CN112839092A - Data sharing system based on block chain - Google Patents
Data sharing system based on block chain Download PDFInfo
- Publication number
- CN112839092A CN112839092A CN202110030207.3A CN202110030207A CN112839092A CN 112839092 A CN112839092 A CN 112839092A CN 202110030207 A CN202110030207 A CN 202110030207A CN 112839092 A CN112839092 A CN 112839092A
- Authority
- CN
- China
- Prior art keywords
- node
- block
- chain
- data
- alliance chain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Abstract
The invention provides a data sharing system based on a block chain, which comprises: the node comprises at least one alliance chain node, at least one common node and an alliance chain block, wherein each alliance chain node corresponds to one unit and at least one common node; wherein: each common node is used for uploading original data; each alliance chain node is used for acquiring original data uploaded by common nodes in the jurisdiction range of the alliance chain node within a period of time, processing the original data to generate structured data, uploading the structured data to an alliance chain block, packaging the storage address of the structured data and the access control strategy thereof into a block, and broadcasting the block to the whole block chain network; when any one common node applies for block access, the alliance chain node which governs the common node is verified, and after the verification is passed, the alliance chain block is accessed according to the structured storage address and the access control strategy thereof to obtain structured data.
Description
Technical Field
The invention relates to the field of aerial remote sensing, in particular to a data sharing system based on a block chain.
Background
The aviation gravity data comprises information such as geographic coordinates and a gravity field. The gravity field information can be used for researching the geological structure of the earth and searching oil gas and mineral resources, is an important basis for national energy and mineral resource exploration and is related to the safety of national strategic mineral resources. Therefore, the aviation gravity data is important basic data for national defense construction, is related to national defense safety, and is secret data.
The aviation gravity data is obtained by synthesizing two parts of original data, namely gravity acceleration information and high-precision positioning data, which are respectively imported into a GeoProbe software platform in a unit to which the data belongs in a file form. The aviation gravity data is then stored in the GeoProbe in database form for a long time.
The GeoProbe is arranged on an internal security machine of a unit to which the data belongs, and can ensure the security and confidentiality of the data. However, data are exported from the database to an external college or scientific research institute for data analysis and research, and a confidential notebook is sent to a field site along with a unit. Although computers used to store or analyze process data are security machines, there is still the possibility of being accessed illegally, and obtained by illegal copying.
The existing method is that data is imported into a confidential computer through a data sharing cooperation protocol constraint data analysis unit among units, and management is carried out according to the management requirement of confidential data; when the data goes out to the field with the confidential notebook of all data units, the security of the aviation gravity data is ensured by the responsible person of the confidential notebook. However, the scheme has the problems that the methods belong to management means, the leakage of data is difficult to be fundamentally avoided, and the risk of data leakage also exists in the transmission process of exporting the data to an external unit. If a PKI system is adopted for data distribution and sharing, the problem of multi-level key management is brought, the key management work is complex, and the service volume is increased dramatically.
In addition, the sharing relationship and the mapping of the shared data are complex due to the fact that the data are shared to external units frequently, and once the data leakage phenomenon occurs, the tracing of the leakage track is difficult to achieve.
Disclosure of Invention
The present invention aims to provide a blockchain-based airborne gravity data sharing system that overcomes or at least partially addresses the above-mentioned problems.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
the invention provides a data sharing system based on a block chain, which is characterized by comprising at least one alliance chain node, at least one common node and an alliance chain block, wherein each alliance chain node corresponds to one unit and at least one common node; wherein: each common node is used for uploading original data; each alliance chain node is used for acquiring original data uploaded by common nodes in the jurisdiction range of the alliance chain node within a period of time, processing the original data to generate structured data, uploading the structured data to an alliance chain block, packaging the storage address of the structured data and the access control strategy thereof into a block, and broadcasting the block to the whole block chain network; when any one common node applies for block access, the alliance chain node which governs the common node is verified, and after the verification is passed, the alliance chain block is accessed according to the structured storage address and the access control strategy thereof to obtain structured data.
Wherein each federation chain node uploads structured data onto a federation chain block by: each federation chain node is further configured to encrypt the structured data using a key derived from the node symmetric key, resulting in encrypted structured data for upload to a federation chain block.
Any common node accesses the block of the alliance chain according to the structured storage address and the access control strategy thereof in the following mode: any one common node is also used for accessing the block of the alliance chain according to the structured storage address and the access control strategy thereof, decrypting the encrypted structured data by the derived key given by the alliance chain node which governs the common node and the encrypted structured data on the block chain, and obtaining the decrypted data.
The derived key given by the union node dominating the common node is obtained by the following method: and acquiring a derivative key stored by the alliance chain node dominating the common node from the alliance chain node dominating the common node, or acquiring a derivative key, which is obtained by the alliance chain node dominating the common node, of the alliance chain node dominating the common node from other alliance chain nodes.
And each alliance chain node is also used for uploading the sharing behavior to an alliance chain block after being stamped.
Therefore, the data sharing system based on the block chain provides a solution for safely sharing the synthetic data and the original data among units in the aviation remote sensing industry.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a block chain-based sharing system according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Fig. 1 shows a schematic structural diagram of a block chain based data sharing system according to an embodiment of the present invention, and referring to fig. 1, the block chain based data sharing system according to the embodiment of the present invention includes: the node comprises at least one alliance chain node, at least one common node and an alliance chain block, wherein each alliance chain node corresponds to one unit and at least one common node; wherein:
each common node is used for uploading original data;
each alliance chain node is used for acquiring original data uploaded by common nodes in the jurisdiction range of the alliance chain node within a period of time, processing the original data to generate structured data, uploading the structured data to an alliance chain block, packaging the storage address of the structured data and the access control strategy thereof into a block, and broadcasting the block to the whole block chain network;
when any one common node applies for block access, the alliance chain node which governs the common node is verified, and after the verification is passed, the alliance chain block is accessed according to the structured storage address and the access control strategy thereof to obtain structured data.
Specifically, in the data sharing system based on the block chain provided in the embodiment of the present invention, nodes in the system are divided into alliance chain nodes and common nodes; each unit has at most one alliance link node for collecting, processing and storing data and packaging uplink by reference of the data; the ordinary nodes can only upload and query data.
As an alternative implementation of the embodiment of the present invention, each federation chain node uploads the structured data onto a federation chain block by: each federation chain node is further configured to encrypt the structured data using a key derived from the node symmetric key, resulting in encrypted structured data for upload to a federation chain block. Specifically, the alliance link node collects data uploaded by all common nodes of the unit within a period of time, collects and cleans the data, generates structured data, encrypts the structured data by using a derived key of a node symmetric key, stores the data into a database, packs storage addresses of the data and access control strategies of the data into blocks, and broadcasts the blocks to the whole block link network.
As an optional implementation manner of the embodiment of the present invention, any one common node accesses the federation chain block according to the structured storage address and the access control policy thereof in the following manner: any one common node is also used for accessing the block of the alliance chain according to the structured storage address and the access control strategy thereof, decrypting the encrypted structured data by the derived key given by the alliance chain node which governs the common node and the encrypted structured data on the block chain, and obtaining the decrypted data. Specifically, when a common node applies for block access, the public key of the federation chain node is used for verifying the signature of the federation chain node, and the derived key given by the federation chain node and the data on the block are taken back and decrypted to obtain the data.
As an optional implementation manner of the embodiment of the present invention, the derived key given by the federation nexus that governs the common node is obtained by the following manner: and acquiring a derivative key stored by the alliance chain node dominating the common node from the alliance chain node dominating the common node, or acquiring a derivative key, which is obtained by the alliance chain node dominating the common node, of the alliance chain node dominating the common node from other alliance chain nodes. Specifically, when determining that the data to be accessed is the data stored with the derived key, the federation chain node dominating the common node directly sends the data to the common node, and if determining that the data to be accessed is the other federation chain node, the federation chain node dominating the common node obtains the derived key from the other federation chain node and sends the derived key to the common node.
As an optional implementation manner of the embodiment of the present invention, each federation chain node is further configured to upload the sharing behavior to a federation chain block after being time-stamped. Specifically, the data sharing operation is time-stamped to form a data operation block, and a new block chain block is formed.
Therefore, the data sharing system based on the block chain provided by the embodiment of the invention avoids the weak point of low efficiency of the block chain by adopting the chain-dropping storage, uploads the access control strategy corresponding to the data, the data address and the data sharing operation to the block chain block, can perform data access control in a centralized manner, and realizes that the sharing behavior of all data is traceable. In addition, the confidentiality of the data is guaranteed by the encrypted storage in the database.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (5)
1. A data sharing system based on a block chain is characterized by comprising at least one alliance chain node, at least one common node and alliance chain blocks, wherein each alliance chain node corresponds to a unit and at least one common node; wherein:
each common node is used for uploading original data;
each alliance chain node is used for acquiring the original data uploaded by common nodes in the jurisdiction range of the alliance chain node within a period of time, processing the original data to generate structured data, uploading the structured data to the alliance chain block, packaging the storage address of the structured data and the access control strategy thereof into a block, and broadcasting the block to the whole block chain network;
when any one common node applies for block access, the alliance chain node which governs the common node is verified, and after the verification is passed, the alliance chain block is accessed according to the structured storage address and the access control strategy thereof to obtain the structured data.
2. The system of claim 1, wherein each of the federation chain nodes uploads the structured data onto the federation chain block by:
each of the federation chain nodes is further configured to encrypt the structured data using a key derived from the node symmetric key, resulting in encrypted structured data for upload to the federation chain block.
3. The system according to claim 2, wherein said any one of the ordinary nodes accesses the block of federation chain according to the structured storage address and its access control policy by:
the arbitrary one of the common nodes is further configured to access the block of the federation chain according to the structured storage address and the access control policy thereof, and decrypt the encrypted structured data by using a derivative key given by the node of the federation chain that governs the common node and the encrypted structured data on the block chain to obtain decrypted data.
4. The system according to claim 3, wherein the derived key given by the federation nexus that governs the common node is obtained by:
and acquiring the derived key stored by the alliance chain node dominating the common node from the alliance chain node dominating the common node, or acquiring the derived key acquired by the alliance chain node dominating the common node from other alliance chain nodes.
5. The system of claim 1, wherein each of the federation chain nodes is further configured to timestamp shared behavior for uploading to the federation chain block.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110030207.3A CN112839092A (en) | 2021-01-11 | 2021-01-11 | Data sharing system based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110030207.3A CN112839092A (en) | 2021-01-11 | 2021-01-11 | Data sharing system based on block chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112839092A true CN112839092A (en) | 2021-05-25 |
Family
ID=75929542
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110030207.3A Pending CN112839092A (en) | 2021-01-11 | 2021-01-11 | Data sharing system based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112839092A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113761058A (en) * | 2021-07-26 | 2021-12-07 | 上海中通吉网络技术有限公司 | Labor worker file management system and method based on block chain |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108768663A (en) * | 2018-05-31 | 2018-11-06 | 中国地质大学(武汉) | A kind of block chain access control method and its processing system |
| CN109815732A (en) * | 2019-01-09 | 2019-05-28 | 北京邮电大学 | A kind of workshop data storage based on alliance's chain and access system, method and device |
| CN110290094A (en) * | 2018-03-19 | 2019-09-27 | 华为技术有限公司 | A kind of control method and device of data access authority |
| US20200084027A1 (en) * | 2018-09-06 | 2020-03-12 | Bank Of Montreal | Systems and methods for encryption of data on a blockchain |
| CN112152778A (en) * | 2020-09-22 | 2020-12-29 | 腾讯科技(深圳)有限公司 | Node management method and device and electronic equipment |
-
2021
- 2021-01-11 CN CN202110030207.3A patent/CN112839092A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110290094A (en) * | 2018-03-19 | 2019-09-27 | 华为技术有限公司 | A kind of control method and device of data access authority |
| CN108768663A (en) * | 2018-05-31 | 2018-11-06 | 中国地质大学(武汉) | A kind of block chain access control method and its processing system |
| US20200084027A1 (en) * | 2018-09-06 | 2020-03-12 | Bank Of Montreal | Systems and methods for encryption of data on a blockchain |
| CN109815732A (en) * | 2019-01-09 | 2019-05-28 | 北京邮电大学 | A kind of workshop data storage based on alliance's chain and access system, method and device |
| CN112152778A (en) * | 2020-09-22 | 2020-12-29 | 腾讯科技(深圳)有限公司 | Node management method and device and electronic equipment |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113761058A (en) * | 2021-07-26 | 2021-12-07 | 上海中通吉网络技术有限公司 | Labor worker file management system and method based on block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109033855B (en) | Data transmission method and device based on block chain and storage medium | |
| Yu et al. | Toward data security in edge intelligent IIoT | |
| CN102291268B (en) | Safety domain name server and hostile domain name monitoring system and method based on same | |
| US20230043852A1 (en) | Blockchain-based privacy protection method for content centric network (ccn) | |
| CN102821096B (en) | Distributed storage system and file sharing method thereof | |
| KR102040170B1 (en) | Method of storing data using block-chain and Cloud System using thereof | |
| CN110502916B (en) | Sensitive data processing method and system based on block chain | |
| Di Vimercati et al. | Encryption-based policy enforcement for cloud storage | |
| CN107734021A (en) | block chain data uploading method, system, computer system and storage medium | |
| CN101286837B (en) | Message encryption device and method oriented to storage area network | |
| CN111274599A (en) | Data sharing method based on block chain and related device | |
| CN112333213B (en) | Privacy protection method and device for business data of power Internet of things | |
| CN113420319A (en) | Data privacy protection method and system based on block chain and permission contract | |
| CN102831359A (en) | Encryption file system of portable mobile storage device | |
| CN111008855B (en) | Retrospective data access control method based on improved proxy re-encryption | |
| CN114595205A (en) | Block chain-based power system log partition storage and retrieval verification method | |
| CN112559625A (en) | Power business material information storage system and method based on block chain | |
| CN114520747A (en) | Data security sharing system and method taking data as center | |
| CN111245861B (en) | Power data storage and sharing method | |
| CN115567312B (en) | Alliance chain data authority management system and method capable of meeting various scenes | |
| CN111368269B (en) | Fine-grained access control method based on dense point labeling | |
| CN112839092A (en) | Data sharing system based on block chain | |
| CN114547698A (en) | CORS service data storage system and method based on block chain | |
| CN112270007A (en) | Data safe box implementation method based on block chain | |
| CN112597544A (en) | Block chain-based industrial internet data security management system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |