CN113037492B - Sensor data processing method and device - Google Patents

Sensor data processing method and device Download PDF

Info

Publication number
CN113037492B
CN113037492B CN202110152862.6A CN202110152862A CN113037492B CN 113037492 B CN113037492 B CN 113037492B CN 202110152862 A CN202110152862 A CN 202110152862A CN 113037492 B CN113037492 B CN 113037492B
Authority
CN
China
Prior art keywords
node
monitoring data
nodes
data
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110152862.6A
Other languages
Chinese (zh)
Other versions
CN113037492A (en
Inventor
朱晓宁
段珺轲
谭海燕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jingying Digital Technology Co Ltd
Original Assignee
Jingying Digital Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jingying Digital Technology Co Ltd filed Critical Jingying Digital Technology Co Ltd
Priority to CN202110152862.6A priority Critical patent/CN113037492B/en
Publication of CN113037492A publication Critical patent/CN113037492A/en
Application granted granted Critical
Publication of CN113037492B publication Critical patent/CN113037492B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • H04L9/3221Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Abstract

The invention provides a sensor data processing and device, which comprises the following steps: the sensor acquires monitoring data and generates certification information corresponding to the monitoring data according to a preset zero knowledge certification algorithm; sending the monitoring data to enterprise nodes corresponding to the sensors so that the enterprise nodes store the monitoring data and synchronize the monitoring data with other nodes in the private chain; and sending the certification information to the member nodes in the blockchain, so that the member nodes verify that the certification information passes and then store the certification information, and synchronizing the certification information with other member nodes in the blockchain. The invention can protect the data asset from leakage for the enterprise to which the sensor belongs; for other nodes in the blockchain, the affiliated scope of the monitoring data can be checked, which is helpful for providing reference basis for supervision and audit and providing real and credible control data for proving information when required.

Description

Sensor data processing method and device
Technical Field
The invention relates to the technical field of sensor data storage and examination, in particular to a sensor data processing method and device.
Background
The internet of things is widely applied to various production scenes through intelligent perception, recognition technology and perception technology, and is the internet for everything connection. The sensor technology is one of key technologies of the internet of things, and the sensor can sense and collect various useful information and then transmit the information to the network. The sensor can be said to be the basis of the operation of the whole internet of things system.
The sensor provides an important source of data for large data analysis because the sensor can continuously and automatically provide data in amounts far exceeding those produced manually. The core of the big data analysis technology is not separated from the value of the data, and along with the development of the big data technology, the data becomes a carrier of 'value', and also becomes a competitive advantage link of enterprises. On the other hand, in the examination link of part of application scenes (such as safe production and environmental protection), sensor data are often required to be disclosed, so that data leakage is easy to cause, and the data protection of enterprises is not facilitated.
Disclosure of Invention
The invention solves the problem that the data leakage is easy to cause due to the need of supervision and examination in the processing process of the existing sensor data.
To solve the above problems, the present invention provides a sensor data processing method applied to a blockchain, the method including: the sensor acquires monitoring data and generates proving information corresponding to the monitoring data according to a preset zero knowledge proving algorithm; sending the monitoring data to enterprise nodes corresponding to the sensors so that the enterprise nodes store the monitoring data and synchronize the monitoring data with other nodes in a private chain; and sending the proving information to member nodes in the blockchain, so that the member nodes verify that the proving information passes and then store the proving information, and synchronizing the proving information with other member nodes in the blockchain.
Optionally, the method further comprises: if a monitoring and examining instruction of a supervision node is received, the member node in the blockchain provides the proving information to the supervision node so that the supervision node determines the range information of the monitoring data according to the proving information and examines the range information; and/or if a data review instruction of a supervision node is received, the node in the private chain provides the monitoring data to the supervision node so that the supervision node can review the monitoring data.
Optionally, the generating the certification information corresponding to the monitoring data according to the preset zero knowledge certification algorithm includes: and generating range proving information corresponding to the monitoring data according to a range proving algorithm.
Optionally, the member node verifies that the certification information passes and then stores the certification information, including: and the member node verifies whether the range proving information passes or not according to a verification algorithm corresponding to the range proving algorithm.
Optionally, the scope proving algorithm need not be trusted settings.
Optionally, the enterprise node stores the monitoring data and synchronizes to other nodes in the private chain, including: verifying the identity address of the sensor; the identity address comprises an identity of the enterprise node corresponding to the sensor and a unique identity of the sensor; and if the verification is passed, storing the monitoring data and synchronizing the monitoring data with other nodes in the private chain.
Optionally, the sensor acquires monitoring data, including: the sensor periodically collects raw data, and performs at least one of the following processes on the raw data to obtain monitoring data: systematic error correction, random error compensation, noise reduction.
Optionally, the federation chain further includes an admission authority node, the method further comprising: when a new node sends a joining request to an admission mechanism node, the admission mechanism node audits the joining request; and if the joining request passes the verification, the admission mechanism node issues a certificate for authenticating the identity of the new node.
The invention provides a sensor data processing device applied to a blockchain, comprising: the data acquisition processing module is used for acquiring monitoring data and generating proving information corresponding to the monitoring data according to a preset zero knowledge proving algorithm; the first sending module is used for sending the monitoring data to the enterprise node corresponding to the sensor so that the enterprise node stores the monitoring data and synchronizes the monitoring data with other nodes in the private chain; and the second sending module is used for sending the proving information to member nodes in the blockchain so that the member nodes verify that the proving information passes and then store the proving information and synchronize the proving information with other member nodes in the blockchain.
Optionally, the apparatus further comprises: the first checking module is used for providing the proving information to the supervision node by the member node in the blockchain if a monitoring checking instruction of the supervision node is received, so that the supervision node determines the range information of the monitoring data according to the proving information and checks the range information; and/or a second checking module, configured to, if a data checking instruction of a supervision node is received, provide the monitoring data to the supervision node by a node in the private chain, so that the supervision node checks the monitoring data.
The invention can ensure the safety and credibility of the monitoring data from the source to the storage process through the credible storage of the block chain; for enterprises to which the sensor belongs, the privacy of monitoring data of the sensor can be well protected, and the data asset is protected from leakage; for other nodes in the blockchain, the range of the monitoring data can be checked, so that reference basis is provided for supervision and audit; and providing the authentic and trusted control data for the certification information when required.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic flow chart of a sensor data processing method in one embodiment of the invention;
FIG. 2 is a flow chart of a sensor data processing method based on trusted storage and range awareness in one embodiment of the invention;
FIG. 3 is a schematic diagram of a distributed system in accordance with one embodiment of the present invention;
FIG. 4 is a block diagram of a block chain according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a sensor data processing device according to an embodiment of the present invention.
Reference numerals illustrate:
501-a data acquisition and processing module; 502-a first transmitting module; 503-a second transmitting module.
Detailed Description
In order that the above objects, features and advantages of the invention will be readily understood, a more particular description of the invention will be rendered by reference to specific embodiments thereof which are illustrated in the appended drawings. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
The sensor in the embodiment has certain information storage and processing functions, can modify various deterministic system errors through software, and can properly compensate random errors and reduce noise, so that the sensor accuracy is improved. The intelligent data processing system has the functions of diagnosis, calibration and data storage, and can execute a simple cryptographic protocol for the intelligent structural system to perform related operation on the sensed data. The sensor can also have a digital communication interface function, can be directly sent to a remote computer for processing, has various data output forms and is suitable for various application systems.
FIG. 1 is a schematic flow chart of a sensor data processing method that may be applied to a blockchain in an embodiment of the invention, including:
s102, the sensor acquires monitoring data and generates proving information corresponding to the monitoring data according to a preset zero knowledge proving algorithm.
The sensor can be an environment sensing device such as a gas sensor, a camera, a gyroscope and the like. The sensor may periodically collect raw data and perform at least one of the following processes on the raw data to obtain monitored data, including: systematic error correction, random error compensation, noise reduction, etc. Such as nonlinear errors of sensor inputs and outputs, zero point errors, etc. The monitoring data is, for example, environmental data.
Zero knowledge proof algorithms refer to the ability of a verifier to trust that a certain assertion is correct without providing the verifier with any useful information. The prover proves to the verifier and believes itself to know or own a certain message, but the proving process cannot reveal any information about the proved message to the verifier.
In consideration of the requirement of the supervisory mechanism on the supervision and audit of the sensor data, the above-mentioned proving information can contain the belonging range of the sensor data, so that the supervisory mechanism can conveniently monitor the working state of the sensor and the state of the monitoring target based on the belonging range as a reference. Based on this, the zero knowledge proof algorithm described above may employ a scope proof algorithm that allows a prover to prove the range of a particular value without revealing that value.
The generating the certification information corresponding to the monitoring data according to the preset zero knowledge certification algorithm includes: and generating range proving information corresponding to the monitoring data according to a range proving algorithm. By using an efficient, lightweight range attestation algorithm, the computational burden on the sensor can be reduced, as well as the size of the attestation information itself.
In some zero knowledge proofs, a trusted boot link is often required, i.e. some shared secret value is set during the initial setup phase of the whole system. This process is typically implemented by multiparty secure computing. The range proving method used in the embodiment does not need trusted setting, thereby simplifying operation steps and improving the expandability of the system.
And S104, sending the monitoring data to the enterprise node corresponding to the sensor so that the enterprise node stores the monitoring data and synchronizes the monitoring data with other nodes in the private chain.
And S106, sending the certification information to the member nodes in the blockchain, so that the member nodes verify the certification information, store the certification information after passing, and synchronize the certification information with other member nodes in the blockchain.
The sensor can send the monitoring data to the enterprise node to which the sensor belongs, and send the certification information corresponding to the monitoring data to other member nodes in the blockchain. It should be noted here that, in order to protect data security, the enterprise node exists in the private chain, and the member node exists in the federation chain.
After the monitoring data is released to the private chain of the enterprise node, the trusted storage of the data can be ensured, and the data is prevented from being tampered. For nodes in the alliance chain, the affiliated range information of the data can be obtained through a verification algorithm under the condition that the original data content is not known, so that the privacy of the data in enterprises can be well protected, the data assets are protected from leakage, and references can be provided for supervision and examination of related institutions. In some scenarios where further acquisition of the original data is required, the enterprise may also provide, through the private chain, authentic and reliable data corresponding to the relevant attestation information.
The write rights of each node in the private chain are collected into the internal control, and the read rights can be selectively opened to the outside as required. The private chain still has a general structure of multi-node operation of the block chain, and is suitable for internal data management and audit of a specific organization. Each node of the federation chain typically has an entity organization corresponding thereto that can join and leave the network after authorization. Organizations constitute benefit-related federations that collectively maintain healthy operation of blockchains.
The enterprise node may record the monitoring data in the form of a private chain of storage, and the other member nodes collectively maintain attestation information of the environmental data in the form of a federation chain, such as the scope attestation information described above. By the range-proven characteristics, the member node can verify the range of the monitoring data, but cannot obtain the specific value of the monitoring data. Specifically, the member node may verify whether the scope proving information passes or not according to a verification algorithm corresponding to the scope proving algorithm.
If a monitoring and examining instruction of the supervision node is received, the member node in the blockchain can provide the certification information to the supervision node, so that the supervision node determines the range information of the monitoring data according to the certification information and examines the range information. For example, when the relevant regulatory authorities need to review the sensor data, the scope information of the environment data can be obtained as a reference basis through the scope certification information stored in the alliance chain node.
If a data review instruction of a supervision node is received, the node in the private chain can provide the monitoring data to the supervision node so that the supervision node can review the monitoring data. For example, when the relevant regulatory authorities need to further obtain the raw data corresponding to the scope proving information, the enterprise node or other nodes in the private chain to which the sensor belongs may provide the corresponding raw data.
According to the sensor data processing method provided by the embodiment of the invention, the safety and the credibility of the monitoring data from the source to the storage process can be ensured through the credible storage of the block chain; for enterprises to which the sensor belongs, the privacy of monitoring data of the sensor can be well protected, and the data asset is protected from leakage; for other nodes in the blockchain, the range of the monitoring data can be checked, so that reference basis is provided for supervision and audit; and providing the authentic and trusted control data for the certification information when required.
When a new sensor accesses the blockchain, a unique and exclusive representation can be generated by the identity of the corresponding enterprise node and the unique identity (e.g., hardware identity, etc.) of the intelligent sensor, and used as the identity address of the sensor in the blockchain network. Based on this, when the enterprise node stores the monitoring data and synchronizes to other nodes in the private chain, the identity address of the sensor needs to be verified, and if the verification is passed, the monitoring data is stored and synchronized to other nodes in the private chain. The identity address comprises an identity identifier of the enterprise node corresponding to the sensor and a unique identifier of the sensor.
The federation chain described above may be used by government-related authorities as an admission authority. When a new alliance chain member is added, the member can be checked through an admission authority. After the verification is passed, issuing an organization certificate based on the alliance chain for the member. When communicating between nodes, the public key in the certificate is used as an identity. If the verification is passed, the member in the alliance chain is confirmed. Based on this, the above method may further include: when the new node sends a joining request to the admission mechanism node, the admission mechanism node checks the joining request; and if the joining request passes the verification, the admission mechanism node issues a certificate for authenticating the identity of the new node.
Referring to a flow chart of a sensor data processing method based on trusted storage and range awareness shown in fig. 2, the method comprises the following steps:
s201, the sensor calibrates the collected environment data and generates corresponding range evidences. The sensor processes data collected by sensing equipment such as a camera and a gyroscope in a data analysis and artificial intelligent image recognition mode, intelligently senses the working state of the gas sensor, improves the accuracy of the collected data through internal denoising operation, and then establishes range proving information of the data through a process of generating the range proving information.
S202, the sensor sends the original data to the enterprise node to which the sensor belongs.
S203, the sensor sends the range proving information to the member nodes in the alliance chain.
S204, the enterprise node stores the sensor raw data in the form of a private chain.
And S205, the member node verifies the evidence through a verification algorithm, and synchronizes data with other nodes of the alliance chain through a consensus algorithm after the evidence passes.
And S206, the member node transmits the belonging range corresponding to the range proving information to the supervision audit department.
S207, the enterprise node sends the original data to a supervision audit department.
After the original data is released to the enterprise private chain, the trusted storage of the data can be ensured, and the data is prevented from being tampered. For nodes in the alliance chain, the information of the range of the original data can be obtained through a verification algorithm under the condition that the content of the original data is not known, so that the privacy of the data in enterprises can be protected, the data assets are protected from being revealed, and references are provided for supervision and examination of related institutions. In some scenarios where further acquisition of raw data is required, enterprises may also provide, through the private chain, authentic and reliable data corresponding to the relevant attestation.
For example, the process of generating the certification information by the sensor may be performed as follows:
(1) Converting the detected environmental data into a representation of a binary vector, in this example using a L Representing the vector;
(2) Generating vector a R =a L -1 n
(3) The random number y is chosen such that there is a high probability of obtaining when one vector b is proved to be a zero vector<b,y n >=0;
(4) The following variables were calculated:
L=a L -z·1 n
δ=(z-z 2 )<1 n ,y n >-z 3 ·<1 n ,2 n >
(5) In order to hide the true value of the environmental data, i.e. a L Is required to generate a random vector s L Sum s R And calculates the following vectors:
L x =(a L -z·1 n )+s L ·x
t x =<L x ,R x >
wherein t is x Is a quadratic equation about x, which corresponds to the coefficient of x, t in order from low order to high order 0 ,t 1 ,t 2 . It can be seen that t 0 =<L,R>=z 2 V+δ, where v is the value of the hidden environmental data;
(6) Using a obtained above L And a R And (3) calculating:
τ x =τ 1 x+τ 2 x 2
μ=a+ρx
wherein a, ρ, τ 1 ,τ 2 For random numbers, g and h are vectors composed of generator elements whose discrete logarithmic relationship is unknown.
The sensor will generate proof (A, S, T 1 ,T 2 ,x,L x ,R x ,t x ,τ x (ii) to member nodes in the federation chain, the member nodes validating the following equation:
wherein the first equation is used to ensure whether the sensor generates t honest x And τ x The second equation is used to verify whether L and R are generated honest, i.e. implicitly verify a in L L Is a value belonging to a certain range. When the sensor is constructed to be proved, the range of the numerical value can be preset, and the proof is built.
In the embodiment of the present invention, a plurality of nodes are implemented by a distributed system formed by network communication, and the structural schematic diagram of the distributed system shown in fig. 3 is referred to. Nodes communicate with each other via a P2P protocol, which is an application layer protocol that runs on top of the TCP protocol. In a distributed system, any terminal may join the network as a node. The functions of the node include: a route for supporting communication between nodes; an application, which provides specific services according to actual application requirements; and, a consensus algorithm.
Taking the node in the blockchain as an example, the node can send the local current transaction to other nodes in the blockchain system, and after the other nodes are successfully verified, the transaction records are stored in the local blockchain account books. The blockchain system ensures the correctness and consistency of each node account book through a consensus algorithm. To support the joining and exiting of new members in a federation, dynamic node addition or deletion needs to be achieved through consensus, in this example using a highly robust bayer fault tolerance algorithm (Robust Byzantine Tolerance, RBFT).
Assuming that the total node number of the system is |r|=3f+1, the rbft algorithm can tolerate an invalid or malicious node number of f, requiring 2f+1 normal nodes. That is, the RBFT algorithm can tolerate less than 1/3 of invalid or malicious nodes. RBFT is a state machine replica replication algorithm, where all replicas operate in a view rotation process, and the master node is determined by the view number and the node number set, i.e., master node p=v mod|r|, where v is the view number, r| is the number of nodes, and p is the master node number. Each client request of the RBFT algorithm needs to go through 5 stages, and the request of the client is executed after the server agrees by adopting a two-by-two interaction mode. Since the client cannot obtain any server running state from the server, whether the main node in the RBFT is in error or not can only be monitored by the server. If the server cannot complete the client's request within a period of time, a view exchange protocol is triggered.
The process of message consensus in the protocol is as follows:
1. the client sends a request to the main node, and activates the service operation of the main node;
2. the master node assigns a serial number n to the request, broadcasts a serial number allocation message and a request message m of the client, and sends a constructed pre-preparation message to each node;
3. receiving the pre-service message from the node, and broadcasting the pre message to other service nodes;
4. after verifying the requests and the sequence in the attempt, each node broadcasts a Commit message, executes the received client request and gives the corresponding request to the client;
5. the client waits for responses from different nodes, and if m+1 responses are the same, the responses are the result of the operation.
The process of adding a node in the protocol is as follows:
1. the newly added node actively initiates connection to the existing node by reading the configuration file information, updates the own routing table after confirming that all nodes are successfully connected, and initiates a recovery message;
2. after receiving the connection request of the newly added node, other nodes in the network confirm to agree to join the node, and then broadcast AddNode (added node) information to the whole network to indicate that the node agrees to join the whole consensus network;
3. when the existing node receives the |R| AddNode message, updating the routing table of the existing node, and then starting to respond to the consensus message request of the newly added node (all consensus messages of the newly added node are not processed before the request;
4. after the newly added node completes recovery, broadcasting a Ready request to the existing nodes of the whole network;
5. after receiving the Ready request, the existing node recalculates information of |R|, p and the like after adding a new node, and then encapsulates the information into Agreeupdate information to perform whole network broadcasting;
6. the consensus network added by the newly added node can generate a new master node, and the master node sends Update information according to the identity of the new master node after receiving 2f+1 Agreeupdate information;
7. after receiving Update message, all nodes of the whole network confirm correctness of the message and Update routing table;
8. after each node completes the update of the routing table, broadcasting a finish update message by the whole network;
9. and after receiving 2f+1 finish update messages, the node processes subsequent requests to complete the flow of the newly added node.
The dynamic increase of the alliance members does not affect the normal business, and the expandability is provided on the premise of ensuring the high robustness of the system.
See block architecture diagram in the blockchain shown in fig. 4. The blocks are arranged according to time sequence, each block comprises a time stamp, a hash value of the last block and a hash value of the block, transactions in the blocks are stored in a Merkle tree mode, and each block is connected with each other through storing the hash value of the last block to form a chain-shaped structure. Blockchain is essentially a decentralised storage structure, and the technology of cryptography, consensus algorithm and the like ensures that data is public, transparent, traceable and non-counterfeitable.
In this embodiment, the encryption of the monitored data may be implemented by an encryption method based on an elliptic curve encryption system (Elliptic curve cryptography, ECC), and in consideration of the limitation of the blockchain storage capacity, the use of public key encryption and digital signature based on ECC may provide a faster encryption speed and ciphertext volume under the premise of ensuring the security level. The address of the sensor is generated by splicing the unique hardware identifier of the sensor with the enterprise identity identifier, and then processing the unique hardware identifier by the private key of the enterprise. The node, upon receiving the sensor data, can verify the identity of the sensor through the public key issued by the enterprise.
The embodiment of the invention realizes the privacy processing of the sensor data by using the range proving technology, thereby protecting the data assets of enterprises from leakage and being beneficial to providing reference basis for supervision and audit; the range proving algorithm which is efficient, light and free of trusted setting is used, so that the calculation burden of the sensor and the storage burden of the nodes can be reduced, and the flexibility and the expandability of the system are improved; dynamic addition and exit of new members in the alliance chain are realized by using a high-robustness Bayesian fault-tolerant algorithm; and providing authentic, trusted control data for the scope evidence, if necessary.
FIG. 5 is a schematic diagram of a sensor data processing apparatus for use with a blockchain in an embodiment of the invention, the apparatus comprising:
the data acquisition processing module 501 is configured to acquire monitoring data and generate certification information corresponding to the monitoring data according to a preset zero knowledge certification algorithm;
a first sending module 502, configured to send the monitoring data to an enterprise node corresponding to the sensor, so that the enterprise node stores the monitoring data and synchronizes with other nodes in the private chain;
and the second sending module 503 is configured to send the attestation information to member nodes in the blockchain, so that the member nodes verify that the attestation information passes and then store the attestation information, and synchronize the attestation information with other member nodes in the blockchain.
The sensor data processing device provided by the embodiment of the invention can ensure the safety and the credibility of the monitoring data from the source to the storage process through the credible storage of the block chain; for enterprises to which the sensor belongs, the privacy of monitoring data of the sensor can be well protected, and the data asset is protected from leakage; for other nodes in the blockchain, the range of the monitoring data can be checked, so that reference basis is provided for supervision and audit; by means of sending the original data and the proving information to the affiliated enterprise node and the blockchain member node respectively, real and reliable comparison data can be provided for the proving information when needed.
Optionally, as an embodiment, the apparatus further includes: the first checking module is used for providing the proving information to the supervision node by the member node in the blockchain if a monitoring checking instruction of the supervision node is received, so that the supervision node determines the range information of the monitoring data according to the proving information and checks the range information; and/or a second checking module, configured to, if a data checking instruction of a supervision node is received, provide the monitoring data to the supervision node by a node in the private chain, so that the supervision node checks the monitoring data.
Optionally, as an embodiment, the data acquisition processing module 501 is specifically configured to: and generating range proving information corresponding to the monitoring data according to a range proving algorithm.
Optionally, as an embodiment, the first sending module 502 is specifically configured to: and the member node verifies whether the range proving information passes or not according to a verification algorithm corresponding to the range proving algorithm.
Alternatively, as one embodiment, the scope proving algorithm need not be trusted settings.
Optionally, as an embodiment, the first sending module 502 is specifically configured to: verifying the identity address of the sensor; the identity address comprises an identity of the enterprise node corresponding to the sensor and a unique identity of the sensor; and if the verification is passed, storing the monitoring data and synchronizing the monitoring data with other nodes in the private chain.
Optionally, as an embodiment, the data acquisition processing module 501 is specifically configured to: the sensor periodically collects raw data, and performs at least one of the following processes on the raw data to obtain monitoring data: systematic error correction, random error compensation, noise reduction.
Optionally, as an embodiment, the federation chain further includes an admission authority node, and the apparatus further includes an admission module configured to: when a new node sends a joining request to an admission mechanism node, the admission mechanism node audits the joining request; and if the joining request passes the verification, the admission mechanism node issues a certificate for authenticating the identity of the new node.
The sensor data processing device provided in the foregoing embodiments can implement each process in the foregoing embodiments of the sensor data processing method, and in order to avoid repetition, a description is omitted herein.
The embodiment of the invention also provides a computer readable storage medium, on which a computer program is stored, which when executed by a processor, implements the processes of the sensor data processing method embodiment, and can achieve the same technical effects, so that repetition is avoided, and no further description is given here. Wherein the computer readable storage medium is selected from Read-Only Memory (ROM), random access Memory (Random Access Memory, RAM), magnetic disk or optical disk.
Of course, it will be appreciated by those skilled in the art that implementing all or part of the above-described methods in the embodiments may be implemented by a computer program for instructing a control device, where the program may be stored in a computer readable storage medium, and the program may include the above-described methods in the embodiments when executed, where the storage medium may be a memory, a magnetic disk, an optical disk, or the like.
In this document, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
In the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (8)

1. A method of sensor data processing, for application to a blockchain, the method comprising:
the sensor acquires monitoring data and generates proving information corresponding to the monitoring data according to a preset zero knowledge proving algorithm; the sensor has a programmable function;
sending the monitoring data to enterprise nodes corresponding to the sensors so that the enterprise nodes store the monitoring data and synchronize the monitoring data with other nodes in a private chain;
sending the proving information to member nodes in a blockchain, so that the member nodes verify that the proving information passes and then store the proving information, and synchronizing the proving information with other member nodes in the blockchain;
the enterprise node exists in a private chain, and the member node exists in a alliance chain;
the method further comprises the steps of:
if a monitoring and examining instruction of a supervision node is received, the member node in the blockchain provides the proving information to the supervision node so that the supervision node determines the range information of the monitoring data according to the proving information and examines the range information; and/or the number of the groups of groups,
if a data examination instruction of the supervision node is received, the nodes in the private chain provide the monitoring data to the supervision node so that the supervision node examines the monitoring data.
2. The method according to claim 1, wherein the generating the certification information corresponding to the monitoring data according to the preset zero knowledge certification algorithm includes:
and generating range proving information corresponding to the monitoring data according to a range proving algorithm.
3. The method of claim 2, wherein the member node verifies that the attestation information is stored after passing, comprising:
and the member node verifies whether the range proving information passes or not according to a verification algorithm corresponding to the range proving algorithm.
4. The method of claim 2, wherein the scope proving algorithm does not require trusted settings.
5. The method of any of claims 1-4, wherein the enterprise node storing the monitoring data and synchronizing to other nodes in a private chain comprises:
verifying the identity address of the sensor; the identity address comprises an identity of the enterprise node corresponding to the sensor and a unique identity of the sensor;
and if the verification is passed, storing the monitoring data and synchronizing the monitoring data with other nodes in the private chain.
6. The method of any one of claims 1-4, wherein the sensor acquiring monitoring data comprises:
the sensor periodically collects raw data, and performs at least one of the following processes on the raw data to obtain monitoring data: systematic error correction, random error compensation, noise reduction.
7. The method of any of claims 1-4, wherein the federation chain further comprises an admission authority node, the method further comprising:
when a new node sends a joining request to an admission mechanism node, the admission mechanism node audits the joining request;
and if the joining request passes the verification, the admission mechanism node issues a certificate for authenticating the identity of the new node.
8. A sensor data processing apparatus for use with a blockchain, the apparatus comprising:
the data acquisition processing module is used for acquiring monitoring data and generating proving information corresponding to the monitoring data according to a preset zero knowledge proving algorithm; the data acquisition processing module has a programmable function;
the first sending module is used for sending the monitoring data to the enterprise node corresponding to the sensor so that the enterprise node stores the monitoring data and synchronizes the monitoring data with other nodes in the private chain;
the second sending module is used for sending the proving information to member nodes in the blockchain so that the member nodes verify that the proving information passes and then store the proving information and synchronize the proving information with other member nodes in the blockchain;
the enterprise node exists in a private chain, and the member node exists in a alliance chain;
the apparatus further comprises:
the first checking module is used for providing the proving information to the supervision node by the member node in the blockchain if a monitoring checking instruction of the supervision node is received, so that the supervision node determines the range information of the monitoring data according to the proving information and checks the range information; and/or the number of the groups of groups,
and the second checking module is used for providing the monitoring data to the supervision node by the nodes in the private chain if a data checking instruction of the supervision node is received, so that the supervision node checks the monitoring data.
CN202110152862.6A 2021-02-04 2021-02-04 Sensor data processing method and device Active CN113037492B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110152862.6A CN113037492B (en) 2021-02-04 2021-02-04 Sensor data processing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110152862.6A CN113037492B (en) 2021-02-04 2021-02-04 Sensor data processing method and device

Publications (2)

Publication Number Publication Date
CN113037492A CN113037492A (en) 2021-06-25
CN113037492B true CN113037492B (en) 2023-07-25

Family

ID=76459886

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110152862.6A Active CN113037492B (en) 2021-02-04 2021-02-04 Sensor data processing method and device

Country Status (1)

Country Link
CN (1) CN113037492B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114079663A (en) * 2021-09-15 2022-02-22 中国联合网络通信集团有限公司 Environment monitoring method and device based on block chain and eSIM
CN115361311B (en) * 2022-08-25 2023-08-22 广州中南网络技术有限公司 Internet block chain digital sign transmission identification method
CN117591139B (en) * 2024-01-16 2024-04-09 北京航天绘景科技有限公司 Synchronous optimization method and system for ocean monitoring data

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180220278A1 (en) * 2017-02-01 2018-08-02 BriefTrace Ltd. System and method for securing and verifying information from transportation monitors
CN108737512A (en) * 2018-04-28 2018-11-02 深圳智达机械技术有限公司 A kind of pollution of waterhead monitoring system based on block chain technology
CN108667618B (en) * 2018-05-10 2020-07-03 阿里巴巴集团控股有限公司 Data processing method, device, server and system for member management of block chain
EP3542336B1 (en) * 2018-11-07 2021-01-27 Advanced New Technologies Co., Ltd. Blockchain data protection based on account note model with zero-knowledge proof
CN110620777A (en) * 2019-09-24 2019-12-27 北京艾摩瑞策科技有限公司 Smoke monitoring data uplink method and system of Internet of things on block chain
CN111131485A (en) * 2019-12-30 2020-05-08 山东爱城市网信息技术有限公司 Remote monitoring method, equipment and medium based on block chain
CN111782723A (en) * 2020-06-05 2020-10-16 成都链向科技有限公司 Double-layer product information tracing system architecture based on permission chain
CN112241434B (en) * 2020-09-24 2021-06-22 华中农业大学 Data privacy protection oriented alliance block chain system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Mirko Zichichi等.A Framework Based on Distributed Ledger Technologies for Data Management and Services in Intelligent Transportation Systems.《 IEEE Access 》.2020,全文. *
李成华等.《现代测试技术》.2001,全文. *

Also Published As

Publication number Publication date
CN113037492A (en) 2021-06-25

Similar Documents

Publication Publication Date Title
CN113037492B (en) Sensor data processing method and device
EP3788522B1 (en) System and method for mapping decentralized identifiers to real-world entities
US20210126916A1 (en) System and method for decentralized-identifier authentication
US11539527B2 (en) Peer node recovery via approximate hash verification
US11570002B2 (en) Reduced-step blockchain verification of media file
US11711202B2 (en) Committing data to blockchain based on approximate hash verification
US11943237B2 (en) Malicious peer identification for database block sequence
US11689356B2 (en) Approximate hash verification of unused blockchain output
US11387979B2 (en) Partially-ordered blockchain
US20200374300A1 (en) Database malicious peer identification
EP3794492A1 (en) Trusted contextual content
US11593316B2 (en) Database snapshot for managing state synchronization
Ahmad et al. Secure and transparent audit logs with BlockAudit
US11362826B2 (en) Endorsement process for non-deterministic application
US20230037932A1 (en) Data processing method and apparatus based on blockchain network, and computer device
CN111385103B (en) Authority processing method, system and device and electronic equipment
CN109861996B (en) Block chain-based relationship proving method, device, equipment and storage medium
US11194770B2 (en) Database mergeable ledgers
CN113723962A (en) Block chain authority management method and block chain system
CN111881481A (en) Block chain-based medical data processing method, device, equipment and storage medium
JP2024509666A (en) Blockchain data segregation
US20220393858A1 (en) Limiting data availability on distributed ledger
Fan et al. A blockchain-based data storage framework: A rotating multiple random masters and error-correcting approach
US20230091686A1 (en) Digital asset platform with hsm verification
Trueman et al. Ensuring privacy and data freshness for public auditing of shared data in cloud

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant