CN113791835A - Configuration system based on block chain, intelligent contract and configuration management method - Google Patents
Configuration system based on block chain, intelligent contract and configuration management method Download PDFInfo
- Publication number
- CN113791835A CN113791835A CN202111122243.9A CN202111122243A CN113791835A CN 113791835 A CN113791835 A CN 113791835A CN 202111122243 A CN202111122243 A CN 202111122243A CN 113791835 A CN113791835 A CN 113791835A
- Authority
- CN
- China
- Prior art keywords
- configuration
- block chain
- authority
- intelligent contract
- auditing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 33
- 238000012423 maintenance Methods 0.000 claims abstract description 24
- 238000000034 method Methods 0.000 claims abstract description 8
- 238000012550 audit Methods 0.000 claims description 18
- 238000012986 modification Methods 0.000 claims description 11
- 230000004048 modification Effects 0.000 claims description 11
- 230000000977 initiatory effect Effects 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims description 3
- 238000012552 review Methods 0.000 abstract description 4
- 241000412611 Consul Species 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44505—Configuring for program initiating, e.g. using registry, configuration files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Computing Systems (AREA)
- Data Mining & Analysis (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a configuration system, an intelligent contract and a configuration management method based on a block chain, wherein the system deployment architecture is divided into three layers: the upper layer is a configuration management system facing operation and maintenance and auditors; the middle layer is a decentralized block chain system, and different nodes can be deployed in different machine rooms; the bottom layer is each application, reads configuration information from the blockchain system and listens for configuration changes. The block chain provides decentralized deployment capability, different nodes can be deployed in different physical machine rooms, the fault of an individual node cannot affect the normal operation of the whole network, and the problem of low disaster tolerance rate caused by centralized deployment is perfectly solved. The method and the system can realize decentralized configuration management on the chain by combining the technology of the block chain, and different participants review the configuration change application together, and the parameter change and the review records are all stored on the chain, so that the operation and maintenance personnel are thoroughly prevented from modifying the program parameters maliciously.
Description
Technical Field
The invention relates to a configuration system, an intelligent contract and a configuration management method based on a block chain, in particular to the technical field of the block chain.
Background
The application program usually needs to read some configuration information, such as database connection parameters, log level, links of external interfaces, etc., when it is started and running. The configuration information is a read-only program variable and has various loading modes, such as hard coding in a program, a static configuration file, a database and the like; the codes of the same application program can run in different environments through parameter configuration of different environments. The configuration method is an infrastructure for uniformly managing the configuration of the application program; the configuration method is independent of the operation of the application program, and provides a uniform entrance for the configuration management of different application programs and different environments for a user; the configuration method generally adopts a cluster or master-slave deployment architecture, so that the probability of single-point failure is reduced; and by combining infrastructures such as the bastion machine and the like, fine-grained authority control and post audit of configuration management are provided.
Although common configuration methods, such as ZooKeeper, Consul, etc., all adopt a cluster or master-slave deployment architecture to reduce the probability of a single point of failure, the following problems still exist:
the disaster tolerance rate is low, and as the configuration methods are methodized deployment, the disaster tolerance rate for machine room faults, network faults and line faults caused by inefficacy is too low;
the post audit usually cannot recover the loss caused by data and service, although the operation log of the operation and maintenance personnel can be recorded in detail through solutions such as the bastion machine, the post audit and the tracing can be realized, and the operation and maintenance risk of the operation and maintenance personnel cannot be avoided in advance.
The present invention aims to solve the above pain points by blockchain technology.
Disclosure of Invention
The present invention is directed to a configuration system, an intelligent contract and a configuration management method based on a block chain, so as to solve the above-mentioned problems in the background art.
In order to achieve the purpose, the invention provides the following technical scheme: a configuration system deployment architecture based on a blockchain is divided into three layers: the upper layer is a configuration management system facing operation and maintenance and auditors; the middle layer is a decentralized block chain system, and different nodes can be deployed in different machine rooms; the bottom layer is each application, reads configuration information from the blockchain system and listens for configuration changes.
An intelligent contract of a configuration management system based on a blockchain is deployed on the blockchain.
The intelligent contract comprises the following core parts: firstly, managing users and authorities; the role and authority management of the user is realized by adopting a classical RBAC (role-based authority control);
the roles include: the administrator: the system has the authority of user and authority management, and is mutually exclusive with operation, maintenance and verification authority;
operation and maintenance personnel: the authority for initiating the configuration modification application is mutually exclusive with the auditing authority;
and (4) auditors: the system has configuration auditing authority which is mutually exclusive with operation and maintenance authority;
and (4) auditing personnel: the logic role is not required to be configured in the contract, and an auditor can inquire the information to be audited through a block chain;
secondly, managing environment and configuration;
operation and maintenance personnel can customize an environment ID, a name and a description, and create configuration information aiming at different applications in the environment;
configuration initialization and change need to be audited;
after configuration initialization, modifying whether the configuration change needs to be audited or not by an administrator, and an auditor list and an audited passing threshold;
and the application program acquires the specified configuration information according to the environment ID, the application program identification and other information.
Thirdly, auditing and auditing;
the auditor obtains the configuration change application to be audited through the audit interface and sends the audit result;
and an auditor inquires configuration change and audit history which need to be audited through an audit interface.
A configuration system based on a block chain and a configuration management method of an intelligent contract comprise the following steps:
firstly, operation and maintenance personnel use a block chain light client to send a configuration modification application to a configuration management intelligent contract;
step two, a plurality of auditors receive the configuration modification application through the block chain system and conduct manual audit;
thirdly, the multi-party auditors respectively use the block chain light clients to send auditing results to the configuration management intelligent contract;
step four, the intelligent contract automatically counts whether the votes with the approved auditing results meet the requirements or not
c) If yes, executing configuration change;
d) if not, refusing to execute configuration change;
and step five, if the intelligent contract executes configuration change, the corresponding application program uses the light client to monitor new configuration information and uses the state root to verify the Mercker certification of the configuration information, and configuration loading is executed after the situation is confirmed to be correct.
Compared with the prior art, the invention has the beneficial effects that: the block chain provides decentralized deployment capability, different nodes can be deployed in different physical machine rooms, the fault of an individual node cannot affect the normal operation of the whole network, and the problem of low disaster tolerance rate caused by centralized deployment is perfectly solved. The method and the system can realize decentralized configuration management on the chain by combining the technology of the block chain, and different participants review the configuration change application together, and the parameter change and the review records are all stored on the chain, so that the operation and maintenance personnel are thoroughly prevented from modifying the program parameters maliciously.
Drawings
FIG. 1 is a block chain based configuration system deployment architecture diagram of the present invention;
fig. 2 is a flow chart of a configuration system, an intelligent contract and a configuration management method based on a block chain according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example (b):
referring to fig. 1, a configuration system deployment architecture based on a block chain in this embodiment is divided into three layers: the upper layer is a configuration management system facing operation and maintenance and auditors; the middle layer is a decentralized block chain system, and different nodes can be deployed in different machine rooms; the bottom layer is each application, reads configuration information from the blockchain system and listens for configuration changes.
An intelligent contract for the management capability of the configuration management system based on the blockchain according to this embodiment is deployed on the blockchain.
The smart contract in this embodiment comprises the following core parts: firstly, managing users and authorities; the role and authority management of the user is realized by adopting a classical RBAC (role-based authority control);
the roles include: the administrator: the system has the authority of user and authority management, and is mutually exclusive with operation, maintenance and verification authority;
operation and maintenance personnel: the authority for initiating the configuration modification application is mutually exclusive with the auditing authority;
and (4) auditors: the system has configuration auditing authority which is mutually exclusive with operation and maintenance authority;
and (4) auditing personnel: the logic role is not required to be configured in the contract, and an auditor can inquire the information to be audited through a block chain;
secondly, managing environment and configuration;
operation and maintenance personnel can customize an environment ID, a name and a description, and create configuration information aiming at different applications in the environment;
configuration initialization and change need to be audited;
after configuration initialization, modifying whether the configuration change needs to be audited or not by an administrator, and an auditor list and an audited passing threshold;
and the application program acquires the specified configuration information according to the environment ID, the application program identification and other information.
Thirdly, auditing and auditing;
the auditor obtains the configuration change application to be audited through the audit interface and sends the audit result;
and an auditor inquires configuration change and audit history which need to be audited through an audit interface.
Referring to fig. 2, a configuration management method of a configuration management system based on a block chain in this embodiment includes the following steps: firstly, operation and maintenance personnel use a block chain light client to send a configuration modification application to a configuration management intelligent contract;
step two, a plurality of auditors receive the configuration modification application through the block chain system and conduct manual audit;
thirdly, the multi-party auditors respectively use the block chain light clients to send auditing results to the configuration management intelligent contract;
automatically counting whether the voting passed by the auditing result meets the requirement or not by the intelligent contract;
e) if yes, executing configuration change;
f) if not, refusing to execute configuration change;
and step five, if the intelligent contract executes configuration change, the corresponding application program uses the light client to monitor new configuration information and uses the state root to verify the Mercker certification of the configuration information, and configuration loading is executed after the situation is confirmed to be correct.
Those not described in detail in this specification are within the skill of the art. Although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that various changes in the embodiments and/or modifications of the invention can be made, and equivalents and modifications of some features of the invention can be made without departing from the spirit and scope of the invention.
Claims (3)
1. A configuration system based on a block chain is characterized in that the system deployment architecture is divided into three layers: the upper layer is a configuration management system facing operation and maintenance and auditors; the middle layer is a decentralized block chain system, and different nodes can be deployed in different machine rooms; the bottom layer is each application, reads configuration information from the blockchain system and listens for configuration changes.
2. An intelligent contract for a configuration management system based on a blockchain as claimed in claim 1, characterized by: the intelligent contracts are deployed on the block chains; the intelligent contract comprises the following core parts: firstly, managing users and authorities; the role and authority management of the user is realized based on the authority control of the role;
the roles include: the administrator: the system has the authority of user and authority management, and is mutually exclusive with operation, maintenance and verification authority;
operation and maintenance personnel: the authority for initiating the configuration modification application is mutually exclusive with the auditing authority;
and (4) auditors: the system has configuration auditing authority which is mutually exclusive with operation and maintenance authority;
and (4) auditing personnel: the logic role is not required to be configured in the contract, and an auditor can inquire the information to be audited through a block chain;
secondly, managing environment and configuration;
operation and maintenance personnel can customize an environment ID, a name and a description, and create configuration information aiming at different applications in the environment;
configuration initialization and change need to be audited;
after configuration initialization, modifying whether the configuration change needs to be audited or not by an administrator, and an auditor list and an audited passing threshold;
and the application program acquires the specified configuration information according to the environment ID, the application program identification and other information.
Thirdly, auditing and auditing;
the auditor obtains the configuration change application to be audited through the audit interface and sends the audit result;
and an auditor inquires configuration change and audit history which need to be audited through an audit interface.
3. A method for managing the configuration of the block chain configuration system according to claim 1, comprising the steps of: firstly, operation and maintenance personnel use a block chain light client to send a configuration modification application to a configuration management intelligent contract;
step two, a plurality of auditors receive the configuration modification application through the block chain system and conduct manual audit;
thirdly, the multi-party auditors respectively use the block chain light clients to send auditing results to the configuration management intelligent contract;
automatically counting whether the voting passed by the auditing result meets the requirement or not by the intelligent contract;
a) if yes, executing configuration change;
b) if not, refusing to execute configuration change;
and step five, if the intelligent contract executes configuration change, the corresponding application program uses the light client to monitor new configuration information and uses the state root to verify the Mercker certification of the configuration information, and configuration loading is executed after the situation is confirmed to be correct.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111122243.9A CN113791835A (en) | 2021-09-24 | 2021-09-24 | Configuration system based on block chain, intelligent contract and configuration management method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111122243.9A CN113791835A (en) | 2021-09-24 | 2021-09-24 | Configuration system based on block chain, intelligent contract and configuration management method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113791835A true CN113791835A (en) | 2021-12-14 |
Family
ID=78879346
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111122243.9A Pending CN113791835A (en) | 2021-09-24 | 2021-09-24 | Configuration system based on block chain, intelligent contract and configuration management method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113791835A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116319082A (en) * | 2023-05-17 | 2023-06-23 | 富算科技(上海)有限公司 | Processing method, system, equipment and medium of configuration data based on block chain |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108139964A (en) * | 2017-12-06 | 2018-06-08 | 深圳达闼科技控股有限公司 | Cloud service configuration method and device, storage medium and cloud service system |
| US20190132350A1 (en) * | 2017-10-30 | 2019-05-02 | Pricewaterhousecoopers Llp | System and method for validation of distributed data storage systems |
| CN110058878A (en) * | 2019-04-04 | 2019-07-26 | 交通银行股份有限公司 | Fabric block chain configuration method and system based on intelligent contract |
| CN110348202A (en) * | 2019-07-12 | 2019-10-18 | 北京物资学院 | A kind of mutual role help system and method based on block chain intelligence contract |
| CN112910835A (en) * | 2020-12-14 | 2021-06-04 | 海尔数字科技(上海)有限公司 | Block chain-based configuration management method, apparatus, system, device, and medium |
-
2021
- 2021-09-24 CN CN202111122243.9A patent/CN113791835A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190132350A1 (en) * | 2017-10-30 | 2019-05-02 | Pricewaterhousecoopers Llp | System and method for validation of distributed data storage systems |
| CN108139964A (en) * | 2017-12-06 | 2018-06-08 | 深圳达闼科技控股有限公司 | Cloud service configuration method and device, storage medium and cloud service system |
| CN110058878A (en) * | 2019-04-04 | 2019-07-26 | 交通银行股份有限公司 | Fabric block chain configuration method and system based on intelligent contract |
| CN110348202A (en) * | 2019-07-12 | 2019-10-18 | 北京物资学院 | A kind of mutual role help system and method based on block chain intelligence contract |
| CN112910835A (en) * | 2020-12-14 | 2021-06-04 | 海尔数字科技(上海)有限公司 | Block chain-based configuration management method, apparatus, system, device, and medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116319082A (en) * | 2023-05-17 | 2023-06-23 | 富算科技(上海)有限公司 | Processing method, system, equipment and medium of configuration data based on block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20240223587A1 (en) | Cybersecurity threat intelligence and remediation system | |
| US20230086613A1 (en) | Centralized offender management system for multiple jurisdictions | |
| CN108833464A (en) | Confederate state's formula multiple domain Internet of Things cooperative system and method, smart city, smart home | |
| CN102111440A (en) | Real-time information safety service method and system for supporting dynamic interaction | |
| CN101184214B (en) | Method of managing user authority in monitoring system | |
| CN111353172B (en) | Hadoop cluster big data access method and system based on block chain | |
| WO2014055694A2 (en) | Automated certification based on role | |
| CN107800783A (en) | The method and device of remote monitoring server | |
| CN110875943A (en) | Security service delivery method and related device | |
| US20060259955A1 (en) | Attribute-based allocation of resources to security domains | |
| CN113783899A (en) | Node exit method and blockchain | |
| CN113791835A (en) | Configuration system based on block chain, intelligent contract and configuration management method | |
| CN112764913A (en) | Service fusing method and device, storage medium and electronic equipment | |
| CN113722722A (en) | Block chain-based high-security-level access control method and system | |
| CN110188517A (en) | A kind of the user account number login method and device of based role mode | |
| CN114036560A (en) | Charging pile subsidy data management method based on block chain | |
| CN109714244B (en) | Instant messaging method based on tree structure | |
| CN111327602A (en) | Equipment access processing method, equipment and storage medium | |
| CN114553917B (en) | Block chain-based network intelligent treatment method | |
| CN115189959A (en) | Account login and access management method based on master-slave account | |
| CN110120146A (en) | It is a kind of based on platform system in the alarm method of platform system in alarm and alarm | |
| CN109428752B (en) | Verification method and device | |
| CN110198241A (en) | A kind of security control apparatus based on Network Management System | |
| CN116436979B (en) | Method and system for invoking external services by alliance block chain | |
| CN209328081U (en) | Control system is stared in construction based on monitor of the railway signal automatically |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |