CN112883015A - Block chain data management method, device and storage medium - Google Patents

Block chain data management method, device and storage medium Download PDF

Info

Publication number
CN112883015A
CN112883015A CN202110443650.3A CN202110443650A CN112883015A CN 112883015 A CN112883015 A CN 112883015A CN 202110443650 A CN202110443650 A CN 202110443650A CN 112883015 A CN112883015 A CN 112883015A
Authority
CN
China
Prior art keywords
data
transaction
data management
management platform
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202110443650.3A
Other languages
Chinese (zh)
Inventor
朱烨东
张京辉
王之瑜
仲丛霞
张旭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Sinodata Technology Co ltd
Original Assignee
Beijing Sinodata Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Sinodata Technology Co ltd filed Critical Beijing Sinodata Technology Co ltd
Priority to CN202110443650.3A priority Critical patent/CN112883015A/en
Publication of CN112883015A publication Critical patent/CN112883015A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/21Design, administration or maintenance of databases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • G06F16/24552Database cache management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • G06F16/2471Distributed queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/248Presentation of query results
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • H04L69/162Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields involving adaptations of sockets based mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Computational Linguistics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Power Engineering (AREA)
  • Fuzzy Systems (AREA)
  • Mathematical Physics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Medical Informatics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a block chain data management method, equipment and a storage medium, wherein the block chain data management method comprises a data uplink and evidence storage method; the data uplink and evidence storage method comprises the following steps: generating a national-secret public and private key pair for a user by using a data management platform, and requesting a certificate authority to register user information through a client side SDK (software development kit) to obtain a user certificate; acquiring transaction data by using a data management platform, and encrypting privacy information in the transaction data by using a national public key in a national public key pair to obtain transaction information; and packaging the transaction information based on the user certificate by using the client SDK and then performing data uplink and certificate storage. By the scheme, the safety of the block chain data is improved.

Description

Block chain data management method, device and storage medium
Technical Field
The present invention relates to the field of blockchain technologies, and in particular, to a method, an apparatus, and a storage medium for managing blockchain data.
Background
With the wide application of the blockchain technology, people have higher and higher requirements on the realized functions of the centralized system completed by using the blockchain technology, and the requirements on the searching speed and the query content of transactions and data in the blockchain are higher and higher.
In terms of block chain technical facilities, a use gap exists between the existing block chain network and a common user, the common user and a node user in a block chain are far from each other in a conceptual level, and a certain path is provided for realizing a data function by simply and conveniently using a block chain technology. Meanwhile, the transparency of the block chain also threatens the data information of a common user, and the problem of data leakage is easily caused when user data is directly stored in a block chain account book.
In addition, in the blockchain ledger, blocks are concatenated with block header hash values, and all transactions in each block are related by a merkel root. The chain storage mode increases the coupling between data, enhances the safety of the data, realizes the characteristic that the data cannot be tampered, and reduces the efficiency of data query. When a transaction on the blockchain is queried, all nodes traverse the query from back to front in the local complete blockchain ledger, and this inefficient query approach has become a limiting factor for the wide application of blockchain technology. Therefore, the blockchain cannot exist independently, and only can be used as a puzzle of the underlying infrastructure, and the equipment and environment matched with the blockchain are gradually improved.
The existing centralized data evidence storing method relies on a database, the stability and the query and retrieval capability of the existing centralized data evidence storing method are outstanding, but the existing centralized data evidence storing method has the defects of centralized administrators, single-point malicious failure, safety problems and the like. Although the existing block chain evidence storage technology solves the problems of truthfulness, credibility and completeness of data in centralized data evidence storage, the safety of user evidence storage data stored in an account book is low due to the inherent transparency of a block chain, and the risk of sensitive data privacy disclosure is high.
Most of the prior applications directly inquire the block chain endorsement node when analyzing the block chain transaction, and then divide the block according to the inquiry content and the formulated block chain data transaction format to analyze the transaction tree. This approach is difficult to solve when there are a large number of transactions in the blocks of the blockchain, and when large-scale data is parsed together, the overall efficiency of the system drops rapidly. In addition, due to the distributed nature of the blockchain, if the transaction is analyzed in a proxy manner, the cost of blockchain application is greatly increased, and the method is not suitable for large-scale use of some alliance-chain networks.
Therefore, in the existing block chain data uplink and transaction analysis technology, on one hand, the service interface adaptation of a block chain and an upper layer application is lacked, and the transaction data content of a user cannot be accurately, efficiently and reliably stored in a block chain link point book; on the other hand, because a service scene in a block chain is complex, and the data type and the data capacity are large, the existing block chain application system lacks support for mass data in the block chain. Meanwhile, the existing scheme has insufficient analysis capability on transaction contents in a block chain, has low efficiency on concurrent processing and execution of data, and is not friendly to common users in presentation style of the data contents. The existing blockchain application is difficult to meet the requirements of data security evidence storage and efficient analysis in the blockchain, so an efficient analysis method for data security uplink and transaction based on the blockchain is urgently needed.
Disclosure of Invention
In view of the above, the present invention provides a method, an apparatus, and a storage medium for managing blockchain data, so as to solve one or more problems in the prior art.
In order to achieve the purpose, the invention is realized by adopting the following scheme:
according to an aspect of the embodiments of the present invention, there is provided a method for managing blockchain data, including: data chaining and evidence storing methods; the data uplink and evidence storage method comprises the following steps:
generating a national-secret public and private key pair for a user by using a data management platform, and requesting a certificate authority to register user information through a client side SDK (software development kit) to obtain a user certificate;
acquiring transaction data by using a data management platform, and encrypting privacy information in the transaction data by using a national public key in a national public key pair to obtain transaction information;
and packaging the transaction information based on the user certificate by using the client SDK and then performing data uplink and certificate storage.
In some embodiments, the method for managing blockchain data further includes: a block chain data query method;
the block chain data query method comprises the following steps:
receiving a query request by using a data management platform, and querying a Peer node list of a corresponding channel block chain through a client side SDK;
respectively inquiring each Peer node in the Peer node list by using a data management platform through a client side SDK to obtain an inquiry result corresponding to each Peer node;
and comparing and checking the query results corresponding to different Peer nodes by using the data management platform to obtain a check result, and outputting the query result and the check result.
In some embodiments, the method for managing blockchain data further includes: a block chain data analysis method;
the data uplink and evidence storage method further comprises the following steps:
caching the transaction information to a storage module of the data management platform; and
when the account book is synchronized, returning the transaction number received from the Peer node of the block chain to a service module of the data management platform through an event callback module of the client SDK;
the block chain data analysis method comprises the following steps:
a business module of a data management platform is used for submitting a query request to a Peer node of a block chain through a channel management module of a client side SDK according to a transaction number and block information, so that the corresponding Peer node calls a chain code to query a query result corresponding to the query request, wherein the query result does not include transaction data;
receiving a query result returned by the Peer node of the block chain through an event callback module of the client side SDK, and returning the query result to a service module of the data management platform;
and storing the query content in the query result to a storage module of the data management platform and corresponding to the stored transaction information, and rendering and displaying the query content by using a view module of the data management platform.
In some embodiments, the method for managing blockchain data further includes: a block chain data decryption method;
the storage module for caching the transaction information to the data management platform comprises:
utilizing a service module of the data management platform to bind the transaction information with the user identification in the user information and then cache the transaction information in a storage module of the data management platform;
the block chain data decryption method comprises the following steps:
receiving a user identification and a national secret key by using a view module of a data management platform;
judging whether the user identification is consistent with the user identification stored in the storage module of the data management platform and whether the national secret key is correct or not by using the service module of the data management platform;
if the user identifications are consistent and the national secret key is correct, the business module of the data management platform is used for reading the transaction information in the storage module of the data management platform, and the received national secret key is used for decrypting the encrypted private information in the transaction information to obtain decrypted transaction data;
and rendering and displaying the decrypted transaction data by using a view module of the data management platform.
According to another aspect of the embodiments of the present invention, there is provided a computer device, including a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the method according to any of the above embodiments when executing the program.
According to another aspect of embodiments of the present invention, there is provided a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the steps of the method of any of the above embodiments.
According to the block chain data management method, the computer equipment and the computer readable storage medium, the data chaining and the safety can be realized by encrypting the data by adopting the national cryptographic algorithm, the realization method is convenient and effective, and the difficulty of modifying the bottom layer SDK in the application of the existing national cryptographic algorithm is eliminated. Furthermore, the consistency of the account book data of each node is ensured by inquiring the evidence storage data of a plurality of nodes and comparing and verifying the evidence storage data, so that the authenticity and the reliability of the data are improved. Furthermore, the data is stored before the data is linked up, the stored data is inquired by using the result returned by the data linking, and the inquiry storage module is used for replacing the user to directly link up the inquiry data, so that the analysis speed is improved, and the data inquiry delay is reduced. In addition, when different users access the same block or trade, the cache is directly used for searching, searching from the application at the bottom layer of the block chain is not needed, and the execution efficiency of the whole system is improved. Furthermore, the user can encrypt the data needing privacy protection, and when the data needs to be decrypted, the user with the authority can decrypt the data only because the user information is bound with the transaction information, so that the security of the private data or the sensitive data is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts. In the drawings:
FIG. 1 is a flowchart illustrating a data uplink and a credential storage method according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a method for querying blockchain data according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating a method for analyzing blockchain data according to an embodiment of the invention;
FIG. 4 is a flowchart illustrating a method for decrypting blockchain data according to an embodiment of the present invention;
FIG. 5 is a block chain data management method and system architecture diagram according to an embodiment of the present invention;
FIG. 6 is a timing diagram of blockchain data uplink and security credentials in accordance with an embodiment of the present invention;
FIG. 7 is a timing diagram of a blockchain multi-node query and check according to an embodiment of the present invention;
FIG. 8 is a timing diagram for large-scale multi-transaction content fast parsing, in accordance with an embodiment of the present invention;
FIG. 9 is a timing diagram for dynamic decryption of sensitive data conditions, according to an embodiment of the invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the embodiments of the present invention are further described in detail below with reference to the accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.
It should be noted in advance that the features described in the following embodiments or examples or mentioned therein can be combined with or replace the features in other embodiments or examples in the same or similar manner to form a possible implementation. In addition, the term "comprises/comprising" as used herein refers to the presence of a feature, element, step or component, but does not preclude the presence or addition of one or more other features, elements, steps or components.
In order to solve the problem that the transparency of a block chain brings threat to data information of a user and data leakage is easily caused when user data is directly stored in a block chain account book, embodiments of the present invention provide a block chain data management method.
Fig. 1 is a schematic flow chart of a data uplink and evidence storing method according to an embodiment of the present invention, and as shown in fig. 1, the data uplink and evidence storing method according to the embodiments may include the following steps:
step S110: generating a national-secret public and private key pair for a user by using a data management platform, and requesting a certificate authority to register user information through a client side SDK (software development kit) to obtain a user certificate;
step S120: acquiring transaction data by using a data management platform, and encrypting privacy information in the transaction data by using a national public key in a national public key pair to obtain transaction information;
step S130: and packaging the transaction information based on the user certificate by using the client SDK and then performing data uplink and certificate storage.
In step S110, the data management platform may perform data interaction with the blockchain network through the client SDK (software development kit). And a national-secret algorithm can be utilized to generate a national-secret public and private key pair. The key pair of the national public and private can be generated for the user after the user is initialized, and different users can correspondingly generate the key pairs of different national public and private. The user information registered to a Certificate Authority (CA) may include a user identification (user ID), a user name, a user account password, and the like. The Certificate Authority (CA) can be used for realizing identity management and authentication of members in the block chain network, and after receiving user information, the corresponding user certificate can be generated.
In some embodiments, in the step S110, generating a public and private key pair with a national and private key for a user by using the data management platform may specifically include the steps of: s1111, receiving user information by using a view module of the data management platform; s1112, generating a national-secret public-private key pair based on the user information by using the service module of the data management platform.
In the step S1111, the view module of the data management platform may be used for performing data interaction with a user (transaction user), and displaying data, so that the user may query data. The transaction user can perform transactions and data exchange with other users by submitting transaction contents. The user may submit a user initialization request through the view module to input user information. In step S1112, the service module may be responsible for communicating with the client SDK and may perform data transfer with the view module, for example, data transfer with the view module through a Web Socket mechanism. The user information used to generate the national-secret public-private key pair may include a user account password. For example, a national public-private key pair may be generated using the national public algorithm SM 2. In addition, the generated key pair of the national-secret public and private can be stored in a storage module of the data management center and can be stored corresponding to the information of the user.
In another embodiment, in step S110, requesting the certificate authority to register the user information through the client SDK to obtain the user certificate may specifically include the steps of: s1121, using the service module of the data management platform to transfer the user information to the systematic initial module of the client SDK through registration; s1122, a systematic initial module of the client side SDK is utilized to submit the user information to a certificate authority so that the certificate authority generates a user certificate after registering the user information; s1123, receiving the user certificate returned by the certificate authority by using the information configuration module of the client SDK, and storing the user certificate.
Before the step S1121, the service module of the data management platform may be utilized to perform initialization configuration on the information configuration module of the SDK of the user terminal to support subsequent operations, and if the configuration is completed in advance, the initialization configuration is not needed here. In step S1121, the systematic initialization module of the client SDK may be configured to manage channels in the blockchain network and manage chain codes deployed on nodes. The data management platform can request the CA node to register the user information through the register/enroll of the client SDK, so that the systematized initialization module can acquire the user information. The information configuration module may be used to store user credentials obtained by the transacting user from the CA, IP addresses of nodes in the blockchain, and the like. In addition, the service module of the data management platform can be informed that the user certificate is generated through the user registration callback.
In other embodiments, after the user certificate is generated in step S110, the data chaining and certificate storing method according to the embodiments of the present invention may further include the steps of: and calling a user registration callback function and returning a user generation notice to a service module of the data management platform.
In step S120, the user may input data and submit the data to generate transaction data. The transaction data may include user identification, data content, time stamps, etc. Some or all of the information in the transaction data may be encrypted. The privacy information to be encrypted can be selected and determined by the user.
In some specific embodiments, the step S120, namely, acquiring the transaction data by using the data management platform, and encrypting the privacy information in the transaction data by using the national public key of the national public key pair to obtain the transaction information, may specifically include the steps of: s121, receiving the to-be-linked chain deposit evidence data and the privacy protection requirement by using a view module of the data management platform, and generating corresponding transaction data according to the to-be-linked chain deposit evidence data; and S122, encrypting the privacy information in the transaction data by using the national public key in the national public-private key pair by using the service module of the data management platform according to the privacy protection requirement to obtain the transaction information.
In the step S121, the to-be-linked deposit certificate data may refer to data content of transaction data, which is data of pre-linking and deposit certificate of the user, and the privacy protection requirement may include what data or information the user wishes to encrypt. The user entering the pending credit data and privacy protection requirement may generate corresponding transaction data, and may add necessary information such as a timestamp.
In step S130, the data management platform may submit the transaction information to the client SDK through the chainccode/writedatatobobockchain interface for packaging, and then may perform uplink and certificate storage.
In some embodiments, the step S130 of packaging the transaction information by the client SDK based on the user certificate and then performing data uplink and certificate storage may include the steps of: s131, adding a channel head to the transaction information by using a channel management module of the client side SDK, packaging the transaction information added with the channel head according to a user certificate, and broadcasting the packaged transaction information to each endorsement node in a block chain so that the endorsement node calls a chain code to endorse the packaged transaction information to obtain an endorsement result; s132, collecting endorsement results returned by endorsement nodes by using a channel management module of the client SDK, constructing transaction requests according to packaged transaction information after judging that the acquired endorsement support reaches a set number according to the collected endorsement results, sending the transaction requests to a sequencing node in a block chain, so that the sequencing node distributes transaction numbers to the transaction requests after sequencing the transactions in a channel corresponding to the transaction requests according to time, packaging the sequenced transactions into blocks, broadcasting the blocks to a confirmation node in the block chain, writing the blocks into a block chain account book after the confirmation node successfully verifies the blocks, sending the blocks to other nodes in the block chain for account book synchronization, and generating transaction results; and S133, receiving the transaction result returned by the block chain by using the channel management module of the client SDK, generating a data evidence storing result according to the transaction result, and returning the data evidence storing result to the service module of the data management platform.
In the step S131, the endorsement node may call the chain code to check the packaged transaction information, for example, check the data format, data repeatability, signature validity, authority, and the like of the transaction information by using the endorsement policy set during chain code instantiation. After checking, the endorsement result can be written before the data, and its own signature can be written.
In step S132, the channel name may be obtained through the channel header, so as to find the corresponding channel. There may be multiple transactions in the channel corresponding to the transaction request, the transactions may be sorted in time order in different channels, and unique requirements (transaction number/transaction ID) may be assigned to the transactions, after which the sorted transactions may be packed into blocks. The accounts of the nodes can be kept consistent through account book synchronization. The transaction results may include success or failure. The data authentication result can comprise an authentication completion notification and the like.
According to the data chaining and evidence storing method of each embodiment, the privacy of the user data is ensured by carrying out the national encryption on the transaction data before chaining, and the user and the transaction data can be bound through the national encryption, so that the data is safer. Furthermore, the user can choose to encrypt only the private information, and data which does not need to be encrypted can be directly linked up and stored.
In order to verify that different nodes in the block chain maintain the same account book, and to avoid the problem of asynchronous data of the account book due to independent node physical machines, independent node deployment and independent node databases, the block chain data management method of the embodiment of the invention may further include a block chain data query method. The method for querying data of the block chain can query the data stored in the block chain by using the data uplink and the evidence storing method in any embodiment.
Fig. 2 is a schematic flow chart of a block chain data query method according to an embodiment of the present invention, and as shown in fig. 2, the block chain data query method according to the embodiments may specifically include the following steps:
step S210: receiving a query request by using a data management platform, and querying a Peer node list of a corresponding channel block chain through a client side SDK;
step S220: respectively inquiring each Peer node in the Peer node list by using a data management platform through a client side SDK to obtain an inquiry result corresponding to each Peer node;
step S230: and comparing and checking the query results corresponding to different Peer nodes by using the data management platform to obtain a check result, and outputting the query result and the check result.
In the step S210, the query request may include the data content to be queried. The service module may query the node by gPRC communication with the blockchain network through/blockchain/getBlockchainServerInfo of the client SDK.
In some specific embodiments, the step S210, that is, receiving, by using the data management platform, the query request, and querying, by using the client SDK, the Peer node list of the corresponding channel block chain may specifically include the steps of: s211, receiving a query request by using a view module of a data management platform, and transmitting the query request to a service module of the data management platform, wherein the query request comprises data content to be queried; s212, a business module of the data management platform is used for obtaining a Peer node list of the block chain of the channel corresponding to the query request through a Peer node interface of a channel management module of the client SDK.
In step S211, the data content to be checked may include a block height, a block hash, a transaction ID (transaction ID/transaction unique serial number), and the like. The service module can firstly enter an information configuration module of the client SDK through/blockchain/getBlockchainServerInfo to carry out initialization configuration. The query information may then be constructed by the systemization module. After the query content is constructed by the query, the interface getBeerInfo can be requested to acquire a node list from the client SDK channel management module. The Peer node list may include a plurality of Peer nodes in the block chain, such as a plurality of sorting nodes, confirmation nodes, and the like. In step S212, the service module may request the interface gettweenfo to obtain the Peer node list from the channel management module of the client SDK.
In other specific embodiments, the step S220 of querying, by using the data management platform through the client SDK, each Peer node in the Peer node list to obtain a query result corresponding to each Peer node may specifically include the steps of: s221, a service module of the data management platform is used for calling QueryBlock and QueryTransaction interfaces of a channel management module of the client SDK to poll and search query contents corresponding to the query request in each Peer node in a Peer node list, and a query result corresponding to the corresponding Peer node is obtained; s222, receiving a corresponding query result returned by the Peer node by using an event callback module of the client side SDK, and returning the query result corresponding to the Peer node to a service module of the data management platform.
In step S221, the query content corresponding to the query request may be block content that specifies a block number, transaction content that specifies a transaction number, and the like. The QueryBlock and QueryTransaction interfaces can query the book data (including block information, transaction information and the like) of the peer node through a built-in query management system chain code in the block chain node.
In the above step S221 and step S222, each Peer node in the list can be sequentially queried through polling query. Each round of the query process may include the steps of: the service module adds a query request through the channel management module; the channel management module submits the query request to the Peer node, the Peer node calls the query chain code to query the specified content, and the Peer node generates an event and calls the event call-back module to return the query result to the service module.
In the step S230, the data corresponding to the same information and queried by different nodes may be compared, so as to know whether the ledgers of different nodes are synchronous.
In other embodiments, the step S230, namely, comparing and checking the query results corresponding to different Peer nodes by using the data management platform to obtain the check result, and outputting the query result and the check result, may specifically include the steps of: s231, comparing and checking the query results of the same block or transaction information in the query contents corresponding to different Peer nodes by using a service module of the data management platform to obtain a check result; and S232, rendering and displaying the query result and the verification result by using a view module of the data management platform.
In step S231, the same block or transaction information may refer to the same block number, block height, transaction number (transaction ID), and the like. After the check result is obtained, the query result corresponding to the Peer node can be stored in a storage module of the data management platform.
In the block chain data query method in each embodiment, through query of a plurality of nodes and comparison and verification of contents of different nodes corresponding to the same information, whether accounts of different nodes are synchronous or not can be verified.
In order to solve the problems of large block quantity and various types in the block chain account book, large-scale transaction in the block, slow transaction analysis speed and high delay of block acquisition and transaction data, the block chain data management method provided by the embodiment of the invention can further comprise a block chain data analysis method. The method can be used for analyzing the data stored to the block chain by using the data uplink and evidence storing method in any embodiment of the invention.
Corresponding to the method for analyzing block chain data in the embodiments, the method for data uplink and evidence storage in the embodiments may further include: s140, caching the transaction information to a storage module of the data management platform; and S150, when the account book is synchronized, returning the transaction number received from the Peer node of the block chain to the service module of the data management platform through the event callback module of the client side SDK.
The step S140 may be performed after the transaction information is obtained through the step S120, and more specifically, may be performed after the transaction information is obtained through the step S122. The step S150 may be performed after the uplink is performed in the step S130, and more specifically, may be performed after the block is sent to other nodes in the block chain for account synchronization in the step S132. The event callback may be used to receive callback events from blockchain nodes. Specifically, in the ledger synchronization, the Peer node generates asynchronous notification time through gPRC communication, then can call a chain code to generate an event, and can call a transaction event processing callback function through an event callback module to return a transaction number to the data management platform.
Through the steps S110 to S150, after the data is stored in the blockchain and the transaction number is returned, a blockchain data analysis process can be performed. In the process of analyzing the blockchain data, a query can be performed by using a method similar to that shown in fig. 2, except that one node can be selected for query, and then a plurality of transactions in one block can be analyzed by using the transaction numbers.
Fig. 3 is a schematic flow chart of a method for analyzing blockchain data according to an embodiment of the present invention, and referring to fig. 3, the method for analyzing blockchain data according to the embodiments may include the following steps:
step S310: a business module of a data management platform is used for submitting a query request to a Peer node of a block chain through a channel management module of a client side SDK according to a transaction number and block information, so that the corresponding Peer node calls a chain code to query a query result corresponding to the query request, wherein the query result does not include transaction data;
step S320: receiving a query result returned by the Peer node of the block chain through an event callback module of the client side SDK, and returning the query result to a service module of the data management platform;
step S330: and storing the query content in the query result to a storage module of the data management platform and corresponding to the stored transaction information, and rendering and displaying the query content by using a view module of the data management platform.
In step S310, the service module may select any node in the corresponding channel to query the specified content (e.g., the content of the specified transaction number) in the query request by calling the gettransactionandetail method of the client SDK, and may obtain the block information according to the transaction number through the getblockackbytxid interface of the query management system chain code. Specifically, the traffic module may add the transaction and block query requests to the channel management module via getTransactionDetail and GetBlockByTxID based on the returned result (e.g., transaction number). The returned query results may include block information, transaction information and transaction details (in addition to transaction data) in the block, and the like.
In the step S330, the transaction information is already stored in the storage module of the data management platform before data uplink through the cache in the step S140. In the data analysis process, the business module can package the data and then store the data in the storage module, and can correspond to the transaction information stored before, so that the business module can conveniently inquire the transaction and block information after data chaining, and the delay of inquiring the data information can be reduced. And finally, the large-scale multi-transaction data in the block chain can be transmitted to the view module for data rendering by using a JSON format and can be displayed to a user. The required data can be looked up if desired by the user.
The block chain data analysis method in each embodiment caches the transaction information, and then requests the information of the corresponding block, transaction and the like for transaction by using the result after the chain transaction, so that the transaction analysis speed can be increased, the delay of acquiring the block and transaction data can be reduced, and the method can be suitable for various block types.
In order to ensure that the data certificate initiated by the user can ensure the security of the transaction, the sensitive data is encrypted and stored by the national secret public key of each user, and the data after certificate storage can be dynamically decrypted according to the request of the transaction user. The block chain data decryption method can be used for decrypting the data stored in the block chain by using the data uplink and certificate storage method in any embodiment of the invention.
Corresponding to the block chain data decryption method of these embodiments, the step S140 of caching the transaction information into the storage module of the data management platform may specifically include the steps of: and S141, binding the user identification in the user information with the transaction information by using a service module of the data management platform, and caching the user identification in the user information into a storage module of the data management platform.
Fig. 4 is a schematic flow chart of a method for decrypting blockchain data according to an embodiment of the present invention, as shown in fig. 4, the method for decrypting blockchain data according to the embodiments may specifically include the steps of:
step S410: receiving a user identification and a national secret key by using a view module of a data management platform;
step S420: judging whether the user identification is consistent with the user identification stored in the storage module of the data management platform and whether the national secret key is correct or not by using the service module of the data management platform;
step S430: if the user identifications are consistent and the national secret key is correct, the business module of the data management platform is used for reading the transaction information in the storage module of the data management platform, and the received national secret key is used for decrypting the encrypted private information in the transaction information to obtain decrypted transaction data;
step S440: and rendering and displaying the decrypted transaction data by using a view module of the data management platform.
Through the above step S141, when the transaction information is stored before uplink, the transaction information can be bound with the user information (e.g. the user ID field). In step S121, the user can select data to be kept secret by using the privacy protection request, and the data that does not need to be encrypted can be linked directly.
In step S410, when the user needs to decrypt the private data, a user identifier (user ID) may be input. In step S420, the user identifier input by the user may be compared with the user identifier previously stored in a binding manner with the transaction data, and if the user identifier is consistent with the user identifier previously stored in a binding manner with the transaction data, the decryption may be allowed. In addition, the user may also input a key for decrypting the private information (e.g., a national secret key used for encrypting the private information before), and in step S430, it may be determined whether the key input by the user is correct, for example, the input key is compared with a private key in a national secret public and private key pair stored in a storage module of the data management platform, if the input key is consistent with the private key, the password may be considered to be correct, at this time, decryption may be allowed, that is, the user may obtain a right to decrypt the private information (sensitive data), and then data decryption may be performed.
In some embodiments, in step S430, the decrypted transaction data includes the decrypted private information and the public data. In this case, before uplink, the private information or sensitive data to be encrypted may be selected for encryption, and when decryption is required, the private information or sensitive data may be encrypted.
In other embodiments, a block may contain multiple transactions. The step S141, namely, caching the transaction information after binding the user identifier in the user information to the storage module of the data management platform by using the service module of the data management platform, may specifically include the steps of: and binding the transaction information of a plurality of transactions to a user identifier in the user information of one user by using a service module of the data management platform, and caching the user identifier in the user information of the user to a storage module of the data management platform. In this embodiment, by acquiring information of one block, a plurality of transactions can be acquired.
In other embodiments, after the key pair of the national public and private is generated through the step S110, the key pair of the national public and private may be saved in a storage module of the data management platform. Exemplarily, the data uplink and evidence storing method according to the embodiment of the present invention may further include the steps of: and after the national-secret public and private key pair is generated, the national-secret public and private key pair is stored in a storage module of the data management platform. And whether the password input by the user is correct can be verified by utilizing the stored national-secret public-private key pair.
In the method for decrypting blockchain data in each embodiment, the transaction data is bound with the user, so that the data is allowed to be decrypted only when the user decrypting the data is consistent with the user uploading the data, and the data is safer.
In addition, an embodiment of the present invention further provides a computer device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the method according to any of the above embodiments when executing the program.
Embodiments of the present invention further provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the method according to any of the above embodiments.
The above method is described below with reference to a specific example, however, it should be noted that the specific example is only for better describing the present application and is not to be construed as limiting the present application.
In order to solve the problems of poor data security, low operability, low throughput and high delay of users and block chains in practical application in a real scene, a method for combining the block chain technology with a cryptographic algorithm and the existing data management technology is provided, the block chain data management technology is innovated by combining the characteristics of data in the block chain, and an effective way for solving the query speed of the block chain and the data management on the chain is provided.
An embodiment of a block chain-based method for efficient analysis of secure uplink and transaction of data may include: block chain data chaining and a security evidence storing method; a block chain multi-node query and check method; a large-scale multi-transaction content fast analysis technology and a sensitive data condition dynamic decryption algorithm.
Fig. 5 is a diagram of the overall architecture of a high-performance blockchain data management method and system according to an embodiment of the present invention, and referring to fig. 5, the roles related to this embodiment mainly include four types: blockchain nodes, client SDKs, data management platforms, trading users, and others, where each role assumes the following tasks.
(1) Block chain node: the data management functions (state synchronization and data distribution) in the blockchain are all implemented by blockchain nodes with different functions. And carrying out multi-node data distribution or information exchange among different nodes through the Gossip protocol.
The block chain nodes are mainly divided into three types, namely an endorsement node (Endorser), a confirmation node (commit) and a sequencing node (order), and communication among the nodes is realized through gRPC. The functions of each node are as follows:
endorsement node (Endorser): and checking the data transmitted by the client SDK (such as checking data format, data repeatability, signature validity, authority and the like) according to a well-defined rule (an endorsement policy set when the chain code is instantiated), and writing an endorsement result in the front of the data. The enrerser node needs to save a blockchain ledger, also called a Peer node.
Sort node (Orderer): and the sequencing node performs global sequencing on the received transaction requests in the block chain network, allocates globally unique serial numbers for transactions, packages a batch of sequenced transaction combinations to generate a block structure, and finally sends the block structure to the Committer node.
Acknowledgement node (commit): the confirmation node verifies according to the block content sent by the Orderer node, mainly verifies the transaction message structure, signature integrity and transaction repeatability, selects legal transaction execution, and agrees through a specified consensus algorithm (e.g., RAFT, Solo, KAFKA, PBFT), finally forms a new block write block chain ledger, and the Committer node needs to save the block chain ledger, which is also called a Peer node.
(2) And (3) client side SDK: the data interaction between the data management platform and the block chain network is performed through a client side SDK, the client side SDK packages the data of the data management platform, a channel head and a signature head are added, and finally, the transaction (data uplink, multi-node query and the like) is performed by calling functions in deployed chain codes in the block chain network. The client SDK is also responsible for interacting with the CA and used for realizing identity management of the transaction user. The client SDK includes the following five modules:
system initialization (BlockchainClient): managing channels in a block chain network and managing chain codes deployed on nodes;
channel management (Channel): the method is used for configuring the channel content, such as performing an add-delete operation on nodes in the channel;
information configuration (InfConfig): storing the certificate acquired by the transaction user from the CA, the IP address of the node in the block chain and the like;
event callback (eventhb): and receiving a callback event transmitted by the blockchain node.
(3) A data management platform: it is mainly divided into three modules: the system comprises a storage module, a business module and a view module.
Service module (Service): functionally, the main services of the service module include sensitive data encryption, large-scale transaction analysis, generation of a national public and private key, dynamic condition decryption, multi-node inquiry and check and user transaction binding. In behavior, the service module is responsible for caching the block and transaction data into the storage module, is also responsible for communicating with the client SDK, and transmits the data and the view module through a Web Socket mechanism.
Storage module (Storage): the data storage module is mainly responsible for storing data received from the Service module according to a certain format, and the specific data comprises block information, transaction information and user information.
View module (View): the system is mainly responsible for data display, interaction and query with transaction users.
(4) The transaction user: the transaction user is a common user using the high-performance blockchain data management system, and performs transactions and data exchange with other users by submitting transaction contents.
(5) And others:
certificate Authority (CA): and realizing identity management and authentication of members in the block chain network.
Chain code: the business logic application program is used for processing the block chain account book, and the intelligent contract is used for processing the block chain account book.
1. Block chain data chaining and a security verification method.
The uplink and security evidence storing method can mainly perform security evidence storing on user data through the combination of the SM2 algorithm and the blockchain application. Firstly, the user is verified by using the time stamp characteristic and the non-tamper property of the block chain, so that on one hand, the existence of the data before the time stamp of the block is verified, and whether the front and back of the user data are changed or not can be judged, and on the other hand, the holder information of the data is verified by using the non-repudiation property of the block chain. Secondly, the method also solves the problem of data privacy disclosure caused by transparency in the blockchain network by using a national secret algorithm.
In order to ensure the reliability and security of data storage, the embodiment adopts a mode of combining the block chain and the national secret algorithm to store user data into the block chain in a secret manner, so that the traceability of the data is ensured, and the security guarantee is provided for the privacy information of the user. Referring to fig. 5 and fig. 6, the implementation of the method for blockchain data uplink and security certification according to the embodiment is as follows:
s11, user initialization: and the data management platform generates a public and private key pair of a national secret algorithm for a user, and requests the CA node to register user information through a register/enroll of the client SDK.
(1) The data management platform Service module can use a KeyGeneration function to generate a cryptographic private key SK for a useruser
SKuser=KeyGeneration( S,l )
The public key PK is obtained by multiplying the private key SK by the generated point G on the elliptic curve to obtain another point at another position on the curve:
PK=[SK]G
wherein SK is private key, PK is public key, parameter S is random bit string associated with user account password, integerlWhich indicates the bit length of the key data to be acquired, G is one base point of the elliptic curve.
The data management platform can store the private key to the Storage module.
(2) The Service module of the data management platform firstly enters the client side SDK for initialization configuration, then transmits the user information to the Blockchainclient module of the SDK through a register/error (system initialization), and submits the user information to the certificate authority CA to request for registering the user information.
(3) The certificate authority returns the user certificate to the InfConfig object of the SDK for storage, and then calls a user registration callback function to remind the data management platform that the user certificate is generated.
S12, user data protection: and the transaction user inputs and submits data through the View module, and selects privacy in the transaction according to requirements for protection. The Service module processes the user transaction and uses the cryptographic algorithm SM2 to encrypt the privacy information selected by the user. The Service module packages the data of the user and calls the client SDK interface/chaincode/write DataToBlockchain to carry out data uplink.
In step S12, the user generates transaction data, the Service module encrypts the privacy information selected by the user, and submits the privacy information to the Channel object of the client SDK through the chaincode/writedatatobockchannel to perform package of the transaction data. The Service module uses the key generated in step S11 to transact M to the usertx(transaction content length is lenuser) The transaction of (2) is encrypted, the encryption process being as follows:
s121: random number generator is adopted to generate random number randomNumuser
randomNumuser=rand(userID,userName,password),randomNumuser∈[1 ,n-1];
Wherein rand () represents a random number generator function, userID represents user identity information, userName represents a user name, and password represents a password input by a user.
S122: calculating points of an elliptic curve
TX1=[randomNumuser ]G= (a1,b1 );
[randomNumuser ] SKuser =(a2,b2 )
S123: computing a public key PK for a useruser
PKuser= KeyGeneration(a2||b2 , lenuser )
If PKuserIf the bit string is all 0 bit strings, the step S121 is returned to;
s124: computing ciphertext string TX2、TX3
TX2=Mtx⊕PKuser
TX3=Hash(a2||Mtx ||b2);
Where Hash () represents a Hash calculation.
S125: final transaction MtxCorresponding ciphertext StxComprises the following steps:
Stx=TX1 ||TX3 ||TX2
s13, data security storage: a Channel object of the client side SDK adds a Channel head for data, processes and encapsulates user data according to a private key generated by CA in S11, and broadcasts the encapsulated data to an Endorser node in a block chain network; the Endorser node calls the chain code, checks the user data according to an endorsement strategy (set when the chain code is instantiated), and returns an endorsement result and the signature of the Endorser node to the client SDK; the client side SDK constructs a legal transaction request after receiving enough endorsement support and sends the legal transaction request to the Orderer node; the Orderer node acquires channel names according to the channel heads, sequences the channel names according to the time sequence of transactions in different channels, allocates a unique serial number for the transactions, and organizes a batch of sequenced transactions into blocks; the Orderer node broadcasts the block to the Committer node, the Committer node verifies the validity of the transaction in the block, and the block is written into the block chain account book if the verification is successful; and finally, synchronizing the account book in the block chain organization.
In step S13, the Channel object sends the transaction to the Endorser node in the blockchain for endorsement. And the Endorser node calls the chain code to obtain an endorsement result and returns the node signature to the Channel object together. The Channel object receives sufficient endorsement support and constructs the user data into legal transaction requests to the order node for ordering. The Orderer node sequences the transactions according to the transaction time in the channel of the blockchain network, and assigns a unique serial number to each transaction. And packaging the processed batch of transactions into blocks and broadcasting the blocks to the Committer node. And the Committer node checks the transaction validity and correctness in the block, writes the block into a block chain account book maintained locally after the verification is successful, and sends the block chain account book to other nodes for account book synchronization. And the client SDK callback function returns the data storage result to the Service module. And ending the user data uplink and the security certificate storing step.
According to the embodiment, the encryption of the national secret algorithm is carried out before the uplink of the transaction data, so that the privacy and the safety of the user data are ensured. The uplink of the user data is on one hand the evidence of the user transaction behavior, and on the other hand, the data tracing process has data basis. The bidirectional binding of the data and the user enables the whole data system to be safer and more reliable.
2. A block chain multi-node query and check method.
In order to verify that each node is maintained by the same account book, and the problem that account book data is asynchronous due to the fact that a node physical machine is independent, a node deployment is independent, and a node database is independent is solved.
According to the inquiring and checking method, the same block information and transaction information in the account books of different nodes are inquired, on one hand, the inquiring speed is improved by inquiring a plurality of block chain nodes, and on the other hand, the inquiring result can be compared to verify the authenticity of data. Referring to fig. 5 and 7, the query and verification method includes the following steps:
s21, sending out a query request: a transaction user inputs data contents to be checked (block height, block hash and transaction ID) through a View module, and a Service module acquires information to be checked and performs gPRC communication query with a block chain network through/block chain/getBlockchain ServerInfo of a client side SDK.
In step S21, the user initiates a query request, the data management platform Service module enters the client SDK through/blockchain/getBlockchainServerInfo for initialization configuration, and then constructs query information through the SDK BlockchainClient module (system initialization).
S22, acquiring a node list: the Service module obtains a Peer node list in the Channel block chain by calling a Peer interface of a Channel object of the client SDK, and multi-node query is to be queried in the Channel list.
In step S22, the Service module requests the interface geteerinfo to acquire a node list from the client SDK Channel object.
S23, node polling search: and the Service module performs polling search on the acquired node list, and calls QueryBlock and QueryTransaction interfaces of the SDK Channel object of the client to respectively search the block content of the specified block number and the transaction content of the specified transaction number in each node of the node list. And the QueryBlock and QueryTransaction interface queries the account book data of the peer node through a built-in query management system chain code in the block chain node, wherein the account book data comprises block information, transaction information and the like.
In step S23, the Service module performs polling request query on the node through the node list returned by the QueryTransaction and QueryBlock to the client SDK. The steps of each round are as follows:
s231: the Service module adds a query request through the Channel object;
s232: the Channel object submits the query request to the Peer node for query;
s233: the Peer node calls a query chain code to query specific content;
s234: the Peer node generates an event to call an SDK EventHub object of the client;
s235: and the client SDK EventHub object returns the query result to the data management platform Service module.
S24, data content checking: the Service module obtains the node polling search result in the step S23, and stores the data to the Storage module according to the node difference. The Service module compares and checks the data of the same block number, block height or transaction ID inquired by different nodes, and renders the inquiry content and the check result to the View module.
In step S24, the Service module performs data content inspection on the query result, stores the data in the Storage module, and finally renders the query content and the inspection result to the View module.
In the embodiment, transaction data and block data are inquired by using the characteristic that all nodes in a block chain maintain local accounts, all nodes in a block chain channel are inquired according to a client side SDK, a node list is polled according to specific transaction and block contents, and multi-node inquiry results are checked, so that the authenticity and the reliability of data storage in the embodiment are powerfully proved.
3. A large-scale multi-transaction content rapid analysis method.
In order to solve the problems of large block number, multiple types, large-scale transaction in a block, slow transaction analysis speed, and high delay of block acquisition and transaction data in a block chain account book, in the embodiment, in combination with the characteristics of large block and transaction capacity and multiple types in the block chain, the requirement of a business scene on data tracing in the block chain is considered, from the perspective of data management, a method combining a cache technology and block chain data management is provided in combination with a data cache technology, transaction data is cached in a Storage module before transaction chaining, and the transaction and the block thereof are queried after the chaining is completed. The transaction user can acquire frequently updated data information in the block chain with low delay and realize data consistency. Referring to fig. 5 and 8, the specific steps of the analysis method are as follows:
s31, transaction data primary caching: according to the block chain data uplink and safety certificate storing method provided by the embodiment of the invention, a transaction user completes data encryption on a data management platform through steps S11 and S12, in order to realize rapid analysis of multi-transaction content, data content of data submitted by the transaction user is firstly preliminarily cached to a Storage module before safety certificate storing of the data, and at the moment, the data only stores transaction data fields.
In step S31, the user generates a transaction, and the Service module encrypts the privacy information and caches the transaction information in the Storage module.
S32, obtaining the evidence storage result: according to the block chain data uplink and security evidence storage method of the embodiment of the invention, in step S13, user data is packaged into transaction data and packaged into blocks to be stored in the ledger. When the account book is synchronous, the Peer node generates an asynchronous notification event through gPRC communication, then a chain code generates an event and calls a transaction event processing callback function of the client SDK, and a transaction ID is returned to the data management platform.
(1) And the Service module encapsulates the user data information through the Channel object.
(2) The Channel object submits the user data to the Endorser node for endorsement.
(3) And calling the chain code by the Endorser node, and returning an endorsement result and a node signature.
(4) And the Channel object packages the user data into a transaction and sends the transaction to the Orderer node for sorting.
(5) The Orderer node generates a unique serial number for the transaction and packages the transaction into a block for validation by the Committer node.
(6) And after confirming that the block is correct, the Committer node writes the block into a local account book and sends the block to other nodes for account book synchronization.
(7) The node generates an event to call an EventHub object, and the EventHub object returns a transaction result to the Service module.
S33, acquiring block and transaction data: according to the transaction ID in step S32, according to the method for query and check of a blockchain multi-node of the embodiment of the present invention, the Service module selects any node in the channel to perform content query of the specified transaction number by calling the gettransactionandetail method of the client SDK, and acquires the blockchain information according to the transaction number through the GetBlockByTxID interface of the query management system chain code.
And the Service module adds a transaction and block query request to the Channel object through getTransactionDetail and GetBlockByTxID according to a return result.
(1) The Channel object submits a query request to the Endorser node.
(2) And the Endorser node calls the query chain code and generates an event call event callback module to return a query result.
S34, transaction and block data storage: according to the block information returned in the step S33, the transaction information in the block and the transaction details (except the transaction data), the Service module encapsulates and stores the data into the Storage module, and finally transmits the large-scale multi-transaction data in the block chain to the View module by using the JSON format for data rendering.
In step S34, the Service module stores the query content in the Storage module and renders the query result to the View module.
In this embodiment, a data caching technology is used to cache transaction data in transaction details in a database, and then request information such as an ID, a block height, and transaction time corresponding to a transaction according to a result after uplink transaction. The technology can effectively solve the problems that the data types in the block chain are various, the analysis speed of a plurality of transactions in one block is slow, and all blocks in the block chain are delayed. The data management platform can acquire frequently updated data information in the block chain with low delay, reduces the overhead of full-duplex communication, realizes data consistency, enables data in the data management end to have the decentralized characteristic of the block chain, and ensures the safety of data storage. The large-scale multi-transaction content fast analysis technology relieves the operation pressure of a block chain and solves the problem of weak block chain query capability, greatly enhances the throughput of data query transactions on the block chain and the problem of data transmission delay, and realizes an efficient data management mode.
4. And (4) a sensitive data condition dynamic decryption algorithm.
According to the block chain data uplink and the safety certificate storing method, user data is subjected to safety certificate storing on a block chain; according to the parsing method provided by the embodiment of the invention, the user transaction data content is stored in a Storage module of a data management platform, and the stored content is selectively encrypted by a user.
This embodiment specifies the DATA encapsulation format of the DATA management platform Storage module for the DATA structure features in the blockchain, where the chunk DATA may include HEIGHT (chunk HEIGHT), CURRENT _ HASH, DATA _ HASH, TRANSACTION _ HASH, PREVIOUS _ HASH, and the TRANSACTION DATA may include TRANSACTION _ ID (TRANSACTION ID), BLOCK, TIMESTAMP (timestamp), CREATE _ ORGNAME (DATA management platform information), TRANSACTION _ STATUS (TRANSACTION STATUS), TRANSACTION _ DATA (TRANSACTION DATA content), USER _ ID (USER ID/USER information).
In the following embodiment, through a sensitive data condition dynamic decryption algorithm, the private content in the transaction data can be decrypted and displayed in a View module according to the user selection.
In order to ensure that the data evidence initiated by the user can ensure the security of the transaction, the embodiment provides that the transaction data is divided into two parts, namely private data and public data, wherein the sensitive data is encrypted and stored by a national secret public key of each user, the public data can be directly stored, and the stored data can be dynamically decrypted according to the request of the transaction user. Referring to fig. 5 and fig. 9, the specific implementation process of the sensitive data conditional dynamic decryption algorithm of this embodiment may be as follows:
s41, the transaction is bound with the user in two directions: according to step S31 of the method for fast parsing multiple transaction contents in a large scale according to this embodiment, when the transaction data is initially cached, the user ID field information needs to be bound at the same time.
In step S41, the transaction user selects private data from the data, and generates a user public/private key according to step S11 in the blockchain data chaining and secure certificate storing method, and step S12 encrypts the private data.
According to step S31 in the large-scale multi-transaction content fast parsing method, the private data and the public data are packaged into transaction data, and the user ID and the transaction data are simultaneously stored to the Storage module. According to the large-scale multi-transaction content fast analysis method, transaction data are analyzed to a Storage module.
S42, transaction analysis and judgment: according to the step S34 of the method for rapidly parsing multiple transaction contents in a large scale according to the present embodiment, the transaction data is displayed to the View module as the encrypted information selected by the user, and the transaction initiating user can dynamically decrypt the transaction by inputting the account password in the View module. The data management platform Service module determines the user ID, and if the user ID is consistent with the user ID bound to the transaction and the account password is correct, the process proceeds to step S43.
In step S42, the transaction user puts forward a dynamic decryption requirement, and determines according to the transaction user ID and the transaction ID, and when the two are matched, the user obtains a decryption right for sensitive data. And may decrypt the sensitive data according to the following algorithm.
Wherein the sensitive data in the Storage module is Stx=TX1 ||TX3 || TX2The decryption process may be as follows:
s421: according to the user public key PKuserAnd sensitive data StxCalculating elliptic curve points:
[PKuser ] TX1=(a2,b2 );
s422: calculating a bit string ttxWherein lentx2As ciphertext TX2Length of
ttx= KeyGeneration(a2 ||b2 ,lentx2 );
If t is an all-zero bit string, the decryption fails;
Mtx=TX2⊕ ttx
wherein M istxRepresenting the plaintext.
S423: from the ciphertext string StxIn-out TX3
Stx=TX1 ||TX3 ||TX2
S424: computing μ using a hash function
μ=Hash(a2|| Mtx || b2 );
Where Hash () represents a Hash function.
S425: if μ = TX3If the decryption is successful, the plaintext M is outputtx
S43, transaction analysis and data display: the Service module reads transaction data of the transaction of the Storage module, decrypts sensitive information in the transaction by using a decrypt function, and finally transmits the analyzed data to the View module by using a JSON format for data rendering and display.
In step S43, the Service module encapsulates the decrypted private data and public data, and transmits the encapsulated private data and public data to the View module for rendering through the Web Socket.
In this embodiment, the transaction user binds each transaction with the transaction initiating user in both directions when the transaction data is initially cached, and one user corresponds to multiple transactions. After the data is rendered in the View module, a transaction user can dynamically decrypt the transaction according to the requirement, and only an initiator of the transaction can correctly decrypt the data through a national secret algorithm private key generated during user initialization. The algorithm not only protects the privacy of sensitive data in transaction, but also provides space for users to check the content of the transaction data.
The block chain-based efficient analysis method for data uplink and transaction data in the embodiment has the following beneficial effects: the method has the advantages that the national secret algorithm is adopted to realize data uplink and safe certificate storage in the block chain system, the realization method is convenient and effective, the difficulty of modifying a bottom layer SDK in the application of the traditional national secret algorithm is eliminated, and the method has the characteristics of being incapable of being forged and falsified compared with the traditional data certificate storage; by adopting the multi-node query method, when a user queries, the verification data stored in the account books of the multiple nodes are queried and compared and verified, and the authenticity and reliability of querying the verification data stored in the node of a certain block chain are improved through the comparison result inspection; by adopting a multi-transaction content rapid analysis technology and a data caching technology, the delay caused by query on a user direct link is replaced by high operation efficiency of a database, the reading efficiency of transaction data is improved, and the block chain data query capability is enhanced. Meanwhile, the data caching technology also reduces the interaction times of the system and the block chain link points, different users directly search through caching when accessing the same block or transacting without searching from the application at the bottom of the block chain again, the execution efficiency of the whole system is improved, and a high-efficiency data management mode is finally realized; when a user checks sensitive data in a transaction, a conditional dynamic decryption algorithm is adopted, evidence storage data are stored in a block chain account book in a ciphertext mode, although the account book can be shared in all nodes, the privacy of the user cannot be leaked due to the data in the ciphertext mode, and meanwhile, the user with the authority can obtain corresponding transaction content through a decryption technology. Therefore, the conditional dynamic decryption algorithm not only provides an analysis space for the evidence storing content of the sensitive data, but also can isolate the sensitive data according to the information of the transaction owner, thereby improving the security of the sensitive data; by fusing innovation points of data security evidence storage, multi-node query, multi-transaction content analysis, sensitive data dynamic decryption and the like, a set of complete block chain data management system is realized, data security is ensured, and a way for real-time and effective processing of block chain data is provided.
The embodiment of the invention provides a block chain-based data security uplink and transaction high-efficiency analysis method by combining a block chain, a cryptography technology and a data cache technology, aiming at the performance problems of high delay and low throughput of a block chain network, the transparency problem of transaction data in the block chain, the synchronization problem of a block chain link point book and the data consistency problem under the uplink chain, and provides an intuitive, safe and high-efficiency block chain-based data access path for common users to ensure the integrity and the safety of user data.
In the description herein, reference to the description of the terms "one embodiment," "a particular embodiment," "some embodiments," "for example," "an example," "a particular example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. The sequence of steps involved in the various embodiments is provided to schematically illustrate the practice of the invention, and the sequence of steps is not limited and can be suitably adjusted as desired.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media having computer-usable program code embodied in the medium.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are only exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (10)

1. A method for block chain data management, comprising: data chaining and evidence storing methods;
the data uplink and evidence storage method comprises the following steps:
generating a national-secret public and private key pair for a user by using a data management platform, and requesting a certificate authority to register user information through a client side SDK (software development kit) to obtain a user certificate;
acquiring transaction data by using a data management platform, and encrypting privacy information in the transaction data by using a national public key in a national public key pair to obtain transaction information;
and packaging the transaction information based on the user certificate by using the client SDK and then performing data uplink and certificate storage.
2. The method for blockchain data management according to claim 1,
generating a national-secret public and private key pair for a user by utilizing a data management platform, comprising the following steps:
receiving user information by using a view module of a data management platform;
generating a national-secret public and private key pair based on user information by utilizing a service module of a data management platform;
requesting a certificate authority to register user information through a client side SDK to obtain a user certificate, comprising:
a service module of a data management platform is used for transmitting user information to a systematic initial module of a client SDK through registration;
submitting user information to a certificate authority by using a systematic initial module of a client SDK (software development kit), so that the certificate authority generates a user certificate after registering the user information;
and receiving the user certificate returned by the certificate authority by using an information configuration module of the client SDK, and storing the user certificate.
3. The method for blockchain data management according to claim 2,
the method comprises the following steps of acquiring transaction data by using a data management platform, and encrypting privacy information in the transaction data by using a national public key in a national public key pair to obtain transaction information, wherein the method comprises the following steps:
receiving the data of the chain deposit certificate to be linked and the privacy protection requirement by using a view module of the data management platform, and generating corresponding transaction data according to the data of the chain deposit certificate to be linked;
encrypting the private information in the transaction data by using a national public key in the national public private key pair by using a service module of the data management platform according to the privacy protection requirement to obtain transaction information;
the method for data chaining and certificate storage after the transaction information is packaged by using the client side SDK based on the user certificate comprises the following steps:
adding a channel head for the transaction information by using a channel management module of the client side SDK, packaging the transaction information added with the channel head according to a user certificate, and broadcasting the packaged transaction information to each endorsement node in the block chain so that the endorsement node calls a chain code to endorse the packaged transaction information to obtain an endorsement result;
collecting endorsement results returned by endorsement nodes by using a channel management module of a client SDK (software development kit), after judging that the acquired endorsement support reaches a set number according to the collected endorsement results, constructing transaction requests according to packaged transaction information, sending the transaction requests to a sequencing node in a block chain, so that the sequencing node distributes transaction numbers to the transaction requests after sequencing the transactions in a channel corresponding to the transaction requests according to time, packaging the sequenced transactions into blocks, broadcasting the blocks to a confirmation node in the block chain, writing the blocks into a block chain account book after the confirmation node successfully verifies the blocks, sending the block chain account book to other nodes in the block chain for account book synchronization, and generating transaction results;
and the channel management module of the client SDK is used for receiving the transaction result returned by the block chain, generating a data evidence storing result according to the transaction result and returning the data evidence storing result to the service module of the data management platform.
4. The blockchain data management method of claim 1, further comprising: a block chain data query method;
the block chain data query method comprises the following steps:
receiving a query request by using a data management platform, and querying a Peer node list of a corresponding channel block chain through a client side SDK;
respectively inquiring each Peer node in the Peer node list by using a data management platform through a client side SDK to obtain an inquiry result corresponding to each Peer node;
and comparing and checking the query results corresponding to different Peer nodes by using the data management platform to obtain a check result, and outputting the query result and the check result.
5. The method for blockchain data management according to claim 4,
receiving a query request by using a data management platform, and querying a Peer node list of a corresponding channel block chain through a client side SDK, wherein the query request comprises the following steps:
receiving a query request by using a view module of a data management platform, and transmitting the query request to a service module of the data management platform, wherein the query request comprises data content to be queried;
acquiring a Peer node list of a block chain of a channel corresponding to the query request by using a service module of the data management platform through a Peer node interface of a channel management module of the client SDK;
respectively querying each Peer node in the Peer node list by using a client side SDK of the data management platform to obtain a query result corresponding to each Peer node, comprising the following steps:
utilizing a service module of a data management platform to call a QueryBlock and a QueryTransaction interface of a channel management module of a client SDK to poll and search query contents corresponding to a query request in each Peer node in a Peer node list to obtain a query result corresponding to the corresponding Peer node;
receiving a corresponding query result returned by the Peer node by using an event callback module of the client SDK, and returning the query result corresponding to the Peer node to a service module of the data management platform;
comparing and checking the query results corresponding to different Peer nodes by using the data management platform to obtain a check result, and outputting the query result and the check result, wherein the method comprises the following steps:
comparing and checking the query results of the same block or transaction information in the query contents corresponding to different Peer nodes by using a service module of the data management platform to obtain a check result;
and rendering and displaying the query result and the verification result by using a view module of the data management platform.
6. The blockchain data management method of claim 3, further comprising: a block chain data analysis method;
the data uplink and evidence storage method further comprises the following steps:
caching the transaction information to a storage module of the data management platform; and
when the account book is synchronized, returning the transaction number received from the Peer node of the block chain to a service module of the data management platform through an event callback module of the client SDK;
the block chain data analysis method comprises the following steps:
a business module of a data management platform is used for submitting a query request to a Peer node of a block chain through a channel management module of a client side SDK according to a transaction number and block information, so that the corresponding Peer node calls a chain code to query a query result corresponding to the query request, wherein the query result does not include transaction data;
receiving a query result returned by the Peer node of the block chain through an event callback module of the client side SDK, and returning the query result to a service module of the data management platform;
and storing the query content in the query result to a storage module of the data management platform and corresponding to the stored transaction information, and rendering and displaying the query content by using a view module of the data management platform.
7. The blockchain data management method of claim 6, further comprising: a block chain data decryption method;
the storage module for caching the transaction information to the data management platform comprises:
utilizing a service module of the data management platform to bind the transaction information with the user identification in the user information and then cache the transaction information in a storage module of the data management platform;
the block chain data decryption method comprises the following steps:
receiving a user identification and a national secret key by using a view module of a data management platform;
judging whether the user identification is consistent with the user identification stored in the storage module of the data management platform and whether the national secret key is correct or not by using the service module of the data management platform;
if the user identifications are consistent and the national secret key is correct, the business module of the data management platform is used for reading the transaction information in the storage module of the data management platform, and the received national secret key is used for decrypting the encrypted private information in the transaction information to obtain decrypted transaction data;
and rendering and displaying the decrypted transaction data by using a view module of the data management platform.
8. The blockchain data management method of claim 7, wherein the decrypted transaction data includes decrypted private information and public data;
the method for caching the transaction information after binding the user identification in the user information to a storage module of the data management platform by using a service module of the data management platform comprises the following steps:
binding transaction information of a plurality of transactions to a user identifier in user information of a user by using a service module of a data management platform, and caching the transaction information to a storage module of the data management platform;
the data uplink and evidence storage method further comprises the following steps:
after a national-secret public and private key pair is generated, the national-secret public and private key pair is stored in a storage module of the data management platform; and
and after the user certificate is saved, calling a user registration callback function and returning a user generation notice to a service module of the data management platform.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method according to any of claims 1 to 8 are implemented when the program is executed by the processor.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 8.
CN202110443650.3A 2021-04-23 2021-04-23 Block chain data management method, device and storage medium Withdrawn CN112883015A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110443650.3A CN112883015A (en) 2021-04-23 2021-04-23 Block chain data management method, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110443650.3A CN112883015A (en) 2021-04-23 2021-04-23 Block chain data management method, device and storage medium

Publications (1)

Publication Number Publication Date
CN112883015A true CN112883015A (en) 2021-06-01

Family

ID=76040722

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110443650.3A Withdrawn CN112883015A (en) 2021-04-23 2021-04-23 Block chain data management method, device and storage medium

Country Status (1)

Country Link
CN (1) CN112883015A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113268546A (en) * 2021-06-15 2021-08-17 中国电子科技网络信息安全有限公司 Block chain account book data capture analysis method
CN113452521A (en) * 2021-06-28 2021-09-28 杭州云象网络技术有限公司 Block chain state password adaptation method, state password adapter, system and device
CN113592653A (en) * 2021-08-02 2021-11-02 杭州复杂美科技有限公司 Proxy delayed transaction method, computer device and storage medium
CN113821548A (en) * 2021-08-27 2021-12-21 中通服公众信息产业股份有限公司 Block link port calling and packaging method
CN113988862A (en) * 2021-12-28 2022-01-28 中国移动紫金(江苏)创新研究院有限公司 Block chain data uplink method, and safety early warning system and method applying block chain data uplink method
CN114465896A (en) * 2022-03-30 2022-05-10 深信服科技股份有限公司 Configuration information processing method, device, equipment and readable storage medium
EP4243344A1 (en) * 2022-03-11 2023-09-13 Hitachi, Ltd. Certificate management device, certificate management system and certificate management method
CN117035740A (en) * 2023-08-21 2023-11-10 广西科学院 Bridge structure detection monitoring and maintenance data traceability system based on block chain
CN117527832A (en) * 2024-01-03 2024-02-06 杭州趣链科技有限公司 Transaction ordering method and device for blockchain, electronic equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110070362A (en) * 2019-05-05 2019-07-30 北京共识数信科技有限公司 A kind of financial industry block chain transaction system using national secret algorithm
CN110084068A (en) * 2018-01-26 2019-08-02 阿里巴巴集团控股有限公司 Block catenary system and data processing method for block catenary system
CN110619584A (en) * 2018-06-20 2019-12-27 喜地霁石文化传媒(北京)有限公司 Block chain access system and method and application in crowd funding digital transaction
CN111242620A (en) * 2020-01-15 2020-06-05 阳光易购(湖南)科技有限公司 Data caching and querying method of block chain transaction system, terminal and storage medium
CN112435024A (en) * 2020-11-17 2021-03-02 浙江大学 Alliance chain cross-chain privacy protection method based on group signature and CA multi-party authentication

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110084068A (en) * 2018-01-26 2019-08-02 阿里巴巴集团控股有限公司 Block catenary system and data processing method for block catenary system
CN110619584A (en) * 2018-06-20 2019-12-27 喜地霁石文化传媒(北京)有限公司 Block chain access system and method and application in crowd funding digital transaction
CN110070362A (en) * 2019-05-05 2019-07-30 北京共识数信科技有限公司 A kind of financial industry block chain transaction system using national secret algorithm
CN111242620A (en) * 2020-01-15 2020-06-05 阳光易购(湖南)科技有限公司 Data caching and querying method of block chain transaction system, terminal and storage medium
CN112435024A (en) * 2020-11-17 2021-03-02 浙江大学 Alliance chain cross-chain privacy protection method based on group signature and CA multi-party authentication

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
匿名: "Hyperledger Fabric解密之架构篇", 《HTTPS://CLOUD.TENCENT.COM/DEVELOPER/NEWS/118643》 *
华为云产品与解决方案: "华为云区块链服务安全隐私保护的设计与实现", 《HTTPS://WWW.INFOQ.CN/ARTICLE/PQWJCGOF3JZMARXK1W69》 *
朱涛等: "基于Fabric的跨境汇款追踪平台实现", 《信息安全学报》 *

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113268546B (en) * 2021-06-15 2022-04-01 中国电子科技网络信息安全有限公司 Block chain account book data capture analysis method
CN113268546A (en) * 2021-06-15 2021-08-17 中国电子科技网络信息安全有限公司 Block chain account book data capture analysis method
CN113452521A (en) * 2021-06-28 2021-09-28 杭州云象网络技术有限公司 Block chain state password adaptation method, state password adapter, system and device
CN113452521B (en) * 2021-06-28 2022-11-04 杭州云象网络技术有限公司 Block chain state password adaptation method, state password adapter, system and device
CN113592653B (en) * 2021-08-02 2023-05-30 杭州复杂美科技有限公司 Proxy delay transaction method, computer device and storage medium
CN113592653A (en) * 2021-08-02 2021-11-02 杭州复杂美科技有限公司 Proxy delayed transaction method, computer device and storage medium
CN113821548A (en) * 2021-08-27 2021-12-21 中通服公众信息产业股份有限公司 Block link port calling and packaging method
CN113988862A (en) * 2021-12-28 2022-01-28 中国移动紫金(江苏)创新研究院有限公司 Block chain data uplink method, and safety early warning system and method applying block chain data uplink method
EP4243344A1 (en) * 2022-03-11 2023-09-13 Hitachi, Ltd. Certificate management device, certificate management system and certificate management method
CN114465896A (en) * 2022-03-30 2022-05-10 深信服科技股份有限公司 Configuration information processing method, device, equipment and readable storage medium
CN117035740A (en) * 2023-08-21 2023-11-10 广西科学院 Bridge structure detection monitoring and maintenance data traceability system based on block chain
CN117035740B (en) * 2023-08-21 2024-04-19 广西科学院 Construction method of bridge structure detection monitoring and maintenance data traceability system
CN117527832A (en) * 2024-01-03 2024-02-06 杭州趣链科技有限公司 Transaction ordering method and device for blockchain, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
CN112883015A (en) Block chain data management method, device and storage medium
US10977362B2 (en) Program execution and data proof scheme using multiple key pair signatures
US11240213B2 (en) Resource obtaining, distribution, and download method and apparatus, device, and storage medium
CN109961292B (en) Block chain verification code application method, equipment and storage medium
CN109409122B (en) File storage method, electronic device and storage medium
CN110493261B (en) Verification code obtaining method based on block chain, client, server and storage medium
Li et al. FADB: A fine-grained access control scheme for VANET data based on blockchain
CN102170440B (en) Method suitable for safely migrating data between storage clouds
CN111292041B (en) Electronic contract generation method, device, equipment and storage medium
CN112183765B (en) Multi-source multi-modal data preprocessing method and system for shared learning
CN110601816B (en) Lightweight node control method and device in block chain system
RU2003133767A (en) SYSTEM AND METHOD FOR TRANSFER OF ABBREVIATED INFORMATION FROM CERTIFICATE FOR PERFORMANCE OF ENCRYPTION OPERATIONS
CN110543510B (en) Bill data processing method, device, storage medium and computer equipment
CN110166577B (en) Distributed application group session processing system and method
US20110167258A1 (en) Efficient Secure Cloud-Based Processing of Certificate Status Information
CN111125781A (en) File signature method and device and file signature verification method and device
US11418342B2 (en) System and methods for data exchange using a distributed ledger
CN109948370A (en) A kind of method for processing business based on block chain, device and electronic equipment
CN111192050B (en) Digital asset private key storage and extraction method and device
CN114244851B (en) Block chain-based data distribution method
CN112926983A (en) Block chain-based deposit certificate transaction encryption system and method
US20220020010A1 (en) Decentralized electronic contract attestation platform
Chen et al. How to bind a TPM’s attestation keys with its endorsement key
US20230421361A1 (en) Proof of possession of private keys for remote devices
CN117499416A (en) Space information management method and system based on block chain technology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20210601

WW01 Invention patent application withdrawn after publication