CN112989404A - Log management method based on block chain and related equipment - Google Patents
Log management method based on block chain and related equipment Download PDFInfo
- Publication number
- CN112989404A CN112989404A CN201911309929.1A CN201911309929A CN112989404A CN 112989404 A CN112989404 A CN 112989404A CN 201911309929 A CN201911309929 A CN 201911309929A CN 112989404 A CN112989404 A CN 112989404A
- Authority
- CN
- China
- Prior art keywords
- block
- operation log
- log information
- computing platform
- edge computing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 25
- 238000000034 method Methods 0.000 claims abstract description 30
- 230000004044 response Effects 0.000 claims description 9
- 238000004891 communication Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 13
- 238000012550 audit Methods 0.000 description 7
- 238000004590 computer program Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 238000012986 modification Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 230000008859 change Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/18—File system types
- G06F16/1805—Append-only file systems, e.g. using logs or journals to store data
- G06F16/1815—Journaling file systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Bioethics (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention provides a log management method based on a block chain and related equipment, which relate to the technical field of communication, wherein the method is applied to an edge computing platform, the edge computing platform is a node in the block chain, and the method comprises the following steps: acquiring first operation log information, wherein the first operation log information is operation log information for operating a database of the edge computing platform; storing the first operation log information and a first hash value corresponding to the first operation log information to a first block in the block chain; and storing a second hash value on the first block, wherein the second hash value is a hash value corresponding to all the operation log information in a previous block adjacent to the first block in the block chain. The embodiment of the invention can improve the safety of the database.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a log management method based on a block chain and a related device.
Background
To implement security control of the Database of the edge computing platform, an access control mechanism of a Database Management System (DBMS) may be used to determine whether modification of data in the Database is legal. After the user sends out an operation request for modifying the data in the database, the DBMS can search the data dictionary, check the legal authority according to the security rule, and if the operation request of the user exceeds the defined authority, the database can refuse to execute the operation request.
After the user modifies the data in the database, an operation log is generated, so that the modification of the data in the database is recorded, and the source of the data can be traced conveniently in the later period. However, currently, an administrator or hacker may make changes or deletes the oplog, so that the security of the database is low.
Disclosure of Invention
The embodiment of the invention provides a log management method based on a block chain and related equipment, and aims to solve the problem that in the prior art, an administrator or a hacker can change or delete an operation log, so that the security of a database is low.
In order to solve the technical problem, the invention is realized as follows:
in a first aspect, an embodiment of the present invention provides a log management method based on a block chain, which is applied to an edge computing platform, where the edge computing platform is a node in the block chain, and the method includes:
acquiring first operation log information, wherein the first operation log information is operation log information for operating a database of the edge computing platform;
storing the first operation log information and a first hash value corresponding to the first operation log information to a first block in the block chain;
and storing a second hash value on the first block, wherein the second hash value is a hash value corresponding to all the operation log information in a previous block adjacent to the first block in the block chain.
Optionally, the first block further stores a total number of pieces of operation log information stored in the first block, and after the first operation log information is obtained, the method further includes:
updating the total number based on the first operation log information.
Optionally, a third hash value is further stored in the first block, where the third hash value is a value obtained by performing a hash operation on a hash value corresponding to each piece of operation log information in all operation log information stored in the first block, and after the first operation log information is obtained, the method further includes:
and updating the third hash value based on the first hash value corresponding to the first operation log information.
Optionally, the method further includes:
and sending block information associated with the target object to core network side equipment according to a preset period.
Optionally, the sending block information associated with the target object to the core network side device according to the preset period includes:
under the condition that the core network side equipment subscribes the operation log information of the target object on the edge computing platform, sending a request for uploading block information associated with the target object to the core network side equipment according to a preset period;
and sending the block information associated with the target object to the core network side equipment under the condition of receiving a response of confirming the uploading sent by the core network side equipment.
Optionally, the first operation log information includes an identifier of an operator, an identifier of the edge computing platform, and an operation record.
In a second aspect, an embodiment of the present invention provides an edge computing platform, where the edge computing platform is a node in a block chain, and the edge computing platform includes:
the acquisition module is used for acquiring first operation log information, wherein the first operation log information is operation log information for operating a database of the edge computing platform;
a storage module, configured to store the first operation log information and a first hash value corresponding to the first operation log information to a first block in the block chain;
and storing a second hash value on the first block, wherein the second hash value is a hash value corresponding to all the operation log information in a previous block adjacent to the first block in the block chain.
Optionally, the first block further stores a total number of pieces of operation log information stored on the first block, and the edge computing platform further includes:
a first updating module for updating the total number based on the first operation log information.
Optionally, a third hash value is further stored in the first block, where the third hash value is a value obtained by performing a hash operation on a hash value corresponding to each piece of operation log information in all operation log information stored in the first block, and the edge computing platform further includes:
and the second updating module is used for updating the third hash value based on the first hash value corresponding to the first operation log information.
Optionally, the edge computing platform further includes:
and the sending module is used for sending the block information related to the target object to the core network side equipment according to a preset period.
Optionally, the sending module is specifically configured to:
under the condition that the core network side equipment subscribes the operation log information of the target object on the edge computing platform, sending a request for uploading block information associated with the target object to the core network side equipment according to a preset period;
and sending the block information associated with the target object to the core network side equipment under the condition of receiving a response of confirming the uploading sent by the core network side equipment.
Optionally, the first operation log information includes an identifier of an operator, an identifier of the edge computing platform, and an operation record.
In a third aspect, an embodiment of the present invention provides an edge computing platform, including: a processor, a memory and a program stored on the memory and executable on the processor, which program, when executed by the processor, performs the steps of the block chain based log management method according to the first aspect.
In a fourth aspect, an embodiment of the present invention provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the block chain based log management method according to the first aspect.
In the embodiment of the invention, first operation log information is obtained, wherein the first operation log information is operation log information for operating the database of the edge computing platform; storing the first operation log information and a first hash value corresponding to the first operation log information to a first block in the block chain; and storing a second hash value on the first block, wherein the second hash value is a hash value corresponding to all the operation log information in a previous block adjacent to the first block in the block chain. Therefore, the operation log information is protected by adopting the block chain technology, and the operation log information can be prevented from being tampered, so that the audit of the database log of the edge computing platform is realized, and the safety of the database is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments of the present invention will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive exercise.
Fig. 1 is a flowchart of a block chain-based log management method according to an embodiment of the present invention;
fig. 2 is a schematic diagram illustrating a structure of a block in a block chain according to an embodiment of the present invention;
FIG. 3 is a schematic structural diagram of an edge computing platform according to an embodiment of the present invention;
fig. 4 is a schematic diagram of an edge computing platform interacting with a core network side device according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a UPF network element according to an embodiment of the present invention;
fig. 6 is a schematic diagram of another edge computing platform interacting with a core network side device according to an embodiment of the present invention;
FIG. 7 is a schematic diagram of an embodiment of the present invention for generating an identifier of an edge computing platform;
FIG. 8 is a block diagram of another edge computing platform provided by embodiments of the present invention;
FIG. 9 is a schematic structural diagram of another edge computing platform provided by an embodiment of the invention;
FIG. 10 is a block diagram of an alternative edge computing platform according to embodiments of the present invention;
FIG. 11 is a block diagram of another edge computing platform provided by embodiments of the present invention;
fig. 12 is a schematic structural diagram of another edge computing platform provided in the embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, fig. 1 is a flowchart of a log management method based on a block chain according to an embodiment of the present invention, where the method is applied to an edge computing platform, where the edge computing platform is a node in the block chain, as shown in fig. 1, and includes the following steps:
The operation log information for operating the database of the edge computing platform (MEC) may be operation log information for performing any operation on the data in the database, and may include, but is not limited to, operation log information for performing operations such as adding, deleting, and modifying on the data in the database. The first operation log information may include an identifier of an operator, an identifier of the edge computing platform, and an operation record, and the first operation log information may further include an operation time, a type of a database of the operation, a name of a user of the operation, and the like, which is not limited in this embodiment of the present invention.
and storing a second hash value on the first block, wherein the second hash value is a hash value corresponding to all the operation log information in a previous block adjacent to the first block in the block chain.
The first hash value corresponding to the first operation log information may be a hash value obtained by performing hash operation on the first operation log information. The first oplog information and the first hash value may be packed into the first block. The hash value corresponding to all pieces of operation log information in the previous block adjacent to the first block may be a value obtained by performing a hash operation on the hash value corresponding to each piece of operation log information in all pieces of operation log information stored in the previous block adjacent to the first block. For example, a previous block adjacent to the first block may be a second block, and if 1000 pieces of operation log information are stored in the second block, a hash value corresponding to each piece of operation log information in the 1000 pieces of operation log information may be obtained to obtain 1000 hash values, and a value obtained by performing a hash operation on the 1000 hash values may be used as a hash value corresponding to all pieces of operation log information in the second block.
In practical applications, as shown in FIG. 2, the first chunk may include a chunk size of 4 bytes, a chunk header of 70 bytes, a transaction counter of 1-9 bytes, and a variable number of bytes of transaction content. The block header may include a last block hash (hash) value, where the last block hash value is a hash value corresponding to all oplog information in a previous block adjacent to the first block. The block header may further include a merkel (Merkle) root hash value, where the Merkle root hash value may be a value obtained by performing hash operation on a hash value corresponding to each piece of operation log information in all operation log information stored in the first block. A timestamp may also be included in the block header.
In addition, the transaction content in the first block may include a plurality of pieces of transaction content, each piece of transaction content may include a piece of operation log information, and a hash value corresponding to the piece of operation log information. Taking the transaction content corresponding to the first operation log information as an example, as shown in fig. 2, the transaction content may include a first hash value txId corresponding to the first operation log information, a name of a user of the operation, a type database 1 of a database of the operation, for example, a Mysql database, an operation statement, an operator identification address 1, an identification address 2 of the edge computing platform, and a timestamp.
It should be noted that before the first operation log information is obtained, in a case that a preset operation on the database of the edge computing platform is received, the data of the database may be modified corresponding to the preset operation, and the first operation log information may be generated according to the preset operation. After the first operation log information is obtained, the first hash value may also be stored in the edge computing platform, whether the first hash value stored in the edge computing platform exists may be searched in the first block, and if the first hash value stored in the edge computing platform exists is searched in the first block, it may be determined that the modification corresponding to the preset operation is successfully executed. The preset operation may be an operation of adding, deleting, modifying, or the like to the data in the database. If the operation is an operation of reading data in a database, it is not necessary to search whether the first hash value stored in the edge computing platform exists in the first block, so as to save data access time.
Further, the blockchain may be a federation chain, and the consensus algorithm employed by the federation chain may be a practical byzantine (FBFT) algorithm. The FBFT algorithm can tolerate 1/3 invalid or malicious nodes less than the total number of nodes, i.e., an edge computing platform that can tolerate 1/3 vulnerabilities less than the total number of nodes.
It should be noted that, currently, the change and deletion of the operation log information in the database can be freely performed by an administrator or a hacker. For security reasons for databases, users desire that the oplog information of the database be unalterable. In the embodiment of the invention, the operation log information aiming at the database is recorded by adopting the block chain, and the operation log information on the block chain cannot be changed when the database is independently changed. The problem that log tampering cannot be avoided in the prior art is solved by the irreplaceable modification of the blockchain network transaction.
In addition, because the edge computing platform is distributed, the deployment of multiple nodes cannot efficiently ensure the safety of the operation log information only by deploying the audit application on the edge computing platform, and the effective management of the core network side equipment on the database is not facilitated. At present, the edge computing platforms need to be backed up with each other to ensure the authenticity and reliability of the backup, so as to improve the reliability of the edge computing platforms, but the multiple backups put higher requirements on the synchronization of the databases. At present, database log audit deployment of an edge computing platform has no distributed characteristic, and therefore audit service cannot be provided under the condition that multiple database backups are modified simultaneously.
In the embodiment of the invention, a block chain mode is adopted, so that the problems of database log audit of an edge computing platform and management of core network side equipment on a database can be solved. The block chain is a distributed account book technology based on cryptography and consensus algorithm, is convenient to verify, has the characteristics of decentralization, traceability, openness and transparence, and can not be tampered, and is matched with the distributed deployment condition of the edge computing platform. The log management method based on the block chain can provide basic support basis for data charging, data auditing and data safety.
In the embodiment of the invention, first operation log information is obtained, wherein the first operation log information is operation log information for operating the database of the edge computing platform; storing the first operation log information and a first hash value corresponding to the first operation log information to a first block in the block chain; and storing a second hash value on the first block, wherein the second hash value is a hash value corresponding to all the operation log information in a previous block adjacent to the first block in the block chain. Therefore, the operation log information is protected by adopting the block chain technology, and the operation log information can be prevented from being tampered, so that the audit of the database log of the edge computing platform is realized, and the safety of the database is improved.
Optionally, the first block further stores a total number of pieces of operation log information stored in the first block, and after the first operation log information is obtained, the method further includes:
updating the total number based on the first operation log information.
Wherein the total number may be stored in a transaction counter, as shown in figure 2. The total number is updated based on the first operation log information, and may be, the total number is incremented by one. The total number may be updated before the first oplog information and a first hash value corresponding to the first oplog information are stored to a first chunk in the chain of chunks; alternatively, the total number may be updated after the first operation log information and the first hash value corresponding to the first operation log information are stored in the first block in the block chain. The embodiment of the present invention does not limit this.
In this embodiment, the first block further stores a total number of pieces of operation log information stored in the first block, and the total number is updated based on the first operation log information. Therefore, the number of the operation log information in the first block can be rapidly acquired through the total number, and statistics and query are facilitated.
Optionally, a third hash value is further stored in the first block, where the third hash value is a value obtained by performing a hash operation on a hash value corresponding to each piece of operation log information in all operation log information stored in the first block, and after the first operation log information is obtained, the method further includes:
and updating the third hash value based on the first hash value corresponding to the first operation log information.
The third hash value is updated based on the first hash value corresponding to the first operation log information, and a value obtained by performing a hash operation on the first hash value and a hash value corresponding to each piece of operation log information in all operation log information except the first operation log information stored in the first block may be used as the updated third hash value. In addition, as shown in fig. 2, the third hash value may be stored in the first block as a Merkle root hash value.
Taking the example that 2000 pieces of operation log information are stored in the first block, the hash value corresponding to each piece of operation log information in the 2000 pieces of operation log information may be obtained to obtain 2000 hash values, and a value obtained by performing hash operation on the 2000 hash values may be used as a third hash value. After the first operation log information is acquired, a value obtained by hashing the first hash value with the 2000 hash values may be used as an updated third hash value.
In this embodiment, the first block further stores a third hash value, where the third hash value is obtained by performing a hash operation on a hash value corresponding to each piece of operation log information in all pieces of operation log information stored in the first block, and the third hash value is updated based on the first hash value corresponding to the first operation log information. In this way, all the operation log information stored on the first block can be represented by the third hash value, and the third hash value needs to be modified when the operation log information is illegally tampered, so that the security of the database is further improved.
Optionally, the method further includes:
and sending block information associated with the target object to core network side equipment according to a preset period.
Wherein, the preset period may be 1 hour, or 1 day, or 1 month, etc. The preset period may be configured at the core network side device. The core network side device may be a core network management device, for example, a fifth generation mobile communication (5G) network management device. The target object may be a table in a database or may be some data in a database. The block information associated with the target object may be operation log information associated with the target object.
In addition, the edge computing platform may include one or more databases, as shown in fig. 3, the edge computing platform may include multiple databases, for example, database 1 may be a MySQL database, database 2 may be a SQLite database, database 3 may be a montdb database, database 4 may be an HBase database, database 5 may be an Oracle database, and database 6 may be a DB2 database. The edge computing platform can comprise a plurality of interfaces, the first interface can be a Json-RPC interface, the second interface can be a Web Socket interface, and the third interface can be a MySQL Proxy interface. The interface and the application can communicate through an application programming interface, the first application programming interface can be a Java API, and the second application programming interface can be a node. The edge computing platform can communicate with the 5G network manager through a plurality of nodes such as a Trust Node List (Trust Node List), transaction access and forwarding, Structured Query Language (SQL) transaction synchronization and the like.
In addition, for example, taking the core network side device as a 5G network manager, as shown in fig. 4, the edge computing platform may directly send the block information associated with the target object to the core network side device, or may also send the block information associated with the target object to the core network side device through a User Plane Function (UPF) corresponding to the edge computing platform. If the block information associated with the target object is sent to the core network side device through the UPF corresponding to the edge computing platform, as shown in fig. 5, an MEC platform network management information module 201 may be added in the user plane functional network element, and the block information sent by the edge computing platform is received through the MEC platform network management information module 201 and sent to the core network side device.
In the embodiment, the block information associated with the target object is sent to the core network side device according to the preset period, so that the real-time management of the operation log information of the edge computing platform by the core network side device is realized.
Optionally, the sending block information associated with the target object to the core network side device according to the preset period includes:
under the condition that the core network side equipment subscribes the operation log information of the target object on the edge computing platform, sending a request for uploading block information associated with the target object to the core network side equipment according to a preset period;
and sending the block information associated with the target object to the core network side equipment under the condition of receiving a response of confirming the uploading sent by the core network side equipment.
The edge computing platform may store block information associated with a target object in a json format into a local txt file, and may send the local txt file to the core network side device in an event manner under a condition that the core network side device subscribes to operation log information of the target object on the edge computing platform.
In practical applications, the edge computing platform may send an upload request of the operation log information of the edge computing platform Database to the core network side device according to the block chain audit record, taking the core network side device as a 5G network manager as an example, as shown in fig. 6, the edge computing platform may initiate a request to the 5G network manager through an invite (MEC Database operation log upload) message, the 5G network manager may notify the edge computing platform that the operation log information may be uploaded through a Response log for log upload message, the edge computing platform may upload the operation log information to the 5G network manager through an upload edge computing platform Database operation log (Put MEC Database operation log) message, after the upload is completed, the edge computing platform may notify the 5G network manager that the upload is completed through a task over message, the 5G network manager can inform the edge computing platform that the operation log information is received through a task over & cancel message.
In this embodiment, when the core network side device subscribes to the operation log information of the target object on the edge computing platform, a request for uploading block information associated with the target object is sent to the core network side device according to a preset period; and sending the block information associated with the target object to the core network side equipment under the condition of receiving a response of confirming the uploading sent by the core network side equipment. Therefore, the edge computing platform sends the block information to the core network side equipment according to the subscription condition, so that the core network side equipment can manage the key operation log information conveniently.
Optionally, the first operation log information includes an identifier of an operator, an identifier of the edge computing platform, and an operation record.
The user may operate the database of the edge computing platform at a client, and the operator identifier may be an identifier of the client, for example, a network address or a MAC address of the client, or an identifier obtained by encrypting the network address or the MAC address of the client, or may also generate a unique address for identifying the client. The identifier of the edge computing platform may be used to identify the edge computing platform, for example, a network address or a MAC address of the edge computing platform may be used, or an identifier obtained by encrypting the network address or the MAC address of the edge computing platform may be used, or a unique address may be generated to identify the edge computing platform. The operation record may be used to record operations performed on a database of the edge computing platform.
In practical applications, as shown in fig. 2, the identifier of the operator may be address 1, the identifier of the edge computing platform may be address 2, and the operation record may be an operation statement, for example, a database operation statement that adds some data to a database. For example, as shown in fig. 7, a unique address may be generated to identify the edge computing platform, for example, a RANDOM function may be used to generate a private key, the private key may be generated by using a SECP256K1 algorithm to generate a public key, a SHA256 algorithm and a ripemm 160 algorithm may be used to generate a first public key hash, the first public key hash is hashed by a doublsha 256 to obtain the first four bytes of the hash result, the first public key hash and the first four bytes of the hash result are merged to be a second public key hash, and the second public key hash is encoded as the identifier of the edge computing platform by a BASE 58.
In this embodiment, the first operation log information includes an identifier of an operator, an identifier of the edge computing platform, and an operation record. Therefore, the source of the data in the database of the edge computing platform can be accurately traced through the blocks on the block chain, and the safety of the database is further improved.
Referring to fig. 8, fig. 8 is a schematic structural diagram of an edge computing platform according to an embodiment of the present invention, where the edge computing platform is a node in a block chain, and as shown in fig. 8, an edge computing platform 300 includes:
an obtaining module 301, configured to obtain first operation log information, where the first operation log information is operation log information for operating a database of the edge computing platform;
a storage module 302, configured to store the first operation log information and a first hash value corresponding to the first operation log information to a first block in the block chain;
and storing a second hash value on the first block, wherein the second hash value is a hash value corresponding to all the operation log information in a previous block adjacent to the first block in the block chain.
Optionally, the first block further stores a total number of pieces of operation log information stored in the first block, as shown in fig. 9, the edge computing platform 300 further includes:
a first updating module 303, configured to update the total number based on the first operation log information.
Optionally, a third hash value is further stored in the first block, where the third hash value is a value obtained by performing a hash operation on a hash value corresponding to each piece of operation log information in all operation log information stored in the first block, as shown in fig. 10, the edge computing platform 300 further includes:
a second updating module 304, configured to update the third hash value based on the first hash value corresponding to the first operation log information.
Optionally, as shown in fig. 11, the edge computing platform 300 further includes:
a sending module 305, configured to send block information associated with the target object to the core network side device according to a preset period.
Optionally, the sending module 305 is specifically configured to:
under the condition that the core network side equipment subscribes the operation log information of the target object on the edge computing platform, sending a request for uploading block information associated with the target object to the core network side equipment according to a preset period;
and sending the block information associated with the target object to the core network side equipment under the condition of receiving a response of confirming the uploading sent by the core network side equipment.
Optionally, the first operation log information includes an identifier of an operator, an identifier of the edge computing platform, and an operation record.
The edge computing platform can implement each process implemented by the edge computing platform in the method embodiment shown in fig. 1, and is not described here again to avoid repetition.
Referring to fig. 12, fig. 12 is a schematic structural diagram of an edge computing platform according to an embodiment of the present invention, and as shown in fig. 12, an edge computing platform 400 includes: a memory 402, a processor 401, and a program stored on the memory 402 and executable on the processor 401, wherein:
the edge computing platform is a node in the block chain, and the processor 401 reads a program in the memory 402 to execute:
acquiring first operation log information, wherein the first operation log information is operation log information for operating a database of the edge computing platform;
storing the first operation log information and a first hash value corresponding to the first operation log information to a first block in the block chain;
and storing a second hash value on the first block, wherein the second hash value is a hash value corresponding to all the operation log information in a previous block adjacent to the first block in the block chain.
Optionally, the first block further stores a total number of pieces of operation log information stored on the first block, and the processor 401 is further configured to:
updating the total number based on the first operation log information.
Optionally, a third hash value is further stored in the first block, where the third hash value is obtained by performing a hash operation on a hash value corresponding to each piece of operation log information in all operation log information stored in the first block, and the processor 401 is further configured to execute:
and updating the third hash value based on the first hash value corresponding to the first operation log information.
Optionally, the processor 401 is further configured to perform:
and sending block information associated with the target object to core network side equipment according to a preset period.
Optionally, the sending, by the processor 401, the block information associated with the target object to the core network side device according to the preset period includes:
under the condition that the core network side equipment subscribes the operation log information of the target object on the edge computing platform, sending a request for uploading block information associated with the target object to the core network side equipment according to a preset period;
and sending the block information associated with the target object to the core network side equipment under the condition of receiving a response of confirming the uploading sent by the core network side equipment.
Optionally, the first operation log information includes an identifier of an operator, an identifier of the edge computing platform, and an operation record.
In fig. 12, the bus architecture may include any number of interconnected buses and bridges, with one or more processors represented by processor 401 and various circuits of memory represented by memory 402 being linked together. The bus architecture may also link together various other circuits such as peripherals, voltage regulators, power management circuits, and the like, which are well known in the art, and therefore, will not be described any further herein. The bus interface provides an interface.
The processor 401 is responsible for managing the bus architecture and general processing, and the memory 402 may store data used by the processor 401 in performing operations.
It should be noted that any implementation manner in the method embodiment of the present invention may be implemented by the above log management method based on a block chain in this embodiment, and achieve the same beneficial effects, and details are not described here again.
The embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program implements each process of the above log management method based on a block chain, and can achieve the same technical effect, and in order to avoid repetition, the detailed description is omitted here. The computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
While the present invention has been described with reference to the embodiments shown in the drawings, the present invention is not limited to the embodiments, which are illustrative and not restrictive, and it will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (14)
1. A log management method based on a block chain is applied to an edge computing platform, and the edge computing platform is a node in the block chain, and the method comprises the following steps:
acquiring first operation log information, wherein the first operation log information is operation log information for operating a database of the edge computing platform;
storing the first operation log information and a first hash value corresponding to the first operation log information to a first block in the block chain;
and storing a second hash value on the first block, wherein the second hash value is a hash value corresponding to all the operation log information in a previous block adjacent to the first block in the block chain.
2. The method of claim 1, wherein the first block further stores a total number of oplog information stored on the first block, and wherein after obtaining the first oplog information, the method further comprises:
updating the total number based on the first operation log information.
3. The method according to claim 1, wherein a third hash value is further stored in the first block, the third hash value is obtained by performing a hash operation on a hash value corresponding to each piece of operation log information in all operation log information stored in the first block, and after the first operation log information is obtained, the method further includes:
and updating the third hash value based on the first hash value corresponding to the first operation log information.
4. The method of claim 1, further comprising:
and sending block information associated with the target object to core network side equipment according to a preset period.
5. The method according to claim 4, wherein the sending the block information associated with the target object to the core network side device according to the preset period includes:
under the condition that the core network side equipment subscribes the operation log information of the target object on the edge computing platform, sending a request for uploading block information associated with the target object to the core network side equipment according to a preset period;
and sending the block information associated with the target object to the core network side equipment under the condition of receiving a response of confirming the uploading sent by the core network side equipment.
6. The method of claim 1, wherein the first oplog information comprises an operator identification, an identification of the edge computing platform, and an operational record.
7. An edge computing platform, wherein the edge computing platform is a node in a blockchain, the edge computing platform comprising:
the acquisition module is used for acquiring first operation log information, wherein the first operation log information is operation log information for operating a database of the edge computing platform;
a storage module, configured to store the first operation log information and a first hash value corresponding to the first operation log information to a first block in the block chain;
and storing a second hash value on the first block, wherein the second hash value is a hash value corresponding to all the operation log information in a previous block adjacent to the first block in the block chain.
8. The edge computing platform of claim 7, wherein the first block further stores a total number of oplog information stored on the first block, the edge computing platform further comprising:
a first updating module for updating the total number based on the first operation log information.
9. The edge computing platform of claim 7, wherein a third hash value is further stored in the first block, where the third hash value is obtained by performing a hash operation on a hash value corresponding to each piece of operation log information in all operation log information stored in the first block, and the edge computing platform further includes:
and the second updating module is used for updating the third hash value based on the first hash value corresponding to the first operation log information.
10. The edge computing platform of claim 7, further comprising:
and the sending module is used for sending the block information related to the target object to the core network side equipment according to a preset period.
11. The edge computing platform of claim 10, wherein the sending module is specifically configured to:
under the condition that the core network side equipment subscribes the operation log information of the target object on the edge computing platform, sending a request for uploading block information associated with the target object to the core network side equipment according to a preset period;
and sending the block information associated with the target object to the core network side equipment under the condition of receiving a response of confirming the uploading sent by the core network side equipment.
12. The edge computing platform of claim 7, wherein the first operation log information comprises an operator identification, an identification of the edge computing platform, and an operation record.
13. An edge computing platform, comprising: processor, memory and program stored on the memory and executable on the processor, which when executed by the processor implements the steps of the block chain based log management method according to any of claims 1 to 6.
14. A computer-readable storage medium, comprising: processor, memory and program stored on the memory and executable on the processor, which when executed by the processor implements the steps of the block chain based log management method according to any of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911309929.1A CN112989404A (en) | 2019-12-18 | 2019-12-18 | Log management method based on block chain and related equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911309929.1A CN112989404A (en) | 2019-12-18 | 2019-12-18 | Log management method based on block chain and related equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112989404A true CN112989404A (en) | 2021-06-18 |
Family
ID=76343946
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911309929.1A Pending CN112989404A (en) | 2019-12-18 | 2019-12-18 | Log management method based on block chain and related equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112989404A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114221798A (en) * | 2021-12-07 | 2022-03-22 | 北京安天网络安全技术有限公司 | Computer attack information storage method and device and electronic equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020073276A1 (en) * | 2000-12-08 | 2002-06-13 | Howard John H. | Data storage system and method employing a write-ahead hash log |
| CN108737501A (en) * | 2018-04-23 | 2018-11-02 | 北京海华鑫安生物信息技术有限责任公司 | A kind of DNA date storage methods, equipment and system based on block chain |
| CN109144959A (en) * | 2018-08-03 | 2019-01-04 | 佛山市甜慕链客科技有限公司 | A kind of method and system of reliability for storing data |
| CN109491996A (en) * | 2018-09-27 | 2019-03-19 | 上海点融信息科技有限责任公司 | For the block generation method of block chain network, block data access method, calculate equipment, storage medium |
| CN110443073A (en) * | 2019-07-31 | 2019-11-12 | 南瑞集团有限公司 | A kind of anti-tamper date storage method, apparatus and system based on block chain |
-
2019
- 2019-12-18 CN CN201911309929.1A patent/CN112989404A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020073276A1 (en) * | 2000-12-08 | 2002-06-13 | Howard John H. | Data storage system and method employing a write-ahead hash log |
| CN108737501A (en) * | 2018-04-23 | 2018-11-02 | 北京海华鑫安生物信息技术有限责任公司 | A kind of DNA date storage methods, equipment and system based on block chain |
| CN109144959A (en) * | 2018-08-03 | 2019-01-04 | 佛山市甜慕链客科技有限公司 | A kind of method and system of reliability for storing data |
| CN109491996A (en) * | 2018-09-27 | 2019-03-19 | 上海点融信息科技有限责任公司 | For the block generation method of block chain network, block data access method, calculate equipment, storage medium |
| CN110443073A (en) * | 2019-07-31 | 2019-11-12 | 南瑞集团有限公司 | A kind of anti-tamper date storage method, apparatus and system based on block chain |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114221798A (en) * | 2021-12-07 | 2022-03-22 | 北京安天网络安全技术有限公司 | Computer attack information storage method and device and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Batten et al. | pStore: A secure peer-to-peer backup system | |
| CN110311782B (en) | Zero-knowledge proof method, system and storage medium for personal information | |
| KR101381551B1 (en) | Group based complete and incremental computer file backup system, process and apparatus | |
| CN110321735B (en) | Business handling method, system and storage medium based on zero knowledge certification | |
| CN111045855B (en) | Method, apparatus and computer program product for backing up data | |
| US20180267792A1 (en) | Updating software utilizing domain name system (dns) | |
| CN111680105B (en) | Management method and system of distributed relational database based on block chain | |
| US11734229B2 (en) | Reducing database fragmentation | |
| CN111447069B (en) | Low-frequency access data processing method based on block chain | |
| CN110597918A (en) | Account management method and device and computer readable storage medium | |
| EP3093789B1 (en) | Storing structured information | |
| Kollmann et al. | Snapdoc: Authenticated snapshots with history privacy in peer-to-peer collaborative editing | |
| Vaidya et al. | Commit signatures for centralized version control systems | |
| Heitzmann et al. | Efficient integrity checking of untrusted network storage | |
| US20200117367A1 (en) | Method, apparatus, and computer program product for managing application system | |
| CN112989404A (en) | Log management method based on block chain and related equipment | |
| Hwang et al. | A mutual nonrepudiation protocol for cloud storage with interchangeable accesses of a single account from multiple devices | |
| CN115238257B (en) | Access control face permission updating method and device, computer equipment and storage medium | |
| Hwang et al. | Proof of violation for trust and accountability of cloud database systems | |
| US11151082B1 (en) | File system operation cancellation | |
| Burns et al. | Verifiable audit trails for a versioning file system | |
| Weintraub et al. | Crowdsourced data integrity verification for key-value stores in the cloud | |
| WO2022002352A1 (en) | Data storage server and client devices for securely storing data | |
| US20160092886A1 (en) | Methods of authorizing a computer license | |
| CN111782615A (en) | Block chain-based large file storage method and system and computer equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210618 |
|
| RJ01 | Rejection of invention patent application after publication |