CN110781531A - Tamper-proof grain depot data secure storage system and method - Google Patents

Tamper-proof grain depot data secure storage system and method Download PDF

Info

Publication number
CN110781531A
CN110781531A CN201910832743.8A CN201910832743A CN110781531A CN 110781531 A CN110781531 A CN 110781531A CN 201910832743 A CN201910832743 A CN 201910832743A CN 110781531 A CN110781531 A CN 110781531A
Authority
CN
China
Prior art keywords
data
module
grain
metadata
transaction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910832743.8A
Other languages
Chinese (zh)
Other versions
CN110781531B (en
Inventor
万士其
许维彬
马三九
黄刚
赵兴卫
汪阳
张勇
杨晓勇
王春迎
赵静
周启富
董辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui Grain And Oil Information Center Anhui Grain Wholesale Trading Market Management Committee
Original Assignee
Anhui Grain And Oil Information Center Anhui Grain Wholesale Trading Market Management Committee
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Grain And Oil Information Center Anhui Grain Wholesale Trading Market Management Committee filed Critical Anhui Grain And Oil Information Center Anhui Grain Wholesale Trading Market Management Committee
Priority to CN201910832743.8A priority Critical patent/CN110781531B/en
Publication of CN110781531A publication Critical patent/CN110781531A/en
Application granted granted Critical
Publication of CN110781531B publication Critical patent/CN110781531B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Accounting & Taxation (AREA)
  • Software Systems (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a tamper-proof grain depot data secure storage system, which comprises a basic service module, a metadata protection module, a state monitoring module and a data storage module, wherein the basic service module, the metadata protection module, the state monitoring module and the data storage module are communicated with each other; the basic service module is used for processing user data uploading and accessing requests and generating files and abstracts according to data to be stored; the metadata protection module is used for managing metadata corresponding to data to be stored; the data storage module is used for storing files corresponding to the data; and the state monitoring module is used for acquiring the running state information of the data storage module and the metadata protection module and monitoring the running state of the system. The method comprises a grain situation data uploading method and a grain situation data accessing method. The invention provides a data storage scheme of a grain depot based on an alliance block chain, which ensures that data cannot be falsified and improves the safety of grain depot data storage and the data circulation among grain depots.

Description

Tamper-proof grain depot data secure storage system and method
Technical Field
The invention relates to the field of grain depot data, in particular to a tamper-proof grain depot data secure storage system and a tamper-proof grain depot data secure storage method.
Background
In a traditional grain depot data storage scheme, after a measurement and control sensor detects data such as temperature and humidity, gas concentration and material level of a grain depot and a grain depot administrator inputs grain warehousing information, the data are stored in a relational database built in a local or cloud server. The grain depot administrator, the database administrator and the cloud service provider can control data to different degrees, including operations of adding, modifying, deleting and the like.
In a traditional grain depot data storage scheme, a database administrator has complete operation authority on a database, so that the database administrator has the capability of maliciously tampering grain warehousing information and measurement and control result data, and the information obtained by the national grain and material reserve bureau is unreliable. Under the condition that a design of a grain depot management system has a leak, even a grain depot administrator can tamper with the input grain information, so that the data reliability is low.
In addition, in the traditional grain depot data storage scheme, the grain depots are mutually independent, and the cloud server summarizes and transfers the data of the grain depots to be checked and analyzed by the national grain and material reserve bureau. The data has poor intercommunity among grain depots, and is not beneficial to the communication and cooperation among the grain depots.
Therefore, in the existing grain depot data storage scheme, the data security is low and the data circulation among grain depots is poor. Therefore, it is desirable to provide a new system and method for secure storage of grain depot data to solve the above problems.
Disclosure of Invention
The invention aims to solve the technical problem of providing a tamper-proof grain depot data secure storage system and a tamper-proof grain depot data secure storage method, which can ensure that data cannot be tampered and improve the data circulation among grain depots.
In order to solve the technical problems, the invention adopts a technical scheme that: the tamper-resistant grain depot data secure storage system comprises a basic service module, a metadata protection module, a state monitoring module and a data storage module which are communicated with each other;
the basic service module is used for processing user data uploading and accessing requests and generating files and abstracts according to data to be stored;
the metadata protection module is used for managing metadata corresponding to data to be stored;
the data storage module is used for storing files corresponding to the data;
and the state monitoring module is used for acquiring the running state information of the data storage module and the metadata protection module and monitoring the running state of the system.
In a preferred embodiment of the present invention, the metadata protection module is composed of a plurality of block link nodes, and each grain depot runs one block link node to form a federation block link network.
In a preferred embodiment of the present invention, the data storage module is a distributed file system.
In a preferred embodiment of the present invention, the state monitoring module includes a front-end display unit, a data acquisition unit, and an alarm unit, which are connected to each other, and an input end of the data acquisition unit is connected to the data storage module and the metadata protection module.
In order to solve the technical problem, the invention adopts another technical scheme that: the method for safely storing the tamper-resistant grain depot data comprises a grain situation data uploading method and a grain situation data accessing method, and comprises the following steps:
(1) the method for uploading the grain condition data comprises the following steps:
s101: the user sends an uploading request to the basic service module;
s102: the basic service module generates a file and an abstract according to the received data;
s103: storing the file generated in the step S102 in the data storage module to obtain a file address;
s104: the basic service module initiates a blockchain transaction to store the metadata obtained in the step S102 into a blockchain network;
s105: the block chain network achieves consensus on the transaction, and the grain condition data is uploaded and completed;
(2) the method for accessing the grain situation data comprises the following steps:
s201: constructing a data access transaction by a user, and signing the transaction by using an elliptic curve data signature algorithm;
s202: the metadata protection module verifies whether the transaction is legal or not and packs and broadcasts the transaction to the whole network;
s203: if the transaction is legal, the basic service module can obtain the metadata, obtain the data file to be accessed from the data storage module according to the metadata, and calculate the digest 1Hash (m); if the transaction is illegal, the grain situation data cannot be accessed;
s204: calculating a digest value of digest in metadata as digest 2Compare digest 1And digest 2And if the data are the same, the data are complete, and finally the data are sent to the user.
The invention has the beneficial effects that:
(1) the invention provides a data storage scheme of a grain depot based on an alliance block chain, which not only ensures that data cannot be falsified, but also improves the safety of grain depot data storage and the data circulation among grain depots;
(2) the grain depot data security storage system combines the alliance blockchain with the distributed file system, a blockchain node is operated through each grain depot to form an alliance blockchain network, an alliance relationship between the grain depots is established, data circulation between the nodes is realized, a complete piece of metadata is stored in each node, and the data can be guaranteed not to be tampered through a consensus algorithm; the state monitoring module periodically acquires the system running state information, and timely alarms when the system runs abnormally, so that the safe storage performance of the system is further improved;
(3) the grain depot data security storage method is characterized in that uploading of grain situation data is realized by intelligent contracts arranged in a blockchain and block chain transaction initiation, when the grain situation data needs to be accessed, data access transaction is constructed and encrypted, after the transaction is verified to be legal, a user needs to acquire file storage position information from a metadata protection module, then the information inquires data from a distributed file system, and finally whether the data is tampered or not is verified according to comparison between the abstract in the metadata and the abstract of the acquired data.
Drawings
FIG. 1 is a schematic structural diagram of a tamper-resistant grain depot data secure storage system according to the invention;
FIG. 2 is a block diagram of the status monitoring module;
fig. 3 is a flow chart of a grain situation data uploading method in the tamper-resistant grain depot data secure storage method;
fig. 4 is a flow chart of a grain situation data access method in the tamper-resistant grain depot data secure storage method.
Detailed Description
The following detailed description of the preferred embodiments of the present invention, taken in conjunction with the accompanying drawings, will make the advantages and features of the invention easier to understand by those skilled in the art, and thus will clearly and clearly define the scope of the invention.
Referring to fig. 1, an embodiment of the present invention includes:
a tamper-proof grain depot data secure storage system comprises a basic service module, a metadata protection module, a state monitoring module and a data storage module which are communicated with each other.
The basic service module is used for processing user data uploading and accessing requests and providing a request service platform for grain depot administrators, database administrators and cloud service providers; and simultaneously generating a file and an abstract according to the data to be stored.
The metadata protection module is used for managing metadata corresponding to data to be stored, such as data abstract and the position of a file corresponding to the data in a file system. The metadata protection module is composed of a plurality of block chain link points, intelligent contracts are deployed in the nodes, and metadata are managed by calling the intelligent contracts. In practical application, each grain depot runs one blockchain node to form a block chain network of alliances, alliance relations among the grain depots are established, data circulation among the nodes is achieved, a complete metadata is stored in each node, and the data cannot be tampered through a consensus algorithm.
And the data storage module is used for storing the file corresponding to the data. Preferably, the data storage module is a distributed file system. A user needs to acquire file storage position information from the metadata protection module and then inquires data from the distributed file system by the information, the process is automatically completed by the system, the basic service module acquires data from the metadata protection module through the HTTP interface, and the basic service module communicates with the data storage module through the HTTP interface according to the acquired data; and finally, verifying whether the data is falsified or not according to the comparison between the abstract in the metadata and the obtained abstract of the data.
Referring to fig. 2, the state monitoring module includes a front-end display unit, a data acquisition unit, and an alarm unit, which are connected to each other, and an input end of the data acquisition unit is connected to the data storage module and the metadata protection module. The data acquisition unit periodically acquires the running state information from the data storage module and the metadata protection module, and sends an alarm mail to an administrator through the alarm unit when the running is abnormal, and the administrator can visually check the system state through the front-end display unit, so that the safety storage performance of the system is further improved.
The method for safely storing the grain depot data by using the grain depot data safety storage system comprises a method for uploading grain situation data and a method for accessing the grain situation data, and the following specific descriptions are respectively carried out:
(1) the method for uploading the grain condition data comprises the following steps:
s101: the user sends an uploading request to the basic service module; in this embodiment, the user refers to each grain depot administrator;
s102: the basic service module generates a file m and an abstract according to received data, and calculates a data abstract value digest which is Hash (m), wherein the calculation process can be completed by adopting an SHA-256 algorithm;
s103: storing the file generated in the step S102 in the data storage module to obtain a file address;
s104: the basic service module initiates a blockchain transaction and calls an intelligent contract, and the metadata obtained in the step S102, including information such as data abstract and file address, is stored in a blockchain network;
s105: the block chain network achieves consensus on the transaction, and the grain condition data is uploaded and completed;
(2) the method for accessing the grain situation data comprises the following steps:
s201: constructing a data access transaction by a user, and signing the transaction by using an elliptic curve data signature algorithm; in this embodiment, the users refer to grain depot managers and national grain and material reserve offices; the metadata protection module can be constructed by adopting an Ether house blockchain, and a user constructs Ether house blockchain transaction data according to interface documents provided by the Ether house;
s202: the metadata protection module verifies whether the transaction is legal or not, and packs and broadcasts the transaction to the whole network;
S203:if the transaction is legal, the basic service module can obtain the metadata, obtain the data file to be accessed from the data storage module according to the metadata, and calculate the digest 1Hash (m); if the transaction is illegal, the grain situation data cannot be accessed;
s204: calculating a digest value of digest in metadata as digest 2Compare digest 1And digest 2Whether the data are the same or not is judged, if so, the data are complete, and finally the data are sent to a user; if not, the problem is reflected to a system administrator, and the system administrator inquires the block chain transaction record and locates the reason of the problem.
The invention provides a data storage scheme of a grain depot based on an alliance block chain, which not only can ensure that data cannot be falsified, but also improves the safety of grain depot data storage and the data circulation among grain depots.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes performed by the present specification and drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (5)

1. A tamper-proof grain depot data secure storage system is characterized by comprising a basic service module, a metadata protection module, a state monitoring module and a data storage module which are communicated with each other;
the basic service module is used for processing user data uploading and accessing requests and generating files and abstracts according to data to be stored;
the metadata protection module is used for managing metadata corresponding to data to be stored;
the data storage module is used for storing files corresponding to the data;
and the state monitoring module is used for acquiring the running state information of the data storage module and the metadata protection module and monitoring the running state of the system.
2. The tamper-resistant grain depot data secure storage system of claim 1, wherein the metadata protection module is composed of a plurality of block link points, and each grain depot runs one block link node to form a federation block link network.
3. The tamper-resistant grain depot data secure storage system of claim 1, wherein the data storage module is a distributed file system.
4. The tamper-resistant grain depot data secure storage system of claim 1, wherein the state monitoring module comprises a front end display unit, a data acquisition unit and an alarm unit which are connected with each other, and an input end of the data acquisition unit is connected with the data storage module and the metadata protection module.
5. The secure storage method of the tamper-resistant grain depot data secure storage system according to claim 1, wherein the secure storage method comprises a grain situation data uploading method and a grain situation data accessing method:
(1) the method for uploading the grain condition data comprises the following steps:
s101: the user sends an uploading request to the basic service module;
s102: the basic service module generates a file and an abstract according to the received data;
s103: storing the file generated in the step S102 in the data storage module to obtain a file address;
s104: the basic service module initiates a blockchain transaction to store the metadata obtained in the step S102 into a blockchain network;
s105: the block chain network achieves consensus on the transaction, and the grain condition data is uploaded and completed;
(2) the method for accessing the grain situation data comprises the following steps:
s201: constructing a data access transaction by a user, and signing the transaction by using an elliptic curve data signature algorithm;
s202: the metadata protection module verifies whether the transaction is legal or not and packs and broadcasts the transaction to the whole network;
s203: if the transaction is legal, the basic service module can obtain the metadata, obtain the data file to be accessed from the data storage module according to the metadata, and calculate the digest 1Hash (m); if the transaction is illegal, the grain situation data cannot be accessed;
s204: calculating a digest value of digest in metadata as digest 2Compare digest 1And digest 2And if the data are the same, the data are complete, and finally the data are sent to the user.
CN201910832743.8A 2019-09-04 2019-09-04 Tamper-proof grain depot data secure storage system and method Active CN110781531B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910832743.8A CN110781531B (en) 2019-09-04 2019-09-04 Tamper-proof grain depot data secure storage system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910832743.8A CN110781531B (en) 2019-09-04 2019-09-04 Tamper-proof grain depot data secure storage system and method

Publications (2)

Publication Number Publication Date
CN110781531A true CN110781531A (en) 2020-02-11
CN110781531B CN110781531B (en) 2023-04-07

Family

ID=69384091

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910832743.8A Active CN110781531B (en) 2019-09-04 2019-09-04 Tamper-proof grain depot data secure storage system and method

Country Status (1)

Country Link
CN (1) CN110781531B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018032377A1 (en) * 2016-08-13 2018-02-22 深圳市樊溪电子有限公司 Read-only security file storage system for block chain, and method thereof
WO2018032376A1 (en) * 2016-08-13 2018-02-22 深圳市樊溪电子有限公司 Self-securing storage system and method for block chain
CN109040012A (en) * 2018-06-19 2018-12-18 西安电子科技大学 A kind of data security protecting and sharing method based on block chain and system and application
CN109377198A (en) * 2018-12-24 2019-02-22 上海金融期货信息技术有限公司 A kind of signing system known together in many ways based on alliance's chain
US20190065764A1 (en) * 2017-08-31 2019-02-28 Gavin Wood Secret Data Access Control Systems and Methods
CN109410076A (en) * 2018-10-29 2019-03-01 广州农联科创信息技术有限公司 Agricultural product based on block chain technology, which are traced to the source, insures public service platform
CN110138733A (en) * 2019-04-03 2019-08-16 华南理工大学 Object storage system based on block chain is credible to deposit card and access right control method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018032377A1 (en) * 2016-08-13 2018-02-22 深圳市樊溪电子有限公司 Read-only security file storage system for block chain, and method thereof
WO2018032376A1 (en) * 2016-08-13 2018-02-22 深圳市樊溪电子有限公司 Self-securing storage system and method for block chain
US20190065764A1 (en) * 2017-08-31 2019-02-28 Gavin Wood Secret Data Access Control Systems and Methods
CN109040012A (en) * 2018-06-19 2018-12-18 西安电子科技大学 A kind of data security protecting and sharing method based on block chain and system and application
CN109410076A (en) * 2018-10-29 2019-03-01 广州农联科创信息技术有限公司 Agricultural product based on block chain technology, which are traced to the source, insures public service platform
CN109377198A (en) * 2018-12-24 2019-02-22 上海金融期货信息技术有限公司 A kind of signing system known together in many ways based on alliance's chain
CN110138733A (en) * 2019-04-03 2019-08-16 华南理工大学 Object storage system based on block chain is credible to deposit card and access right control method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
吴振铨;梁宇辉;康嘉文;余荣;何昭水;: "基于联盟区块链的智能电网数据安全存储与共享系统" *

Also Published As

Publication number Publication date
CN110781531B (en) 2023-04-07

Similar Documents

Publication Publication Date Title
US11068604B2 (en) System, device, and method of managing trustworthiness of electronic devices
KR102577139B1 (en) Smart contract-based data processing methods, devices, and storage media
CN110661657B (en) Network security monitoring method and system for Kubernetes cloud native application
CN108564182B (en) Equipment full life cycle management system and method based on block chain technology
CN106100902A (en) High in the clouds index monitoring method and apparatus
CN104506487B (en) The credible execution method of privacy policy under cloud environment
CN101473335A (en) Information processing terminal and status notifying method
CN110309197B (en) Project data verification method and device
CN104486086B (en) Digital signature method and mobile terminal and server
CN110222535B (en) Processing device, method and storage medium for block chain configuration file
CN111090386A (en) Cloud storage method, device and system and computer equipment
CN114564757A (en) Data auditing method, device and equipment of block chain and readable storage medium
CN102404331A (en) Method for judging whether website is maliciously tampered
CN112422527B (en) Threat assessment system, method and device for substation power monitoring system
CN110781531B (en) Tamper-proof grain depot data secure storage system and method
CN115514470B (en) Storage method and system for community correction data security
US11394562B2 (en) Automatic elevation of system security
CN117454415A (en) Basic information platform security control method, system, equipment and medium
CN111914019A (en) Stable control data management system and method based on block chain technology
CN103425118B (en) The method and apparatus to degrade for the integrality of identification process control system
CN112883431A (en) Method for operating IT asset data on data management platform
CN103473245B (en) A kind of webpage deposits card method and system
CN116722941B (en) Interactive verification method and device based on alarm information and secondary network data
CN107463842A (en) SQL injection audit or means of defence and device based on database protocol
CN101084487A (en) Method for guaranteeing freshness of results for queries against a non-secure data store

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant