CN112738244B - Block chain audit traceability system - Google Patents

Block chain audit traceability system Download PDF

Info

Publication number
CN112738244B
CN112738244B CN202011605502.9A CN202011605502A CN112738244B CN 112738244 B CN112738244 B CN 112738244B CN 202011605502 A CN202011605502 A CN 202011605502A CN 112738244 B CN112738244 B CN 112738244B
Authority
CN
China
Prior art keywords
data
hash value
value
module
sensor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011605502.9A
Other languages
Chinese (zh)
Other versions
CN112738244A (en
Inventor
张焱
施逸
杨东
李汪红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hefei DappWorks Technology Co Ltd
Original Assignee
Hefei DappWorks Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hefei DappWorks Technology Co Ltd filed Critical Hefei DappWorks Technology Co Ltd
Priority to CN202011605502.9A priority Critical patent/CN112738244B/en
Publication of CN112738244A publication Critical patent/CN112738244A/en
Application granted granted Critical
Publication of CN112738244B publication Critical patent/CN112738244B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B7/00Radio transmission systems, i.e. using radiation field
    • H04B7/14Relay systems
    • H04B7/15Active relay systems
    • H04B7/185Space-based or airborne stations; Stations for satellite systems
    • H04B7/1851Systems using a satellite or space-based relay
    • H04B7/18513Transmission in a satellite or space-based system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Aviation & Aerospace Engineering (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Astronomy & Astrophysics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention relates to a block chain audit traceability system which comprises a data uplink integrated system and a data audit verification system, wherein the data uplink integrated system comprises a ship data uplink system and a land data uplink system, the ship data uplink system is in communication connection with the land data uplink system, and the ship data uplink system and the land data uplink system are also in communication connection with the data audit verification system respectively. In the invention, the private key is stored in the data uplink integrated system, so that the data encapsulation signature operation is completed in a non-networking environment, and the possibility that data is attacked and tampered in the transmission process of Beidou communication and the data uplink process of a land system is avoided.

Description

Block chain audit traceability system
Technical Field
The invention relates to the technical field of block chains, in particular to a block chain audit traceability system.
Background
Blockchains are a distributed accounting technique. The blockchain has the advantages of decentralization, no tampering and no need of trust guarantee of a third party, and is widely regarded. The use of the data-tamperproof nature of blockchains to enable traceability of supply chains is one of the important applications of blockchains in various industries. Through the close combination of technologies such as a block chain and the Internet of things, a commodity quality management mode is innovated based on the characteristic that data cannot be tampered, the commodity production information intercommunication sharing efficiency is enhanced, the commodity quality tracing, supervision and whole chain management in the whole class and whole process are realized, information reaches enterprises, consumers and governments, and the product quality and the management efficiency of a supply chain are comprehensively improved.
However, tracing the supply chain data relies on the uploading of raw data by the internet of things devices. In some environments where the internet of things equipment cannot be connected with the network, the original data cannot be uploaded through the internet at the first time, so that the purpose of storing the data by using a block chain to prevent the data from being tampered is cut off from the source, and the data cannot be guaranteed to be untampered.
In the existing patent, for example, the invention patent application with the application number "CN 201810906021.8" discloses a block chain system based on the Beidou satellite radio measurement service (RDSS) and an implementation method thereof, wherein the block chain system comprises a plurality of Beidou RDSS terminals and Beidou satellites which are connected with block chain link points; when a block is generated by a packing node, broadcasting the complete block through the Internet, transmitting a block head to a Beidou satellite through the Beidou RDSS terminal by using the packing node, and broadcasting the block head to other nodes by using a superframe format after the Beidou satellite receives data; and resolving the accurate time of the block head and broadcasting by the Beidou RDSS terminals of other nodes, and recording the Beidou broadcasting time in a TimeStamp (TimeStamp) field of a new block structure so as to obtain the Beidou block head. The patent scheme is mainly applied to the problem that the real generation time of a block cannot be accurately obtained due to the existence of network delay, and the problem of source tracing without network communication cannot be solved;
for another example, the invention patent with the application number "CN 201811237478.0" discloses a safety protection method and device for maritime combat data based on a block chain, wherein the method comprises the following steps: constructing a block chain-based marine military information system model; a high-efficiency verifiable PoS consensus mechanism is designed step by step from static state to dynamic state; constructing a trusted data storage mechanism with high dynamic network characteristics; constructing an attack tracing and tracing mechanism; and constructing a privacy protection mechanism for the trusted storage of the data. The method aims at the requirements of distributed trusted storage, privacy protection, attack traceability and the like of the maritime formation combat data, but in the patent scheme, the data traceability mode is completely different from that of the invention.
Disclosure of Invention
The invention aims to solve the technical problem that in an environment that the Internet of things equipment cannot be connected with a network, a block chain is used for storing data but the data cannot be guaranteed to be not tampered.
The invention solves the technical problems through the following technical means:
a blockchain audit traceability system, comprising: the system comprises a data uplink integration system and a data audit verification system, wherein the data uplink integration comprises a ship data uplink system and a land data uplink system, the ship data uplink system is in communication connection with the land data uplink system, and the ship data uplink system and the land data uplink system are also in communication connection with the data audit verification system respectively;
wherein the ship data uplink system comprises:
the first Beidou communication module has positioning and Beidou short message transceiving functions;
the first data processing module is used for receiving and processing data sent by the sensor system;
the data signature module stores a private key by using a secure execution environment with unreadable storage contents, can sign data transmitted from the outside and returns a signature result;
the database module is used for locally storing data;
the terrestrial data uplink system comprises the following modules:
the second Beidou communication module has a Beidou short message transceiving function;
the second data processing module is used for converting the data format and performing data packaging and uplink;
the data verification module stores a public key of a private key corresponding to the ship system and can convert, authenticate and analyze data;
the data auditing and verifying system is used for verifying whether data is falsified in the transmission process in the communication process.
As a further scheme of the invention:
the ship data uplink system acquires first data in real time, performs hash calculation on the first data to obtain a first hash value, signs the first hash value by using a private key, sends a signature result to the land data uplink system in a short message form, and simultaneously stores the signature result and the first hash value into a database module;
the land data uplink system receives the short message and reads the signature result, the public key is used for analyzing the signature result, if the analysis is successful, the first hash value is read, and the signature result and the first hash value are packaged into a transaction and are sent to the block chain to be stored in the database module; if the analysis fails, the first data is tampered in the transmission process;
the data auditing and verifying system acquires a data record to be subjected to source auditing from the database module, extracts second data from the data record, performs hash calculation to obtain a second hash value, judges whether the second hash value is real or not based on the data stored in the block chain, if so, the data record is real data, and if not, the data record has the possibility of being tampered.
The private key is stored in the ship data uplink system, so that the data encapsulation signature operation is completed in a non-networking environment, and the possibility that data is attacked and tampered in the transmission process of Beidou communication and the data uplink process of a land system is avoided.
As a further scheme of the invention: receiving the first data in real time includes: the first data processing module receives sensor data sent by a plurality of sensors in real time;
meanwhile, the data processing module sends a request for acquiring the current positioning information to the first Beidou communication module, and the first Beidou communication module responds to the request for acquiring the current positioning information and calculates the current longitude and latitude data so as to acquire the current positioning information.
As a further scheme of the invention: the first hash value is received by the first data processing module from the current positioning information and the sensor data, and the first data processing module calculates the current positioning information and the sensor data by using hash to obtain a first hash value.
As a further scheme of the invention: the format of the first hash value is: location information + (first sensor device ID + first sensor value) + (second sensor device ID + second sensor value) … … (nth sensor device ID + nth sensor value), where N is any positive integer.
As a further scheme of the invention: storing the signature result and the first hash value into a database module together comprises:
the signature module acquires the first Hash value and signs, the signature result is sent to the first data processing module, and the first data processing module stores the signature result and the first Hash value to the database module.
As a further scheme of the invention: the signature result is sent to the land data uplink system in a short message form, and the method comprises the following steps:
and the first Beidou communication module sends the signature result to the second Beidou communication module in a short message form.
As a further scheme of the invention: the second Beidou communication module receives the short message and sends the short message to the second data processing module, the second data processing module analyzes the short message and reads a signed first hash value in the short message, the first hash value is sent to the data verification module, and the data verification module analyzes the signed data by using a corresponding public key so as to read the first hash value in the signed data; if the analysis fails, the data is falsified in the transmission process; and if the analysis is successful, the hash value is sent to the second data processing module, the second data processing module signs the hash value, and the first hash value is packaged into a transaction and sent to the block chain for storage.
As a further scheme of the invention: the determining whether the second hash value is authentic based on the data stored in the block chain includes: inquiring a value corresponding to the second hash value in the block chain, wherein if the value is not inquired, the data record has the possibility of being tampered;
if the corresponding value is inquired, judging whether the corresponding value is consistent with the second hash value;
if the data records are consistent, the data records are real data, and if the data records are inconsistent, the data records have the possibility of being tampered;
wherein querying the block chain for the value corresponding to the second hash value comprises: and querying a value corresponding to the second hash value in the block chain by using the hash value signature as a key.
As a further scheme of the invention: the format of the data record is as follows: the first hash value signature, location information + (first sensor device ID + first sensor value) + (second sensor device ID + second sensor value) … … (nth sensor device ID + nth sensor value).
The invention has the advantages that:
1. in the invention, the private key is stored in the data uplink integrated system, so that the data encapsulation signature operation is completed in a non-networking environment, the possibility that data is attacked and tampered in the transmission process of Beidou communication and the data uplink process of a land system is eliminated, and the data audit traceability is realized.
2. In the invention, the Beidou short message is used for data transmission, so that the data uplink operation can be carried out in the environment where the Internet communication cannot be carried out.
3. In the invention, each group of data is compressed by adopting Hash calculation, so that the data volume required to be sent by the Beidou short message is greatly reduced, the possibility of sending multiple groups of data at one time is realized, and the data uplink frequency is greatly improved.
4. According to the invention, the Beidou short message is used for transmitting the hash value, so that data chaining operation can be carried out in an environment where internet communication cannot be carried out, and the block chain is used for recording the hash value, so that the data cannot be tampered, the traceability characteristic is ensured, and the privacy of original data is ensured.
Drawings
Fig. 1 is a schematic structural diagram of a block chain audit traceability system according to an embodiment of the present disclosure.
Fig. 2 is a schematic flowchart of steps executed by a block chain audit traceability system according to an embodiment of the present disclosure.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are some embodiments of the present invention, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In some of the flows described in the specification and claims of this disclosure and in the above-described figures, a number of operations are included that occur in a particular order, but it should be clearly understood that these operations may be performed out of order or in parallel as they occur herein, the order of the operations being numbered such as 10, 11, etc. merely to distinguish between various operations, the order of which does not itself represent any order of performance. Additionally, the flows may include more or fewer operations, and the operations may be performed sequentially or in parallel. It should be noted that, the descriptions of "first", "second", etc. in this document are used for distinguishing different messages, devices, modules, etc., and do not represent a sequential order, nor do they limit the types of "first" and "second".
According to the technical scheme provided by the embodiment of the disclosure, first data are obtained in real time through a ship data uplink system, a first hash value is obtained through hash calculation on the first data, a private key is used for signing the first hash value, a signature result is sent to a land data uplink system in a short message mode, and the signature result and the first hash value are stored into a database module; the land data uplink system receives the short message and reads the signature result, the public key is used for analyzing the signature result, if the analysis is successful, the first hash value is read, and the signature result and the first hash value are packaged into a transaction and are sent to the block chain to be stored in the database module; if the analysis fails, the first data is tampered in the transmission process; the data auditing and verifying system acquires a data record to be subjected to source auditing from the database module, extracts second data from the data record, performs hash calculation to obtain a second hash value, judges whether the second hash value is real or not based on the data stored in the block chain, if so, the data record is real data, and if not, the data record has the possibility of being tampered.
Example 1
Referring to fig. 1 and 2, fig. 1 is a schematic structural diagram of a block chain audit traceability system according to an embodiment of the present disclosure, and fig. 2 is a schematic flow diagram of an execution step of the block chain audit traceability system according to the embodiment of the present disclosure.
Wherein the ship data uplink system comprises the following modules:
the first Beidou communication module has positioning and Beidou short message transceiving functions.
And the first data processing module is used for receiving and processing the data sent by the sensor system.
And the data signature module stores a private key by using a secure execution environment with unreadable storage contents, and can sign the externally transmitted data and return a signature result.
The database module is used for locally storing data;
the terrestrial data uplink system comprises the following modules:
and the second Beidou communication module has a Beidou short message transceiving function.
And the second data processing module is used for converting the data format and performing data encapsulation uplink.
The data verification module stores a public key of a private key corresponding to the ship system and can convert, authenticate and analyze data;
the data auditing and verifying system is used for verifying whether data is falsified in the transmission process in the communication process.
Specifically, the ship data chaining system performs step S10, the land data chaining system performs step S11, and the data auditing and verifying system performs step S12.
Referring to fig. 1, fig. 1 is a schematic flowchart of a blockchain audit traceability system according to an embodiment of the present disclosure, and fig. 1 schematically illustrates an exemplary system architecture to which a blockchain consensus achievement method and apparatus may be applied according to an embodiment of the present disclosure. It should be noted that fig. 1 is only an example of a system architecture to which the embodiment of the present invention may be applied to help those skilled in the art understand the technical content of the present invention, and does not mean that the embodiment of the present invention may not be applied to other devices, systems, environments or scenarios. The method comprises the following steps:
s10, acquiring first data in real time, carrying out hash calculation on the first data to obtain a first hash value, signing the first hash value by using a private key, sending a signature result to a land data uplink system in a short message form, and simultaneously storing the signature result and the first hash value into a database module;
s11, receiving the short message and reading the signature result, analyzing the signature result by using the public key, reading the first hash value if the analysis is successful, packaging the signature result and the first hash value into a transaction, and sending the transaction to the block chain to be stored in the database module; if the analysis fails, the first data is tampered in the transmission process;
s12, obtaining the data record to be subjected to source audit from the database module, extracting second data from the data record, carrying out hash calculation to obtain a second hash value, judging whether the second hash value is real or not based on the data stored in the block chain, if so, the data record is real data, and if not, the data record has the possibility of being tampered.
In step S10, the first data includes sensor data and current positioning data.
The receiving first data in real time comprises: the first data processing module receives sensor data sent by a plurality of sensors in real time;
meanwhile, the first data processing module sends a request for acquiring the current positioning information to the first Beidou communication module, and the first Beidou communication module responds to the request for acquiring the current positioning information and calculates the current longitude and latitude data so as to acquire the current positioning information.
The first hash value is received by the first data processing module from the current positioning information and the sensor data, and the first data processing module calculates the current positioning information and the sensor data by using hash to obtain a first hash value.
In addition, the signature module acquires a first hash value and signs, the signature result is sent to the first data processing module, the first data processing module stores (first hash value signature, position information + (first sensor device ID + first sensor value) + (second sensor device ID + second sensor value) … … (Nth sensor device ID + Nth sensor value)) to the database module, and meanwhile, the first Beidou communication module sends the signature result to the second Beidou communication module in the form of a short message.
The sensors can comprise temperature sensors, speed sensors and the like, the arrangement positions of the sensor devices can be selected according to actual conditions, the scheme of the embodiment of the disclosure is mainly directed to ocean-going ships, and when the scheme is applied to other scenes, the types of the sensors can be selected according to the actual conditions.
The format of the first hash value is: location information + (first sensor device ID + first sensor value) + (second sensor device ID + second sensor value) … … (nth sensor device ID + nth sensor value), where N is any positive integer.
The storage format of the signature result and the first hash value is as follows: the first hash value signature, location information + (first sensor device ID + first sensor value) + (second sensor device ID + second sensor value) … … (nth sensor device ID + nth sensor value).
In step S11, the second beidou communication module receives the short message and sends it to the second data processing module, the second data processing module parses the short message and reads the signed first hash value therein, and then sends the first hash value to the data verification module, and the data verification module parses the signature data using the corresponding public key, thereby reading the first hash value therein; if the analysis fails, the data is falsified in the transmission process; and if the analysis is successful, the hash value is sent to a second data processing module, and the second data processing module signs the first hash value, packs the first hash value into a transaction in a format of (first hash value signature, first hash value) and sends the transaction to a block chain for storage.
Through the step S10, uploading of data in an area that is not networked is realized, and in cooperation with the step S11, it is realized whether the data is tampered with due to an attack in the process of determining uplink of data in a land area that is networked.
In step S12, the determining whether the second hash value is authentic based on the data stored in the block chain includes:
inquiring a value corresponding to the second hash value in the block chain, wherein if the value is not inquired, the data record has the possibility of being tampered;
if the corresponding value is inquired, judging whether the corresponding value is consistent with the second hash value;
if the data records are consistent, the data records are real data, and if the data records are inconsistent, the data records have the possibility of being tampered.
Wherein querying the block chain for the value corresponding to the second hash value comprises: and querying a value corresponding to the second hash value in the block chain by using the hash value signature as a key.
Through step S12, the possibility that data are falsified in the transmission process of Beidou communication is eliminated.
Further, in step S12,
the format of the data record is as follows: the first hash value signature, location information + (first sensor device ID + first sensor value) + (second sensor device ID + second sensor value) … … (nth sensor device ID + nth sensor value).
The format of the second data is: location information + (first sensor device ID + first sensor value) + (second sensor device ID + second sensor value) … … (nth sensor device ID + nth sensor value).
The above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. A blockchain audit traceability system, comprising: the system comprises a data uplink integration system and a data audit verification system, wherein the data uplink integration comprises a ship data uplink system and a land data uplink system, the ship data uplink system is in communication connection with the land data uplink system, and the ship data uplink system and the land data uplink system are also in communication connection with the data audit verification system respectively;
wherein the ship data uplink system comprises:
the first Beidou communication module has positioning and Beidou short message transceiving functions;
the first data processing module is used for receiving and processing data sent by the sensor system;
the data signature module stores a private key by using a secure execution environment with unreadable storage contents, can sign data transmitted from the outside and returns a signature result;
the database module is used for locally storing data;
the land data uplink system comprises the following modules:
the second Beidou communication module has a Beidou short message transceiving function;
the second data processing module is used for converting the data format and performing data packaging and uplink;
the data verification module stores a public key of a private key corresponding to the ship system and can convert, authenticate and analyze data;
the data auditing and verifying system is used for verifying whether data is falsified in the transmission process in the communication process.
2. The blockchain audit traceability system of claim 1,
the ship data uplink system acquires first data in real time, performs hash calculation on the first data to obtain a first hash value, signs the first hash value by using a private key, sends a signature result to the land data uplink system in a short message form, and simultaneously stores the signature result and the first hash value into a database module;
the land data uplink system receives the short message and reads the signature result, the public key is used for analyzing the signature result, if the analysis is successful, the first hash value is read, and the signature result and the first hash value are packaged into a transaction and sent to the block chain to be stored in the database module; if the analysis fails, the first data is tampered in the transmission process;
and the data audit verification system acquires the data record to be subjected to source audit from the database module, extracts second data from the data record, performs hash calculation to obtain a second hash value, judges whether the second hash value is real or not based on the data stored in the block chain, if so, the data record is real data, and if not, the data record has the possibility of being tampered.
3. The blockchain audit traceability system of claim 2, wherein receiving first data in real time comprises: the first data processing module receives sensor data sent by a plurality of sensors in real time;
meanwhile, the data processing module sends a request for acquiring the current positioning information to the first Beidou communication module, and the first Beidou communication module responds to the request for acquiring the current positioning information and calculates the current longitude and latitude data so as to acquire the current positioning information.
4. The system of claim 3, wherein the first hash value is received by the first data processing module from the current positioning information and the sensor data, and the first data processing module hashes the current positioning information and the sensor data to obtain the first hash value.
5. The blockchain audit traceability system of claim 2, wherein the format of the first hash value is: location information + (first sensor device ID + first sensor value) + (second sensor device ID + second sensor value) … … (nth sensor device ID + nth sensor value), where N is any positive integer.
6. The system of claim 2, wherein storing the signature result and the first hash value together into the database module comprises:
the signature module acquires the first Hash value and signs, the signature result is sent to the first data processing module, and the first data processing module stores the signature result and the first Hash value to the database module.
7. The system of claim 2, wherein the signature result is sent as a short message to the land data uplink system comprises:
the first Beidou communication module sends the signature result to the second Beidou communication module in the form of a short message.
8. The system of claim 2, wherein the second Beidou communication module receives the short message and sends the short message to the second data processing module, the second data processing module parses the short message and reads the signed first hash value therein, and sends the first hash value to the data verification module, and the data verification module parses the signed data using the corresponding public key, thereby reading the first hash value therein; if the analysis fails, the data is falsified in the transmission process; and if the analysis is successful, the hash value is sent to the second data processing module, the second data processing module signs the hash value, and the first hash value is packaged into a transaction and sent to the block chain for storage.
9. The system of claim 2, wherein determining whether the second hash value is authentic based on data stored in the blockchain comprises:
inquiring a value corresponding to the second hash value in the block chain, wherein if the value is not inquired, the data record has the possibility of being tampered;
if the corresponding value is inquired, judging whether the corresponding value is consistent with the second hash value;
if the data records are consistent, the data records are real data, and if the data records are inconsistent, the data records have the possibility of being tampered;
wherein querying the block chain for the value corresponding to the second hash value comprises: and querying a value corresponding to the second hash value in the block chain by using the hash value signature as a key.
10. The blockchain audit traceability system of claim 2, wherein the data record is in the format of: the first hash value signature, location information + (first sensor device ID + first sensor value) + (second sensor device ID + second sensor value) … … (nth sensor device ID + nth sensor value).
CN202011605502.9A 2020-12-29 2020-12-29 Block chain audit traceability system Active CN112738244B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011605502.9A CN112738244B (en) 2020-12-29 2020-12-29 Block chain audit traceability system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011605502.9A CN112738244B (en) 2020-12-29 2020-12-29 Block chain audit traceability system

Publications (2)

Publication Number Publication Date
CN112738244A CN112738244A (en) 2021-04-30
CN112738244B true CN112738244B (en) 2022-06-24

Family

ID=75610670

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011605502.9A Active CN112738244B (en) 2020-12-29 2020-12-29 Block chain audit traceability system

Country Status (1)

Country Link
CN (1) CN112738244B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113506104B (en) * 2021-05-07 2024-03-01 杭州宇链科技有限公司 Signature generation and verification modes and system combining software and hardware

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018119892A1 (en) * 2016-12-29 2018-07-05 深圳前海达闼云端智能科技有限公司 Method and device for publishing and validating software application program
WO2020168937A1 (en) * 2019-02-20 2020-08-27 深圳前海微众银行股份有限公司 Block chain multi-party witness method, apparatus and device, and computer-readable storage medium

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180285479A1 (en) * 2017-04-03 2018-10-04 Superna Inc. Scalable audit analytics
CN107704493B (en) * 2017-08-23 2021-02-26 苏州朗润创新知识产权运营有限公司 Method and system for providing product traceability
CN108375396A (en) * 2018-05-01 2018-08-07 大连理工大学 A kind of TLP platforms based on dipper system remotely monitor Transmission system
CN109547219A (en) * 2019-01-18 2019-03-29 杭州秘猿科技有限公司 Information collection and the method and apparatus for being submitted to block chain network
CN111212384B (en) * 2019-12-05 2021-02-09 北京航空航天大学杭州创新研究院 Unmanned aerial vehicle multi-data-chain intelligent switching method
CN111191283B (en) * 2019-12-27 2023-02-07 广西大学 Beidou positioning information security encryption method and device based on alliance block chain
CN111552738B (en) * 2020-04-20 2023-11-03 山东共智云科技发展有限公司 Block chain ecological system and block chain uplink method based on Internet of things
CN111552676A (en) * 2020-04-26 2020-08-18 北京众享比特科技有限公司 Block chain based evidence storing method, device, equipment and medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018119892A1 (en) * 2016-12-29 2018-07-05 深圳前海达闼云端智能科技有限公司 Method and device for publishing and validating software application program
WO2020168937A1 (en) * 2019-02-20 2020-08-27 深圳前海微众银行股份有限公司 Block chain multi-party witness method, apparatus and device, and computer-readable storage medium

Also Published As

Publication number Publication date
CN112738244A (en) 2021-04-30

Similar Documents

Publication Publication Date Title
US8166122B2 (en) Method and apparatus for generating a figure of merit for use in transmission of messages in a multi-level secure environment
US7890765B2 (en) Generating and verifying trusted digital time stamp
WO2022141058A1 (en) Blockchain auditing and traceability method and system, electronic device and storage medium
CN112929178B (en) Block chain audit tracing method and system applied to first terminal and electronic equipment
CN110717698B (en) Goods position tracking method, goods position tracking device, logistics management system and storage medium
US7529942B2 (en) Time proof server, terminal, and time proving method
CN111740838A (en) Trusted uplink method and system for block chain data
CN112738244B (en) Block chain audit traceability system
EP3518159A1 (en) Method and system for chain of custody verification
CN113452526B (en) Electronic file certification method, verification method and corresponding devices
CN110516459A (en) A kind of product data retroactive method and system based on block chain
CN112187472A (en) Information processing method and system based on multi-terminal cooperation
CN110175279A (en) Inspection result processing method and processing device
CN115801530B (en) Network management type looped network switch with modularized design
CN112929154B (en) Block chain audit tracing method and system applied to third terminal and electronic equipment
Hemminghaus et al. SIGMAR: Ensuring Integrity and Authenticity of Maritime Systems using Digital Signatures
CN113792102A (en) Service processing method based on block chain, electronic device and storage medium
CN112804066A (en) Method and device for transferring message in cross-link mode based on relay equipment
CN109039651A (en) A kind of transmission method of location information, transmitting device and global position system
Litts Security improvements for the automatic identification system
EP4262137A1 (en) Module, method, and system for producing a data block
CN103473245A (en) Webpage evidence saving method and system
CN112203280B (en) Data trusted transmission mechanism oriented to edge gateway
Jackson Ensuring honest behaviour in cooperative surveillance systems
Vasquez Jr AIS CYBERSECURITY SYSTEM FOR REDUCING THE ATTACK SURFACE OF VOYAGE NETWORKS

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant