CN112187900B - DNS data updating method and system based on block chain shared cache - Google Patents

DNS data updating method and system based on block chain shared cache Download PDF

Info

Publication number
CN112187900B
CN112187900B CN202010990203.5A CN202010990203A CN112187900B CN 112187900 B CN112187900 B CN 112187900B CN 202010990203 A CN202010990203 A CN 202010990203A CN 112187900 B CN112187900 B CN 112187900B
Authority
CN
China
Prior art keywords
data
updating
dns
node
block
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010990203.5A
Other languages
Chinese (zh)
Other versions
CN112187900A (en
Inventor
李晓东
张玉军
魏久麒
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Computing Technology of CAS
Original Assignee
Institute of Computing Technology of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Computing Technology of CAS filed Critical Institute of Computing Technology of CAS
Priority to CN202010990203.5A priority Critical patent/CN112187900B/en
Publication of CN112187900A publication Critical patent/CN112187900A/en
Application granted granted Critical
Publication of CN112187900B publication Critical patent/CN112187900B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • H04L67/5682Policies or rules for updating, deleting or replacing the stored data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention provides a DNS data updating method based on block chain shared cache, which comprises the following steps: establishing a block chain of the alliance, deploying an intelligent contract, and monitoring DNS resource records cached in the block chain of the alliance; when any DNS resource record is monitored to meet the updating condition, selecting a plurality of management nodes of the alliance chain as updating nodes, and executing updating operation to obtain the updating data of the DNS resource record; after each updating node generates a digital signature for the updating data by a private key, the digital signature is sent to a current block outlet node of the alliance chain for verification, and the block outlet node selects uplink data from all the updating data; generating a new block from the uplink data through the egress node and linking into the federated blockchain. The invention also provides a DNS data updating system based on the block chain shared cache and a data processing device for realizing the DNS data updating method.

Description

DNS data updating method and system based on block chain shared cache
Technical Field
The invention relates to the technical field of computer network domain names, in particular to a DNS data updating method based on block chain shared cache.
Background
The Domain Name System (DNS) is a distributed network directory service of the internet, and is mainly used to perform mutual mapping between Domain names and IP addresses, so that users can conveniently access specific websites through Domain names without remembering complicated and obscure IP addresses. The domain name system was created in 1983 as part of the ARPANET. With the rapid growth of the internet scale, the important role of the domain name system in properly maintaining the host name and address mapping is highlighted, and the design of the domain name system is continuously increased and optimized with the increasingly complex internet application.
The Blockchain (Blockchain) is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. The system is essentially a distributed shared account book and a database, and has the characteristics of decentralization, no tampering, trace retaining in the whole process, traceability, openness and transparency and the like. Therefore, the blockchain technology can solve the information asymmetry problem and realize cooperative trust and consistent action among a plurality of main bodies. The consensus mechanism of the block chain comprises: pow (Proof of Work) consensus, Pos (Proof of Stake) consensus, and DPos (Proof of equity grant) consensus, wherein the DPos consensus mechanism employs partial decentralization to counteract the negative effects of blockchain centralization.
The recursive DNS server needs to help the querying party obtain the DNS resource record required by the querying party in the DNS resolution process, and cache the DNS resource record obtained by querying by the querying party for a certain time until the DNS resource record cache expires. Since each recursive DNS server maintains its own cache independently, different recursive DNS servers cache a large number of duplicate DNS resource records and may also be plagued by data tampering problems. Blockchain techniques can introduce their own advantages for storing data into DNS recursive services. The recursive DNS server participates and maintains a block chain for caching DNS resource records together, so that the data sharing capability can be improved on the premise of ensuring the data to be public and transparent, and the compatibility with the existing DNS system is strong.
In the DNS recursive service based on the blockchain shared cache, the recursive DNS server queries the DNS resource record required by itself through the blockchain of the shared cache. Since only the latest unexpired information of the same DNS resource record is stored in the blockchain, the cache expiration times of the same DNS resource record obtained by the inquirer from the blockchain tend to be consistent. When the cache of the recursive DNS servers locally cached with the same DNS resource record expires, they will access the authoritative server at a more centralized time, and update the expired DNS resource record, thereby causing a sudden increase in the access pressure of the upper level DNS servers (root server, top level server, authoritative server).
The invention relates to a Chinese patent 'data updating method and network node of a block chain domain name system DNS system', the publication number is: CN109995888A provides a data updating method and network node of a block chain DNS system, which includes: when any DNS management node initiates DNS data update, obtaining a verification result of each DNS management node for the DNS data update; determining whether the DNS data update is legal or not according to the verification result of each DNS management node aiming at the DNS data update; and when the DNS data update is legal, updating the local database, and sending DNS data update information to the DNS server node according to the update content of the local database. The block chain DNS system comprises a plurality of DNS management nodes and a plurality of DNS server nodes, wherein when a certain DNS management node initiates DNS data update, other DNS management nodes participate in verification of the DNS data update. The data updating method is similar to a consensus mechanism of a block chain, and although the overall security of the system is improved through a verification process, the flexibility of data updating is lacked. For the DNS recursive service based on the blockchain shared cache, frequent data updates are required, and the update process needs to interact with the upper level DNS server. Therefore, the data updating mechanism not only ensures that the system user can obtain correct response in time, but also ensures that the normal work of the superior DNS server cannot be influenced. The data updating method proposed by the prior art emphasizes the consensus among the peer DNS servers, and does not consider the information interaction among the different peer DNS servers. Therefore, this approach is not sufficient to support DNS recursive services based on blockchain shared caches.
The Chinese invention patent 'a method, a server and a system for realizing domain name resolution based on a block chain', discloses the following numbers: CN108429765A discloses a method for implementing domain name resolution based on a block chain, which includes: each super node stores a complete block chain for recording historical domain name operation information; when receiving a broadcasted domain name operation request, verifying the domain name operation request and broadcasting a verification result; in the period of taking the role of a block submitter, the block generation module is responsible for generating a block, recording the verified domain name operation request into the block, packaging the block and attaching the block to a block chain; when a domain name resolution request is received, the domain name resolution processing is carried out by inquiring a domain name information storage system, so that the condition that the domain name can not be resolved correctly in the prior art is avoided. The technical solution does not design the data updating method in detail, because the scope of data sharing is global, only the correct uplink of data needs to be considered, and the interaction between different level DNS servers does not need to be considered. For the DNS recursive service based on the block chain shared cache, the simple data update method of this scheme is not practical. Because the information interaction between different levels of recursive DNS servers is involved in the DNS recursive service based on the block chain shared cache, and in order to ensure the effective operation of the system, factors such as efficiency, data consistency and reasonability of information interaction need to be considered when data updating is carried out. The data updating process of the existing scheme two is too simple, and the factors are not considered, so that the scheme mobility is not achieved.
Disclosure of Invention
In order to solve the above problem, the present invention provides a DNS data updating method based on a block chain shared cache, including: establishing a block chain of the alliance, deploying an intelligent contract, and monitoring DNS resource records cached in the block chain of the alliance; when any DNS resource record is monitored to meet the updating condition, selecting a plurality of management nodes of the alliance chain as updating nodes, and executing updating operation to obtain the updating data of the DNS resource record; after each updating node generates a digital signature for the updating data by a private key, the digital signature is sent to a current block outlet node of the alliance chain for verification, and the block outlet node selects uplink data from all the updating data; generating a new block from the uplink data through the egress node and linking into the federated blockchain.
The DNS data updating method according to the present invention, wherein the updating condition includes: current time T0And reaching the T-delta T moment, wherein T is the expiration moment of the DNS resource record, delta T is a preset updating time threshold value, and delta T is more than 0.
The DNS data updating method according to the present invention, wherein the update condition further includes: when the DNS resource is recorded in T1Is timed toT0When the queried times in the moment are at least one time, triggering the update operation of the DNS resource record, wherein T1Moment earlier than T0The time of day.
In the DNS data updating method of the present invention, when the block output node selects the uplink data, the same update data with the largest amount is selected as the initial selection data; if the quantity of the primary selection data is larger than the uplink threshold value, the primary selection data is taken as uplink data, and the uplink data and the corresponding digital signature are generated into a new block; if the quantity of the initially selected data is less than or equal to the uplink threshold value, updating operation is carried out again through the intelligent contract; if the uplink data is selected, the updating data except the uplink data in all the updating data is taken as abnormal data, and the corresponding management node is marked according to the digital signature of the abnormal data.
The invention also provides a DNS data updating system based on the block chain shared cache, which includes: the monitoring module is used for establishing a block chain of the alliance, deploying an intelligent contract and monitoring DNS resource records cached in the block chain of the alliance; the updating module is used for selecting a plurality of management nodes of the alliance chain as updating nodes when monitoring that any DNS resource record meets the updating condition, and executing updating operation to obtain the updating data of the DNS resource record; a selecting module for selecting uplink data linked into the block chain of the alliance; after each update node generates a digital signature of the update data by a private key, the update data is sent to a current block outlet node of the alliance chain for verification, and the block outlet node selects the uplink data from all the update data; and the buffer module is used for generating a new block from the uplink data through the out-block node and linking the new block into the block chain of the alliance.
The DNS data updating system according to the present invention, wherein the update condition includes: current time T0And reaching the T-delta T moment, wherein T is the expiration moment of the DNS resource record, delta T is a preset updating time threshold value, and delta T is more than 0.
The DNS data updating system according to the present invention, wherein the update condition further includes: when the DNS resource is recorded in T1Time to T0When the queried times in the moment are at least one time, triggering the update operation of the DNS resource record, wherein T1Moment earlier than T0The time of day.
The DNS data updating system of the present invention, wherein the selecting module specifically includes: when the out-block node selects the uplink data, selecting the same updating data with the maximum quantity as the initial selection data; if the quantity of the primary selection data is larger than the uplink threshold value, the primary selection data is taken as uplink data, and the uplink data and the corresponding digital signature are generated into a new block; if the quantity of the initially selected data is less than or equal to the uplink threshold value, updating operation is carried out again through the intelligent contract; the selection module also comprises a marking module which is used for marking the update node which sends the abnormal data; the abnormal data is the updated data except the uplink data in all the updated data after the uplink data is selected.
The present invention further provides a computer-readable storage medium storing computer-executable instructions for performing the method for updating DNS data based on a block chain shared cache as described above.
The invention also provides a data processing device, serving as a management node and/or a block output node of a federation blockchain, comprising the computer-readable storage medium, wherein a processor of the data processing device calls and executes computer-executable instructions in the computer-readable storage medium to perform DNS data update based on a blockchain shared cache.
The DNS data updating method based on the block chain shared cache solves the problem that the recursive DNS server carries out centralized updating query to bring access pressure to the upper level DNS server, and guarantees the authenticity and the reliability of the updated data to a great extent.
Drawings
Fig. 1 is a flowchart of a DNS data updating method based on a blockchain shared cache according to the present invention.
FIG. 2 is a schematic diagram of a data processing apparatus of the present invention.
Detailed Description
The invention aims to solve the problem that in the DNS recursive service based on the block chain shared cache in the prior art, when DNS resource records cached on the block chain are not fully considered to be out of date, a large number of recursive DNS servers can simultaneously initiate queries to an upper level DNS server, and provides a data updating method and a data updating system of the DNS recursive service based on the block chain shared cache. The core technical content of the invention comprises:
1) the block chain relied by the invention is not a completely decentralized public block chain but a multicenter block chain, namely only a limited number of block chain management nodes can become block-out nodes to participate in the process of identifying blocks together, and a globally known block-out node is arranged in each block-out period to receive data, so that the management nodes can send updated data and digital signatures thereof to the block nodes and complete the verification process;
2) dynamically monitoring an intelligent contract, acquiring expiration time information of DNS resource records cached on a blockchain, and sending a data updating instruction to a fixed number of blockchain management nodes when the expiration time information is less than a certain set threshold;
3) the management node initiates a query, the management node receiving the updating instruction initiates a query of a related DNS resource record, and sends the returned DNS resource record and a digital signature of the management node to the round-out block node;
4) and the out-block node verifies the uplink, verifies the received updating data, performs uplink on the updating data if the qualified rate is greater than a certain set threshold value, and otherwise re-initiates the updating instruction.
The invention provides a DNS data updating method based on a block chain shared cache. Fig. 1 is a flowchart of a DNS data updating method based on a blockchain shared cache according to the present invention. As shown in fig. 1, the specific flow of the data updating method of the present invention includes:
step S1, establishing a block chain for caching DNS resource records, deploying an intelligent contract, and dynamically monitoring the unexpired DNS resource records on the chain; the block chain established by the invention is not a completely decentralized public block chain, but a multicenter block chain, and the consensus mechanism of the block chain ensures that only a limited number of block chain management nodes can become block-out nodes to participate in the process of jointly recognizing blocks, and each block-out period has a globally known block-out node to receive data, so the block chain established by the invention is similar to a union chain but different from a common union chain;
step S2, dynamically monitoring according to the updating condition, when the DNS resource record on the distance chain meets the updating condition, the intelligent contract initiates the updating operation, the updating strip includes: when time T is0When the time T-delta T is reached, wherein T is the expiration time of the DNS resource record, delta T is a preset updating time threshold and meets the condition that delta T is more than 0;
in some embodiments, the intelligent contract further records the number of recent queries for each DNS resource record in the chain, and if no query is made and the DNS resource record is about to expire within a certain time, the data updating operation is not performed on the DNS resource record, that is, the updating condition further includes: when DNS resource is recorded in T1Time to T0When the queried times in the moment are 0, the updating operation is not triggered, and only when the queried times of the DNS resource record are at least one time, the updating operation is triggered to the DNS resource record, wherein T1Moment earlier than T0Time of day; the data updating method provided by the invention aims to dynamically update the commonly used DNS resource records, so that a system user can acquire the commonly used DNS resource records in real time when inquiring the shared cache of the block chain. For the DNS resource records which are not frequently used or are modified, no user can inquire the DNS resource records within a period of time, and the data updating mechanism does not carry out dynamic updating on the DNS resource records, so that the data updating mechanism is more targeted and effective;
step S3, after the update operation is triggered, the intelligent contract automatically selects any fixed number (for example, N is more than or equal to 3) of block chain management nodes as update nodes for executing the update operation, and sends an update instruction to the update nodes;
step S4, the update node receiving the update instruction initiates the query of the corresponding DNS resource record to obtain the update data of the DNS resource record;
step S5, each update node carries out digital signature on the received DNS resource record update data by using a private key thereof, and then sends the update data and the digital signature to the round of block nodes;
step S6, verifying, by the round of node, the update data of the DNS resource record submitted by the management node, where the update node performing the update operation is multiple, the obtained update data is generally multiple, if the update node is a normal node, the obtained update data should be normal data, and the update data obtained by all normal nodes should be the same, if the update node is an abnormal node, the obtained update data may be abnormal data different from the normal data, the number of update nodes that normally obtain abnormal data is less than the number of update nodes that obtain normal data, and by comparing the same number of update data, finding out the update data with the largest number as the primary data;
step S7, setting a cochain threshold, if the number of the primarily selected data is larger than the cochain threshold, using the primarily selected data as cochain data, otherwise, returning to step S3 to initiate the updating operation again by the intelligent contract;
step S8, the out-block node generates a new block according to the out-block rule of the block chain established by the invention and links into the block chain by the digital signature sent by the uplink data and the update node obtaining the uplink data;
in step S9, since the selected uplink data is generally considered to be normal data, and the remaining updated data is abnormal data, the updated node that acquires the abnormal data may be an abnormal node, and is suspected of data tampering, and the updated node is marked for subsequent processing, for example, it is no longer selected as an updated node, or when the updated node is still marked while participating in the update operation again, it may be logged out from the blockchain.
In the data updating method provided by the invention, the size relationship between the intelligent contract dynamic monitoring threshold and the block chaining out block interval time is the key for determining the user query scheme, and the specific analysis is as follows:
if the dynamic monitoring threshold of the intelligent contract is smaller than the block link out interval time, the condition that the DNS resource record cached on the user query block chain is out of date may occur. At this time, it should be ensured that all steps of the data updating mechanism can be completed within the time of the dynamic monitoring threshold value of the intelligent contract. If the DNS resource record on the chain is expired and the current round of block-out time is not reached, the recursive DNS server needs to directly inquire the updated data from the current round of block-out node. The query scheme converts the centralized query of the superior DNS server when the DNS resource record is expired into the centralized query of the current round of out-block nodes in the block chain system, so that the switching and autonomous control of query pressure are realized, and the problem that the access pressure is brought to the superior DNS server by the recursive DNS server for performing centralized updating query is solved.
If the intelligent contract dynamic monitoring threshold is larger than the block link out interval time, the overdue condition does not exist when the user inquires the DNS resource record cached on the block link. At this time, it should be ensured that all steps of the data updating mechanism can be completed within the time of the difference between the dynamic monitoring threshold of the intelligent contract and the block chaining-out interval time. The user can query the DNS resource record on the chain at any time because the DNS resource record is updated in the block before the expiration time of the DNS resource record by using the data update mechanism proposed in the present invention. The query scheme thoroughly solves the problem of access pressure caused by centralized updating query of the recursive DNS, no matter for the superior DNS or the node of the round-robin block.
FIG. 2 is a schematic diagram of a data processing apparatus of the present invention. As shown in fig. 2, the embodiment of the present invention also provides a computer-readable storage medium and a data processing apparatus. The data processing device of the present invention is a management node and/or a block output node of a block chain network, and the computer-readable storage medium of the present invention stores computer-executable instructions, and when the computer-executable instructions are executed by a processor of the data processing device, the DNS data updating method based on the block chain shared cache is implemented. It will be understood by those skilled in the art that all or part of the steps of the above method may be implemented by instructing relevant hardware (e.g., processor, FPGA, ASIC, etc.) through a program, and the program may be stored in a readable storage medium, such as a read-only memory, a magnetic or optical disk, etc. All or some of the steps of the above embodiments may also be implemented using one or more integrated circuits. Accordingly, the modules in the above embodiments may be implemented in hardware, for example, by an integrated circuit, or in software, for example, by a processor executing programs/instructions stored in a memory. Embodiments of the invention are not limited to any specific form of hardware or software combination.
The data updating method provided by the invention solves the problem that excessive recursive DNS servers simultaneously initiate query to a superior DNS server when DNS resource records cached on a block chain are expired, so that DNS recursive service based on block chain shared cache cannot influence normally-running components in a current domain name system; the plurality of blockchain management nodes can carry out common verification on the DNS resource records which are obtained by inquiry and used for updating, so that the safety of the data updating process is improved, and the update data is prevented from being tampered by a malicious server; moreover, through dynamic monitoring of the intelligent contract, DNS resource records commonly used for DNS analysis can be automatically screened out and subjected to data updating, and the data updating is more targeted and effective according to the updating strategy of the recent use frequency, so that the working efficiency of the block chain system is improved.
The above embodiments are only for illustrating the invention and are not to be construed as limiting the invention, and those skilled in the art can make various changes and modifications without departing from the spirit and scope of the invention, therefore, all equivalent technical solutions also fall into the scope of the invention, and the scope of the invention is defined by the claims.

Claims (8)

1. A DNS data updating method based on block chain shared cache is characterized by comprising the following steps:
establishing a block chain of the alliance, deploying an intelligent contract, and monitoring DNS resource records cached in the block chain of the alliance;
when any DNS resource record is monitored to meet the updating condition, a plurality of managements of the alliance chain are selectedThe node is an updating node and executes updating operation to obtain the updating data of the DNS resource record; the update condition includes: current time T0When the time T-delta T is reached, wherein T is the expiration time of the DNS resource record, delta T is a preset updating time threshold value, and delta T is larger than 0;
after each updating node generates a digital signature for the updating data by a private key, the digital signature is sent to a current block outlet node of the alliance chain for verification, and the block outlet node selects uplink data from all the updating data;
generating a new block from the uplink data through the egress node and linking into the federated blockchain.
2. The DNS data updating method according to claim 1, wherein the updating condition further includes: when the DNS resource is recorded in T1Time to T0When the queried times in the moment are at least one time, triggering the update operation of the DNS resource record, wherein T1Moment earlier than T0The time of day.
3. The DNS data updating method of claim 1, wherein the out-blocking node selects the same and largest amount of updated data as initial data when selecting the uplink data; if the quantity of the primary selection data is larger than the uplink threshold value, the primary selection data is taken as uplink data, and the uplink data and the corresponding digital signature are generated into a new block; if the quantity of the initially selected data is less than or equal to the uplink threshold value, updating operation is carried out again through the intelligent contract;
if the uplink data is selected, the updating data except the uplink data in all the updating data is taken as abnormal data, and the corresponding management node is marked according to the digital signature of the abnormal data.
4. A DNS data update system based on a blockchain shared cache, comprising:
the monitoring module is used for establishing a block chain of the alliance, deploying an intelligent contract and monitoring DNS resource records cached in the block chain of the alliance;
the updating module is used for selecting a plurality of management nodes of the alliance chain as updating nodes when monitoring that any DNS resource record meets the updating condition, and executing updating operation to obtain the updating data of the DNS resource record; the update condition includes: current time T0When the time T-delta T is reached, wherein T is the expiration time of the DNS resource record, delta T is a preset updating time threshold value, and delta T is larger than 0;
a selecting module for selecting uplink data linked into the block chain of the alliance; after each update node generates a digital signature of the update data by a private key, the update data is sent to a current block outlet node of the alliance chain for verification, and the block outlet node selects the uplink data from all the update data;
and the buffer module is used for generating a new block from the uplink data through the out-block node and linking the new block into the block chain of the alliance.
5. The DNS data updating system according to claim 4, wherein the updating condition further includes: when the DNS resource is recorded in T1Time to T0When the queried times in the moment are at least one time, triggering the update operation of the DNS resource record, wherein T1Moment earlier than T0The time of day.
6. The DNS data updating system according to claim 4, wherein the selecting module specifically includes: when the out-block node selects the uplink data, selecting the same updating data with the maximum quantity as the initial selection data; if the quantity of the primary selection data is larger than the uplink threshold value, the primary selection data is taken as uplink data, and the uplink data and the corresponding digital signature are generated into a new block; if the quantity of the initially selected data is less than or equal to the uplink threshold value, updating operation is carried out again through the intelligent contract;
the selection module also comprises a marking module which is used for marking the update node which sends the abnormal data; the abnormal data is the updated data except the uplink data in all the updated data after the uplink data is selected.
7. A computer-readable storage medium storing computer-executable instructions for performing the method for DNS data update based on blockchain shared cache according to any one of claims 1 to 3.
8. A data processing apparatus as a management node and/or an out-of-block node of a federation blockchain, comprising the computer-readable storage medium of claim 7, a processor of the data processing apparatus retrieving and executing computer-executable instructions in the computer-readable storage medium for DNS data updates based on a blockchain shared cache.
CN202010990203.5A 2020-09-18 2020-09-18 DNS data updating method and system based on block chain shared cache Active CN112187900B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010990203.5A CN112187900B (en) 2020-09-18 2020-09-18 DNS data updating method and system based on block chain shared cache

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010990203.5A CN112187900B (en) 2020-09-18 2020-09-18 DNS data updating method and system based on block chain shared cache

Publications (2)

Publication Number Publication Date
CN112187900A CN112187900A (en) 2021-01-05
CN112187900B true CN112187900B (en) 2022-03-01

Family

ID=73955919

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010990203.5A Active CN112187900B (en) 2020-09-18 2020-09-18 DNS data updating method and system based on block chain shared cache

Country Status (1)

Country Link
CN (1) CN112187900B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116842029B (en) * 2023-09-01 2023-11-17 天津理工大学 Asset management method, device, computer equipment and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108566449A (en) * 2018-04-17 2018-09-21 广州大学 Domain name mapping data managing method, system and storage system based on block chain
CN109413174A (en) * 2018-10-18 2019-03-01 中国船舶工业系统工程研究院 A kind of trans-departmental oceanographic data sharing method based on block chain
CN110061838A (en) * 2019-04-28 2019-07-26 广州大学 A kind of the decentralization storage system and its realization, information retrieval method of DNS resource record
WO2020005753A1 (en) * 2018-06-29 2020-01-02 Verisign, Inc. Domain name blockchain user addresses
CN111242620A (en) * 2020-01-15 2020-06-05 阳光易购(湖南)科技有限公司 Data caching and querying method of block chain transaction system, terminal and storage medium
US10686799B2 (en) * 2018-04-30 2020-06-16 EMC IP Holding Company LLC Blockchain-based method and system for providing tenant security and compliance in a cloud computing environment
CN111339110A (en) * 2020-02-25 2020-06-26 中国工商银行股份有限公司 Transaction backup method and system based on block chain

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108566449A (en) * 2018-04-17 2018-09-21 广州大学 Domain name mapping data managing method, system and storage system based on block chain
US10686799B2 (en) * 2018-04-30 2020-06-16 EMC IP Holding Company LLC Blockchain-based method and system for providing tenant security and compliance in a cloud computing environment
WO2020005753A1 (en) * 2018-06-29 2020-01-02 Verisign, Inc. Domain name blockchain user addresses
CN109413174A (en) * 2018-10-18 2019-03-01 中国船舶工业系统工程研究院 A kind of trans-departmental oceanographic data sharing method based on block chain
CN110061838A (en) * 2019-04-28 2019-07-26 广州大学 A kind of the decentralization storage system and its realization, information retrieval method of DNS resource record
CN111242620A (en) * 2020-01-15 2020-06-05 阳光易购(湖南)科技有限公司 Data caching and querying method of block chain transaction system, terminal and storage medium
CN111339110A (en) * 2020-02-25 2020-06-26 中国工商银行股份有限公司 Transaction backup method and system based on block chain

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"基于区块链技术的安全DNS系统设计";马宇生;《中国优秀硕士学位论文全文数据库(电子期刊)信息科技辑》;20180831;全文 *
Zhong Yu ; Dong Xue."DNSTSM: DNS Cache Resources Trusted Sharing Model Based on Consortium Blockchain".《 IEEE Access ( Volume: 8)》.2020, *

Also Published As

Publication number Publication date
CN112187900A (en) 2021-01-05

Similar Documents

Publication Publication Date Title
CN111373704B (en) Method, system and storage medium for supporting multimode identification network addressing progressive-entry IP
US8645700B2 (en) DNSSEC inline signing
van Rijswijk-Deij et al. A high-performance, scalable infrastructure for large-scale active DNS measurements
Ramasubramanian et al. The design and implementation of a next generation name service for the internet
US11816161B2 (en) Asset search and discovery system using graph data structures
CN102769529B (en) Dnssec signing server
US8812479B2 (en) Method and system for triggering web crawling based on registry data
CN107222492A (en) A kind of DNS anti-attack methods, equipment and system
CN112468309B (en) Domain name management system based on intelligent contract
CN111917896B (en) Credible domain name resolution method, system, electronic equipment and storage medium
CN108616544B (en) Method, system, and medium for detecting updates to a domain name system recording system
CN112468525B (en) Domain name management system based on block chain
CN106357839B (en) A kind of DNS query method and device
EP3332533B1 (en) Parallel detection of updates to a domain name system record system using a common filter
CN112187900B (en) DNS data updating method and system based on block chain shared cache
US10171415B2 (en) Characterization of domain names based on changes of authoritative name servers
WO2017000561A1 (en) Domain name resource record caching control method and server
Li et al. Ghost domain reloaded: Vulnerable links in domain name delegation and revocation
CN105812503B (en) Root server address renewing method and a kind of recursion server
CN106470208A (en) The no lock of domain name blacklist is updated
Liu et al. A secure domain name resolution and management architecture based on blockchain
CN113938463B (en) Domain name abuse blocking method and device
Wang et al. DNS configurations and its security analyzing via resource records of the top-level domains
Rezende et al. A distributed online certificate status protocol for named data networks
CN107979654A (en) The method and system with external information of nslookup

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant