruction
Cryptographic Hash.Cryptographic Hash herein can be the cryptographic Hash of data record or the cryptographic Hash of data block, database service mention
Supplier can carry out traversal queries from data block, can also be inquired from the index pre-established.
Following exemplary enumerates several inquiry modes provided by several this specification embodiments:
The first, the cryptographic Hash of input block, all data clear texts in returned data block;Alternatively, input data is remembered
The cryptographic Hash of record, returned data record in plain text, specifically, inquiry instruction SELECT (khash , &v) realization can be used, work as clothes
When business side receives corresponding inquiry instruction, i.e., query logic above-mentioned is executed to return the result based on cryptographic Hash.
Second, the block of the cryptographic Hash of input data record, the locating data block of returned data record is high, and, at this
Offset in data block, specifically, inquiry instruction SELECT (khash , &v, FULL) realization can be used;
The third, it is high to return to block according to block Hash for the cryptographic Hash of input block.Specifically, inquiry instruction can be used
SELECT (khash, BLK) Lai Shixian.
It is of course also possible to which there are users to have input a cryptographic Hash, and service side cannot inquire the feelings of corresponding result
Shape.For example, user has input the corresponding cryptographic Hash of a data record, and service side's inquiry is less than as a result, so at this point, user
Can be with reasonable doubt, data record corresponding to the Hash has occurred that variation, it may be possible to be tampered, or be possible to
Loss of data has occurred.
Cryptographic Hash due in query process, needing to rely on data record cryptographic Hash or data block is inquired.It changes
Yan Zhi, each data record have required corresponding data record Hash.Therefore when user needs storing data, can pass through
The addition instruction of dedicated addition data record, is added specific data record, service side determines described to be added
The cryptographic Hash of data record, and the block Hash of block locating for the cryptographic Hash and the data record of the data record is returned to user;
The data record to be added is stored in local cache, when to meet preset blocking condition, the data record is write
Enter in new data block.To which user can look into according to the Hash to data record when needing to inquire
It askes.The following are the instructions that record is illustratively added provided by this specification embodiment:
APPEND (v , &khash): addition data record, the cryptographic Hash of returned data record.
Further, in storing process, service side can also provide the signature of corresponding service platform, specifically include as
Under type: encrypting the data record using privacy key, generates server to the private key label of the data record
Name;The cryptographic Hash of the private key signature and data record is returned to user, so that user uses private described in corresponding public key decryptions
Key signature is verified.To which user can be confirmed that the cryptographic Hash is that service side is recognized.Specifically, user can add
Service side is required to provide the signature in instruction, the following are the additions for illustratively returning to signature provided by this specification embodiment
The instruction of record:
APPEND (v , &khash, CERT): the corresponding cryptographic Hash of returned data record, and, return to service side's signature
Certificate.
Certainly, in the other types of database manipulation provided by this specification embodiment, for example, inquiry, removing,
It can also include service side's signing certificate in returning the result in the other database manipulations of verifying and concealment etc..
Under another embodiment, if in the content of data block also including the timestamp or data note of data block
The timestamp of record, alternatively, when database service side has also pre-generated related index, for example, generated when blocking block it is high and at
The cryptographic Hash of the index or data block of the index of block timestamp or the cryptographic Hash of data record and logging timestamp and at
The index etc. of block time, then at this point, service side can also provide corresponding time inquiring mode, it can from data block
When perhaps inquiring the high perhaps cryptographic Hash of corresponding block by time value in index or inquiring corresponding by cryptographic Hash or block height
Between be worth, following exemplary enumerates several time-based inquiry modes provided by this specification embodiment:
The first, input block is high, the Chunky Time of the high corresponding data block of query block, specifically, can be by time inquiring
TIME (blknum , &v) is instructed to realize.
Second, cryptographic Hash is inputted, returns to timestamp corresponding to cryptographic Hash, cryptographic Hash here can be data block
Cryptographic Hash is also possible to the cryptographic Hash of data record, specifically, TIME (' khash ' , &v) can be instructed real by time inquiring
It is existing.
The third, input time value, the block for returning to the last one data block before the time value is high, alternatively, returning
The block of the cryptographic Hash of the last item data record and locating data block is high before the time value, specifically, can be by the time
Inquiry instruction LTIME (' timestamp ' , &v) it realizes.
In this specification embodiment, if user no longer needs the service, data can be carried out before terminating service
Global purge.For example, user inputs account book ID, service side removes the account book, for example, real by clearance order PURGE (lgid)
Existing, alternatively, user also inputs a time span, service side first files the account book, after reaching the time span, service side
The account book is removed, for example, being realized by clearance order PURGE (lgid, day-archive).
And since the data of user constantly increase, memory space is caused to occupy more and more or some longer
The historical data of time is no longer valuable for user, at this point, database service side is also based on the demand of user, it is right
Data block carries out corresponding part and removes.When part is removed, it can carry out at or time point high based on block.
For example, user specifies account book ID and block high, the data block before service side determines block height based on block height is to need
Then the data block to be removed removes these and determines the data block for needing to remove, specifically, can be by clearance order PURGE
(lgid, d-a, blkbound) is realized.
In another example user specifies account book ID and time point, service side is based on time point and determines at the time point before most
The data block generated before the data block is determined as the data block for needing to remove, then clearly by the data block that the latter generates
Except these determine the data block for needing to remove, specifically, can be real by clearance order PURGE (lgid, d-a, ' timestmp ')
It is existing.
Before execution part removing, since the cryptographic Hash of first data block of the data block chain after removing is before being based on
What the cryptographic Hash of one data block generated, at this time, it is also necessary to generate a pseudo- initial data block, the cryptographic Hash etc. of pseudo- initial data block
In the cryptographic Hash of determined the last one data block for needing to remove, this way it is possible to avoid appearance when being verified afterwards
Mistake.The cryptographic Hash of the last one data block can inquire acquisition from the index pre-established, can also be from initial data block
Start the cryptographic Hash that the data block is calculated in progress sequence, or inquires and obtain from the data block.
Content in newly-generated pseudo- initial data block can be sky, some corresponding remarks can also be recorded, for example, raw
At time etc..But the content of pseudo- initial data block is unrelated with the pseudo- cryptographic Hash of initial data block.And service side is also
It can sign to the puppet initial data block.
In addition, for a user, the data that generally can all remove to part back up.Based on this, carried out in user
During part is removed, the data for needing part to remove confirmation can also be inserted into and verified.As shown in figure 3, Fig. 3 is
The flow diagram that the illustrative part of one kind provided by this specification embodiment is removed.In the schematic diagram, user's input
At time point, at the generation moment of nearest data block, be then somebody's turn to do before can specifically inquiring to obtain first at the time point
The block for generating moment corresponding data block is high, generates pseudo- initial data block and signs, performs part clear operation again later.
In practical applications, some data (herein referred to as sensitive data) are once written into data block, Jiu Huizao
At harmfulness consequence.For example, having the content in data record is " leaf XX, gender male, identity in the data that company A uploads
Card number is 123456 ", and the identification card number in the data record is related to having revealed privacy of user, needs to hide it.
As the modification or removing while meeting in the scheme provided by specification embodiment, for any data record
Lead to the validation failure to other data blocks, be based on this, this specification embodiment also provides a kind of side for hiding sensitive data
Method, specifically, core technology means are that data record locating for the information that will need to be concealed in data block is substituted for the number
According to the cryptographic Hash of record.In this way, can not only stop disclosing the sensitive information, but also the steady fortune of data block system is not affected
Row.
Specifically, user can directly specify the position to secret information, alternatively, in practical applications, user can also
To issue the secret information instruction for carrying location information.Here location information includes that data block block is high, data are recorded in block height
In offset, to offset of the secret information in data record, to length of secret information etc..
For example, a kind of illustrative secret information instruction can be DELETE (blkheight, txoff), in this instruction
Under, concealment is the data record as corresponding to the specified high blkheight of the block and amount of specifying Offsets txoff;
In another example another illustrative secret information instruction can be DELETE (blkheight, txoff, offset,
Length), under this instruction, determine that a data records by block high blkheight and offset txoff, hide the data
Starting length at the offset specified in record is information determined by length.
The information obtained after secret information is replaced or is removed has not been re-used as data record use, can be with
Referred to as remark information.During secret information, a kind of feasible mode is to determine to data record locating for secret information
Cryptographic Hash, preset preceding tab character is spliced to the stem of the cryptographic Hash, tab character after preset is spliced to institute
The tail portion of cryptographic Hash is stated, also, remark information is spliced to the tail portion of the rear tab character, then, by the preceding marker word
The data that symbol, the transaction Hash, the rear tab character and the remark information are spliced into are determined as the concealmentization number
According to record.As shown in figure 4, Fig. 4 is a kind of process schematic for construction concealmentization data record that this specification embodiment provides.
It should be noted that above-mentioned preceding tab character can be specified according to actual needs with rear tab character.Example
Such as, the preceding tab character can be " 0E ", and the rear tab character can be " 0F ".The effect of above-mentioned preceding tab character
It is, when needing to read the data record when being verified later, then, preceding tab character reveals out information to node at this time:
" clear content for the not instead of data record that the storage location is stored, the cryptographic Hash of data record ".At this point, then can be straight
Connect read the cryptographic Hash verified.And when needing to read corresponding remark information, then it can be since rear tab character " 0F "
It is read out, after having hidden sensitive information, content can be essentially identical with the data record content before concealment in remark information,
It is also possible to completely empty (content of i.e. whole data record is hidden completely).
In addition, it should be noted that, being a stringenter operation for the concealment of historgraphic data recording.Its often elephant
Levy the information that certain triggering laws and regulations perhaps violate morals and disclose also tend to be it is multi-party adjust or trial after obtain and need
To carry out forcing the conclusion of processing to information.Therefore, when executing above-mentioned clear operation, a kind of feasible mode are as follows: remove behaviour
Make to need certain signature weight.
For example, for the operational order that ordinary user is issued, backstage default signature weight is 30, and service side or its
The useful signature weight of its transaction system is then 60, and the national executing agency by force such as law court issues the signature weight of operational order
It is 120, and signature weight needed for a clear operation is preset as 100.The execution weight of one operation can be participant
The sum of weight of signing, it is however generally that, participant can be set no more than 2.Under this embodiment, two sum numbers are at least needed
It could be executed according to the digital signature for recording related authorities (such as transaction system side and database service side).That is, it needs to hand over
Easy system side initiates clearance order and signs, and database service side receives clearance order and signs and can just be purged.And by
Even if terminal user initiate clearance order database service side carried out signature authorization as signature weight not enough without
It can execute.
Further, database service side can also provide some other database service modes, such as:
During filing, user data account book is given for change, realized by giving instruction RECALL (lgid) for change, account book herein
It refers to containing the set of all data blocks;
The block for returning to the last one current data block is high, by instructing GETHEIGHT (&v) it realizes;
User's account book ID is returned to, by instructing GETLEDGER (&v) realize etc..
In addition, it should be noted that, it is provided herein to realize to provide a variety of operational orders in the above description
Database service mode.But the form of operational order is not limited to the form that this specification embodiment is proposed, in reality
In, the form of the operational order of data can be diversified, only need to may be implemented the service side that the application is proposed
Formula.And inquiry instruction itself merely provides a user-friendly external form, receives and instructs in service side
And executive mode corresponding to each instruction is still relied on when executing.
Further, after generating data block, service side can also provide each piece of corresponding timestamp.For example, introducing
National time service hub-interface carries out out block using believable timestamp in block out.It is thus possible to which relying on the timestamp carries out rope
The foundation drawn.
In one embodiment, for any data block, if having receiving time in data record in the block
Stamp is ranked up data record then can be stabbed according to receiving time, distributes to one sequence serial number of each data record;Or
Person can reset serial number according to the direct Allotment Serial Number of the sequence for receiving data record, and after blocking, so as to next
Allotment Serial Number inside a data block.
After determining serial number, it can according to the cryptographic Hash of each data record of determination, splice the serial number and Kazakhstan
Uncommon value.Specifically, can be used to place serial number in the substring that designated length is added in the head of cryptographic Hash or tail portion, number is generated
According to the timing Hash character string of record, then, according to the sequence of sequence serial number, establishes the Chunky Time comprising data block and stab sum number
According to the first concordance list of the timing Hash character string corresponding relationship of record.As shown in table 1, table 1 is mentioned by this specification embodiment
A kind of the first concordance list about data record supplied.In table 1, first 6 of the cryptographic Hash of data record are inserted accordingly
Serial number word string, " 0x " therein are serial numbers for identifying next, and " 0001 " therein is serial number, and " hash1 " is to count
According to the cryptographic Hash of the first data in block, the time in left side is the Chunky Time of data block.In this manner, timestamp has
Effect digit is fully retained.
Table 1
20xx-01-19 03:14:07.938576 |
0x0001Hash1 |
20xx-01-19 03:14:07.938576 |
0x0002Hash2 |
20xx-01-19 03:14:07.938576 |
0x0003Hash3 |
20xx-01-19 03:14:07.938576 |
…… |
Under another embodiment, same mode, for any data block, if the data record in the block
In have receiving time stamp, then can according to receiving time stab data record is ranked up, distribute to each data record one
A sequence serial number;Or it can be according to the direct Allotment Serial Number of the sequence for receiving data record, and by serial number after blocking
Resetting, so as to Allotment Serial Number inside next data block.
At this point it is possible to by Chunky Time stab in last specified digit eliminate, for the serial number of data record to be written.
Further, it is also possible to the appointed sequence number that will not distribute to data record be added in the index, for storing Chunky Time stamp and data
The high corresponding relationship of the block of block, and index is written.For example, the serial number of data record is generally since 1, then it can be by serial number " 0 "
The block of block is high for storing data.As shown in table 2, table 2 is a kind of about data record provided by this specification embodiment
Second concordance list.In table 2, last three of the Chunky Time in left side are (assuming that the data record quantity stored in a block is not
More than 1000) for storing the serial number of data record.
Table 2
20xx-01-19 03:14:07.938000 |
Blkheight |
20xx-01-19 03:14:07.938001 |
Hash1 |
20xx-01-19 03:14:07.938002 |
Hash2 |
20xx-01-19 03:14:07.938003 |
Hash3 |
20xx-01-19 03:14:07.938004 |
…… |
Under this embodiment, although sacrificing several time number of significant digit, the cryptographic Hash of data record can be with
It directly reads, and can be high by the block of specified serial number (000 i.e. in table 2) identification data block.
It can be created at once in the time of block out when above-mentioned index creation, be also possible to asynchronous creation.Index itself can
To be avoided out of data block for some lookups or statistical operation for example, counting the data record quantity in some period
Traversal counting is carried out, it is more convenient.
In addition, having generally comprised continuous multiple data blocks in one account book when using the account book storing data of block chain type.
In practical application, data block is numbered commonly using nature serial number.For example, the block of initial data block a height of 1, subsequent every increasing
Add a data block, block height adds 1.Based on this, this specification embodiment also provides a kind of piece high creation mode, specifically, really
Determine the Chunky Time of data block, then it is converted to integer data by the Chunky Time using symmetric encipherment algorithm, will be described
Integer data is high as the block of the data block, and Chunky Time is more early, and integer data is smaller.
Specifically, integer here can be a big integer data, for example, one 13 big integers.To, by
It is to be obtained based on time symmetric cryptography in big integer, it, can be similarly symmetrical thus in the Chunky Time for needing data block
Decryption obtains Chunky Time.
It, can be with after by symmetric cryptography for example, for Chunky Time " 20xx-01-19 03:14:07.938576 "
One big integer " 1547838847938 " is converted to, due to integer data monotonic increase at any time,
"1547838847938".It at this time can be as the block height of the data block, for identifying the data block.In this specification, block is high
Based on Chunky Time monotonic increase, accordingly even when use big integer data, but between them still from small to large, instead
The sequence between each data block is reflected.For example, if the Chunky Time of a following data block be " 20xx-01-19 03:16:
07.235125 ", then another bigger big integer can be converted into using preset symmetric encipherment algorithm
“1547838848125”。
Based on this, the serial number of each business diary in data block, and splicing block can also be determined as in foregoing manner
High and serial number, generates the timing information of the business diary simultaneously comprising block height and serial number, and establish the cryptographic Hash of business diary with
The third concordance list of timing information.As shown in table 3, table 3 is a kind of third concordance list provided by this specification embodiment.At this
In table, the big integer in left side is the timing information comprising block height and serial number, and block height is based on time symmetric cryptography and obtains.When blocking
Between be accurate to Millisecond it is other in the case of, 3 decimal digits are introduced in third index after block height and carrys out identification number and (limits
Block threshold value is 999), so being million grades for the hypothesis of handling capacity, to have been able to meet any real trade scene.If gulped down
The amount of spitting is higher, then only more decimal system need to be introduced after block height carrys out identification number.
Table 3
1547838847938000 |
1547838847938 |
1547838847938001 |
Hash1 |
1547838847938002 |
Hash2 |
1547838847938003 |
Hash3 |
1547838847938004 |
…… |
Under a kind of actual application scenarios, database service provider involved in the embodiment of this specification may be used also
To provide corresponding service for corresponding database.As shown in Figure 5, Fig. 5 is another involved in this specification embodiment
The schematic diagram of system architecture enhances service provider including Basis of Database service provider and database.For example, wherein
MySQL, PostgreSQL, MongoDB etc. be Basis of Database service provider, these Database Systems can be normal
The additions and deletions that the transaction system seen provides basis change the service for looking into etc. operation.Meanwhile also phase can be respectively locally stored in they
The business operation log for these operations answered, describes Basis of Database service provider to business in business operation log
The operation note of data.There is provided the system further serviced for this Basis of Database service provider is this specification embodiment
Provided database enhances service provider Ledger server.
Based on this, this specification embodiment, which also provides one kind, can provide further increasing for Basis of Database service provider
The mode serviced by force.Specifically, when MySQL, PostgreSQL, MongoDB etc. these databases generate business operation day
After will, both the business operation log that each generates can be sent to Ledger.Due to being had in business operation log
Timestamp is generated, Ledger system can be ranked up these business operation logs according to timestamp is generated, is blocking and deposit
Storage.To which each database can further be managed to based on System Operation Log of the mode of operation above-mentioned for oneself
Reason.Basis of Database service provider, without being sent to Ledger system at once, can be one in generation system operation log
The process of a asynchronous transmission.
Each Basis of Database service provider can send business operation log to Ledger system by way of " plaintext "
System." plaintext " herein refers to that Ledger system is understood that or part understands business operation day transmitted by each database
Will.For example, some database and Ledger system allow Ledger system to know business by pre-establishing communication protocol
Action type, operation service object in operation log etc., so that Ledger system can further basis when blocking
Action type or operation target object progress are blocking, so that each Database Systems are preferably managed.In this manner,
If desired each database carries out inquiry to itself or statistics (for example, statistics has done how many to the data of which business object
Secondary clear operation), instruction only need to can be sent, specific statistics or query procedure can be completed in Ledger system end.
Certainly, each Basis of Database service provider can also send business operation log extremely by way of " ciphertext "
Ledger system." ciphertext " herein refers to that Ledger system cannot understand business operation log transmitted by each database.
In this manner, each database can only then carry out the reading or removing of stored business operation log to Ledger system
Etc. operation, specific inquiry or statistical work then need after reading data in Basis of Database service provider local
It executes.
Under a kind of implement scene, for example, being the cost information in relation to enterprise in data record, and need to data record
When being audited.Prevent enterprise combine with service side play tricks forge timestamp produce new account book at this point, to it is some authority
The time service certification that time just mechanism carries out data block is exactly indispensable technological means.Here time just mechanism example
It such as can be national time service center, alternatively, the authoritative time certification mechanism permitted through national time service center.Time service certification herein
I.e. are as follows: obtain the related signature of time just mechanism, the trusted time that signature packets just mechanism containing having time here is issued
Stamp, the trusted timestamp correspond to the data block for needing to authenticate.
Specifically, service side determines to need to carry out time service certification first from the data block for having generated and having stored
One section of account book wherein at least should include a data block or the multiple pieces of continuous data blocks of height.Determining mode can be with base
It is specified in user's operation, for example, user initiates time service instruction, it include the starting block height for needing to carry out time service certification in instruction
And number of blocks;It is also possible to specify without user, service side is based on preset service logic and carries out automatically.
For example, application time service can be gone from most fine granularity with each data block.In this manner, Merkel tree
Root Hash be the data block block cryptographic Hash, which can to the greatest extent carry out account book (i.e. each data block) true
The protection of property.Due to data block go out block frequency it is higher, this mode no matter for time service center, or for service side and
Speech, cost overhead all can be bigger.A kind of optional mode is that certain time service preset condition is arranged, when meeting certain award
When preset condition when, initiate time service request.It is regarded as when the data block that time service authenticates in newly-generated data block, it is described
Time service preset condition may is that time service certification data block reach amount threshold, alternatively, apart from last time service certification when
Between interval have arrived at time threshold.
Specific time service authentication mode is to play the block Hash of the data block authenticated to time service according to the high sequential series of block
Come, the block Hash based on each data block generates the Merkel tree for corresponding to the multiple data block, to confirm Merkel tree
Root Hash.Also, the relevant information for confirming the data block authenticated to time service, end block height high for example including starting block or number
Quantity according to block etc. information.Then the root Hash of Merkel tree and the relevant information of above-mentioned data block are sent to time just machine
Structure.Time just authorities provide a trusted timestamp to above- mentioned information, and carry out digital label to trusted timestamp
Name certification generates one and includes the time service certificate of trusted timestamp and digital signature, wherein can also include above-mentioned data block
Relevant information, the mode of digital signature are conventional private key encryption, public key decryptions.
To, service side can receive a series of trusted timestamp comprising time just authority signature, each
Trusted timestamp corresponds to one section of account book, also, can explicitly know it is which segment data block based on relevant information.Service side
It can be managed accordingly based on the trusted timestamp, and verifying.For example, when needing to audit to certain account book, clothes
Business side can provide the time service certificate of corresponding the data block trusted timestamp comprising time just mechanism and signature in account book, and
And the relevant information according to included in time service certificate carries out recalculating for Merkel's tree root Hash, whereby it was confirmed that the card
Data block corresponding to book is impossible to be forged in the future, and service side can be effectively prevented and include by service side's joint manufacture
The account book of false timestamp, to hide corresponding audit.As shown in figure 8, Fig. 8 is that one kind that this specification embodiment provides is specific
Generation time service certificate schematic diagram.
Corresponding, this specification embodiment also provides a kind of data verification device, stores applied to by multiple data blocks
In the database service provider of the centralization of data, as shown in fig. 6, Fig. 6 is a kind of data that this specification embodiment provides
Verify the structural schematic diagram of device, comprising:
Receiving module 601, receive user verifying instruction, it is described verifying instruction in comprising data record cryptographic Hash or
Data block is high;
Whether authentication module 603 verifies data record corresponding to the cryptographic Hash of the data record in the verifying instruction
It deposits in the database;Alternatively, whether the data block of verifying specified quantity determined by the data block height is correct;
Return module 605 returns to verification result to user.
Further, the receiving module 601 is also used to, and receives data record to be stored, and determines each data record
Cryptographic Hash;Described device further includes generation module 607, when reaching preset blocking condition, is determined in data block to be written
Each data record generates the n-th data block of the cryptographic Hash comprising data block and data record, specifically includes:
As N=1, the cryptographic Hash and block height of initial data block are given based on predetermined manner;
As N > 1, N is determined according to the cryptographic Hash of each data record and the N-1 data block in data block to be written
The cryptographic Hash of a data block generates the n-th data block of the cryptographic Hash comprising n-th data block and each data record, wherein number
According to the block height of block based on the sequencing monotonic increase of Chunky Time.
Further, the preset blocking condition includes: that data record quantity to be stored reaches amount threshold;Or
The time interval of person, distance last blocking moment reach time threshold.
Further, the authentication module 603 obtains the data of the data block for any determined data block
The cryptographic Hash of record and last data block;It is calculated according to the cryptographic Hash of the data record of the data block and last data block
The current cryptographic Hash of the data block;Verify the data block current cryptographic Hash and the data block cryptographic Hash whether phase
Together, it is then verified if they are the same, otherwise, authentication failed.
Further, the return module 605 returns to the verification result comprising database service provider signature to use
Family.
This specification embodiment also provides a kind of computer equipment, includes at least memory, processor and is stored in
On reservoir and the computer program that can run on a processor, wherein processor realizes shown in Fig. 2 one when executing described program
Kind data verification method.
Fig. 7 shows one kind provided by this specification embodiment and more specifically calculates device hardware structural schematic diagram,
The equipment may include: processor 1010, memory 1020, input/output interface 1030, communication interface 1040 and bus
1050.Wherein processor 1010, memory 1020, input/output interface 1030 and communication interface 1040 are real by bus 1050
The now communication connection inside equipment each other.
Processor 1010 can use general CPU (Central Processing Unit, central processing unit), micro- place
Reason device, application specific integrated circuit (Application Specific Integrated Circuit, ASIC) or one
Or the modes such as multiple integrated circuits are realized, for executing relative program, to realize technical side provided by this specification embodiment
Case.
Memory 1020 can use ROM (Read Only Memory, read-only memory), RAM (Random Access
Memory, random access memory), static storage device, the forms such as dynamic memory realize.Memory 1020 can store
Operating system and other applications are realizing technical solution provided by this specification embodiment by software or firmware
When, relevant program code is stored in memory 1020, and execution is called by processor 1010.
Input/output interface 1030 is for connecting input/output module, to realize information input and output.Input and output/
Module can be used as component Configuration (not shown) in a device, can also be external in equipment to provide corresponding function.Wherein
Input equipment may include keyboard, mouse, touch screen, microphone, various kinds of sensors etc., output equipment may include display,
Loudspeaker, vibrator, indicator light etc..
Communication interface 1040 is used for connection communication module (not shown), to realize the communication of this equipment and other equipment
Interaction.Wherein communication module can be realized by wired mode (such as USB, cable etc.) and be communicated, can also be wirelessly
(such as mobile network, WIFI, bluetooth etc.) realizes communication.
Bus 1050 include an access, equipment various components (such as processor 1010, memory 1020, input/it is defeated
Outgoing interface 1030 and communication interface 1040) between transmit information.
It should be noted that although above equipment illustrates only processor 1010, memory 1020, input/output interface
1030, communication interface 1040 and bus 1050, but in the specific implementation process, which can also include realizing normal fortune
Other assemblies necessary to row.In addition, it will be appreciated by those skilled in the art that, it can also be only comprising real in above equipment
Component necessary to existing this specification example scheme, without including all components shown in figure.
This specification embodiment also provides a kind of computer readable storage medium, is stored thereon with computer program, the journey
A kind of data verification method shown in Fig. 2 is realized when sequence is executed by processor.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices
Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
As seen through the above description of the embodiments, those skilled in the art can be understood that this specification
Embodiment can be realized by means of software and necessary general hardware platform.Based on this understanding, this specification is implemented
Substantially the part that contributes to existing technology can be embodied in the form of software products the technical solution of example in other words,
The computer software product can store in storage medium, such as ROM/RAM, magnetic disk, CD, including some instructions are to make
It is each to obtain computer equipment (can be personal computer, server or the network equipment etc.) execution this specification embodiment
Method described in certain parts of a embodiment or embodiment.
System, method, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity,
Or it is realized by the product with certain function.A kind of typically to realize that equipment is computer, the concrete form of computer can
To be personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play
In device, navigation equipment, E-mail receiver/send equipment, game console, tablet computer, wearable device or these equipment
The combination of any several equipment.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment
Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for method reality
For applying example, since it is substantially similar to the method embodiment, so describing fairly simple, related place is referring to embodiment of the method
Part explanation.Embodiment of the method described above is only schematical, wherein described be used as separate part description
Module may or may not be physically separated, can be each module when implementing this specification example scheme
Function realize in the same or multiple software and or hardware.Can also select according to the actual needs part therein or
Person's whole module achieves the purpose of the solution of this embodiment.Those of ordinary skill in the art are not the case where making the creative labor
Under, it can it understands and implements.
The above is only the specific embodiment of this specification embodiment, it is noted that for the general of the art
For logical technical staff, under the premise of not departing from this specification embodiment principle, several improvements and modifications can also be made, this
A little improvements and modifications also should be regarded as the protection scope of this specification embodiment.