CN114491653A - Data content tamper-proof system, method and device - Google Patents
Data content tamper-proof system, method and device Download PDFInfo
- Publication number
- CN114491653A CN114491653A CN202011266895.5A CN202011266895A CN114491653A CN 114491653 A CN114491653 A CN 114491653A CN 202011266895 A CN202011266895 A CN 202011266895A CN 114491653 A CN114491653 A CN 114491653A
- Authority
- CN
- China
- Prior art keywords
- data
- server
- key data
- identification
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/17—Details of further file system functions
- G06F16/1734—Details of monitoring file system events, e.g. by the use of hooks, filter drivers, logs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/23—Updating
- G06F16/2365—Ensuring data consistency and integrity
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
The application discloses a data content tamper-proofing system, a method and a device, wherein the data content tamper-proofing system comprises a data storage server, a data storage server and an operation log, wherein the data storage server is used for generating an operation log of key data and storing the operation log of the key data; the system for preventing data content from being tampered also comprises at least one collaboration server of the key data, the collaboration server is used for generating an operation log of the key data and storing the operation log of the key data; the data storage server is also used for reading an operation log of the key data stored by the collaboration server and comparing the operation log when a certain related party of the key data updates the key data; if the operation logs are not consistent, the cooperation server is informed that the operation logs of the key data are abnormal so as to jointly negotiate and process the abnormal problem, and the purpose of preventing the key data from being tampered is achieved.
Description
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a system, a method, and an apparatus for preventing data content from being tampered.
Background
Aiming at the operation service requirement, the vehicle factory end has own operation content data to be uploaded to a server of an operation system through a network. However, data may be tampered in the transmission process, and although the server storage can guarantee the data to a certain extent, the problem that some data are tampered in the data migration process is inevitable. These tampering are often not discovered in time, which affects the stability of the operating system.
Disclosure of Invention
The embodiment of the application provides a system, a method and a device for preventing data content from being tampered.
In a first aspect, an embodiment of the present application provides a data content tamper-proofing system, where the data content tamper-proofing system includes a data storage server, where the data storage server is used to generate an operation log of key data and store the operation log of the key data;
the system for preventing data content from being tampered also comprises at least one collaboration server of the key data, wherein the collaboration server is used for generating an operation log of the key data and storing the operation log of the key data;
the data storage server is further configured to read an operation log of the key data stored by the collaboration server when a first target server updates the key data, where the first target server is one of the data storage server and the collaboration server; comparing whether the operation logs of the key data stored by the data storage server and the operation logs of the key data stored by the collaboration server are consistent; and if the operation logs are not consistent, notifying the cooperation server that the operation logs of the key data are abnormal so as to jointly negotiate and process the abnormal problem.
In a second aspect, an embodiment of the present application provides a data content tamper-proofing method, which is applied to a data storage server in a data content tamper-proofing system, and the method further includes:
generating an operation log of key data, storing the operation log of the key data, wherein the data content tamper-proofing system further comprises at least one collaboration server of the key data, and the operation log of the key data generated by the collaboration server is stored in the collaboration server;
when a first target server updates the key data, reading an operation log of the key data stored by the cooperation server, wherein the first target server is one of the data storage server and the cooperation server;
comparing whether the operation logs of the key data stored by the data storage server and the operation logs of the key data stored by the collaboration server are consistent;
and if the operation logs are not consistent, notifying the cooperation server that the operation logs of the key data are abnormal so as to jointly negotiate and process the abnormal problem.
In a third aspect, an embodiment of the present application provides an apparatus for preventing data content from being tampered, where the apparatus is applied to a data storage server in a system for preventing data content from being tampered, and the apparatus includes:
the system comprises a log generating unit, a data content tamper-proofing system and at least one collaboration server, wherein the log generating unit is used for generating an operation log of key data and storing the operation log of the key data;
a log reading unit, configured to read an operation log of the key data stored by the collaboration server when a first target server updates the key data, where the first target server is one of the data storage server and the collaboration server;
a log comparison unit, configured to compare whether the operation logs of the key data stored in the data storage server and the operation logs of the key data stored in the collaboration server are consistent;
and the communication unit is used for notifying the collaboration server that the operation logs of the key data are abnormal if the operation logs are inconsistent so as to negotiate and process abnormal problems together.
In a fourth aspect, embodiments of the present application provide a data storage server, including a processor, a memory, a communication interface, and one or more programs, where the one or more programs are stored in the memory and configured to be executed by the processor, and the program includes instructions for executing steps of any of the methods of the second aspect of the embodiments of the present application.
In a fifth aspect, the present application provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program for electronic data exchange, where the computer program makes a computer perform part or all of the steps described in any one of the methods in the second aspect of the present application.
It can be seen that, in the embodiment of the present application, a data storage server generates and stores an operation log of key data, at least one collaboration server of the key data also generates and stores an operation log of the key data, when a relevant party of the key data updates the key data, the data storage server reads the operation logs of the key data stored by all collaboration servers of the key data, compares whether the operation logs of the key data stored by the data storage server and the operation logs of the key data stored by all collaboration servers are consistent, and if not, notifies all collaboration servers that the operation logs of the key data are abnormal, so as to negotiate and process an abnormal problem together, thereby achieving data alignment of two servers, further preventing the key data from being tampered, and finally improving stability of system operation.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic diagram of a data content tamper-resistant system provided by an embodiment of the present application;
FIG. 2 is a schematic diagram of an operation log of key data provided by an embodiment of the present application;
FIG. 3 is a diagram illustrating an operation log after updating critical data according to an embodiment of the present disclosure;
fig. 4 is a schematic flowchart of a method for preventing data content from being tampered according to an embodiment of the present application;
FIG. 5 is a schematic structural diagram of a data storage server according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a data content tamper-proofing device provided in an embodiment of the present application.
Detailed Description
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The following are detailed below.
The terms "first," "second," "third," and "fourth," etc. in the description and claims of this application and in the accompanying drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
Referring to fig. 1, fig. 1 is a schematic diagram of a data content tamper-proofing system provided in an embodiment of the present application, where the data content tamper-proofing system includes a data storage server 10;
a data storage server 10 for generating an operation log of key data and storing the operation log of the key data;
the data content tamper resistant system further comprises at least one collaboration server 20 of said critical data;
the collaboration server 20 is configured to generate an operation log of the key data, and store the operation log of the key data;
the data storage server 10 is further configured to read an operation log of the key data stored by the collaboration server 20 when a first target server updates the key data, where the first target server is one of the data storage server 10 and the collaboration server 20;
the data storage server 10 is further configured to compare whether the operation logs of the key data stored by the data storage server and the operation logs of the key data stored by the collaboration server are consistent;
the data storage server 10 is further configured to notify the collaboration server 20 that the operation log of the key data is abnormal if the operation logs are inconsistent, so as to negotiate and handle an abnormal problem together, thereby achieving the purpose of preventing the key data from being tampered.
The collaboration server 20 may be, for example, a third-party associated backend server, a vendor associated backend server, a user associated cloud server, or the like.
Wherein the key data are sensitive data of the data storage server 10 and the collaboration server 20. For example, the sensitive data of the data storage server 10 is all the operation data stored in the data storage server 10. For another example, the assistance server is a background server associated with the third party, and the sensitive data of the assistance server is all subscription data during the subscription of the third party. For another example, the assistance server is a manufacturer-associated background server, and the sensitive data of the assistance server is operation data related to the manufacturer. For another example, the collaboration server is a cloud server associated with the user, and the sensitive data of the collaboration server is data that the user concerns (e.g., data uploaded by the user himself, data subscribed by the user, etc.).
Wherein the oplog of the critical data does not contain the critical data.
The inconsistency of the operation logs refers to the inconsistency of at least two operation logs of the key data stored by the data storage server and the operation logs of the key data stored by the collaboration server. For example, it is assumed that an operation log of key data stored in the data storage server is an operation log 1, an assistance server of the key data includes an assistance server 1 and an assistance server 2, the operation log of the key data stored in the assistance server 1 is an operation log 2, the operation log of the key data stored in the assistance server 2 is an operation log 3, and if at least two operation logs of the operation log 1, the operation log 2, and the operation log 3 are inconsistent, the operation log of the key data is inconsistent.
In addition, all carriers of the key data are not terminal equipment (such as a smart phone, a tablet computer and the like), so that the frequency of log reading operation is not high, and excessive load cannot be brought to the system.
Optionally, the data storage server 10 is further configured to allow the first target server to update the key data if the operation logs are consistent.
The operation logs are identical, namely the operation logs of the key data stored by the data storage server and the operation logs of the key data stored by the collaboration server are completely identical. For example, it is assumed that the operation log of the key data stored in the data storage server is operation log 1, the assistance server of the key data includes assistance server 1 and assistance server 2, the operation log of the key data stored in the assistance server 1 is operation log 2, the operation log of the key data stored in the assistance server 2 is operation log 3, and if the operation log 1, the operation log 2, and the operation log 3 are identical, it indicates that the operation logs of the key data are identical.
Optionally, the operation log of the key data is composed of the following information: the key data comprises identification, a timestamp, operator identification, data related party identification, data Hash and operation content.
Wherein the data-related party identification comprises at least one of: manufacturer identification, third party identification and user identification.
The operation log is composed as shown in fig. 2, the time stamp occupies 8 bytes, the operator identifier occupies 16 bytes, the data related party identifier occupies 16 bytes, the data Hash occupies 128 bytes, and the operation content occupies 8 bytes.
Optionally, the sensitive characteristics of the critical data include at least one of: vendor information, subscription information, the key data, and user information.
Wherein the vendor information comprises at least one first vendor identification, the at least one first vendor identification comprising a vendor identification associated with the collaboration server. The vendor identifier is, for example, a vendor name, or other identifier. For example, assuming that the vendor information includes vendor identification 1, the backend server associated with vendor identification 1 is the assistance server for the critical data.
And/or the subscription information comprises at least one third party identifier subscribed to the key data, wherein the at least one third party identifier comprises a third party identifier associated with the collaboration server. The third party identifier is, for example, a third party name, or other identifiers. For example, assuming that the subscription information includes the third party identifier 1 subscribed to the key data, the background server associated with the third party identifier 1 is the assisting server for the key data.
And/or the key data comprises at least one data content, the at least one data content comprises at least one key word, the at least one key word is associated with at least one vendor type, the at least one vendor type is associated with at least one second vendor identification, and the at least one second vendor identification comprises a vendor identification associated with the collaboration server. For example, if the key data includes a data content 1, the data content 1 includes a keyword 1, the keyword 1 is associated with a vendor type 1 and a vendor type 2, the vendor type 1 is associated with a vendor identifier 1 and a vendor identifier 2, and the vendor type 2 is associated with a vendor identifier 3, then the backend server associated with the vendor identifier 1, the vendor identifier 2 and the vendor identifier 3 is an assistance server for the key data.
And/or the user information comprises at least one user identification, and the at least one user identification comprises a user identification associated with the collaboration server. The user identifier is, for example, a user name, an account, or other identifier. For example, assuming that the user information includes user identity 1, the cloud server associated with user identity 1 is the assistance server for the key data.
In an implementation manner of the present application, the identifier of the operation log of the key data is generated based on the identifier of the key data;
and the identification of the operation log of the key data stored by the data maintenance server is consistent with the identification of the operation log of the key data stored by the cooperation server.
Wherein the identification of the oplog of the critical data comprises the identification of the critical data. For example, assuming that the key data is identified as New Jun RM5 photo album, the operation log of the key data can be identified as New Jun RM5 photo album-201109 operation log.
Alternatively, the identification of the oplog of the critical data includes information associated with the identification of the critical data. The information associated with the identifier of the key data comprises a number corresponding to the identifier of the key data. For example, the key data is identified as new treasure horse RM5 photo album, and if the identification "new treasure horse RM5 photo album" corresponds to the number 11111, the operation log of the key data may be identified as 11111-201109 operation log.
It can be seen that, in this embodiment, the identifiers of the operation logs are uniform, which is convenient for the data storage server to quickly read the operation logs of the key data.
In an implementation manner of the present application, the first target server is configured to update an operation log of the key data after the key data is updated, and send update information of the operation log to a second target server, so that the second target server synchronously updates the operation log of the key data;
wherein the second target server is a server other than the first target server in the data storage server 10 and the collaboration server 20.
Wherein the update information of the operation log comprises at least one of the following: the system comprises a timestamp, an operator identifier, a data related party identifier, data Hash and operation content.
For example, assuming that the update information of the operation log is timestamp 1, operator identifier 1, data-related party identifier 1, data Hash1, and operation content 1, if the previous operation log is as shown in fig. 2, the updated operation log is as shown in fig. 3.
It can be seen that, in this embodiment, when the operation log of one relevant party of the critical data is updated, the other relevant parties of the critical data are notified to update the operation log of the critical data in time, so as to ensure the stability of the system operation.
Referring to fig. 4, fig. 4 is a schematic flowchart of a data content tamper-proofing method provided in an embodiment of the present application, and the data content tamper-proofing method is applied to a data storage server in a data content tamper-proofing system, and includes the following steps.
Step 410: the data content tamper-proofing system also comprises at least one collaboration server of the key data, and the collaboration server stores the operation logs of the key data generated by the collaboration server.
Step 420: when a first target server updates the key data, a data storage server reads an operation log of the key data stored by the collaboration server, wherein the first target server is one of the data storage server and the collaboration server.
Step 430: and the data storage server compares whether the operation logs of the key data stored by the data storage server and the operation logs of the key data stored by the collaboration server are consistent or not.
Step 440: and if the operation logs are not consistent, the data storage server informs the cooperation server that the operation logs of the key data are abnormal so as to negotiate and process the abnormal problem together.
Optionally, the method further comprises:
and if the operation logs are consistent, allowing the first target server to update the key data by the data storage server.
It can be seen that, in the embodiment of the present application, when the operation logs of the key data are inconsistent, all the collaboration servers are notified that the operation logs of the key data are abnormal, so as to negotiate and process the abnormal problem together, thereby achieving the purpose of preventing the key data from being tampered, and finally improving the stability of system operation.
Optionally, the operation log of the key data is composed of the following information: the key data comprises identification, a timestamp, operator identification, data related party identification, data Hash and operation content.
Optionally, the sensitive characteristics of the critical data include at least one of: manufacturer information, subscription information, the key data and user information;
the vendor information comprises at least one first vendor identification, and the at least one first vendor identification comprises a vendor identification associated with the collaboration server;
and/or the subscription information comprises at least one third party identifier subscribed to the key data, wherein the at least one third party identifier comprises a third party identifier associated with the collaboration server;
and/or the key data comprises at least one data content, the at least one data content comprises at least one key word, the at least one key word is associated with at least one vendor type, the at least one vendor type is associated with at least one second vendor identification, and the at least one second vendor identification comprises a vendor identification associated with the collaboration server;
and/or the user information comprises at least one user identification, and the at least one user identification comprises a user identification associated with the collaboration server.
Optionally, the identification of the oplog of the critical data is generated based on the identification of the critical data;
and the identification of the operation log of the key data stored by the data maintenance server is consistent with the identification of the operation log of the key data stored by the cooperation server.
In an implementation manner of the present application, the method further includes:
after the key data is updated, the data storage server updates the operation log of the key data, and sends the update information of the operation log to a second target server, so that the second target server synchronously updates the operation log of the key data, and the second target server is the collaboration server.
It should be noted that, the specific implementation of the embodiment refers to the specific implementation described in the above system, and is not described here.
Referring to fig. 5, fig. 5 is a schematic structural diagram of a data storage server according to an embodiment of the present application, and as shown in the drawing, the data storage server includes a processor, a memory, a communication interface, and one or more programs, where the one or more programs are stored in the memory and configured to be executed by the processor, and the programs include instructions for performing the following steps:
generating an operation log of key data, storing the operation log of the key data, wherein the data content tamper-proofing system further comprises at least one collaboration server of the key data, and the operation log of the key data generated by the collaboration server is stored in the collaboration server;
when a first target server updates the key data, reading an operation log of the key data stored by the cooperation server, wherein the first target server is one of the data storage server and the cooperation server;
comparing whether the operation logs of the key data stored by the data storage server and the operation logs of the key data stored by the collaboration server are consistent;
and if the operation logs are not consistent, notifying the cooperation server that the operation logs of the key data are abnormal so as to jointly negotiate and process the abnormal problem.
Optionally, the program includes instructions for further performing the steps of:
and if the operation logs are consistent, allowing the first target server to update the key data.
Optionally, the operation log of the key data is composed of the following information: the key data comprises identification, a timestamp, operator identification, data related party identification, data Hash and operation content.
Optionally, the sensitive characteristics of the critical data include at least one of: manufacturer information, subscription information, the key data and user information;
the vendor information comprises at least one first vendor identification, and the at least one first vendor identification comprises a vendor identification associated with the collaboration server;
and/or the subscription information comprises at least one third party identifier subscribed to the key data, wherein the at least one third party identifier comprises a third party identifier associated with the collaboration server;
and/or the key data comprises at least one data content, the at least one data content comprises at least one key word, the at least one key word is associated with at least one vendor type, the at least one vendor type is associated with at least one second vendor identification, and the at least one second vendor identification comprises a vendor identification associated with the collaboration server;
and/or the user information comprises at least one user identification, and the at least one user identification comprises a user identification associated with the collaboration server.
Optionally, the identification of the oplog of the critical data is generated based on the identification of the critical data;
and the identification of the operation log of the key data stored by the data maintenance server is consistent with the identification of the operation log of the key data stored by the cooperation server.
In an implementation manner of the present application, the program includes instructions for further performing the following steps:
and after the key data are updated, updating the operation log of the key data, and sending the update information of the operation log to a second target server so that the second target server synchronously updates the operation log of the key data, wherein the second target server is the collaboration server.
It should be noted that, the specific implementation of the embodiment refers to the specific implementation described in the above system, and is not described here.
Referring to fig. 6, fig. 6 is a schematic structural diagram of a data content tamper-proofing device according to an embodiment of the present application, which is applied to a data storage server in a data content tamper-proofing system, and the device includes:
a log generating unit 610, configured to generate an operation log of key data, and store the operation log of the key data, where the data content tamper-proofing system further includes at least one collaboration server of the key data, and the collaboration server stores the operation log of the key data generated by the collaboration server;
a log reading unit 620, configured to read an operation log of the key data stored by the collaboration server when a first target server updates the key data, where the first target server is one of the data storage server and the collaboration server;
a log comparison unit 630, configured to compare whether the operation logs of the key data stored by the data storage server and the operation logs of the key data stored by the collaboration server are consistent;
the communication unit 640 is configured to notify the collaboration server that the operation log of the key data is abnormal if the operation logs are inconsistent, so as to negotiate and handle an abnormal problem.
Optionally, the apparatus further comprises:
the processing unit 650 is configured to allow the first target server to update the key data if the operation logs are consistent.
Optionally, the operation log of the key data is composed of the following information: the key data comprises identification, a timestamp, operator identification, data related party identification, data Hash and operation content.
Optionally, the sensitive characteristics of the critical data include at least one of: manufacturer information, subscription information, the key data and user information;
the vendor information comprises at least one first vendor identification, and the at least one first vendor identification comprises a vendor identification associated with the collaboration server;
and/or the subscription information comprises at least one third party identifier subscribed to the key data, wherein the at least one third party identifier comprises a third party identifier associated with the collaboration server;
and/or the key data comprises at least one data content, the at least one data content comprises at least one key word, the at least one key word is associated with at least one vendor type, the at least one vendor type is associated with at least one second vendor identification, and the at least one second vendor identification comprises a vendor identification associated with the collaboration server;
and/or the user information comprises at least one user identification, and the at least one user identification comprises a user identification associated with the collaboration server.
Optionally, the identification of the oplog of the critical data is generated based on the identification of the critical data;
and the identification of the operation log of the key data stored by the data maintenance server is consistent with the identification of the operation log of the key data stored by the cooperation server.
In an implementation manner of the present application, the apparatus further includes:
the processing unit 650 is further configured to update the operation log of the key data after the key data is updated, and send update information of the operation log to a second target server, so that the second target server synchronously updates the operation log of the key data, where the second target server is the collaboration server.
Note that the log generating unit 610, the log reading unit 620, and the log comparing unit 630, and the processing unit 650 may be implemented by a processor. The communication unit 640 may be implemented by a communication interface.
The present application also provides a computer-readable storage medium, wherein the computer-readable storage medium stores a computer program for electronic data exchange, and the computer program causes a computer to execute some or all of the steps described in the data storage server in the above method embodiments.
The steps of a method or algorithm described in the embodiments of the present application may be implemented in hardware, or may be implemented by a processor executing software instructions. The software instructions may be comprised of corresponding software modules that may be stored in Random Access Memory (RAM), flash Memory, Read Only Memory (ROM), Erasable Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), registers, a hard disk, a removable disk, a compact disc Read Only Memory (CD-ROM), or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an ASIC. Additionally, the ASIC may reside in an access network device, a target network device, or a core network device. Of course, the processor and the storage medium may reside as discrete components in an access network device, a target network device, or a core network device.
Those skilled in the art will appreciate that in one or more of the examples described above, the functionality described in the embodiments of the present application may be implemented, in whole or in part, by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the application to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored on a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website, computer, server, or data center to another website, computer, server, or data center via wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., Digital Video Disk (DVD)), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the embodiments of the present application in further detail, and it should be understood that the above-mentioned embodiments are only specific embodiments of the present application, and are not intended to limit the scope of the embodiments of the present application, and any modifications, equivalent substitutions, improvements and the like made on the basis of the technical solutions of the embodiments of the present application should be included in the scope of the embodiments of the present application.
Claims (15)
1. The data content tamper-proofing system is characterized by comprising a data storage server, a data processing unit and a data processing unit, wherein the data storage server is used for generating an operation log of key data and storing the operation log of the key data;
the system for preventing data content from being tampered also comprises at least one collaboration server of the key data, wherein the collaboration server is used for generating an operation log of the key data and storing the operation log of the key data;
the data storage server is further configured to read an operation log of the key data stored by the collaboration server when a first target server updates the key data, where the first target server is one of the data storage server and the collaboration server; comparing whether the operation logs of the key data stored by the data storage server and the operation logs of the key data stored by the collaboration server are consistent; and if the operation logs are not consistent, notifying the cooperation server that the operation logs of the key data are abnormal so as to jointly negotiate and process the abnormal problem.
2. The system of claim 1, wherein the data storage server is further configured to allow the first target server to update the critical data if the oplogs are consistent.
3. The system according to claim 1 or 2, characterized in that the oplog of critical data consists of the following information: the key data comprises identification, a timestamp, operator identification, data related party identification, data Hash and operation content.
4. The system of any of claims 1-3, wherein the sensitive characteristics of the critical data include at least one of: manufacturer information, subscription information, the key data and user information;
the vendor information comprises at least one first vendor identifier, the at least one first vendor identifier comprising a vendor identifier associated with the collaboration server;
and/or the subscription information comprises at least one third party identifier subscribed to the key data, wherein the at least one third party identifier comprises a third party identifier associated with the collaboration server;
and/or the key data comprises at least one data content, the at least one data content comprises at least one key word, the at least one key word is associated with at least one vendor type, the at least one vendor type is associated with at least one second vendor identification, and the at least one second vendor identification comprises a vendor identification associated with the collaboration server;
and/or the user information comprises at least one user identification, and the at least one user identification comprises a user identification associated with the collaboration server.
5. The system of any of claims 1-4, wherein the identification of the oplog of the critical data is generated based on the identification of the critical data;
and the identification of the operation log of the key data stored by the data maintenance server is consistent with the identification of the operation log of the key data stored by the cooperation server.
6. The system according to any one of claims 2-5, wherein the first target server is configured to update the operation log of the key data after the key data is updated, and send update information of the operation log to the second target server, so that the second target server synchronously updates the operation log of the key data;
the second target server is a server except the first target server in the data storage server and the collaboration server.
7. A method for preventing data content from being tampered, the method being applied to a data storage server in a system for preventing data content from being tampered, the method further comprising:
generating an operation log of key data, storing the operation log of the key data, wherein the data content tamper-proofing system further comprises at least one collaboration server of the key data, and the operation log of the key data generated by the collaboration server is stored in the collaboration server;
when a first target server updates the key data, reading an operation log of the key data stored by the collaboration server, wherein the first target server is one of the data storage server and the collaboration server;
comparing whether the operation logs of the key data stored by the data storage server and the operation logs of the key data stored by the collaboration server are consistent;
and if the operation logs are not consistent, notifying the cooperation server that the operation logs of the key data are abnormal so as to jointly negotiate and process the abnormal problem.
8. The method of claim 7, further comprising:
and if the operation logs are consistent, allowing the first target server to update the key data.
9. The method of claim 7 or 8, wherein the oplog of critical data consists of: the key data comprises identification, a timestamp, operator identification, data related party identification, data Hash and operation content.
10. The method of any of claims 7-9, wherein the sensitive characteristics of the critical data include at least one of: manufacturer information, subscription information, the key data and user information;
the vendor information comprises at least one first vendor identifier, the at least one first vendor identifier comprising a vendor identifier associated with the collaboration server;
and/or the subscription information comprises at least one third party identifier subscribed to the key data, wherein the at least one third party identifier comprises a third party identifier associated with the collaboration server;
and/or the key data comprises at least one data content, the at least one data content comprises at least one key word, the at least one key word is associated with at least one vendor type, the at least one vendor type is associated with at least one second vendor identification, and the at least one second vendor identification comprises a vendor identification associated with the collaboration server;
and/or the user information comprises at least one user identification, and the at least one user identification comprises a user identification associated with the collaboration server.
11. The method of any of claims 7-10, wherein the identification of the oplog of the critical data is generated based on the identification of the critical data;
and the identification of the operation log of the key data stored by the data maintenance server is consistent with the identification of the operation log of the key data stored by the cooperation server.
12. The method according to any one of claims 8-11, further comprising:
and after the key data are updated, updating the operation log of the key data, and sending the update information of the operation log to a second target server so that the second target server synchronously updates the operation log of the key data, wherein the second target server is the collaboration server.
13. A data content tamper-proofing apparatus, applied to a data storage server in a data content tamper-proofing system, the apparatus comprising:
the system comprises a log generating unit, a data content tamper-proofing system and at least one collaboration server, wherein the log generating unit is used for generating an operation log of key data and storing the operation log of the key data;
a log reading unit, configured to read an operation log of the key data stored by the collaboration server when a first target server updates the key data, where the first target server is one of the data storage server and the collaboration server;
a log comparison unit, configured to compare whether the operation logs of the key data stored in the data storage server and the operation logs of the key data stored in the collaboration server are consistent;
and the communication unit is used for notifying the collaboration server that the operation logs of the key data are abnormal if the operation logs are inconsistent so as to negotiate and process abnormal problems together.
14. The apparatus of claim 13, further comprising:
and the processing unit is used for allowing the first target server to update the key data if the operation logs are consistent.
15. A computer-readable storage medium, characterized in that a computer program for electronic data exchange is stored, wherein the computer program causes a computer to perform the method according to any of the claims 7-12.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011266895.5A CN114491653A (en) | 2020-11-13 | 2020-11-13 | Data content tamper-proof system, method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011266895.5A CN114491653A (en) | 2020-11-13 | 2020-11-13 | Data content tamper-proof system, method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114491653A true CN114491653A (en) | 2022-05-13 |
Family
ID=81491035
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011266895.5A Pending CN114491653A (en) | 2020-11-13 | 2020-11-13 | Data content tamper-proof system, method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114491653A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115118507A (en) * | 2022-06-29 | 2022-09-27 | 支付宝(杭州)信息技术有限公司 | Log certificate storing and log verifying method and device suitable for privacy calculation |
-
2020
- 2020-11-13 CN CN202011266895.5A patent/CN114491653A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115118507A (en) * | 2022-06-29 | 2022-09-27 | 支付宝(杭州)信息技术有限公司 | Log certificate storing and log verifying method and device suitable for privacy calculation |
| CN115118507B (en) * | 2022-06-29 | 2023-09-08 | 支付宝(杭州)信息技术有限公司 | Log evidence-storing and log verification method and device suitable for privacy calculation |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109873804B (en) | Behavior-based service identification method, behavior-based service identification device, behavior-based service identification equipment and readable storage medium | |
| CN109558748A (en) | Data processing method, device, electronic equipment and storage medium | |
| TWI776030B (en) | Blockchain-based transaction processing method and device, and electronic equipment | |
| CN110222500A (en) | Method for edition management, device, equipment and computer readable storage medium | |
| CN114328029B (en) | Backup method and device of application resources, electronic equipment and storage medium | |
| CN115695012A (en) | Login request processing method and device, electronic equipment and storage medium | |
| CN115242434A (en) | Application program interface API identification method and device | |
| CN114491653A (en) | Data content tamper-proof system, method and device | |
| CN111538566A (en) | Mirror image file processing method, device and system, electronic equipment and storage medium | |
| CN110674153B (en) | Data consistency detection method and device and electronic equipment | |
| US20230205849A1 (en) | Digital and physical asset tracking and authentication via non-fungible tokens on a distributed ledger | |
| CN111273920A (en) | Method and device for writing data into installation package and storage medium | |
| CN113312669B (en) | Password synchronization method, device and storage medium | |
| CN111835504A (en) | Identification code generation method and server | |
| CN113590180B (en) | Detection strategy generation method and device | |
| CN115328509A (en) | Algorithm changing method, device, computer equipment and storage medium | |
| CN107704557B (en) | Processing method and device for operating mutually exclusive data, computer equipment and storage medium | |
| CN109088854B (en) | Access method and device of shared application and readable storage medium | |
| CN107678928B (en) | Application program processing method and server | |
| CN112286881A (en) | Document authentication and tracing method and device | |
| CN111190858A (en) | Software information storage method, device, equipment and storage medium | |
| CN110825406A (en) | Software upgrading method and related equipment | |
| CN111506549A (en) | Block chain-based file processing system, method, device and storage medium | |
| CN110826078A (en) | Data storage method, device and system | |
| CN112235651B (en) | Configuration parameter selection method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |