CN114095228A - Safe access method, system and device for data of Internet of things based on block chain and edge calculation and storage medium - Google Patents
Safe access method, system and device for data of Internet of things based on block chain and edge calculation and storage medium Download PDFInfo
- Publication number
- CN114095228A CN114095228A CN202111348621.5A CN202111348621A CN114095228A CN 114095228 A CN114095228 A CN 114095228A CN 202111348621 A CN202111348621 A CN 202111348621A CN 114095228 A CN114095228 A CN 114095228A
- Authority
- CN
- China
- Prior art keywords
- data
- internet
- things
- edge
- block chain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a safe access method, a system, a device and a storage medium of internet of things data based on block chains and edge calculation, wherein the method comprises the following steps: carrying out identity authentication on the edge equipment of the Internet of things, and if the authentication is passed, encrypting data acquired by the edge equipment of the Internet of things locally or sending the data to an edge gateway for encryption; uploading the encrypted data to an IPFS file storage module; acquiring storage information of the encrypted data in an IPFS file storage module, and storing the storage information into a block chain based on a data management component; and accessing the IPFS file storage module to acquire the data based on the storage information by requesting the storage information of the data from the blockchain. The invention utilizes block chain and edge computing technology to ensure the safe storage of the data of the Internet of things.
Description
Technical Field
The invention relates to a block chain and edge calculation-based safe access method, system, device and storage medium for data of the Internet of things, and belongs to the technical field of the Internet of things.
Background
With the rapid development of the internet of things, the safety problem of the equipment at the edge of the internet of things is more serious. Worldwide, a great amount of network attacks targeting internet of things edge devices are generated each year. One of the main attack means of hackers is to utilize firmware bugs of the internet of things edge devices to invade the internet of things edge devices, and take the attacked internet of things edge devices as a springboard to further attack the target internet of things.
The traditional data acquisition of the edge device of the internet of things generally adopts a client-server mode, and the data acquired by the edge device of the internet of things is stored on a central server. With the number of the internet of things edge devices reaching the order of millions or even tens of millions, the centralized management and maintenance of the internet of things edge device data brings immeasurable cost pressure and network security to device manufacturers and device operators. In the client-server model, a central server is responsible for centralized management of the entire data. This will result in the server being the target of hacking. The number of requests initiated by a large number of internet-of-things edge devices at the same time exceeds the response capability of the server, so that the server cannot respond to the device updating request, and the data call fails.
In order to solve the problems, the invention provides a method, a system, a device and a storage medium for safe access of data of the internet of things based on block chains and edge calculation.
Disclosure of Invention
The invention aims to overcome the defects in the prior art and provides a method, a system, a device and a storage medium for safe access of data of the Internet of things based on a block chain and edge calculation.
In order to achieve the purpose, the invention is realized by adopting the following technical scheme:
in a first aspect, the invention provides a block chain and edge calculation-based internet of things data security access method, which includes:
carrying out identity authentication on the edge equipment of the Internet of things, and if the authentication is passed, encrypting data acquired by the edge equipment of the Internet of things locally or sending the data to an edge gateway for encryption;
uploading the encrypted data to an IPFS file storage module;
acquiring storage information of the encrypted data in an IPFS file storage module, and storing the storage information into a block chain based on a data management component;
and accessing the IPFS file storage module to acquire the data based on the storage information by requesting the storage information of the data from the blockchain.
Optionally, the authenticating the edge device of the internet of things includes: and verifying the identity of the edge equipment of the Internet of things and acquiring the corresponding data writing authority.
Optionally, the block chain includes an identity sub-chain, an authority sub-chain and a data sub-chain, where the identity sub-chain is used to store identity information of an edge device of the internet of things, the authority sub-chain is used to store authority information of the edge device of the internet of things, and the data sub-chain is used to store a hash value of data and store information.
In a second aspect, the invention provides an internet of things data security access device based on block chain and edge calculation, the device comprising:
the acquisition encryption module is used for carrying out identity authentication on the Internet of things edge equipment, and if the authentication is passed, data acquired by the Internet of things edge equipment is locally encrypted or sent to an edge gateway for encryption;
the distributed storage module is used for uploading the encrypted data to the IPFS file storage module;
the block chain storage module is used for acquiring the storage information of the encrypted data in the IPFS file storage module and storing the storage information into a block chain based on the data management component;
and the data acquisition module is used for accessing the IPFS file storage module to acquire the data based on the storage information by requesting the storage information of the data from the block chain.
In a third aspect, the invention provides an internet of things data security access device based on a block chain and edge calculation, which is characterized by comprising a processor and a storage medium;
the storage medium is used for storing instructions;
the processor is configured to operate in accordance with the instructions to perform the steps of the method according to any of the above.
In a fourth aspect, the invention provides a computer-readable storage medium, on which a computer program is stored, characterized in that the program, when executed by a processor, performs the steps of any of the methods described above.
Compared with the prior art, the invention has the following beneficial effects:
the invention provides a safe access method, a system, a device and a storage medium of Internet of things data based on block chains and edge calculation, which ensure the integrity of the data collected by the edge equipment of the Internet of things by using the block chains and the edge calculation technology, rather than a more common centralized solution; the method can support heterogeneous environments involving a large number of Internet of things edge devices and data, and effectively solves the problems of high cost, low safety and the like caused by a centralized data storage method; the integrity of the data acquisition process is protected and the related data is ensured to be difficult to be tampered; the acquired data is stored in the distributed storage, so that the excessive increase of block chain data caused by storing the data on the block chain is avoided.
Drawings
Fig. 1 is a flowchart of a method for securely accessing data of an internet of things based on a block chain and edge calculation according to an embodiment of the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings. The following examples are only for illustrating the technical solutions of the present invention more clearly, and the protection scope of the present invention is not limited thereby.
The first embodiment is as follows:
as shown in fig. 1, an embodiment of the present invention provides a secure access method for data of an internet of things based on a block chain and edge calculation, including the following steps:
(1) the method comprises the steps that identity authentication is carried out on the edge equipment of the Internet of things, and if the identity authentication is passed, data collected by the edge equipment of the Internet of things are encrypted locally or sent to an edge gateway for encryption;
the identity verification of the Internet of things edge equipment comprises the following steps: and verifying the identity of the edge equipment of the Internet of things and acquiring the corresponding data writing authority.
Through a distributed identity authentication technology based on a block chain, basic information of the equipment at the edge of the Internet of things is stored in the block to form an independent identity sub-chain special for storing identity information, and equipment authority information is stored in an independent authority sub-chain, so that the separation of the equipment identity information and the authority information is realized. Whether the Internet of things edge equipment has data writing authority is confirmed by verifying private key information of the Internet of things edge equipment; and if the identity verification is passed, performing the next operation, and if the identity verification is not passed, stopping the operation.
The Internet of things edge device firmware is an actual code operated on any Internet of things edge device, is a core component of industrial control and Internet of things edge devices, and contains various information and programs such as an operating system, a protocol stack, a configuration file, an executable script, an application component and the like operated by the device.
(2) Uploading the encrypted data to an IPFS file storage module;
(3) acquiring storage information of the encrypted data in an IPFS file storage module, and storing the storage information into a block chain based on a data management component;
the block chain comprises an identity subchain, an authority subchain and a data subchain, wherein the identity subchain is used for storing identity information of the Internet of things edge device, the authority subchain is used for storing authority information of the Internet of things edge device, and the data subchain is used for storing a hash value of data and storage information.
(4) And accessing the IPFS file storage module to acquire the data based on the storage information by requesting the storage information of the data from the blockchain.
According to the invention, the data acquired by the edge equipment of the Internet of things is stored in the distributed storage, and the terminal of the Internet of things sends the uploading request to the distributed storage, so that the uploading of other equipment data is not influenced by any transmission process without depending on a specific data transmission process. In addition, the problem of expansion of block chain account book data caused by storing collected data into a block chain is solved. A distributed identity verification mechanism is constructed through a block chain technology, and the condition that the identity of a user is stolen due to the fact that an account number and a password are leaked in a traditional centralized system is avoided.
Example two:
the embodiment of the invention provides an Internet of things data security access device based on a block chain and edge calculation, which comprises:
the acquisition encryption module is used for carrying out identity authentication on the Internet of things edge equipment, and if the authentication is passed, data acquired by the Internet of things edge equipment is locally encrypted or sent to an edge gateway for encryption;
the distributed storage module is used for uploading the encrypted data to the IPFS file storage module;
the block chain storage module is used for acquiring the storage information of the encrypted data in the IPFS file storage module and storing the storage information into a block chain based on the data management component;
and the data acquisition module is used for accessing the IPFS file storage module to acquire the data based on the storage information by requesting the storage information of the data from the block chain.
Example three:
the embodiment of the invention provides an Internet of things data security access device based on a block chain and edge calculation, which is characterized by comprising a processor and a storage medium;
a storage medium to store instructions;
the processor is configured to operate in accordance with instructions to perform steps according to any one of the methods described above.
Example four:
an embodiment of the present invention provides a computer-readable storage medium, on which a computer program is stored, wherein the program is configured to implement the steps of any one of the methods described above when executed by a processor.
The invention improves the security of data storage acquired by the edge equipment of the Internet of things based on the block chain technology, can support heterogeneous environments involving a large number of edge equipment of the Internet of things and various firmware maintainers, effectively solves the problems of high cost, low security and the like caused by a centralized data storage method, protects the security of a data transmission process by introducing an intelligent contract technology and ensures that related data are difficult to tamper.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.
Claims (6)
1. The safe access method of the data of the Internet of things based on the block chain and the edge calculation is characterized by comprising the following steps:
carrying out identity authentication on the edge equipment of the Internet of things, and if the authentication is passed, encrypting data acquired by the edge equipment of the Internet of things locally or sending the data to an edge gateway for encryption;
uploading the encrypted data to an IPFS file storage module;
acquiring storage information of the encrypted data in an IPFS file storage module, and storing the storage information into a block chain based on a data management component;
and accessing the IPFS file storage module to acquire the data based on the storage information by requesting the storage information of the data from the blockchain.
2. The secure access method for data of the internet of things based on the blockchain and the edge computing according to claim 1, wherein the identity verification of the edge device of the internet of things comprises: and verifying the identity of the edge equipment of the Internet of things and acquiring the corresponding data writing authority.
3. The Internet of things data security access method based on the block chain and the edge computing is characterized in that the block chain comprises an identity subchain, an authority subchain and a data subchain, wherein the identity subchain is used for storing identity information of an Internet of things edge device, the authority subchain is used for storing authority information of the Internet of things edge device, and the data subchain is used for storing a hash value of data and storing information.
4. Thing networking data security access arrangement based on block chain and edge calculation, its characterized in that, the device includes:
the acquisition encryption module is used for carrying out identity authentication on the Internet of things edge equipment, and if the authentication is passed, data acquired by the Internet of things edge equipment is locally encrypted or sent to an edge gateway for encryption;
the distributed storage module is used for uploading the encrypted data to the IPFS file storage module;
the block chain storage module is used for acquiring the storage information of the encrypted data in the IPFS file storage module and storing the storage information into a block chain based on the data management component;
and the data acquisition module is used for accessing the IPFS file storage module to acquire the data based on the storage information by requesting the storage information of the data from the block chain.
5. The Internet of things data security access device based on the block chain and the edge calculation is characterized by comprising a processor and a storage medium;
the storage medium is used for storing instructions;
the processor is configured to operate in accordance with the instructions to perform the steps of the method according to any one of claims 1 to 4.
6. Computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111348621.5A CN114095228A (en) | 2021-11-15 | 2021-11-15 | Safe access method, system and device for data of Internet of things based on block chain and edge calculation and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111348621.5A CN114095228A (en) | 2021-11-15 | 2021-11-15 | Safe access method, system and device for data of Internet of things based on block chain and edge calculation and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114095228A true CN114095228A (en) | 2022-02-25 |
Family
ID=80300842
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111348621.5A Pending CN114095228A (en) | 2021-11-15 | 2021-11-15 | Safe access method, system and device for data of Internet of things based on block chain and edge calculation and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114095228A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114826719A (en) * | 2022-04-19 | 2022-07-29 | 中国信息通信研究院 | Trusted terminal authentication method, system, device and storage medium based on block chain |
| CN117494111A (en) * | 2023-09-11 | 2024-02-02 | 德浦勒仪表(广州)有限公司 | Edge computing system and method for data processing and transmission of industrial flowmeter |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111382463A (en) * | 2020-04-02 | 2020-07-07 | 中国工商银行股份有限公司 | Block chain system and method based on stream data |
| CN112600892A (en) * | 2020-12-07 | 2021-04-02 | 北京邮电大学 | Block chain equipment and system for Internet of things and working method |
| CN113032814A (en) * | 2021-04-28 | 2021-06-25 | 华南理工大学 | Internet of things data management method and system |
| CN113360953A (en) * | 2021-06-03 | 2021-09-07 | 上海和数软件有限公司 | File distributed storage management method and system based on IPFS and block chain |
-
2021
- 2021-11-15 CN CN202111348621.5A patent/CN114095228A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111382463A (en) * | 2020-04-02 | 2020-07-07 | 中国工商银行股份有限公司 | Block chain system and method based on stream data |
| CN112600892A (en) * | 2020-12-07 | 2021-04-02 | 北京邮电大学 | Block chain equipment and system for Internet of things and working method |
| CN113032814A (en) * | 2021-04-28 | 2021-06-25 | 华南理工大学 | Internet of things data management method and system |
| CN113360953A (en) * | 2021-06-03 | 2021-09-07 | 上海和数软件有限公司 | File distributed storage management method and system based on IPFS and block chain |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114826719A (en) * | 2022-04-19 | 2022-07-29 | 中国信息通信研究院 | Trusted terminal authentication method, system, device and storage medium based on block chain |
| CN117494111A (en) * | 2023-09-11 | 2024-02-02 | 德浦勒仪表(广州)有限公司 | Edge computing system and method for data processing and transmission of industrial flowmeter |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2795829B1 (en) | Cryptographic system and methodology for securing software cryptography | |
| US20130042115A1 (en) | Systems and methods for implementing security in a cloud computing environment | |
| CN103843303A (en) | Management control method, device and system for virtual machine | |
| CN109921902B (en) | Key management method, security chip, service server and information system | |
| CN114095228A (en) | Safe access method, system and device for data of Internet of things based on block chain and edge calculation and storage medium | |
| TW201810109A (en) | Processing method for preventing copy attack, server and client | |
| WO2017000648A1 (en) | Authentication method and apparatus for reinforced software | |
| CN109347643B (en) | Ethernet-based user center system security supervision method and device | |
| CN104573549A (en) | Credible method and system for protecting confidentiality of database | |
| CN102244659A (en) | Execution method and apparatus of security policy script and security policy system | |
| JP2019057167A (en) | Computer program, device and determining method | |
| CN112559005A (en) | Internet of things equipment firmware updating method and system based on block chain and distributed storage | |
| CN103500202A (en) | Security protection method and system for light-weight database | |
| CN105471901A (en) | Industrial information security authentication system | |
| CN111541542A (en) | Request sending and verifying method, device and equipment | |
| CN111585995A (en) | Method and device for transmitting and processing safety wind control information, computer equipment and storage medium | |
| JP6951375B2 (en) | Information processing equipment, information processing methods and programs | |
| CN103970540A (en) | Method and device for safely calling key function | |
| Zawoad et al. | SECAP: Towards securing application provenance in the cloud | |
| CN111143808B (en) | System security authentication method and device, computing equipment and storage medium | |
| CN117032831A (en) | Trusted DCS upper computer system, starting method thereof and software starting method thereof | |
| WO2007074992A1 (en) | Method for detecting malicious code changes from hacking of program loaded and executed on memory through network | |
| CN112968774B (en) | Method, device storage medium and equipment for encrypting and decrypting configuration file | |
| CN114817956A (en) | USB communication object verification method, system, device and storage medium | |
| CN110460562A (en) | A kind of long-range Activiation method of POS terminal and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |