CN111614739A - Network measurement data storage method, device and system - Google Patents

Network measurement data storage method, device and system Download PDF

Info

Publication number
CN111614739A
CN111614739A CN202010380358.7A CN202010380358A CN111614739A CN 111614739 A CN111614739 A CN 111614739A CN 202010380358 A CN202010380358 A CN 202010380358A CN 111614739 A CN111614739 A CN 111614739A
Authority
CN
China
Prior art keywords
data
data set
metadata information
alliance
alliance member
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010380358.7A
Other languages
Chinese (zh)
Other versions
CN111614739B (en
Inventor
刘姿杉
程强
党梅梅
敖立
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Academy of Information and Communications Technology CAICT
Original Assignee
China Academy of Information and Communications Technology CAICT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Academy of Information and Communications Technology CAICT filed Critical China Academy of Information and Communications Technology CAICT
Priority to CN202010380358.7A priority Critical patent/CN111614739B/en
Publication of CN111614739A publication Critical patent/CN111614739A/en
Application granted granted Critical
Publication of CN111614739B publication Critical patent/CN111614739B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Environmental & Geological Engineering (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)

Abstract

本申请提供了一种网络测量数据存储方法、装置和系统,所述方法包括:接收所在区域的终端上传的网络测量数据,并聚合数据集;生成所述数据集的元数据信息,以及所述元数据信息对应的区块载荷;其中,所述元数据信息包括:联盟成员标识ID和数据集编号;所述联盟成员ID为所述联盟成员管理设备为所述联盟成员设备分配的;所述数据集编号由所述联盟成员ID和所述数据集序号组成;将所述区块载荷发送给所述联盟成员管理设备,使所述联盟成员管理设备在对所述区块载荷验证通过时,按照接收所述区块载荷的时间将所述区块载荷更新上链。该方法能够通过分布式存储,集中管理的方式保障网络测量数据的安全性。

Figure 202010380358

The present application provides a method, device and system for storing network measurement data. The method includes: receiving network measurement data uploaded by a terminal in an area, and aggregating a data set; generating metadata information of the data set, and the The block load corresponding to the metadata information; wherein, the metadata information includes: the alliance member identification ID and the data set number; the alliance member ID is allocated by the alliance member management device for the alliance member device; the The data set number is composed of the alliance member ID and the data set serial number; the block load is sent to the alliance member management device, so that when the alliance member management device passes the verification of the block load, The block payload is updated on the chain according to the time when the block payload is received. The method can ensure the security of network measurement data by means of distributed storage and centralized management.

Figure 202010380358

Description

网络测量数据存储方法、装置和系统Network measurement data storage method, device and system

技术领域technical field

本发明涉及通信技术领域,特别涉及一种网络测量数据存储方法、装置和系统。The present invention relates to the field of communication technologies, and in particular, to a method, device and system for storing network measurement data.

背景技术Background technique

移动宽带网络为了实现网络可靠、全覆盖和高速率的运行,需要对宽带网络进行信号质量和传输速率的测量。In order to realize the reliable, full coverage and high-speed operation of the mobile broadband network, it is necessary to measure the signal quality and transmission rate of the broadband network.

测量获得的数据成为宽带网络测量数据,现有基于集中式的网络测量数据的存储容易引起因单点失效、个人隐私泄露导致的信息安全问题。The data obtained from the measurement becomes the broadband network measurement data, and the existing centralized network measurement data storage can easily cause information security problems due to single-point failure and personal privacy leakage.

发明内容SUMMARY OF THE INVENTION

有鉴于此,本申请提供一种网络测量数据存储方法、装置和系统,能够通过分布式存储,集中管理的方式保障网络测量数据的安全性。In view of this, the present application provides a method, device and system for storing network measurement data, which can ensure the security of network measurement data by means of distributed storage and centralized management.

为解决上述技术问题,本申请的技术方案是这样实现的:In order to solve the above-mentioned technical problems, the technical solution of the present application is realized as follows:

在一个实施例中,提供了一种网络测量数据存储方法,应用于包括联盟成员设备和联盟成员管理设备的存储系统中的联盟成员设备上;所述方法包括:In one embodiment, a method for storing network measurement data is provided, which is applied to an alliance member device in a storage system including an alliance member device and an alliance member management device; the method includes:

接收所在区域的终端上传的网络测量数据;Receive the network measurement data uploaded by the terminal in the area;

将接收到的网络测量数据按照接收时间聚合为预设值大小的数据集;Aggregate the received network measurement data into a data set with a preset size according to the receiving time;

将所述数据集按照所述接收时间顺序分配数据集序号;Allocate the data set sequence numbers according to the receiving time sequence;

生成所述数据集的元数据信息,以及所述元数据信息对应的区块载荷;其中,所述元数据信息包括:联盟成员ID和数据集编号;所述联盟成员ID为所述联盟成员管理设备为所述联盟成员设备分配的;所述数据集编号由所述联盟成员ID和所述数据集序号组成;Generate metadata information of the data set, and the block load corresponding to the metadata information; wherein, the metadata information includes: the alliance member ID and the data set number; the alliance member ID is managed by the alliance member The equipment is allocated by the alliance member equipment; the data set number is composed of the alliance member ID and the data set serial number;

将所述区块载荷发送给所述联盟成员管理设备,使所述联盟成员管理设备在对所述区块载荷验证通过时,按照接收所述区块载荷的时间将所述区块载荷更新上链。Send the block payload to the alliance member management device, so that when the alliance member management device passes the verification of the block payload, the block payload is updated according to the time when the block payload is received. chain.

在另一个实施例中,提供了一种网络测量数据存储装置,应用于包括联盟成员设备和联盟成员管理设备的存储系统中的联盟成员设备上;所述装置包括:接收单元、聚合单元、生成单元和发送单元;In another embodiment, a network measurement data storage device is provided, which is applied to a coalition member device in a storage system including a coalition member device and a coalition member management device; the device includes: a receiving unit, an aggregating unit, a generating unit, a unit and sending unit;

所述接收单元,用于接收所在区域的终端上传的网络测量数据;the receiving unit, configured to receive the network measurement data uploaded by the terminal in the area;

所述聚合单元,用于将所述接收单元接收到的网络测量数据按照接收时间聚合为预设值大小的数据集;将所述数据集按照所述接收时间顺序分配数据集序号;The aggregating unit is configured to aggregate the network measurement data received by the receiving unit into a data set with a preset size according to the receiving time; assign the data set sequence numbers according to the receiving time sequence;

所述生成单元,用于生成所述聚合单元聚合成的所述数据集的元数据信息,以及所述元数据信息对应的区块载荷;其中,所述元数据信息包括:联盟成员ID和数据集编号;所述联盟成员ID为所述联盟成员管理设备为所述联盟成员设备分配的;所述数据集编号由所述联盟成员ID和所述数据集序号组成;The generating unit is configured to generate metadata information of the data set aggregated by the aggregating unit, and a block load corresponding to the metadata information; wherein the metadata information includes: alliance member ID and data Set number; the alliance member ID is allocated by the alliance member management device for the alliance member device; the data set number is composed of the alliance member ID and the data set serial number;

所述发送单元,用于将所述生成单元生成的区块载荷发送给所述联盟成员管理设备,使所述联盟成员管理设备在对所述区块载荷验证通过时,按照接收所述区块载荷的时间将所述区块载荷更新上链。The sending unit is configured to send the block payload generated by the generating unit to the alliance member management device, so that when the alliance member management device passes the verification of the block load, it receives the block according to the The load time will update the block load on the chain.

在另一个实施例中,提供了一种网络测量数据存储系统,所述存储系统包括:联盟成员设备和联盟成员管理设备;In another embodiment, a network measurement data storage system is provided, the storage system includes: an alliance member device and an alliance member management device;

所述联盟成员设备,接收所在区域的终端上传的网络测量数据;将接收到的网络测量数据按照接收时间聚合为预设值大小的数据集;将所述数据集按照所述接收时间顺序分配数据集序号;生成所述数据集的元数据信息,以及所述元数据信息对应的区块载荷;其中,所述元数据信息包括:联盟成员ID和数据集编号;所述联盟成员ID为所述联盟成员管理设备为所述联盟成员设备分配的;所述数据集编号由所述联盟成员ID和所述数据集序号组成;将所述区块载荷发送给所述联盟成员管理设备;The alliance member equipment receives the network measurement data uploaded by the terminal in the area; aggregates the received network measurement data into a data set with a preset size according to the reception time; distributes the data set according to the reception time sequence Set serial number; generate metadata information of the data set, and the block load corresponding to the metadata information; wherein, the metadata information includes: alliance member ID and data set number; the alliance member ID is the The alliance member management equipment is allocated for the alliance member equipment; the data set number is composed of the alliance member ID and the data set serial number; the block payload is sent to the alliance member management equipment;

所述联盟成员管理设备在接收到所述联盟成员发送的区块载荷时,对所述区块载荷进行验证码在验证通过时,按照接收所述区块载荷的时间将所述区块载荷更新上链。When the alliance member management device receives the block load sent by the alliance member, the verification code is performed on the block load, and when the verification is passed, the block load is updated according to the time when the block load is received. on the chain.

在另一个实施例中,提供了一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现如所述网络测量数据存储方法的步骤。In another embodiment, an electronic device is provided, comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the network measurement when executing the program The steps of the data storage method.

在另一个实施例中,提供了一种计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现所述网络测量数据存储方法的步骤。In another embodiment, a computer-readable storage medium is provided, on which a computer program is stored, and when the program is executed by a processor, implements the steps of the network measurement data storage method.

由上面的技术方案可见,上述实施例中基于联盟区块链进行数据存储,存储网络测量数据的设备作为联盟成员,存储元数据信息的设备作为联盟成员管理者,该方案能够通过分布式存储,集中管理的方式保障网络测量数据的安全性保障网络测量数据的安全性。It can be seen from the above technical solution that in the above embodiment, data storage is performed based on the alliance blockchain, the device storing network measurement data is used as a member of the alliance, and the device storing metadata information is used as the manager of the alliance member. This solution can be stored through distributed storage. The centralized management method ensures the security of network measurement data to ensure the security of network measurement data.

附图说明Description of drawings

为了更清楚地说明本申请实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to illustrate the technical solutions in the embodiments of the present application more clearly, the following briefly introduces the drawings that are used in the description of the embodiments. Obviously, the drawings in the following description are only some embodiments of the present application. For those of ordinary skill in the art, other drawings can also be obtained from these drawings without creative labor.

图1为本申请实施例中网络测量数据存储系统示意图;1 is a schematic diagram of a network measurement data storage system in an embodiment of the application;

图2为本申请实施例中联盟区块链及其数据结构示意图;FIG. 2 is a schematic diagram of a consortium blockchain and its data structure in an embodiment of the application;

图3为本申请实施例中网络测量数据存储流程示意图;FIG. 3 is a schematic diagram of a flow chart of network measurement data storage in an embodiment of the present application;

图4为本申请实施例中不同联盟成员设备之间数据共享流程示意图;4 is a schematic diagram of a data sharing process between different alliance member devices in an embodiment of the present application;

图5为本申请实施例中应用于上述技术的装置结构示意图;FIG. 5 is a schematic structural diagram of a device applied to the above technology in an embodiment of the present application;

图6为本发明实施例提供的电子设备的实体结构示意图。FIG. 6 is a schematic diagram of a physical structure of an electronic device according to an embodiment of the present invention.

具体实施方式Detailed ways

下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application. Obviously, the described embodiments are only a part of the embodiments of the present application, but not all of the embodiments. Based on the embodiments in the present application, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present application.

本发明的说明书和权利要求书及上述附图中的术语“第一”、“第二”、“第三”、“第四”等(如果存在)是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便这里描述的本发明的实施例例如能够以除了在这里图示或描述的那些以外的顺序实施。此外,术语“包括”和“具有”以及他们的任何变形,意图在于覆盖不排他的包含。例如,包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其他步骤或单元。The terms "first", "second", "third", "fourth", etc. (if present) in the description and claims of the present invention and the above-mentioned drawings are used to distinguish similar objects and are not necessarily used to describe a specific order or sequence. It is to be understood that the data so used are interchangeable under appropriate circumstances such that the embodiments of the invention described herein can, for example, be practiced in sequences other than those illustrated or described herein. Furthermore, the terms "comprising" and "having", and any variations thereof, are intended to cover non-exclusive inclusion. For example, a process, method, system, product or device comprising a series of steps or units is not necessarily limited to those steps or units expressly listed, but may include steps or units not expressly listed or for such process, method, product or Other steps or units inherent to the device.

下面以具体实施例对本发明的技术方案进行详细说明。下面几个具体实施例可以相互结合,对于相同或相似的概念或过程可能在某些实施例不再赘述。The technical solutions of the present invention will be described in detail below with specific embodiments. The following specific embodiments may be combined with each other, and the same or similar concepts or processes may not be repeated in some embodiments.

本申请实施例中提供一种网络测量数据存储系统。所述系统包括联盟成员设备和联盟成员管理设备;其中,联盟成员设备的个数为多个,具体个数不进行限制,根据实际需要部署。An embodiment of the present application provides a network measurement data storage system. The system includes alliance member equipment and alliance member management equipment; wherein, the number of alliance member equipment is multiple, and the specific number is not limited, and is deployed according to actual needs.

参见图1,图1为本申请实施例中网络测量数据存储系统示意图。图1中以N个联盟成员设备为例。Referring to FIG. 1, FIG. 1 is a schematic diagram of a network measurement data storage system according to an embodiment of the present application. In FIG. 1, N consortium member devices are taken as an example.

联盟成员管理设备,相当于整个联盟区块链的联盟成员的管理者,为联盟成员颁发联盟成员身份证书,创建联盟区块的传输通道,提供区块链的更新、排序等功能,并用于存储网络测量数据的集成的数据集的元数据信息;其中,颁发联盟成员身份证书中包括为联盟成员分配的联盟成员标识(ID),以及密钥对,所述密钥对包括公钥和私钥。Alliance member management equipment, which is equivalent to the manager of the alliance members of the entire alliance blockchain, issues alliance membership certificates for alliance members, creates a transmission channel for alliance blocks, provides blockchain update, sorting and other functions, and is used for storage. Metadata information of the integrated dataset of network measurement data; wherein, the alliance member identification (ID) assigned to the alliance member is included in the issuing alliance member identity document, and the key pair includes a public key and a private key .

联盟成员设备作为一个联盟成员,进行网络测量数据的存储。As a member of the alliance, the device of the alliance member stores the network measurement data.

下面详细给出存储系统实现网络测量数据存储的过程。The following is a detailed description of the process of the storage system implementing network measurement data storage.

联盟成员设备接收所在区域的终端上传的网络测量数据。Alliance member devices receive network measurement data uploaded by terminals in their area.

终端设备进行网络信号测量后,会将网络测量数据上传给所在区域对应的联盟成员设备。After the terminal device measures the network signal, it will upload the network measurement data to the corresponding alliance member device in the area.

网络测量数据包括但不限于下述信息:Network measurement data includes but is not limited to the following information:

设备相关信息:设备型号、设备经纬度坐标、海拔;Equipment related information: equipment model, equipment latitude and longitude coordinates, altitude;

网络连接信息:网络ID、基站ID、连接频率信息、网络制式等;Network connection information: network ID, base station ID, connection frequency information, network standard, etc.;

信号质量信息:测量发起时间、RSRP、RSSI、RSRQ、网络上下行速率等。Signal quality information: measure initiation time, RSRP, RSSI, RSRQ, network uplink and downlink rates, etc.

在接收到网络测量数据后,需要对网络测量数据校验;After receiving the network measurement data, it is necessary to verify the network measurement data;

校验过程为:当且仅当测量发起时间、RSRP、RSSI、RSRQ、网络上下行速率等均在对应设置的有效值范围内,确定所述网络测量数据有效,确定校验成功;否则,确定校验不成功,不处理所述网络测量数据,或者做丢弃处理。The verification process is: if and only if the measurement initiation time, RSRP, RSSI, RSRQ, network uplink and downlink rates, etc. are all within the correspondingly set valid values, determine that the network measurement data is valid, and determine that the verification is successful; otherwise, determine If the verification is unsuccessful, the network measurement data is not processed, or discarded.

联盟成员设备将接收到的网络测量数据按照接收时间聚合为预设值大小的数据集。Alliance member devices aggregate the received network measurement data into a data set with a preset size according to the receiving time.

联盟成员设备从接收网络测量数据开始时刻,聚合一个数据集,如接收的数据条数达到预设值,或数据量达到预设值大小时,确定一个数据集形成。Alliance member devices aggregate a data set from the moment of receiving network measurement data. For example, when the number of received data bars reaches a preset value, or when the amount of data reaches a preset value, it is determined that a data set is formed.

联盟成员设备将所述数据集按照所述接收时间顺序分配数据集序号。The consortium member device allocates the data set serial numbers according to the receiving time sequence.

按照接收时间顺序为每个数据集顺序分配数据集序号,如从1开始,顺序加1以此分配数据集序号。Assign a dataset sequence number to each dataset in the order of reception time. For example, start from 1 and increase the sequence by 1 to assign the dataset sequence number.

联盟成员设备使用随机生成的对称加密密钥对所述数据集加密,生成所述数据集的数据密文;并在存储所述数据密文时,生成所述数据密文的数据下载地址。The alliance member device encrypts the data set using a randomly generated symmetric encryption key to generate a data ciphertext of the data set; and when storing the data ciphertext, generates a data download address of the data ciphertext.

联盟成员设备生成所述数据集的元数据信息,以及所述元数据信息对应的区块载荷。The alliance member device generates metadata information of the data set and block payloads corresponding to the metadata information.

其中,所述元数据信息包括:联盟成员ID和数据集编号;Wherein, the metadata information includes: alliance member ID and data set number;

所述联盟成员ID为所述联盟成员管理设备为所述联盟成员设备分配的;The alliance member ID is allocated by the alliance member management device for the alliance member device;

所述数据集编号由所述联盟成员ID和所述数据集序号组成;如联盟成员编号为i,数据集序号为j,则数据集编号为i+j。The data set number is composed of the alliance member ID and the data set serial number; if the alliance member number is i and the data set serial number is j, the data set number is i+j.

若i为1,j为2时,数据集编号可以表示为1_2;也可以表示为1-1,本申请实施例中对此实现方式不进行限制。If i is 1 and j is 2, the data set number may be expressed as 1_2; it may also be expressed as 1-1, and this implementation manner is not limited in this embodiment of the present application.

数据集编号在整个存储系统中全局唯一。Dataset numbers are globally unique across the storage system.

所述元数据信息还包括:共享成员列表和数据下载地址;The metadata information further includes: a shared member list and a data download address;

其中,所述共享成员列表包括:共享所述数据集中的数据的联盟成员的联盟成员ID和加密密钥;所述加密密钥为使用所述联盟成员管理设备为共享所述数据集中的数据的联盟成员分配的公钥对随机生成的对称加密密钥进行加密生成的;Wherein, the shared member list includes: alliance member IDs and encryption keys of alliance members who share the data in the data set; Generated by encrypting the randomly generated symmetric encryption key with the public key distributed by the alliance members;

所述元数据信息还包括:哈希值;其中,所述哈希值根据所述数据集中的数据生成。The metadata information further includes: a hash value; wherein, the hash value is generated according to the data in the data set.

当本联盟成员设备上没有共享给其他联盟成员设备的数据时,元数据信息中不包括:共享成员列表、数据下载地址和哈希值。When this alliance member device has no data shared with other alliance member devices, the metadata information does not include: shared member list, data download address and hash value.

所述区块载荷包括:元数据信息、生成区块载荷的时间和元数据信息的数字签名。The block payload includes: metadata information, the time when the block payload was generated, and a digital signature of the metadata information.

联盟成员设备将所述区块载荷发送给所述联盟成员管理设备。The alliance member device sends the block payload to the alliance member management device.

所述联盟成员管理设备在对所述区块载荷验证通过时,按照接收所述区块载荷的时间将所述区块载荷更新上链。The alliance member management device updates the block load on the chain according to the time when the block load is received when the verification of the block load is passed.

联盟成员管理设备具体进行区块上链过程为:The specific process of the alliance member management equipment on the blockchain is as follows:

接收到联盟成员设备发送的区块载荷时,使用区块载荷中的数字签名验证发送所述区块载荷的联盟成员设备的身份和消息的完整性;When receiving the block payload sent by the alliance member equipment, use the digital signature in the block payload to verify the identity of the alliance member equipment sending the block payload and the integrity of the message;

如果验证通过,根据接收到区块载荷的时间按顺序将新接收到的区块数据更新上链;否则,不予更新,丢弃接收到的区块载荷。If the verification is passed, the newly received block data will be updated on the chain in sequence according to the time of receiving the block payload; otherwise, it will not be updated and the received block payload will be discarded.

参见图2,图2为本申请实施例中联盟区块链及其数据结构示意图。Referring to FIG. 2, FIG. 2 is a schematic diagram of a consortium blockchain and its data structure in an embodiment of the application.

图2中为相邻两个区块的数据,区块编号N的区块的数据包括:区块编号N,上一区块哈希值(区块编号N-1的区块的哈希值)、时间戳(接收到对应区块载荷的时间)、区块载荷(元数据信息、发送时间和数字签名);区块编号N+1的区块的数据包括:区块编号N+1,上一区块哈希值(区块编号N的区块的哈希值)、时间戳(接收到对应区块载荷的时间)、区块载荷(元数据信息、发送时间和数字签名)。Figure 2 is the data of two adjacent blocks, the data of the block with block number N includes: block number N, the hash value of the previous block (the hash value of the block with block number N-1) ), timestamp (the time when the corresponding block load was received), block load (metadata information, sending time and digital signature); the data of the block with block number N+1 includes: block number N+1, Last block hash value (the hash value of the block with block number N), timestamp (the time when the corresponding block payload was received), block payload (metadata information, sending time and digital signature).

至此完成了网络测量数据的存储。So far, the storage of network measurement data is completed.

下面给出网络测量数据中的共享数据的访问过程:The following gives the access process of the shared data in the network measurement data:

以一个联盟成员设备访问另一个联盟成员设备的数据集中的数据为例。Take the example of a consortium member device accessing data in a data set of another consortium member device.

所述联盟成员设备作为要访问共享数据的设备,需要获取所述联盟成员管理设备上的元数据信息对应的数据集时,获取所述元数据信息中的本设备对应的联盟成员ID对应的加密密钥;When the alliance member device, as a device to access shared data, needs to obtain the data set corresponding to the metadata information on the alliance member management device, obtain the encryption corresponding to the alliance member ID corresponding to the device in the metadata information. key;

使用所述联盟成员管理设备分配的密钥对中的私钥解密所述加密密钥获得解密后的密钥;Decrypting the encryption key using the private key in the key pair distributed by the alliance member management equipment to obtain the decrypted key;

根据所述元数据信息中数据下载地址构造下载请求,并发送给存储所述元数据信息对应的数据集的联盟成员设备,即被访问的联盟成员设备;其中,所述下载请求携带请求的数据集的数据集编号,请求下载的时间和请求信息的签名;A download request is constructed according to the data download address in the metadata information, and sent to the alliance member device that stores the data set corresponding to the metadata information, that is, the accessed alliance member device; wherein, the download request carries the requested data The dataset number of the set, the time of the requested download and the signature of the requested information;

当下载到所述元数据信息对应的数据密文时,使用所述解密后的密钥解密所述数据密文获得所述元数据信息对应的数据集。When the data ciphertext corresponding to the metadata information is downloaded, use the decrypted key to decrypt the data ciphertext to obtain a data set corresponding to the metadata information.

所述联盟成员设备进一步使用所述解密后的密钥解密所述数据密文获得所述元数据信息对应的数据集之后,使用所述元数据信息中的哈希值验证所述数据集中的数据是否被篡改。The alliance member device further uses the decrypted key to decrypt the data ciphertext to obtain the data set corresponding to the metadata information, and then uses the hash value in the metadata information to verify the data in the data set. has been tampered with.

联盟成员设备作为被访问共享数据的设备额,接收到其他所述联盟成员设备发送的下载请求时,校验所述下载请求中携带的请求下载的时间是否在设置的有效共享时间内;The alliance member device, as the device of the accessed shared data, when receiving a download request sent by other said alliance member devices, verifies whether the requested download time carried in the download request is within the set valid sharing time;

若校验成功,获取发送下载请求的联盟成员设备的公钥验证所述下载请求中的数字签名;If the verification is successful, obtain the public key of the alliance member device that sent the download request to verify the digital signature in the download request;

若验证通过,则将所述下载请求中携带的数据集编号对应的数据密文响应给发送下载请求的联盟成员设备;否则,拒绝所述下载请求。If the verification is passed, the data ciphertext corresponding to the data set number carried in the download request is responded to the alliance member device that sent the download request; otherwise, the download request is rejected.

本申请实施例中提供的网络测量数据存储系统实现了数据的分布式存储,并且不同联盟成员设备上的数据可以共享,且均设置了安全验证,保障了网络测量数据的安全性、真实性和完整性,以及不同设备上存储数据的共享性。The network measurement data storage system provided in the embodiments of the present application realizes distributed storage of data, and data on devices of different alliance members can be shared, and security verification is set for all devices, which ensures the security, authenticity and reliability of network measurement data. Integrity, and shareability of data stored on different devices.

基于同样的发明构思,本申请实施例中还提供一种网络测量数据存储方法,应用于包括联盟成员设备和联盟成员管理设备的存储系统中的联盟成员设备上。参见图3,图3为本申请实施例中网络测量数据存储流程示意图。具体步骤为:Based on the same inventive concept, an embodiment of the present application also provides a method for storing network measurement data, which is applied to an alliance member device in a storage system including an alliance member device and an alliance member management device. Referring to FIG. 3 , FIG. 3 is a schematic diagram of a storage flow of network measurement data in an embodiment of the present application. The specific steps are:

步骤301,接收所在区域的终端上传的网络测量数据。Step 301: Receive network measurement data uploaded by the terminal in the area.

终端设备进行网络信号测量后,会将网络测量数据上传给所在区域对应的联盟成员设备。After the terminal device measures the network signal, it will upload the network measurement data to the corresponding alliance member device in the area.

网络测量数据包括但不限于下述信息:Network measurement data includes but is not limited to the following information:

设备相关信息:设备型号、设备经纬度坐标、海拔;Equipment related information: equipment model, equipment latitude and longitude coordinates, altitude;

网络连接信息:网络ID、基站ID、连接频率信息、网络制式等;Network connection information: network ID, base station ID, connection frequency information, network standard, etc.;

信号质量信息:测量发起时间、RSRP、RSSI、RSRQ、网络上下行速率等。Signal quality information: measure initiation time, RSRP, RSSI, RSRQ, network uplink and downlink rates, etc.

在接收到网络测量数据后,需要对网络测量数据校验;After receiving the network measurement data, it is necessary to verify the network measurement data;

校验过程为:当且仅当测量发起时间、RSRP、RSSI、RSRQ、网络上下行速率等均在对应设置的有效值范围内,确定所述网络测量数据有效,确定校验成功;否则,确定校验不成功,不处理所述网络测量数据,或者做丢弃处理。The verification process is: if and only if the measurement initiation time, RSRP, RSSI, RSRQ, network uplink and downlink rates, etc. are all within the correspondingly set valid values, determine that the network measurement data is valid, and determine that the verification is successful; otherwise, determine If the verification is unsuccessful, the network measurement data is not processed, or discarded.

步骤302,将接收到的网络测量数据按照接收时间聚合为预设值大小的数据集。Step 302: Aggregate the received network measurement data into a data set with a preset size according to the receiving time.

步骤303,将所述数据集按照所述接收时间顺序分配数据集序号。Step 303: Allocate the data set serial numbers according to the receiving time sequence.

所述方法进一步包括:The method further includes:

使用随机生成的对称加密密钥对所述数据集加密,生成所述数据集的数据密文;并在存储所述数据密文时,生成所述数据密文的数据下载地址。The data set is encrypted using a randomly generated symmetric encryption key to generate a data ciphertext of the data set; and when the data ciphertext is stored, a data download address of the data ciphertext is generated.

步骤304,生成所述数据集的元数据信息,以及所述元数据信息对应的区块载荷。Step 304: Generate metadata information of the data set and block payloads corresponding to the metadata information.

其中,所述元数据信息包括:联盟成员ID和数据集编号;所述联盟成员ID为所述联盟成员管理设备为所述联盟成员设备分配的;所述数据集编号由所述联盟成员ID和所述数据集序号组成;Wherein, the metadata information includes: alliance member ID and data set number; the alliance member ID is allocated by the alliance member management device for the alliance member device; the data set number is determined by the alliance member ID and The dataset consists of serial numbers;

所述元数据信息还包括:共享成员列表和数据下载地址时,其中,所述共享成员列表包括:共享所述数据集中的数据的联盟成员的联盟成员ID和加密密钥;所述加密密钥为使用所述联盟成员管理设备为共享所述数据集中的数据的联盟成员分配的公钥对随机生成的对称加密密钥进行加密生成的;The metadata information further includes: when a member list and data download address are shared, wherein the shared member list includes: alliance member IDs and encryption keys of alliance members who share the data in the data set; the encryption key Generated by encrypting a randomly generated symmetric encryption key using the public key allocated by the alliance member management device to the alliance members sharing the data in the data set;

所述元数据信息还包括:哈希值;其中,所述哈希值根据所述数据集中的数据生成。The metadata information further includes: a hash value; wherein, the hash value is generated according to the data in the data set.

当本联盟成员设备上没有共享给其他联盟成员设备的数据时,元数据信息中不包括:共享成员列表、数据下载地址和哈希值。When this alliance member device has no data shared with other alliance member devices, the metadata information does not include: shared member list, data download address and hash value.

所述区块载荷包括:元数据信息、生成区块载荷的时间和元数据信息的数字签名。The block payload includes: metadata information, the time when the block payload is generated, and a digital signature of the metadata information.

步骤305,将所述区块载荷发送给所述联盟成员管理设备,使所述联盟成员管理设备在对所述区块载荷验证通过时,按照接收所述区块载荷的时间将所述区块载荷更新上链。Step 305, sending the block payload to the alliance member management device, so that when the alliance member management device passes the verification of the block load, the block load is received according to the time of receiving the block load. The payload is updated on the chain.

联盟成员管理设备进行区块上链具体过程为:The specific process of the alliance member's management equipment on the blockchain is as follows:

接收到联盟成员设备发送的区块载荷时,使用区块载荷中的数字签名验证发送所述区块载荷的联盟成员设备的身份和消息的完整性;When receiving the block payload sent by the alliance member equipment, use the digital signature in the block payload to verify the identity of the alliance member equipment sending the block payload and the integrity of the message;

如果验证通过,根据接收到区块载荷的时间按顺序将新接收到的区块数据更新上链;否则,不予更新,丢弃接收到的区块载荷。If the verification is passed, the newly received block data will be updated on the chain in sequence according to the time of receiving the block payload; otherwise, it will not be updated and the received block payload will be discarded.

至此完成数据集对应的数据,以及元数据信息的存储。At this point, the data corresponding to the dataset and the storage of metadata information are completed.

下面给出不同联盟成员设备之间数据共享的过程:The process of data sharing between devices of different alliance members is given below:

参见图4,图4为本申请实施例中不同联盟成员设备之间数据共享流程示意图。具体步骤为:Referring to FIG. 4, FIG. 4 is a schematic diagram of a data sharing process between different alliance member devices in an embodiment of the present application. The specific steps are:

步骤401,联盟成员设备需要获取联盟成员管理设备上的元数据信息对应的数据集时,获取所述元数据信息中的本设备对应的联盟成员ID对应的加密密钥。Step 401: When the alliance member device needs to obtain the data set corresponding to the metadata information on the alliance member management device, it obtains the encryption key corresponding to the alliance member ID corresponding to the device in the metadata information.

步骤402,使用所述联盟成员管理设备分配的密钥对中的私钥解密所述加密密钥获得解密后的密钥。Step 402: Decrypt the encryption key using the private key in the key pair distributed by the alliance member management device to obtain a decrypted key.

步骤403,根据所述元数据信息中数据下载地址构造下载请求,并发送给存储所述元数据信息对应的数据集的联盟成员设备。Step 403: Construct a download request according to the data download address in the metadata information, and send it to the alliance member device that stores the data set corresponding to the metadata information.

其中,所述下载请求携带请求的数据集的数据集编号,请求下载的时间和请求信息的签名;Wherein, the download request carries the data set number of the requested data set, the time of the request to download and the signature of the request information;

接收到其他联盟成员设备发送的下载请求时,校验所述下载请求中携带的请求下载的时间是否在设置的有效共享时间内;When receiving a download request sent by other alliance member devices, verify whether the requested download time carried in the download request is within the set valid sharing time;

若校验成功,获取发送下载请求的联盟成员设备的公钥验证所述下载请求中的数字签名;若校验不成功,拒绝所述下载请求。If the verification is successful, the public key of the alliance member device that sends the download request is obtained to verify the digital signature in the download request; if the verification is unsuccessful, the download request is rejected.

若验证通过,则将所述下载请求中携带的数据集编号对应的数据密文响应给发送下载请求的联盟成员设备;否则,拒绝所述下载请求。If the verification is passed, the data ciphertext corresponding to the data set number carried in the download request is responded to the alliance member device that sent the download request; otherwise, the download request is rejected.

步骤404,当下载到所述元数据信息对应的数据密文时,使用所述解密后的密钥解密所述数据密文获得所述元数据信息对应的数据集。Step 404: When the data ciphertext corresponding to the metadata information is downloaded, use the decrypted key to decrypt the data ciphertext to obtain a data set corresponding to the metadata information.

所述使用所述解密后的密钥解密所述数据密文获得所述元数据信息对应的数据集之后,所述方法进一步包括:After using the decrypted key to decrypt the data ciphertext to obtain the data set corresponding to the metadata information, the method further includes:

使用所述元数据信息中的哈希值验证所述数据集中的数据是否被篡改。Whether the data in the data set has been tampered with is verified using the hash value in the metadata information.

本申请实施例中基于联盟区块链进行数据存储,存储网络测量数据的设备作为联盟成员,存储元数据信息的设备作为联盟成员管理者,能够实现数据的分布式存储,以及集中式管理,并且不同联盟成员之间可以共享数据,并在数据共享时通过加密、哈希值的引入保证了数据的安全性、完整性和真实性。In the embodiment of this application, data storage is performed based on the alliance blockchain, the device storing network measurement data is used as the alliance member, and the device storing metadata information is used as the alliance member manager, which can realize distributed storage and centralized management of data, and Data can be shared among different alliance members, and the security, integrity and authenticity of the data are guaranteed through the introduction of encryption and hash value during data sharing.

下面结合具体实例,以图1中系统为例,描述联盟成员设备i存储网络测量数据,联盟成员j访问联盟成员设备i上的共享数据为例:Below in conjunction with specific examples, taking the system in FIG. 1 as an example, it is described that the alliance member device i stores the network measurement data, and the alliance member j accesses the shared data on the alliance member device i as an example:

i和j为1到N之间的整数。i and j are integers between 1 and N.

第一步、联盟成员设备i接收所在区域的移动终端上报的网络测量数据,并对所述网络测量数据进行有效性验证。In the first step, the alliance member device i receives the network measurement data reported by the mobile terminal in the area, and verifies the validity of the network measurement data.

这里的有效性验证指验证上报的网络测量数据是否在设置的有效范围内,如果是,则验证成功;否则,验证失败;The validity verification here refers to verifying whether the reported network measurement data is within the set valid range, if so, the verification succeeds; otherwise, the verification fails;

第二步、联盟成员设备i在对接收到的网络测量数据验证成功时,将接收到的网络测量数据按照接收时间聚合为预设值大小的数据集。In the second step, when the alliance member device i successfully verifies the received network measurement data, it aggregates the received network measurement data into a data set with a preset size according to the reception time.

第三步、联盟成员设备i将所述数据集按照所述接收时间顺序分配数据集序号,如为当前这个数据集分配的数据集序号为2。In the third step, the alliance member device i allocates a data set serial number to the data set according to the receiving time sequence, for example, the data set serial number allocated to the current data set is 2.

第四步、生成数据集序号为2的数据集的元数据信息;The fourth step is to generate the metadata information of the data set whose data set serial number is 2;

元数据信息包括:联盟成员ID和数据集编号;Metadata information includes: alliance member ID and dataset number;

这里以为联盟成员设备分配的联盟成员ID为i为例,则数据集编号为i_2。Here, the alliance member ID allocated by the alliance member device is taken as an example, and the data set number is i_2.

第五步,当数据集i_2为共享数据集,即其他联盟成员可以访问该数据集,如成员联盟j,以及成员联盟d能够访问数据集i_2时,根据所述数据集的数据的内容生成哈希值H,并使用随机产生的的对称加密密钥k,对数据集i_2加密生成密文C;并存储,生成数据下载地址W;The fifth step, when the data set i_2 is a shared data set, that is, other alliance members can access the data set, such as member alliance j, and member alliance d can access the data set i_2, generate a hash according to the content of the data set. H, and use the randomly generated symmetric encryption key k to encrypt the data set i_2 to generate the ciphertext C; and store it to generate the data download address W;

第六步、从联盟成员管理设备上获取联盟成员j和联盟成员d的公钥:Pj,Pd,对对称加密密钥k进行加密,生成对应的加密密钥Cj和Cd。Step 6: Obtain the public keys of alliance member j and alliance member d from the alliance member management device: Pj, Pd, encrypt the symmetric encryption key k, and generate corresponding encryption keys Cj and Cd.

第七步,生成的完整元数据信息m=<i,i_2,H,list,W>。In the seventh step, the generated complete metadata information m=<i, i_2, H, list, W>.

其中,list为共享列表,具体为:list=[<j,Cj>,<d,Cd>];Among them, list is a shared list, specifically: list=[<j, Cj>, <d, Cd>];

第八步,联盟成员设备i生成所述元数据信息m的区块载荷b;The 8th step, alliance member equipment i generates the block load b of described metadata information m;

b=<m,t1,sig>;b=<m, t1, sig>;

其中,t1为生成区块载荷的时间,sig为m的数字签名。Among them, t1 is the time when the block payload is generated, and sig is the digital signature of m.

第九步、将区块载荷b发送给联盟成员管理设备。The ninth step, sending the block payload b to the alliance member management device.

第十步、联盟成员管理设备接收到区块载荷时,使用所述区块载荷中的数字签名进行身份和消息完整性验证,验证通过时,将该区块载荷更新上链;在上链时,顺序为当前区块分配区块编号如N,并增加上一区块(区块编号N-1)的哈希值,以及当前上链时间戳,以及区块载荷b,元数据信息中的哈希值H作为下一区块的哈希值。Step 10: When the alliance member management device receives the block payload, it uses the digital signature in the block payload to verify the identity and message integrity. When the verification is passed, the block payload is updated and uploaded to the chain; , assign a block number such as N to the current block in sequence, and add the hash value of the previous block (block number N-1), as well as the current on-chain timestamp, as well as the block load b, in the metadata information The hash value H is used as the hash value of the next block.

至此,完成联盟成员设备存储一个数据集的完整过程。So far, the complete process of storing a data set in the device of the alliance member is completed.

下面给出联盟成员设备j访问该数据集i_2的过程。The process of accessing the data set i_2 by the alliance member device j is given below.

联盟成员管理设备会将区块链上的元数据信息展示给所有联盟成员,以便联盟成员对共享数据的获取。The alliance member management device will display the metadata information on the blockchain to all alliance members, so that the alliance members can obtain the shared data.

第一步、联盟成员设备j获取联盟成员管理设备上的数据集i_2对应的元数据信息中的共享成员列表中j对应的加密密钥Cj;The first step, the alliance member device j obtains the encryption key Cj corresponding to j in the shared member list in the metadata information corresponding to the data set i_2 on the alliance member management device;

第二步、联盟成员设备j使用联盟成员管理设备分配的密钥对中的私钥解密所述加密密钥Cj获得解密后的密钥k;In the second step, the alliance member equipment j uses the private key in the key pair distributed by the alliance member management equipment to decrypt the encryption key Cj to obtain the decrypted key k;

第三步、联盟成员设备j根据所述元数据信息中数据下载地址W构造下载请求,并发送给存储所述元数据信息对应的数据集的联盟成员设备i;其中,所述下载请求携带请求的数据集的数据集编号i_2,请求下载的时间t0和请求信息的签名sigqIn the third step, the alliance member device j constructs a download request according to the data download address W in the metadata information, and sends it to the alliance member device i that stores the data set corresponding to the metadata information; wherein, the download request carries a request The data set number i_2 of the data set, the time t0 of the requested download and the signature sig q of the requested information;

第四步、联盟成员设备i接收到联盟成员设备j发送的下载请求时,校验所述下载请求中携带的请求下载的时间t0是否在设置的有效共享时间内;The fourth step, when alliance member device i receives the download request sent by alliance member device j, verify whether the time t0 of the requested download carried in the download request is within the set effective sharing time;

第五步、若校验成功,获取发送下载请求的联盟成员设备j的公钥验证所述下载请求中的数字签名sigqThe fifth step, if the verification is successful, obtain the public key of the alliance member device j that sends the download request to verify the digital signature sig q in the download request;

第六步、若验证通过,则将所述下载请求中携带的数据集编号对应的数据密文C响应给发送下载请求的联盟成员设备j;否则,拒绝所述下载请求。Step 6: If the verification is passed, the data ciphertext C corresponding to the data set number carried in the download request is responded to the alliance member device j that sent the download request; otherwise, the download request is rejected.

第七步、当下载到所述元数据信息对应的数据密文C时,使用所述解密后的密钥k解密所述数据密文获得所述元数据信息对应的数据集i_2。Step 7: When the data ciphertext C corresponding to the metadata information is downloaded, use the decrypted key k to decrypt the data ciphertext to obtain a data set i_2 corresponding to the metadata information.

第八步、使用元数据信息中的哈希值H验证所述数据集i_2中的数据是否被篡改。Step 8: Use the hash value H in the metadata information to verify whether the data in the data set i_2 has been tampered with.

具体验证过程为:使用数据集i_2中的数据计算哈希值H0,确定H0和H是否相同,如果是,确定数据集i_2中的数据未被篡改;否则,确定数据集i_2中的数据被篡改。The specific verification process is: use the data in data set i_2 to calculate the hash value H0, determine whether H0 and H are the same, if so, determine that the data in data set i_2 has not been tampered with; otherwise, determine that the data in data set i_2 has been tampered with .

至此,完成了一次数据集的共享。So far, the sharing of a dataset is completed.

基于同样的发明构思,本申请实施例中还提供一种网络测量数据存储装置,应用于包括联盟成员设备和联盟成员管理设备的存储系统中的联盟成员设备上。参见图5,图5为本申请实施例中应用于上述技术的装置结构示意图。所述装置包括:接收单元501、聚合单元502、生成单元503和发送单元504;Based on the same inventive concept, an embodiment of the present application also provides a network measurement data storage device, which is applied to an alliance member device in a storage system including an alliance member device and an alliance member management device. Referring to FIG. 5 , FIG. 5 is a schematic structural diagram of a device applied to the above technology in an embodiment of the present application. The apparatus includes: a receiving unit 501, an aggregation unit 502, a generating unit 503 and a sending unit 504;

接收单元501,用于接收所在区域的终端上传的网络测量数据;A receiving unit 501, configured to receive network measurement data uploaded by a terminal in the area;

聚合单元502,用于将接收单元501接收到的网络测量数据按照接收时间聚合为预设值大小的数据集;将所述数据集按照所述接收时间顺序分配数据集序号;an aggregation unit 502, configured to aggregate the network measurement data received by the receiving unit 501 into a data set with a preset size according to the receiving time; assign the data set sequence numbers according to the receiving time sequence;

生成单元503,用于生成聚合单元502聚合成的所述数据集的元数据信息,以及所述元数据信息对应的区块载荷;其中,所述元数据信息包括:联盟成员ID和数据集编号;所述联盟成员ID为所述联盟成员管理设备为所述联盟成员设备分配的;所述数据集编号由所述联盟成员ID和所述数据集序号组成;The generating unit 503 is configured to generate the metadata information of the data set aggregated by the aggregation unit 502, and the block load corresponding to the metadata information; wherein, the metadata information includes: alliance member ID and data set number ; Described alliance member ID is allocated for described alliance member equipment by described alliance member management equipment; Described data set number is made up of described alliance member ID and described data set serial number;

发送单元504,用于将生成单元503生成的区块载荷发送给所述联盟成员管理设备,使所述联盟成员管理设备在对所述区块载荷验证通过时,按照接收所述区块载荷的时间将所述区块载荷更新上链。The sending unit 504 is configured to send the block payload generated by the generating unit 503 to the alliance member management device, so that when the alliance member management device passes the verification of the block load, it will be Time to update the block load on the chain.

优选地,Preferably,

生成单元503,进一步用于使用随机生成的对称加密密钥对所述数据集加密,生成所述数据集的数据密文;并在存储所述数据密文时,生成所述数据密文的数据下载地址;生成的所述元数据信息还包括:共享成员列表和数据下载地址时,其中,所述共享成员列表包括:共享所述数据集中的数据的联盟成员的联盟成员ID和加密密钥;所述加密密钥为使用所述联盟成员管理设备为共享所述数据集中的数据的联盟成员分配的公钥对随机生成的对称加密密钥进行加密生成的。The generating unit 503 is further configured to encrypt the data set using a randomly generated symmetric encryption key to generate a data ciphertext of the data set; and when storing the data ciphertext, generate data of the data ciphertext download address; the generated metadata information also includes: when a member list and a data download address are shared, wherein the shared member list includes: the alliance member ID and encryption key of the alliance member sharing the data in the data set; The encryption key is generated by encrypting a randomly generated symmetric encryption key using the public key allocated by the alliance member management device to the alliance members sharing the data in the data set.

在另一个实施例中,还提供一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现所述网络测量数据存储方法的步骤。In another embodiment, an electronic device is also provided, comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, the processor implementing the network measurement data when the program is executed Store the steps of the method.

在另一个实施例中,还提供一种计算机可读存储介质,其上存储有计算机指令,所述指令被处理器执行时可实现所述网络测量数据存储方法中的步骤。In another embodiment, there is also provided a computer-readable storage medium on which computer instructions are stored, and when the instructions are executed by a processor, the steps in the method for storing network measurement data can be implemented.

图6为本发明实施例提供的电子设备的实体结构示意图。如图6所示,该电子设备可以包括:处理器(Processor)610、通信接口(Communications Interface)620、存储器(Memory)630和通信总线640,其中,处理器610,通信接口620,存储器630通过通信总线640完成相互间的通信。处理器610可以调用存储器330中的逻辑指令,以执行如下方法:FIG. 6 is a schematic diagram of a physical structure of an electronic device according to an embodiment of the present invention. As shown in FIG. 6 , the electronic device may include: a processor (Processor) 610, a communication interface (Communications Interface) 620, a memory (Memory) 630 and a communication bus 640, wherein the processor 610, the communication interface 620, and the memory 630 pass through The communication bus 640 accomplishes the mutual communication. The processor 610 may invoke logic instructions in the memory 330 to perform the following methods:

一种网络测量数据存储方法,其特征在于,应用于包括联盟成员设备和联盟成员管理设备的存储系统中的联盟成员设备上;所述方法包括:A method for storing network measurement data, characterized in that it is applied to an alliance member device in a storage system including an alliance member device and an alliance member management device; the method includes:

接收所在区域的终端上传的网络测量数据;Receive the network measurement data uploaded by the terminal in the area;

将接收到的网络测量数据按照接收时间聚合为预设值大小的数据集;Aggregate the received network measurement data into a data set with a preset size according to the receiving time;

将所述数据集按照所述接收时间顺序分配数据集序号;Allocate the data set sequence numbers according to the receiving time sequence;

生成所述数据集的元数据信息,以及所述元数据信息对应的区块载荷;其中,所述元数据信息包括:联盟成员ID和数据集编号;所述联盟成员ID为所述联盟成员管理设备为所述联盟成员设备分配的;所述数据集编号由所述联盟成员ID和所述数据集序号组成;Generate metadata information of the data set, and the block load corresponding to the metadata information; wherein, the metadata information includes: the alliance member ID and the data set number; the alliance member ID is managed by the alliance member The equipment is allocated by the alliance member equipment; the data set number is composed of the alliance member ID and the data set serial number;

将所述区块载荷发送给所述联盟成员管理设备,使所述联盟成员管理设备在对所述区块载荷验证通过时,按照接收所述区块载荷的时间将所述区块载荷更新上链。Send the block payload to the alliance member management device, so that when the alliance member management device passes the verification of the block payload, the block payload is updated according to the time when the block payload is received. chain.

此外,上述的存储器630中的逻辑指令可以通过软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。In addition, the above-mentioned logic instructions in the memory 630 can be implemented in the form of software functional units and can be stored in a computer-readable storage medium when sold or used as an independent product. Based on this understanding, the technical solution of the present invention can be embodied in the form of a software product in essence, or the part that contributes to the prior art or the part of the technical solution. The computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present invention. The aforementioned storage medium includes: U disk, mobile hard disk, Read-Only Memory (ROM, Read-Only Memory), Random Access Memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program codes .

以上所描述的装置实施例仅仅是示意性的,其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。本领域普通技术人员在不付出创造性的劳动的情况下,即可以理解并实施。The device embodiments described above are only illustrative, wherein the units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in One place, or it can be distributed over multiple network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution in this embodiment. Those of ordinary skill in the art can understand and implement it without creative effort.

通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到各实施方式可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件。基于这样的理解,上述技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品可以存储在计算机可读存储介质中,如ROM/RAM、磁碟、光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行各个实施例或者实施例的某些部分所述的方法。From the description of the above embodiments, those skilled in the art can clearly understand that each embodiment can be implemented by means of software plus a necessary general hardware platform, and certainly can also be implemented by hardware. Based on this understanding, the above-mentioned technical solutions can be embodied in the form of software products in essence or the parts that make contributions to the prior art, and the computer software products can be stored in computer-readable storage media, such as ROM/RAM, magnetic A disc, an optical disc, etc., includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform the methods described in various embodiments or some parts of the embodiments.

以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本发明保护的范围之内。The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present invention shall be included in the present invention. within the scope of protection.

Claims (10)

1. A network measurement data storage method is characterized in that the method is applied to coalition member equipment in a storage system comprising coalition member equipment and coalition member management equipment; the method comprises the following steps:
receiving network measurement data uploaded by a terminal in the area;
aggregating the received network measurement data into a data set with a preset value size according to the receiving time;
allocating data set serial numbers to the data sets according to the receiving time sequence;
generating metadata information of the data set and a block load corresponding to the metadata information; wherein the metadata information includes: a federation member identification ID and a data set number; the alliance member ID is distributed to the alliance member device by the alliance member management device; the data set number consists of the ID of the coalition members and the data set serial number;
and sending the block load to the alliance member management equipment, so that when the alliance member management equipment passes the block load verification, the block load is updated and uplink is carried out according to the time for receiving the block load.
2. The method of claim 1, wherein the metadata information further comprises: when sharing the member list and the data download address, wherein the sharing member list comprises: a federation member ID and an encryption key for a federation member sharing data in the dataset; the encryption key is generated by encrypting a randomly generated symmetric encryption key by using a public key distributed by the coalition member management equipment for coalition members sharing data in the data set;
the method further comprises:
encrypting the data set by using a randomly generated symmetric encryption key to generate a data ciphertext of the data set; and generating a data download address of the data cipher text when the data cipher text is stored.
3. The method of claim 2, further comprising:
when a data set corresponding to metadata information on the management equipment of the coalition members needs to be acquired, acquiring an encryption key corresponding to a coalition member ID corresponding to the equipment in the metadata information;
decrypting the encrypted key by using a private key in a key pair distributed by the coalition member management equipment to obtain a decrypted key;
constructing a downloading request according to the data downloading address in the metadata information, and sending the downloading request to the alliance member equipment for storing the data set corresponding to the metadata information; wherein, the download request carries the data set number of the requested data set, the download request time and the signature of the request information;
and when the data ciphertext corresponding to the metadata information is downloaded, decrypting the data ciphertext by using the decrypted key to obtain a data set corresponding to the metadata information.
4. The method of claim 3, wherein the metadata information further comprises: a hash value; wherein the hash value is generated from data in the dataset;
after the data ciphertext is decrypted by using the decrypted key to obtain the data set corresponding to the metadata information, the method further includes:
and verifying whether the data in the data set is tampered or not by using the hash value in the metadata information.
5. The method of claim 2, further comprising:
when receiving a downloading request sent by other alliance member equipment, checking whether the time for requesting downloading carried in the downloading request is within the set effective sharing time;
if the verification is successful, acquiring a public key of the alliance member device which sends the downloading request to verify the digital signature in the downloading request;
if the verification is passed, responding a data cipher text corresponding to the data set number carried in the downloading request to the alliance member equipment sending the downloading request; otherwise, the download request is rejected.
6. The network measurement data storage device is applied to the coalition member equipment in a storage system comprising the coalition member equipment and coalition member management equipment; the device comprises: a receiving unit, an aggregation unit, a generation unit and a sending unit;
the receiving unit is used for receiving network measurement data uploaded by a terminal in the area;
the aggregation unit is used for aggregating the network measurement data received by the receiving unit into a data set with a preset value size according to the receiving time; allocating data set serial numbers to the data sets according to the receiving time sequence;
the generating unit is configured to generate metadata information of the data sets aggregated by the aggregating unit, and a block payload corresponding to the metadata information; wherein the metadata information includes: federation member ID and data set number; the alliance member ID is distributed to the alliance member device by the alliance member management device; the data set number consists of the ID of the coalition members and the data set serial number;
the sending unit is configured to send the block load generated by the generating unit to the coalition member management device, so that when the coalition member management device passes the block load verification, the block load is updated and uplinked according to the time for receiving the block load.
7. The apparatus of claim 6,
the generating unit is further configured to encrypt the data set using a randomly generated symmetric encryption key to generate a data ciphertext of the data set; when the data ciphertext is stored, a data download address of the data ciphertext is generated; the generated metadata information further includes: when sharing the member list and the data download address, wherein the sharing member list comprises: a federation member ID and an encryption key for a federation member sharing data in the dataset; the encryption key is generated by encrypting a randomly generated symmetric encryption key by using a public key distributed by the coalition member management device for coalition members sharing data in the data set.
8. A network measurement data storage system, the storage system comprising: alliance member device and alliance member management device;
the alliance member equipment receives network measurement data uploaded by a terminal in the area; aggregating the received network measurement data into a data set with a preset value size according to the receiving time; allocating data set serial numbers to the data sets according to the receiving time sequence; generating metadata information of the data set and a block load corresponding to the metadata information; wherein the metadata information includes: federation member ID and data set number; the alliance member ID is distributed to the alliance member device by the alliance member management device; the data set number consists of the ID of the coalition members and the data set serial number; sending the block payload to the federation member management device;
when the block load sent by the coalition members is received and verified by the block load verification code, the coalition member management equipment updates the uplink of the block load according to the time for receiving the block load.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method according to any of claims 1-5 when executing the program.
10. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, is adapted to carry out the method of any one of claims 1 to 5.
CN202010380358.7A 2020-05-08 2020-05-08 Network measurement data storage method, device and system Active CN111614739B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010380358.7A CN111614739B (en) 2020-05-08 2020-05-08 Network measurement data storage method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010380358.7A CN111614739B (en) 2020-05-08 2020-05-08 Network measurement data storage method, device and system

Publications (2)

Publication Number Publication Date
CN111614739A true CN111614739A (en) 2020-09-01
CN111614739B CN111614739B (en) 2023-06-23

Family

ID=72204815

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010380358.7A Active CN111614739B (en) 2020-05-08 2020-05-08 Network measurement data storage method, device and system

Country Status (1)

Country Link
CN (1) CN111614739B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114221889A (en) * 2020-09-03 2022-03-22 中国联合网络通信集团有限公司 Test data processing method and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108833385A (en) * 2018-06-01 2018-11-16 深圳崀途科技有限公司 User data anonymity sharing method based on the encryption of alliance's chain
CN108848081A (en) * 2018-06-01 2018-11-20 深圳崀途科技有限公司 The data sharing method of verification and integral incentive mechanism is stored based on alliance's chain
US20190253245A1 (en) * 2018-11-27 2019-08-15 Alibaba Group Holding Limited Asymmetric key management in consortium blockchain networks
US20190278944A1 (en) * 2018-12-21 2019-09-12 Alibaba Group Holding Limited Verifying integrity of data stored in a consortium blockchain using a public sidechain
CN110572262A (en) * 2019-09-20 2019-12-13 中国银行股份有限公司 Block chain alliance chain construction method, device and system
US20200034291A1 (en) * 2018-07-27 2020-01-30 EMC IP Holding Company LLC Method, device and computer program product for managing metadata at a control device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108833385A (en) * 2018-06-01 2018-11-16 深圳崀途科技有限公司 User data anonymity sharing method based on the encryption of alliance's chain
CN108848081A (en) * 2018-06-01 2018-11-20 深圳崀途科技有限公司 The data sharing method of verification and integral incentive mechanism is stored based on alliance's chain
US20200034291A1 (en) * 2018-07-27 2020-01-30 EMC IP Holding Company LLC Method, device and computer program product for managing metadata at a control device
US20190253245A1 (en) * 2018-11-27 2019-08-15 Alibaba Group Holding Limited Asymmetric key management in consortium blockchain networks
US20190278944A1 (en) * 2018-12-21 2019-09-12 Alibaba Group Holding Limited Verifying integrity of data stored in a consortium blockchain using a public sidechain
CN110572262A (en) * 2019-09-20 2019-12-13 中国银行股份有限公司 Block chain alliance chain construction method, device and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
杨兵等: "基于联盟链的学习数据存储系统研究", 《现代教育技术》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114221889A (en) * 2020-09-03 2022-03-22 中国联合网络通信集团有限公司 Test data processing method and system

Also Published As

Publication number Publication date
CN111614739B (en) 2023-06-23

Similar Documents

Publication Publication Date Title
CN106357649B (en) User identity authentication system and method
US10581599B2 (en) Cloud storage method and system
CN114286416B (en) Communication control method and device, electronic device, and storage medium
CN110475249B (en) An authentication method, related equipment and system
CN105554760B (en) Wireless access point authentication method, apparatus and system
WO2017185692A1 (en) Key distribution and authentication method, apparatus and system
CN107948736A (en) A kind of audio and video preservation of evidence method and system
KR20180029695A (en) System and method for transmitting data using block-chain
CN105554747A (en) Wireless network connection method, device and system
CN106878016A (en) Data is activation, method of reseptance and device
EP2823595A1 (en) Methods, apparatuses, and computer-readable storage media for securely accessing social networking data
CN101997681B (en) Authentication method and system for multi-node path and relevant node equipment
CN106571915A (en) Terminal master key setting method and apparatus
CN109302425B (en) Identity authentication method and terminal equipment
CN109962777A (en) The key in block catenary system is permitted to generate, obtain the method and apparatus of key
CN113472722A (en) Data transmission method, storage medium, electronic device and automatic ticket selling and checking system
CN113742709A (en) Information processing method and device, readable medium and electronic equipment
CN111768189A (en) Charging pile operation method, device and system based on block chain
CN106941405A (en) A kind of method and apparatus of terminal authentication in a wireless local area network
CN109391473B (en) Electronic signature method, device and storage medium
CN112988412B (en) Edge caching method, base station and system based on block chain network
CN111614739B (en) Network measurement data storage method, device and system
CN112333699A (en) Internet of things communication protocol encryption method, equipment and storage medium
CN115334505B (en) Multi-mode intelligent terminal secure communication method and system for 5G+Beidou
CN111885510B (en) Attendance checking method, attendance checking client and attendance checking system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant