CN113507369A - Black box data access method based on block chain and cloud storage - Google Patents

Black box data access method based on block chain and cloud storage Download PDF

Info

Publication number
CN113507369A
CN113507369A CN202110679487.0A CN202110679487A CN113507369A CN 113507369 A CN113507369 A CN 113507369A CN 202110679487 A CN202110679487 A CN 202110679487A CN 113507369 A CN113507369 A CN 113507369A
Authority
CN
China
Prior art keywords
data
value
key
black box
hash
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110679487.0A
Other languages
Chinese (zh)
Other versions
CN113507369B (en
Inventor
曲强
张孟秋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Institute of Advanced Technology of CAS
Original Assignee
Shenzhen Institute of Advanced Technology of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Institute of Advanced Technology of CAS filed Critical Shenzhen Institute of Advanced Technology of CAS
Priority to CN202110679487.0A priority Critical patent/CN113507369B/en
Publication of CN113507369A publication Critical patent/CN113507369A/en
Application granted granted Critical
Publication of CN113507369B publication Critical patent/CN113507369B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C5/00Registering or indicating the working of vehicles
    • G07C5/08Registering or indicating performance data other than driving, working, idle, or waiting time, with or without registering driving, working, idle or waiting time
    • G07C5/0841Registering performance data
    • G07C5/085Registering performance data using electronic data carriers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/121Timestamp
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a black box data access method based on a block chain and cloud storage. The method comprises the following steps: organizing the black box data into a first key-value key value pair structure, wherein the key value is a time stamp, and the value is real-time data required to be saved; according to the key-value key value pair structure, encrypting the value based on the attribute to obtain encrypted data; signing the encrypted data by using a private key of the black box, and storing signature data corresponding to the encrypted data in a cloud database; and carrying out Hash operation on the encrypted data, executing Merkle Hash tree operation aiming at the Hash value of the data block contained in the set time period, obtaining a second key-value key value pair structure, and further storing the second key-value key value pair structure into the block chain network, wherein the key value is a timestamp, and the value is Merkle Tree root Hash. According to the invention, data are jointly stored through the cloud and the block chain, so that various emergency situations can be dealt with, and the real and credible data information can be obtained.

Description

Black box data access method based on block chain and cloud storage
Technical Field
The invention relates to the technical field of computers, in particular to a black box data access method based on a block chain and cloud storage.
Background
The black box is one of electronic recording devices special for airplanes, and is also called an aviation flight recorder. The black box is equipped with flight data recorder and cabin sound recorder, and all the mechanical parts of the airplane and electronic instruments and meters are equipped with sensors connected with them. The black box can record flight technical parameters and sounds in the cockpit of the airplane for a period of time before the airplane stops working or crashes, and flight experiments, accident reasons and the like can be analyzed according to the recorded parameters when needed. The technology of the black box on the airplane is relatively mature, however, under special environments such as airplane loss or airplane falling, the black box can not be found out, and the accident reason can not be analyzed. In addition, no black box device is arranged on the current automobile, under some scenes such as brake failure, automatic driving out of control and the like, real-time data information of the automobile body is beneficial to restoring an accident site, and automobile enterprises can obtain real-time data of the automobile under a test environment to optimize and upgrade products.
In recent years, the market of electric automobiles is flourishing, and meanwhile, the problem of product control such as brake failure is brought. The steep increase in car inventory also leads to further traffic safety issues. How to restore the accident scene situation to the maximum extent so as to facilitate the accident analysis is a difficult problem. Except the road condition information which can be recorded by the automobile data recorder, the driving data such as the brake force, the accelerator state, the vehicle speed, the vehicle body posture and the like are not easy to be known, and the site information is difficult to restore. On the other hand, for an aircraft, the real-time information data of the aircraft is generally recorded in a black box. Compared with the situation that the plane crashes on the land, when the plane crashes on the sea, the black box is difficult to find, and even cannot be found at all. In addition, it becomes difficult to obtain the black box data when an airplane is disconnected or the black box is damaged.
In the prior art, black box data on an airplane is mainly used for searching a black box to restore data after an accident, and the existing scheme of real-time body data on an automobile is to store the data on a block chain so as to ensure the reality and effectiveness of the data. However, a large amount of real-time data is directly uploaded to the blockchain, due to low efficiency, real-time updating may not be achieved, and due to the characteristics of the additional blockchain, the data is public and transparent, and can be viewed by anyone, so that private information such as automobile coordinates is leaked. Moreover, since all the stored data are not trusted to endorse, it is impossible to verify whether the data are the real data of the vehicle.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, and provides a black box data access method based on a block chain and cloud storage.
The technical scheme of the invention is to provide a black box data access method based on a block chain and cloud storage. The method comprises the following steps:
step S1: organizing the black box data into a first key-value key value pair structure, wherein the key value is a time stamp, and the value is real-time data required to be saved;
step S2: according to the key-value key value pair structure, encrypting the value based on the attribute to obtain encrypted data;
step S3: signing the encrypted data by using a private key of the black box, and storing signature data corresponding to the encrypted data in a cloud database;
step S4: and carrying out Hash operation on the encrypted data, executing Merkle Hash tree operation aiming at the Hash value of the data block contained in the set time period, obtaining a second key-value key value pair structure, and further storing the second key-value key value pair structure into the block chain network, wherein the key value is a timestamp, and the value is Merkle Tree root Hash.
Compared with the prior art, the method has the advantages that in order to solve the problems of loss of special conditions of black box data on an airplane, efficiency and privacy protection of automobile data stored on the basis of a block chain, a black box data access method based on the block chain and cloud storage is provided, real-time automobile body information is encrypted on the basis of attributes and then stored in a cloud database, only roles which accord with the attributes are set, and the original text information can be decrypted, so that the privacy of user data is effectively guaranteed. The data stored in the cloud database are accompanied by the signature of the black box, so that each piece of data is real and reliable real-time data; in addition, in order to ensure the real-time performance of data updating, Hash values corresponding to all data are stored through Merkle-Hash tree operation, a root Hash is finally obtained, the root Hash and a corresponding timestamp are linked and stored, the real-time performance of data updating is ensured, and whether the data are tampered or not is verified, so that the authenticity and reliability of cloud data are ensured.
Other features of the present invention and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description, serve to explain the principles of the invention.
Fig. 1 is a flowchart of a black box data access method based on a block chain and cloud storage according to an embodiment of the present invention;
FIG. 2 is a block chain process diagram of a black box data cloud and block chain storage according to an embodiment of the invention;
FIG. 3 is a structural diagram of a Merkle hash tree, according to an embodiment of the invention.
Detailed Description
Various exemplary embodiments of the present invention will now be described in detail with reference to the accompanying drawings. It should be noted that: the relative arrangement of the components and steps, the numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present invention unless specifically stated otherwise.
The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the invention, its application, or uses.
Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate.
In all examples shown and discussed herein, any particular value should be construed as merely illustrative, and not limiting. Thus, other examples of the exemplary embodiments may have different values.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, further discussion thereof is not required in subsequent figures.
In the following, a black box data access method based on block chain and cloud database cooperative storage will be described, taking car or airplane real-time data information as an example, where the cloud database stores real-time data, and the block chain stores hash values of the cloud data after calculation, so as to ensure the real validity of the data.
Specifically, with reference to fig. 1 and fig. 2, the black box data access method based on a block chain and cloud storage includes the following steps.
Step S110, the black box data is organized into a key value as a Timestamp (Timestamp), and a value as real-time data to be saved.
In this step, the black box data is organized into a key-value storage structure in which a time stamp is used as a key value for indicating the time at which the data is acquired and real-time data at that time is used as a value for reflecting the operating conditions of the automobile or the airplane.
For example, for an automobile, the value to be stored is real-time Body information including, but not limited to, Body coordinates (Location), time, Throttle status (Throttle status), brake force (Braking force), and Body posture (Body position), and is combined into a key-value pair with a timestamp as the key value for convenient storage and search.
And step S120, carrying out ABE encryption on the value.
And carrying out ABE encryption on the value aiming at the key-value storage structure. ABE is Attribute-Based Encryption (Attribute-Based Encryption), which can solve the sharing problem of private data by effectively configuring a sharing policy. In security system research, the access structure of a system refers to the architecture of the authorized set. When the user attribute is contained in the access structure of the system, the user can decrypt the ciphertext encrypted based on the attribute encryption algorithm.
Various types of attribute-based encryption methods may be employed, such as KP-ABE (key policy attribute encryption) or CP-ABE (ciphertext policy attribute encryption).
In one embodiment, a CP-ABE encryption scheme is used, which is ciphertext policy attribute-based encryption, meaning that an attribute set embeds a key, an access structure embeds a ciphertext, and decryption occurs if and only if the attribute matches the access structure. The data owner specifies the access structure so the data owner can control the rights of the visitor by specifying a policy. For example, after the real-time data is encrypted by using a CP-ABE encryption strategy, only the attribute set of the user, the airline company or the vehicle and enterprise can be set to decrypt the ciphertext.
And step S130, the black box signs the encrypted data key value pair and stores the signed data key value pair into a cloud database.
Specifically, the black box signs the encrypted data by using its own private key, and proves that the data stored in the cloud is the content sent by the determined black box, and the user verifies the signature by using the public key of the black box. By the mode, the data stored in the cloud database are accompanied by the signature of the black box, so that each piece of data can be real and reliable real-time data of the vehicle body or the airplane.
For the data stored in the cloud database, only the roles conforming to the attributes can decrypt the original text information, and the settings are such that only the owner or the enterprise manufacturer can decrypt the original text information, so that the privacy of the user data is effectively ensured. The data stored in the cloud database are accompanied by the signature of the black box, so that each piece of data can be real and reliable real-time data of the vehicle body.
Step S140, performing hash operation on the encrypted value to obtain a hash value.
And the black box performs Hash operation on the data encrypted in the step S120 to obtain a Hash value of the data. The hash value corresponding to the data may be calculated by using an existing hash algorithm, such as MD5 algorithm or SHA-256.
Step S150, performing a Merkle-Hash tree operation on the Hash value of the data included in the set time period.
Taking the millisecond-level update of black box data as an example, the update is performed once every millisecond, in order to improve the efficiency of storing the Hash value on a block chain subsequently, in one embodiment, the data Hash value of every millisecond is not chained, 1000 Hash values in 1s are subjected to a Merkle-Hash tree operation, and finally a root Hash value is obtained. The black box stores the root hash value and the timestamp of 1s to the blockchain. In this way, the density of data stored to the blockchain and the frequency of updates are significantly reduced, while not affecting the storage efficiency while taking advantage of the blockchain characteristics.
As shown in fig. 3, from bottom to top, the leaf node of the first layer stores Hash values of corresponding data blocks, which correspond to 1000 data blocks within 1 second, respectively, and the Hash value of each parent node is associated with data corresponding to its child node (for example, equal to the result of Hash after adding data of its child node).
In step S160, the computed Merkle root hash value is stored as a value in the blockchain.
After the Merkle root hash value is obtained through operation, a key-value key value pair consisting of the root timestamp and the hash value is stored in the block chain network, namely the Merkle root hash value obtained through operation is stored in the block chain as a value. In one embodiment, HyperLegendr Fabric is used as the blockchain platform, which has high access efficiency and good performance such as pluggable consensus mechanism.
In the embodiment, the root Hash and the timestamp of the second are uplink-stored, so that the real-time performance of data updating is ensured, and the Merkle-Hash tree can conveniently verify whether data is tampered, so that the cloud data is true and reliable.
Step S170, when the data is read from the cloud database, the same operation process is performed on the data after the verification signature passes, and the result is compared with the result stored in the block chain.
When special conditions occur and a user or a vehicle enterprise needs to acquire real-time information in the motion process of a vehicle body at a certain moment, a specific information ciphertext of a required time point is retrieved and acquired in a cloud database by using a timestamp, and data is checked. The checkmark passes real-time body or machine condition information indicating that the data is indeed collected and uploaded by the black box of the vehicle or aircraft. After the cloud database acquires all the information of the required time period, hash operation of the step S140 and the step S150 is carried out on the information, a root hash value of each 1S is calculated, the root hash value is compared with the root hash value stored on the block chain, and the comparison result is consistent and shows that the data is not tampered, and the method is real and effective.
And step S180, if the comparison result is consistent, the data is real and credible data, and ABE decryption is carried out to obtain the original data.
After the comparison is passed, the user or the vehicle enterprise is required to provide the identity attribute to decrypt the data acquired by the cloud, and real-time data information of the vehicle or the airplane at a specific time is restored, so that accident reasons are analyzed.
In order to further verify the effect of the invention, a plurality of simulation tests are carried out. Experiments prove that the method can meet expected design indexes and can be used for data access of black boxes in the fields of airplanes, automobiles and the like. The invention ensures real-time data updating by jointly storing data through the cloud and the block chain, can cope with various emergency conditions, and ensures that real and credible real-time data information can be obtained when needed.
In summary, the black box data access method based on the block chain and the cloud storage provided by the invention solves the storage efficiency problem and the privacy protection problem in the prior art by the block chain and the cloud database for cooperative storage, and has at least the following advantages:
1) compared with the existing airplane black box scheme, the method has the advantages that the needed black box data can be obtained from the cloud database through cloud storage when special conditions such as black box loss occur, and the data of the block chain is used for verifying the reality and effectiveness of the data;
2) compared with the existing black box data block chain storage method on the automobile, the method does not directly store the data on the block chain, but jointly stores the data through the cloud and the block chain, and the efficiency can be updated at millisecond level. The cloud stores data subjected to attribute encryption, and only the role with specific identity attribute can decrypt the original text, so that the privacy and safety of the user are greatly protected. The cloud database stores real-time encryption information, the block chain stores Hash verification information, the real-time efficiency of the database is fully utilized by the combined use of the cloud and the block chain, and the anti-tampering and safety of the block chain platform ensure the real validity of data, and the closed loop of data trust is realized.
The present invention may be a system, method and/or computer program product. The computer program product may include a computer-readable storage medium having computer-readable program instructions embodied therewith for causing a processor to implement various aspects of the present invention.
The computer readable storage medium may be a tangible device that can hold and store the instructions for use by the instruction execution device. The computer readable storage medium may be, for example, but not limited to, an electronic memory device, a magnetic memory device, an optical memory device, an electromagnetic memory device, a semiconductor memory device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a Static Random Access Memory (SRAM), a portable compact disc read-only memory (CD-ROM), a Digital Versatile Disc (DVD), a memory stick, a floppy disk, a mechanical coding device, such as punch cards or in-groove projection structures having instructions stored thereon, and any suitable combination of the foregoing. Computer-readable storage media as used herein is not to be construed as transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission medium (e.g., optical pulses through a fiber optic cable), or electrical signals transmitted through electrical wires.
The computer-readable program instructions described herein may be downloaded from a computer-readable storage medium to a respective computing/processing device, or to an external computer or external storage device via a network, such as the internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. The network adapter card or network interface in each computing/processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in the respective computing/processing device.
The computer program instructions for carrying out operations of the present invention may be assembler instructions, Instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, or source code or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C + +, Python, or the like, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The computer-readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider). In some embodiments, aspects of the present invention are implemented by personalizing an electronic circuit, such as a programmable logic circuit, a Field Programmable Gate Array (FPGA), or a Programmable Logic Array (PLA), with state information of computer-readable program instructions, which can execute the computer-readable program instructions.
Aspects of the present invention are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer-readable program instructions.
These computer-readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer-readable program instructions may also be stored in a computer-readable storage medium that can direct a computer, programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer-readable medium storing the instructions comprises an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer, other programmable apparatus or other devices implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions. It is well known to those skilled in the art that implementation by hardware, by software, and by a combination of software and hardware are equivalent.
Having described embodiments of the present invention, the foregoing description is intended to be exemplary, not exhaustive, and not limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein is chosen in order to best explain the principles of the embodiments, the practical application, or improvements made to the technology in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein. The scope of the invention is defined by the appended claims.

Claims (10)

1. A black box data access method based on a block chain and cloud storage comprises the following steps:
step S1: organizing the black box data into a first key-value key value pair structure, wherein the key value is a time stamp, and the value is real-time data required to be saved;
step S2: according to the key-value key value pair structure, encrypting the value based on the attribute to obtain encrypted data;
step S3: signing the encrypted data by using a private key of the black box, and storing signature data corresponding to the encrypted data in a cloud database;
step S4: and carrying out Hash operation on the encrypted data, executing Merkle Hash tree operation aiming at the Hash value of the data block contained in the set time period, obtaining a second key-value key value pair structure, and further storing the second key-value key value pair structure into the block chain network, wherein the key value is a timestamp, and the value is Merkle Tree root Hash.
2. The method according to claim 1, wherein in step S4, it is set that, for the real-time data collected on the millisecond level, the Merkle hash tree operation is performed on the hash values of 1000 data blocks included in 1 second.
3. The method of claim 1, wherein the Merkle tree comprises a plurality of levels of nodes, wherein leaf nodes are configured to store hash values corresponding to the data blocks, and the hash value of each parent node is equal to the result of the hash of the added data of its child nodes.
4. The method according to claim 1, wherein in step S2, the attribute-based encryption of the value comprises:
adopting attribute encryption based on a ciphertext strategy, embedding a key into an attribute set, and embedding a ciphertext into an access structure, wherein a black box data owner specifies the access structure;
the black box data owner sets decryption if and only if the attributes conform to the access structure.
5. The method of claim 4, wherein the black box data owner sets a set of attributes of the user, airline or vehicle enterprise that can decrypt the ciphertext.
6. The method of claim 1, wherein the black box data reflects an operating condition of an aircraft or an operating condition of an automobile.
7. The method of claim 1, wherein the real-time data to be saved is vehicle running state information including body coordinates, time, throttle status, brake force, and body attitude.
8. The method of claim 1, further comprising obtaining data stored in a cloud database according to the following steps:
searching and acquiring encrypted data of a required time point by using a timestamp in a cloud database, and signing and checking the encrypted data;
carrying out hash operation on the encrypted data passing the verification, calculating a Merkle root hash value of each set time period, and comparing the Merkle root hash value with a corresponding Merkle root hash value stored on a block chain network;
and if the comparison result is consistent, performing attribute-based decryption on the acquired encrypted data.
9. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 8.
10. A computer device comprising a memory and a processor, on which memory a computer program is stored which is executable on the processor, characterized in that the steps of the method of any of claims 1 to 8 are implemented when the processor executes the program.
CN202110679487.0A 2021-06-18 2021-06-18 Black box data access method based on blockchain and cloud storage Active CN113507369B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110679487.0A CN113507369B (en) 2021-06-18 2021-06-18 Black box data access method based on blockchain and cloud storage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110679487.0A CN113507369B (en) 2021-06-18 2021-06-18 Black box data access method based on blockchain and cloud storage

Publications (2)

Publication Number Publication Date
CN113507369A true CN113507369A (en) 2021-10-15
CN113507369B CN113507369B (en) 2024-07-16

Family

ID=78010521

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110679487.0A Active CN113507369B (en) 2021-06-18 2021-06-18 Black box data access method based on blockchain and cloud storage

Country Status (1)

Country Link
CN (1) CN113507369B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114155628A (en) * 2021-12-28 2022-03-08 浙江吉利控股集团有限公司 Automobile data storage method, storage node and system
CN114710320A (en) * 2022-03-03 2022-07-05 湖南科技大学 Edge calculation privacy protection method based on block chain and multi-key fully homomorphic encryption

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109165221A (en) * 2018-08-16 2019-01-08 北京京东尚科信息技术有限公司 Date storage method, device, block chain node and the storage medium of block chain
CN112650755A (en) * 2020-12-25 2021-04-13 北京百度网讯科技有限公司 Data storage method, method for querying data, database and readable medium
US20210136572A1 (en) * 2017-08-02 2021-05-06 Bae Systems Information And Electronic Systems Integration Inc. System and method for incident reconstruction utilizing v2x communications
CN112804064A (en) * 2021-01-26 2021-05-14 西安邮电大学 Attribute encryption access control system and method based on block chain

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210136572A1 (en) * 2017-08-02 2021-05-06 Bae Systems Information And Electronic Systems Integration Inc. System and method for incident reconstruction utilizing v2x communications
CN109165221A (en) * 2018-08-16 2019-01-08 北京京东尚科信息技术有限公司 Date storage method, device, block chain node and the storage medium of block chain
CN112650755A (en) * 2020-12-25 2021-04-13 北京百度网讯科技有限公司 Data storage method, method for querying data, database and readable medium
CN112804064A (en) * 2021-01-26 2021-05-14 西安邮电大学 Attribute encryption access control system and method based on block chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘文卓: ""基于区块链的云数据完整性保护方案"", 《中国新通信》, 5 May 2020 (2020-05-05), pages 125 - 126 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114155628A (en) * 2021-12-28 2022-03-08 浙江吉利控股集团有限公司 Automobile data storage method, storage node and system
CN114155628B (en) * 2021-12-28 2024-05-14 浙江吉利控股集团有限公司 Automobile data storage method, storage node and system
CN114710320A (en) * 2022-03-03 2022-07-05 湖南科技大学 Edge calculation privacy protection method based on block chain and multi-key fully homomorphic encryption

Also Published As

Publication number Publication date
CN113507369B (en) 2024-07-16

Similar Documents

Publication Publication Date Title
US10380812B2 (en) Vehicle transaction validation
AU2019262007B2 (en) Cloaking authority system
US9912655B2 (en) Unmanned vehicle message exchange
US9663226B2 (en) Influencing acceptance of messages in unmanned vehicles
US9714088B2 (en) Unmanned vehicle rollback
US20130036103A1 (en) Software Part Validation Using Hash Values
US20160285864A1 (en) Authenticated messages between unmanned vehicles
CN113507369B (en) Black box data access method based on blockchain and cloud storage
US20180284987A1 (en) Migration of information via storage devices
US11082409B2 (en) Verifying message authenticity with decentralized tamper-evident logs
CA2980747A1 (en) Authenticated messages between unmanned vehicles
CN109657492B (en) Database management method, medium, and electronic device
US20160340055A1 (en) Systems and methods for detecting a security breach in an aircraft network
US20170141921A1 (en) Location control of cloud data stores
CN105099698A (en) Vehicle data delivery
US20180285369A1 (en) Manifest generation for data transfers
US10146893B1 (en) Systems and methods for evaluating electronic control units within vehicle emulations
US11706192B2 (en) Integrated behavior-based infrastructure command validation
WO2017087288A1 (en) Tamper proof device capability store
WO2022261958A1 (en) Black box data access method based on blockchain and cloud storage
EP3846059B1 (en) Security threat detection in hosted guest operating systems
US11621857B2 (en) Fingerprint and provenance for movable storage devices
CN117459327A (en) Cloud data transparent encryption protection method, system and device
WO2024063903A1 (en) Verifiable attribute maps
WO2018183118A1 (en) Migration of information via storage devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant