CN112214464A - Evidence preservation method and system based on block chain - Google Patents
Evidence preservation method and system based on block chain Download PDFInfo
- Publication number
- CN112214464A CN112214464A CN202011084053.8A CN202011084053A CN112214464A CN 112214464 A CN112214464 A CN 112214464A CN 202011084053 A CN202011084053 A CN 202011084053A CN 112214464 A CN112214464 A CN 112214464A
- Authority
- CN
- China
- Prior art keywords
- evidence
- file
- evidence obtaining
- obtaining
- blockchains
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000004321 preservation Methods 0.000 title claims abstract description 21
- 238000004590 computer program Methods 0.000 claims description 6
- 230000007246 mechanism Effects 0.000 abstract description 8
- 238000013500 data storage Methods 0.000 abstract description 3
- 230000002708 enhancing effect Effects 0.000 abstract 1
- 230000008901 benefit Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000012550 audit Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/18—File system types
- G06F16/1805—Append-only file systems, e.g. using logs or journals to store data
- G06F16/1815—Journaling file systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/18—File system types
- G06F16/182—Distributed file systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Data Mining & Analysis (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to an evidence preservation method and system based on a block chain, wherein the method comprises the following steps: s1: the evidence obtaining equipment generates an evidence obtaining file and a log file according to the evidence obtaining related content; s2: storing the evidence obtaining file in a server, and generating an encrypted hash of the evidence obtaining file while storing the evidence obtaining file; adding the file information of the evidence obtaining file and the encrypted hash into a log file of the evidence obtaining file; s3: and after format analysis is carried out on the log file, writing the log file into a block chain system, and setting written endorsement nodes as evidence obtaining related units. The invention changes the data storage mode of the traditional third-party evidence storage mechanism into the block chain mode, thereby greatly improving the characteristics of decentralization, distributed storage, non-tampering and traceability of the evidence and enhancing the effectiveness of the evidence.
Description
Technical Field
The invention relates to the field of evidence preservation, in particular to an evidence preservation method and an evidence preservation system based on a block chain.
Background
In a traditional electronic certificate, source information is simply encrypted and stored in an independent third party with public trust, and information such as a timestamp and a creator is bound to prove that the information exists at a certain time point. The source information of the electronic deposit certificate can be in the form of a piece of text, a document, a picture, a video and the like. For this wide variety of forms, electronic certificates typically store a hash digest of the source information. The hash is a bit string with a fixed length, similar to the fingerprint of the source information, and the hash will be completely different from the original one as long as the source information is changed. Since the hash is essentially non-traversable, in reality it can be considered that the hash and the source information correspond one to one. The characteristic of the hash is commonly applied to the scenes of file fingerprints and the like, such as hash check in downloaded files. The hash value stored in the electronic certificate can prove that the source information is true and has not been tampered. Another characteristic of the hash is that the original information cannot be deduced from the hash digest, so that the privacy of some sensitive information is also guaranteed.
For traditional electronic evidence storage, an independent third party with public trust is an important role, and all parties needing evidence storage, evidence obtaining and verification have unconditional trust. Such third party rights are too centralized and essentially no proof exists if the third party maliciously modifies the data.
Disclosure of Invention
In order to solve the above problems, the present invention provides an evidence preservation method and system based on a block chain.
The specific scheme is as follows:
an evidence preservation method based on a block chain comprises the following steps:
s1: the evidence obtaining equipment generates an evidence obtaining file and a log file according to the evidence obtaining related content;
s2: storing the evidence obtaining file in a server, and generating an encrypted hash of the evidence obtaining file while storing the evidence obtaining file; adding the file information of the evidence obtaining file and the encrypted hash into a log file of the evidence obtaining file;
s3: and after format analysis is carried out on the log file, writing the log file into a block chain system, and setting written endorsement nodes as evidence obtaining related units.
Further, the forensic related content includes forensic environment information, i.e., whether the forensic environment meets the security standard and whether the current network route is correct, to determine the purity of the forensic device.
Further, the evidence obtaining related content comprises evidence obtaining device information, and the evidence obtaining device information comprises a GPS coordinate and an address of the position of the evidence obtaining device, a system version of the evidence obtaining device, a system login ID and a Mac address.
Further, the forensic related content includes a forensic network status, which includes network availability, network type, IP address, and network routing status.
Further, the forensic related content includes application information operating on the forensic device, the application information including a package name and an open time of the application.
Further, the forensic related content includes a forensic end time.
Furthermore, the server stores the evidence obtaining file through an IPFS file system.
Further, the file information includes a file name, a file size, and an author.
Further, the relevant evidence obtaining units comprise an authentication center, a evidence storage center and a law enforcement unit.
An evidence preservation system based on a blockchain comprises a forensics device, a server and a blockchain system, wherein the forensics device, the server and the blockchain system all comprise a processor, a memory and a computer program which is stored in the memory and can run on the processor, and the processor executes the computer program to realize the steps of the method of the embodiment of the invention.
According to the technical scheme, the data storage mode of a traditional third-party evidence storage mechanism is changed into a block chain mode for storage, and specific evidence obtaining equipment is set to ensure the purity of an evidence obtaining environment; meanwhile, the data storage mode of the original third-party evidence storage mechanism is improved, and a block chain mode with multiple organizations participating together is adopted; the problem that the power of a third-party certificate authority is too high is solved; the distributed storage of the data is realized, the data can not be tampered, the characteristic of data traceability is realized, the data effectiveness is improved, the workload of adopting the electronic evidence by a judicial institution is reduced, and the direct economic benefit is generated.
Drawings
Fig. 1 is a flowchart illustrating a first embodiment of the present invention.
Detailed Description
To further illustrate the various embodiments, the invention provides the accompanying drawings. The accompanying drawings, which are incorporated in and constitute a part of this disclosure, illustrate embodiments of the invention and, together with the description, serve to explain the principles of the embodiments. Those skilled in the art will appreciate still other possible embodiments and advantages of the present invention with reference to these figures.
The invention will now be further described with reference to the accompanying drawings and detailed description.
The first embodiment is as follows:
the embodiment of the invention provides an evidence preservation method based on a block chain, which is described by taking APP operation recording scenes (such as APPs of news, live broadcast, e-commerce and the like) of mobile supervision as an example, and the implementation flow chart of the method is shown in figure 1, and the method comprises the following steps:
s1: the evidence obtaining device generates an evidence obtaining file and a log file according to the evidence obtaining related content.
The forensic file is generated by forensic related content, and the embodiment mainly includes the following contents:
(1) and obtaining evidence environment information. And judging the purity of the evidence obtaining equipment according to the conditions of whether the evidence obtaining environment meets the safety standard, whether the current network route is correct and the like. At any evidence-taking moment, the purity of the vehicle evidence-taking equipment needs to be checked firstly.
(2) And obtaining evidence equipment information. The evidence obtaining equipment information mainly comprises a GPS coordinate and an address of the position of the evidence obtaining equipment, a system version of the evidence obtaining equipment, a system login ID (android Id) and a Mac address.
(3) And obtaining evidence of the network state. In the process of forensics, the network state needs to be monitored in real time, and the forensics network state comprises network availability, network type, IP address and network routing condition.
(4) And obtaining application information operated on the evidence device. The application information includes a package name and an open time of the application.
(5) And (5) obtaining evidence.
And when the evidence obtaining is finished, the evidence obtaining equipment generates an evidence obtaining file and a log file according to the evidence obtaining related content.
S2: storing the evidence obtaining file in a server, and generating an encrypted hash of the evidence obtaining file while storing the evidence obtaining file; and adding the file information of the forensic file and the encrypted hash into a log file of the forensic file.
In this embodiment, the IPFS file system is preferably used to store the forensic file. IPFS is a distributed file system based on the P2P network and is designed with the goal of wishing to connect all computing devices with the same file system. It is also a communication protocol used to create permanent, decentralized file storage and sharing. When the forensic file is stored in the IPFS, a cryptographic hash of the forensic file is generated.
The file information set in this embodiment includes at least a file name, a file size, and an author.
S3: and after format analysis is carried out on the log file, writing the log file into a block chain system, and setting written endorsement nodes as evidence obtaining related units.
The evidence-obtaining related units set in the embodiment comprise an authentication center, a evidence-storing center and a law enforcement unit.
The first embodiment of the invention has the following beneficial effects:
1. the certificate storing mechanism is decentralized: the original single third party is changed into a certificate storage organization, a law enforcement agency and an authentication center, and three organizations participate in the certificate storage alliance for endorsement together.
2. The tamper resistance is enhanced: the data can be modified only by the consent of three parties. Even if hacked, the hacker must modify 51% of the node data at the same time to succeed.
3. Increased evidence validity: the user can obtain evidence at any time from judicial identification, audit, notarization, arbitration and other participating mechanisms in the alliance chain, each node of the data full chain has evidence, the data is safe, tamper-proof and traceable, the evidence reliability is enhanced, the identification mechanism can directly obtain and verify the data from the operation and maintenance nodes of the identification mechanism, the evidence data is regarded as direct evidence, and the evidence is not required to be issued by a third party mechanism.
Example two:
the invention also provides an evidence preservation system based on the blockchain, which comprises a forensics device, a server and a blockchain system, wherein the forensics device, the server and the blockchain system all comprise a memory, a processor and a computer program which is stored in the memory and can run on the processor, and the steps in the above method embodiment of the first embodiment of the invention are realized when the processor executes the computer program.
The forensics device in this embodiment is a specific forensics device that includes the above-described functionality of an embodiment of the present invention. It is through when the beginning of collecting evidence, detecting the equipment purity of collecting evidence, and the in-process of collecting evidence, real time monitoring environment change of collecting evidence, after collecting evidence, in the transmission course that data deposit is proved, detects its transmission channel's purity, and then increases evidence credibility.
While the invention has been particularly shown and described with reference to a preferred embodiment, it will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (10)
1. An evidence preservation method based on a block chain is characterized by comprising the following steps:
s1: the evidence obtaining equipment generates an evidence obtaining file and a log file according to the evidence obtaining related content;
s2: storing the evidence obtaining file in a server, and generating an encrypted hash of the evidence obtaining file while storing the evidence obtaining file; adding the file information of the evidence obtaining file and the encrypted hash into a log file of the evidence obtaining file;
s3: and after format analysis is carried out on the log file, writing the log file into a block chain system, and setting written endorsement nodes as evidence obtaining related units.
2. The method of claim 1 for evidence preservation based on blockchains, wherein: the evidence obtaining related content comprises evidence obtaining environment information, namely, the purity of the evidence obtaining equipment is judged according to whether the evidence obtaining environment meets the safety standard and whether the current network routing is correct.
3. The method of claim 1 for evidence preservation based on blockchains, wherein: the evidence obtaining related content comprises evidence obtaining equipment information, wherein the evidence obtaining equipment information comprises a GPS coordinate and an address of the position of the evidence obtaining equipment, a system version of the evidence obtaining equipment, a system login ID and a Mac address.
4. The method of claim 1 for evidence preservation based on blockchains, wherein: the forensic related content includes forensic network status including network availability, network type, IP address and network routing conditions.
5. The method of claim 1 for evidence preservation based on blockchains, wherein: the forensic related content includes application information operating on the forensic device, the application information including a package name and an open time of the application.
6. The method of claim 1 for evidence preservation based on blockchains, wherein: the forensic related content includes a forensic end time.
7. The method of claim 1 for evidence preservation based on blockchains, wherein: and the server stores the evidence obtaining file through an IPFS file system.
8. The method of claim 1 for evidence preservation based on blockchains, wherein: the file information includes a file name, a file size, and an author.
9. The method of claim 1 for evidence preservation based on blockchains, wherein: the relevant units for obtaining evidence comprise an authentication center, a evidence storage center and a law enforcement unit.
10. An evidence preservation system based on block chains, characterized in that: comprising a forensics device, a server and a blockchain system, each comprising a processor, a memory and a computer program stored in the memory and running on the processor, the processor implementing the steps of the method according to any one of claims 1 to 9 when executing the computer program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011084053.8A CN112214464A (en) | 2020-10-12 | 2020-10-12 | Evidence preservation method and system based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011084053.8A CN112214464A (en) | 2020-10-12 | 2020-10-12 | Evidence preservation method and system based on block chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112214464A true CN112214464A (en) | 2021-01-12 |
Family
ID=74052656
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011084053.8A Pending CN112214464A (en) | 2020-10-12 | 2020-10-12 | Evidence preservation method and system based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112214464A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113132746A (en) * | 2021-04-16 | 2021-07-16 | 北京北笛科技有限公司 | Automatic evidence obtaining method and device for audio and video data in network live broadcast service |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160283920A1 (en) * | 2015-03-28 | 2016-09-29 | Justin Fisher | Authentication and verification of digital data utilizing blockchain technology |
| CN109102437A (en) * | 2018-08-10 | 2018-12-28 | 山东省计算中心(国家超级计算济南中心) | A kind of webpage automatic evidence-collecting method and system based on block chain |
| CN110232645A (en) * | 2019-06-14 | 2019-09-13 | 山东省计算中心(国家超级计算济南中心) | The electronic evidence of evidence obtaining and block chain is fixed and network forensics method and system based on memory |
| CN111541545A (en) * | 2020-04-03 | 2020-08-14 | 上海七印信息科技有限公司 | Storage certificate package generation method and device, computer equipment and storage medium |
-
2020
- 2020-10-12 CN CN202011084053.8A patent/CN112214464A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160283920A1 (en) * | 2015-03-28 | 2016-09-29 | Justin Fisher | Authentication and verification of digital data utilizing blockchain technology |
| CN109102437A (en) * | 2018-08-10 | 2018-12-28 | 山东省计算中心(国家超级计算济南中心) | A kind of webpage automatic evidence-collecting method and system based on block chain |
| CN110232645A (en) * | 2019-06-14 | 2019-09-13 | 山东省计算中心(国家超级计算济南中心) | The electronic evidence of evidence obtaining and block chain is fixed and network forensics method and system based on memory |
| CN111541545A (en) * | 2020-04-03 | 2020-08-14 | 上海七印信息科技有限公司 | Storage certificate package generation method and device, computer equipment and storage medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113132746A (en) * | 2021-04-16 | 2021-07-16 | 北京北笛科技有限公司 | Automatic evidence obtaining method and device for audio and video data in network live broadcast service |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11757641B2 (en) | Decentralized data authentication | |
| CN109409122B (en) | File storage method, electronic device and storage medium | |
| US10592639B2 (en) | Blockchain-based shadow images to facilitate copyright protection of digital content | |
| CN109740384B (en) | Data certification method and device based on blockchain | |
| CN103189872B (en) | Safety in networked environment and the effectively method and apparatus of Content Selection | |
| US20200372184A1 (en) | Method and arrangement for detecting digital content tampering | |
| WO2017129016A1 (en) | Resource access method, apparatus and system | |
| CN110785760A (en) | Method and system for registering digital documents | |
| US11729175B2 (en) | Blockchain folding | |
| WO2003088018A2 (en) | System and techniques to bind information objects to security labels | |
| CN109509108B (en) | Insurance policy processing method and device based on block chain technology and computer equipment | |
| GB2520056A (en) | Digital data retention management | |
| US11711357B2 (en) | Identity data object creation and management | |
| CN110941845A (en) | File acquisition method and device, computer equipment and storage medium | |
| CN114866258A (en) | Method and device for establishing access relationship, electronic equipment and storage medium | |
| Cappos et al. | Package management security | |
| CN112214464A (en) | Evidence preservation method and system based on block chain | |
| CN117155716A (en) | Access verification method and device, storage medium and electronic equipment | |
| US20210067739A1 (en) | Systems and methods of using a blockchain to secure a building management system | |
| JP2016531477A (en) | Selective revocation of certificates | |
| JP6041634B2 (en) | Tamper detection device and tamper detection method | |
| JP7511629B2 (en) | A security layer for building blockchain | |
| CN110598374B (en) | Block chain-based work registration method, apparatus and computer-readable storage medium | |
| Rosli et al. | Blockchain consensus mechanism in named data networking: Enabling trust in Industry 5.0 | |
| Rajendar et al. | A Comprehensive and Secure Trustless Blockchain Framework for Autonomous Vehicles |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210112 |
|
| RJ01 | Rejection of invention patent application after publication |