CN114500111B - Multi-platform-based automatic project audit data processing method and system - Google Patents

Multi-platform-based automatic project audit data processing method and system Download PDF

Info

Publication number
CN114500111B
CN114500111B CN202210379737.3A CN202210379737A CN114500111B CN 114500111 B CN114500111 B CN 114500111B CN 202210379737 A CN202210379737 A CN 202210379737A CN 114500111 B CN114500111 B CN 114500111B
Authority
CN
China
Prior art keywords
node
audit data
platform
information
type
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210379737.3A
Other languages
Chinese (zh)
Other versions
CN114500111A (en
Inventor
王冬法
李群
汪海鸿
周迪伍
厉理
郭端宏
陶涛
王坤
方军红
潘绍立
吴陈婧
王博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Zhejiang Electric Power Co Ltd
Jinhua Power Supply Co of State Grid Zhejiang Electric Power Co Ltd
Original Assignee
State Grid Zhejiang Electric Power Co Ltd
Jinhua Power Supply Co of State Grid Zhejiang Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Zhejiang Electric Power Co Ltd, Jinhua Power Supply Co of State Grid Zhejiang Electric Power Co Ltd filed Critical State Grid Zhejiang Electric Power Co Ltd
Priority to CN202210379737.3A priority Critical patent/CN114500111B/en
Publication of CN114500111A publication Critical patent/CN114500111A/en
Application granted granted Critical
Publication of CN114500111B publication Critical patent/CN114500111B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/103Workflow collaboration or project management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0201Market modelling; Market analysis; Collecting market data
    • G06Q30/0206Price or cost determination based on market factors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/08Construction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1042Peer-to-peer [P2P] networks using topology management mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Human Resources & Organizations (AREA)
  • General Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Marketing (AREA)
  • Finance (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Tourism & Hospitality (AREA)
  • Health & Medical Sciences (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • General Health & Medical Sciences (AREA)
  • Primary Health Care (AREA)
  • Game Theory and Decision Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a multi-platform-based automatic project audit data processing method and a multi-platform-based automatic project audit data processing system, which specifically comprise the following steps: when one intranet node in a first type platform is stored with project audit data, acquiring a first information node of the intranet node; determining at least one corresponding second information node corresponding to a second type platform according to the first information node and a preset node authority list, and distributing project audit data stored in the first information node to the second information node corresponding to the second type platform respectively based on an intranet block chain; if any one of the first type platform or the second type platform receives the project audit data sending request, taking the corresponding first type platform or the second type platform as an outbound platform; and transmitting the encrypted engineering audit data at the intranet node of the external transmission platform to an external network node based on the network gate, and transmitting the engineering audit data to the external network node of the third type platform by the external network node.

Description

Multi-platform-based automatic project pricing audit data processing method and system
Technical Field
The invention relates to the technical field of data processing, in particular to a multi-platform-based automatic project audit data processing method and system.
Background
The examination is the examination and check work of the construction unit and the construction unit before the settlement of the project price based on the contract, the national quota and the relevant data of the project after the project passes the completion quality examination and acceptance, and is the affirmation of the price of the construction product. The specific method can be implemented by both parties negotiating pricing, or entrusting an organization with qualification to examine the final cost.
The audit refers to the supervision and evaluation of the investment income, the investment quality and the investment process of the national administrative department on the basic construction project, including the construction cost.
The project audit data is important for a company and belongs to a company secret, but in an actual working scene, the project audit data needs to be transmitted among construction units, construction units and stockholder companies to realize data interaction, but in the interaction process, how to ensure the safety of the data is a necessary premise.
The data security comprises two aspects, namely whether the data is acquired by lawless persons or not, namely the storage mode of the data is limited, and on the other hand, whether the data can be cracked or not after being acquired by the lawless persons or not, so that a technical scheme is urgently needed for carrying out security limitation in the storage process of the engineering audit data, carrying out dynamic encryption according to the storage mode of the data and ensuring the security of the engineering audit data.
Disclosure of Invention
The embodiment of the invention provides a multi-platform-based automatic engineering audit data processing method and system, wherein a network gate is used for cutting a plurality of platforms to obtain an inner network block chain and an outer network block chain, so that sensitive data such as engineering audit data and the like are transmitted through the inner network block chain during internal transmission, namely, safety and tamper resistance and source tracing are realized, when outer network transmission is carried out as necessary, the network gate can be opened to transmit necessary transmitted data to an external network, and different encryption can be carried out according to the attributes of different automatic engineering audit data to realize dynamic encryption. The invention can carry out safety restriction in the process of storing the project audit data, and carry out dynamic encryption according to the data storage mode, thereby ensuring the safety of the project audit data.
In a first aspect of the embodiments of the present invention, a method for processing automatic engineering audit data based on multiple platforms is provided, where the multiple platforms include a first type platform, a second type platform, and a third type platform, where the first type platform and the second type platform respectively include an intranet node and an extranet node, the intranet node and the extranet node are connected through a gatekeeper, and the following steps are specifically included:
forming an inner network block chain according to inner network nodes of all the first type platforms and the second type platforms, and forming an outer network block chain according to outer network nodes of all the first type platforms, the second type platforms and the third type platforms;
when one intranet node in the first type platform is stored with project audit data, acquiring a first information node of the intranet node;
determining at least one second information node corresponding to a second type platform according to the first information node and a preset node authority list, and distributing project audit data stored in the first information node to the second information nodes corresponding to the second type platform respectively based on an intranet block chain;
if any one of the first type platform or the second type platform is judged to receive the data sending request of the project audit price, the corresponding first type platform or the second type platform is taken as an outbound platform, a dynamic first encryption key is generated based on the first information node and the second information node of all the first type platform and the second type platform, and the project audit price data is encrypted according to the first encryption key;
and based on the network gate, transmitting the encrypted engineering audit data at the intranet node of the external transmission platform to the external network node, and transmitting the encrypted engineering audit data to the external network node of the third type platform by the external network node according to the data sending request.
Optionally, in a possible implementation manner of the first aspect, after a certain intranet node in the first type platform stores engineering audit data, the step of acquiring the first information node of the intranet node specifically includes:
each intranet node monitors the data storage interface, and if the fact that engineering audit data are stored in the first intranet storage medium at the corresponding intranet node is judged, broadcasting is conducted;
after other intranet nodes receive the broadcast, the behavior of the project audit data received by one intranet node is booked to obtain an intranet account book;
the method comprises the steps that intranet nodes obtain first information nodes corresponding to first intranet storage media stored in engineering audit data, and each first information node comprises at least one first intranet storage medium.
Optionally, in a possible implementation manner of the first aspect, in the step of determining, according to the first information node and a preset node authority list, at least one corresponding second information node corresponding to the second type of platform, and distributing the engineering review price audit data stored in the first information node to the second information node corresponding to the second type of platform based on an intranet block chain, the method specifically includes:
acquiring a node permission list generated by a plurality of intranet nodes based on a consensus mechanism, wherein the node permission list comprises a multidimensional node topological graph;
determining a first topological node corresponding to the first information node in the multi-dimensional node topological graph;
and determining at least one second topological node corresponding to the first topological node according to the multi-dimensional node topological graph, and sending the engineering audit data at the first information node to the second information node corresponding to the second topological node for storage.
Optionally, in a possible implementation manner of the first aspect, in the step of determining at least one second topology node corresponding to the first topology node according to the multidimensional node topology map, and sending the engineering audit data of the audit price of the first information node to the second information node corresponding to the second topology node for storage, the step specifically includes:
taking all vertical upper dimension nodes of the first topology node as a first type of second topology node, and acquiring a second information node corresponding to the first type of second topology node;
and after adding a first transmission identifier to the engineering audit data, the first information node sends the engineering audit data to a second information node corresponding to a first type of second topology node for storage, wherein the first transmission identifier is an identifier allowing the engineering audit data to be transmitted to an extranet block chain through a gatekeeper.
Optionally, in a possible implementation manner of the first aspect, in the step of determining at least one second topology node corresponding to the first topology node according to the multidimensional node topology map, and sending the engineering audit data of the audit price of the first information node to the second information node corresponding to the second topology node for storage, the step specifically includes:
if any one second topology node of the first type sends a data different-dimensional transmission command to the first topology node, the first topology node acquires a second information node in the different-dimensional transmission command as a second topology node of the second type;
and after adding a second transmission identifier to the engineering audit data, the first information node sends the second transmission identifier to a second information node corresponding to a second topology node of a second type for storage, wherein the second transmission identifier is an identifier which does not allow the engineering audit data to be transmitted to an extranet block chain through a gatekeeper.
Optionally, in a possible implementation manner of the first aspect, in the step of generating a dynamic first encryption key based on first and second information nodes of all the first and second types of platforms, and encrypting the engineering audit data according to the first encryption key, the step of generating a dynamic first encryption key specifically includes:
initializing and setting a first key vacancy, a second key vacancy and a third key vacancy, wherein prefixes of the first key vacancy, the second key vacancy and the third key vacancy are respectively provided with a first fixed character, a second fixed character and a third fixed character;
filling first attribute information of a first information node, second attribute information of a second information node of a first type and third attribute information of a second information node of a second type as traceability information into a first key vacancy, a second key vacancy and a third key vacancy respectively to obtain a first traceability key character string;
acquiring data character information of the engineering audit data, calculating the data character information based on a Hash algorithm to obtain a first Hash value, and obtaining a second tracing key character string based on the first Hash value;
and fusing the first tracing key character string and the second tracing key character string to obtain a first encryption key.
Optionally, in a possible implementation manner of the first aspect, in the step of transmitting, by a gatekeeper, the encrypted engineering audit data at the intranet node of the outbound platform to the extranet node, and the extranet node transmitting, according to the data sending request, the encrypted engineering audit data to the extranet node of the third type platform, the method specifically includes:
if the external network node of the external transmission platform is disconnected with other networks and the project audit data has the first transmission identifier, the network gate is opened to transmit the encrypted project audit data to the external network node of the external transmission platform;
if the external network node of the external transmission platform is judged to be disconnected from other networks, and the project audit data has a second transmission identifier, controlling the network gate to be closed, and not transmitting the project audit data externally and counting;
after receiving the data sending request, the external network node transmits the encrypted project audit data to the external network node of the third type platform;
the external network node of the third type platform decrypts the engineering audit data based on the first encryption key, and calculates the decrypted engineering audit data through a Hash algorithm to obtain a second Hash value;
and verifying the engineering audit data according to the second hash value and the first hash value in the first encryption key.
Optionally, in a possible implementation manner of the first aspect, if it is determined that the external network node of the outbound platform is disconnected from other networks, and the engineering audit data has the first transmission identifier, the step of opening the gatekeeper to transmit the encrypted engineering audit data to the external network node of the outbound platform specifically includes:
when a control unit at the gateway judges that an external network node is disconnected from other networks and project audit data has a first transmission identifier, the control unit acquires a verification coefficient corresponding to the gateway;
determining at least one verification topological node in the multi-dimensional node topological graph based on the verification coefficient, and sending a data verification request to the verification topological node;
and if all the verification topology nodes respectively send the confirmation verification information within the verification preset time period, the control unit controls the network gate to be opened so that the encrypted project audit data is transmitted to the external network node of the external platform.
Optionally, in a possible implementation manner of the first aspect, if it is determined that the external network node of the external transmission platform is disconnected from other networks, and the engineering audit data has the second transmission identifier, the method specifically includes, after the step of controlling the gatekeeper to close and not externally transmitting the engineering audit data and counting:
acquiring the total counting times of the gatekeeper after the current closing counting;
comparing the total counting times with preset multi-level time intervals to obtain a verification coefficient of the current moment, wherein each multi-level time interval has a preset verification coefficient;
if the verification coefficient at the current moment is the same as the verification coefficient at the previous moment of the gatekeeper, the verification coefficient is not updated;
and if the verification coefficient at the current moment is different from the verification coefficient at the previous moment of the network gate, updating the verification coefficient at the current moment to the verification coefficient at the previous moment.
In a second aspect of the embodiments of the present invention, an automatic engineering audit data processing system based on multiple platforms is provided, where the multiple platforms include a first type platform, a second type platform, and a third type platform, where the first type platform and the second type platform respectively include an intranet node and an extranet node, the intranet node and the extranet node are connected through a gatekeeper, and the following modules are used to process engineering audit data, which specifically includes:
the block chain generating module is used for forming an inner network block chain according to inner network nodes of all the first type platforms and the second type platforms and forming an outer network block chain according to outer network nodes of all the first type platforms, the second type platforms and the third type platforms;
the node acquisition module is used for acquiring a first information node of an intranet node after one intranet node in the first type platform stores project audit data;
the active distribution module is used for determining at least one second information node corresponding to a second type platform according to the first information node and a preset node authority list, and distributing the project audit data stored in the first information node to the second information node corresponding to the second type platform respectively based on an intranet block chain;
the platform external transmission encryption module is used for taking a corresponding first type platform or second type platform as an external transmission platform if any first type platform or second type platform is judged to receive a data sending request of project audit price, generating a dynamic first encryption key based on first information nodes and second information nodes of all the first type platforms and second type platforms, and encrypting the project audit price data according to the first encryption key;
and the network external transmission encryption module is used for transmitting the engineering audit data encrypted at the intranet node of the external transmission platform to the external network node based on the network gate, and the external network node transmits the encrypted engineering audit data to the external network node of the third type of platform according to the data sending request.
A third aspect of the embodiments of the present invention provides a storage medium, in which a computer program is stored, and the computer program is used for implementing the method according to the first aspect of the present invention and various possible designs of the first aspect when the computer program is executed by a processor.
According to the automatic engineering audit data processing method and system based on the multiple platforms, provided by the invention, the multiple platforms are cut through the network gate to obtain the internal network block chain and the external network block chain, so that sensitive data such as engineering audit data and the like are transmitted through the internal network block chain when being transmitted internally, namely, safety, tampering prevention and source tracing are realized. When external network transmission is necessary, the data which are necessary to be transmitted can be transmitted to an external network by opening the network gate, and different encryption can be carried out according to the attributes of different automatic engineering audit data, so that dynamic encryption is realized. The internal network block chain and the external network block chain have different data sending logics, the internal network block chain can actively distribute the automatic engineering audit data, so that the second type platform can actively obtain the corresponding automatic engineering audit data through the internal network node, the automatic engineering audit data does not need to be encrypted, and confidentiality is realized on storage safety. And when the third type platform receives the automatic engineering audit data, the automatic engineering audit data of the internal network block chain needs to be encrypted, then the encrypted automatic engineering audit data are transmitted to the external network information node through the network gate, and then the encrypted automatic engineering audit data are transmitted to the corresponding third type platform according to the external network information node, so that the safety guarantee is carried out on the transmission dimension.
According to the technical scheme provided by the invention, when the intranet block chain actively distributes the project audit data, the intranet block chain distributes the project audit data according to the preset multi-dimensional node topological graph, so that the relation between each second type platform and each first type platform can be quickly determined according to the multi-dimensional node topological graph, and the project audit data are distributed in batches and quickly. According to the method, the second information nodes are classified according to different relations between each second type platform and each first type platform in the multi-dimensional node topological graph, so that different second information nodes have different processing authorities to the engineering audit data, namely, part of the second information nodes can transmit and synchronize the data to an extranet block chain, and the leakage of the engineering audit data caused by the inundation of the data transmission authorities is avoided.
According to the technical scheme provided by the invention, the first attribute information, the second attribute information and the third attribute information are determined according to the transmission path of the engineering audit data, and the corresponding first traceability key character string is obtained by combining the first attribute information, the second attribute information and the third attribute information, at the moment, the first traceability key character string is obtained according to the distribution path of the engineering audit data, and the engineering audit data with different attributes can have different transmission paths. The method can also obtain a second traceable key character string according to the data character information of the engineering audit data, the second traceable key character string not only can be used as a part of the first encryption key, but also can be used for verifying the correctness of the engineering audit data, if the engineering audit data is tampered, the second traceable key character string can be quickly determined, and the validity and the safety of the engineering audit data are further guaranteed.
According to the technical scheme provided by the invention, the number of verification topology nodes when the gatekeeper is opened and the automatic engineering audit data is transmitted to the external network block chain is determined according to the verification coefficient of the control unit at each gatekeeper, and counting is carried out when the engineering audit data with the second transmission identifier is required to be transmitted, so that the verification coefficient of the gatekeeper during data transmission is gradually increased, the gatekeeper is more strictly managed to be opened and closed, the data which does not have authority transmission is prevented from being transmitted from the gatekeeper privately, the abuse of data transmission is avoided, and the stability in the data storage process is ensured.
Drawings
Fig. 1 is a schematic view of an application scenario of the technical solution provided in the present invention;
FIG. 2 is a flow diagram of a first embodiment of a multi-platform based automated project audit data processing method;
FIG. 3 is a flow diagram of a second embodiment of a multi-platform based automated project audit data processing method;
FIG. 4 is a schematic structural diagram of a multi-dimensional node topology;
FIG. 5 is a block diagram of a first embodiment of a multi-platform based automatic project audit data processing system.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein.
It should be understood that, in various embodiments of the present invention, the sequence numbers of the processes do not mean the execution sequence, and the execution sequence of the processes should be determined by the functions and the internal logic of the processes, and should not constitute any limitation on the implementation process of the embodiments of the present invention.
It should be understood that in the present application, "comprising" and "having" and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be understood that, in the present invention, "a plurality" means two or more. "and/or" is only an association relationship describing an associated object, and means that there may be three relationships, for example, a and/or B, and may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "comprises A, B and C" and "comprises A, B, C" means that A, B, C all comprise, "comprises A, B or C" means comprise one of A, B, C, "comprises A, B and/or C" means comprise any 1 or any 2 or 3 of A, B, C.
It should be understood that in the present invention, "B corresponding to a", "a corresponds to B", or "B corresponds to a" means that B is associated with a, and B can be determined from a. Determining B from a does not mean determining B from a alone, but may also be determined from a and/or other information. And the matching of A and B means that the similarity of A and B is greater than or equal to a preset threshold value.
As used herein, "if" may be interpreted as "at … …" or "when … …" or "in response to a determination" or "in response to a detection", depending on the context.
The technical means of the present invention will be described in detail with reference to specific examples. These several specific embodiments may be combined with each other below, and details of the same or similar concepts or processes may not be repeated in some embodiments.
As shown in fig. 1, a schematic structural diagram of the technical solution provided by the present invention includes a first type platform, a second type platform, and a third type platform, where the first type platform and the second type platform respectively include an intranet node and an extranet node, and the intranet node and the extranet node respectively have an intranet storage medium and an extranet storage medium. It is understood that the first type platform and the second type platform may be platforms of different companies in a group company, for example, the group company includes a parent company, a subsidiary company, and a grandchild company, one parent company may include a plurality of child companies, one child company may include a plurality of grandchild companies, the group company may form an internal network through an internal network, and the group company may form an external network through an external network. The project audit data can be stored through the intranet storage medium and the extranet storage medium respectively. The intranet nodes and the extranet nodes of each of the first type platform and the second type platform are connected through the network gate, so that the intranet nodes and the extranet nodes are physically disconnected in a conventional state, but the intranet nodes and the extranet nodes can be temporarily communicated when data transmission is needed.
The first type platform can be considered as a platform which receives the automatic engineering audit data at the current moment, and the second type platform can be a platform which does not receive the automatic engineering audit data at the current moment. A third type of platform may be an official platform such as the tax authority or the like.
The intranet nodes and the extranet nodes of one platform can be two computers, two servers and the like, and the two intranet servers and the extranet servers are disconnected through a network gate. All the intranet servers of the first type platform and the second type platform are connected through the local area network to form an intranet block chain. And all the extranet servers of the first type platform and the second type platform are connected through the local area network to form an extranet block chain.
The invention provides an automatic engineering audit data processing method based on multiple platforms, as shown in fig. 2, the processing of engineering audit data is carried out through the following steps, which specifically comprises the following steps:
step S110, an intranet block chain is formed according to all intranet nodes of the first type platform and the second type platform, and an extranet block chain is formed according to all extranet nodes of the first type platform, the second type platform and the third type platform. Because the number of the first type platform, the second type platform and the third type platform may be changed, the first type platform, the second type platform and the third type platform are updated at different time, and the intranet nodes of the first type platform and the second type platform form an intranet block chain, so that the first type platform and the second type platform can transmit data through the intranet block chain and can also transmit data through the extranet block chain. The first type platform, the second type platform and the third type platform are connected through the outer network block chain, and the outer network block chain can transmit data. The intranet blockchain is mainly used for storing and transmitting sensitive data of a group company, such as financial data, customer data, project price audit data and the like. The outer network blockchain may transmit data that is not sensitive.
And step S120, when one intranet node in the first type platform stores project audit data, acquiring a first information node of the intranet node. When an intranet node is obtained by the stored engineering audit data, the intranet node is proved to have new data, and generally, the engineering audit data needs to be reported to superior companies, stockholder companies, full capital companies and the like. So at this time, the first information node of the intranet node needs to be determined first. A first type of platform corresponds to at least one first inode. The intranet node of a first type of platform may include a server and multiple computers, each of which may be a first information node, and different servers and computers have different storage media, and different storage media may store different data.
In a possible embodiment of the technical solution provided by the present invention, step S120 specifically includes:
and each intranet node monitors the data storage interface, and broadcasts the data if judging that project audit data are stored in the first intranet storage medium at the corresponding intranet node. The data storage interface of the intranet node can be monitored, the broadcast can be carried out after the corresponding project audit data is stored, other nodes are informed to carry out accounting, the data is received by the intranet node at the moment, and the broadcast can also be carried out if the data is received by the extranet node, so that the data storage interface monitoring method and the data storage interface monitoring system are not repeated.
And after receiving the broadcast, the other intranet nodes perform accounting on the behavior of the project audit data received by one intranet node to obtain an intranet account book. After receiving the broadcast, other intranet nodes can book the project audit data received by the intranet nodes of the first type platform to obtain corresponding intranet accounts.
The intranet nodes acquire first information nodes corresponding to first intranet storage media stored in engineering audit data, and each first information node comprises at least one first intranet storage medium. At this time, the intranet node extracts the corresponding first information node. The first node information is dynamically changed, only the node which receives the project audit data is used as the first node information, and the second node information is in a conventional state.
For example, when a certain second type platform receives the project audit data to a first preset time period, the corresponding second type platform is converted into the first type platform, and the corresponding second node information is converted into the first node information.
Step S130, determining at least one corresponding second information node corresponding to the second type platform according to the first information node and a preset node authority list, and distributing project audit data stored in the first information node to the second information node corresponding to the second type platform respectively based on an intranet block chain. According to the technical scheme provided by the invention, after the first information node receives the project audit data, a plurality of second information nodes to which project audit data are required to be actively distributed are determined according to the node authority list.
In a possible implementation manner of the technical solution provided by the present invention, as shown in fig. 3, step S130 specifically includes:
step S1301, a node permission list generated by a plurality of intranet nodes based on a consensus mechanism is obtained, where the node permission list includes a multidimensional node topology map. The method configures a multi-dimensional node topological graph according to different companies in advance, and as shown in fig. 4, the multi-dimensional node topological graph comprises a parent company, a plurality of subsidiary companies and a plurality of grandchild companies.
Step S1302, determining a first topological node in the multidimensional node topological graph corresponding to the first information node. After a certain second information node is converted into a first information node, a first topology node in the multi-dimensional node topology graph is determined at first, and the first topology node is the topology node which receives the project audit data.
Step S1303, determining at least one second topological node corresponding to the first topological node according to the multi-dimensional node topological graph, and sending the engineering audit data of the first information node to the second information node corresponding to the second topological node for storage. After the first topological node is determined, a second topological node needing to distribute the automatic engineering audit data can be obtained directly according to the multi-dimensional node topological graph, and at the moment, the corresponding engineering audit data can be distributed to the second information node for storage. Each node in the topological graph corresponds to different companies respectively, different companies are divided into a first type platform and a second type platform according to different data receiving and sending states, and the first type platform and the second type platform correspond to a first information node or a second information node respectively. The topology node corresponding to the first type platform can be regarded as a first topology node, and the topology node corresponding to the second type platform can be regarded as a second topology node.
In a possible implementation manner of the technical solution provided by the present invention, step S1303 specifically includes:
and taking all vertical upper dimension nodes of the first topology node as a first type of second topology node, and acquiring a second information node corresponding to the first type of second topology node. According to the technical scheme provided by the invention, all vertical upper dimension nodes of the first topology node are taken as the second topology nodes of the first type according to the connection relation of each topology node, for example, when the first topology node is Sun company 3, the corresponding second topology nodes of the first type are subsidiary companies 2 and parent companies, and the second information nodes are intranet nodes of the second type platforms respectively corresponding to the subsidiary companies 2 and the parent companies.
And after adding a first transmission identifier to the engineering audit data, the first information node sends the engineering audit data to a second information node corresponding to a first type of second topology node for storage, wherein the first transmission identifier allows the engineering audit data to be transmitted to an extranet block chain through a gateway. It can be understood that the company corresponding to the first type of second topology node has direct jurisdiction over the company corresponding to the first topology node, so that the second topology node can transmit corresponding engineering audit data to other platforms. Therefore, after the first transmission identifier is added to the engineering audit data, the first transmission identifier is the authentication that the engineering audit data can pass through the gatekeeper, and if the first transmission identifier does not exist, the corresponding second information node cannot transmit the engineering audit data through the gatekeeper.
In a possible implementation manner of the technical solution provided by the present invention, step S1303 specifically includes:
if any one second topology node of the first type sends a data different-dimensional transmission command to the first topology node, the first topology node acquires a second information node in the different-dimensional transmission command as a second topology node of the second type. In an actual data transmission scenario, a subsidiary company without vertical leadership may need to check engineering audit data of some grandchild companies, for example, the subsidiary company 1 needs to check engineering audit data of the grandchild company 3, and then a company with vertical leadership (a second topology node of the first type) needs to send a data multidimensional transmission command to the first topology node, where the multidimensional transmission command at this time has information of the subsidiary company 1, and a second information node corresponding to the subsidiary company 1 is a second topology node of the second type at this time.
And after adding a second transmission identifier to the project audit data, the first information node sends the project audit data to a second information node corresponding to a second topology node of a second type for storage, wherein the second transmission identifier is that the project audit data is not allowed to be transmitted to an extranet block chain through a gatekeeper. At this time, the first information node may determine a second information node, the first information node adds a second transmission identifier to the engineering audit data, and then sends the engineering audit data to a second topology node of a second type, and at this time, the engineering audit data received by the subsidiary company 1 is added with the second transmission identifier, that is, the engineering audit data of the second transmission identifier may not be transmitted to the extranet blockchain, and only can be viewed through the intranet blockchain.
Through the technical scheme, different network storage modes can be provided after different nodes receive the project audit data according to different dimensions of the topological nodes in the multi-dimensional node topological graph, the first type of second information node can transmit the project audit data through a gateway, and the corresponding project audit data can be transmitted between an intranet and an extranet through the gateway. The second information node of the second type can not transmit the project audit data through the gatekeeper, namely, the corresponding project audit data can only be transmitted between the internal networks through the second information node. Through the mode, the circulation of the project audit data is reduced and the abuse of the transmission of the project audit data is avoided through the effective technical mode.
Step S140, if any one of the first type platform or the second type platform is judged to receive the project audit data sending request, the corresponding first type platform or the second type platform is used as an outbound platform, a dynamic first encryption key is generated based on the first information node and the second information node of all the first type platform and the second type platform, and the project audit data is encrypted according to the first encryption key.
After the platforms needing to check the project audit data in the intranet block chain all receive the corresponding project audit data, corresponding workers can check the corresponding project audit data through a display terminal at an intranet node, but when monitoring organizations such as a tax bureau, a business administration and the like need to check and verify the corresponding project audit data or other first parties need to check the project audit data, the corresponding project audit data needs to be transmitted.
At the moment, the first type platform or the second type platform which carries out the outward transmission operation and the outward transmission process is taken as the outward transmission platform, and the sending request of the engineering audit data can be transmitted to the first type platform or the second type platform by the third type platform through an external network. At this time, corresponding first encryption keys need to be generated according to the first information node and the second information node, and the engineering audit data is encrypted by combining the first encryption keys, so that the first encryption keys need to be dynamic in order to guarantee the encryption reliability of the engineering audit data, and a plurality of engineering audit data are prevented from having the same key.
In the prior art, many enterprises can perform dynamic encryption of quantum keys through quantum servers, but the encryption mode does not have relevance with corresponding data, and cannot perform tracing of partial information according to corresponding keys.
In a possible implementation manner of the technical solution provided by the present invention, step S140 specifically includes:
initializing and setting a first key vacancy, a second key vacancy and a third key vacancy, wherein prefixes of the first key vacancy, the second key vacancy and the third key vacancy are respectively provided with a first fixed character, a second fixed character and a third fixed character. According to the technical scheme provided by the invention, key initialization processing is carried out, corresponding first key vacancy, second key vacancy and third key vacancy are set at the time, and the first fixed character, the second fixed character and the third fixed character can be respectively A, B, C and the like. The key form at this time may be ABC.
And filling the first attribute information of the first information node, the second attribute information of the second information node of the first type and the third attribute information of the second information node of the second type as traceability information to a first key vacancy, a second key vacancy and a third key vacancy respectively to obtain a first traceability key character string. Different node information may have different attributes, the first attribute information may be its own identity, IP information, etc., the first attribute information, the second attribute information, and the third attribute information, e.g., 101, 102, 103, etc. The present invention fills the first attribute information, the second attribute information, and the third attribute information in the corresponding empty positions, which may be a101B102C 103. The first traceable key character string can be a first part of a first encryption key, and the traceable nodes can be obtained through the first traceable key character string, namely the first key vacancy can trace the nodes which initially receive engineering audit data, the second key vacancy can trace the second attribute information of the second information node of the first type, namely the nodes with the administration function to the first information node can be traced, and the third key vacancy can trace the information nodes which receive the corresponding engineering audit data but cannot be transmitted to an external network.
And acquiring data character information of the engineering audit data, calculating the data character information based on a Hash algorithm to obtain a first Hash value, and obtaining a second traceability key character string based on the first Hash value. According to the technical scheme provided by the invention, the data character information of the engineering audit data can be obtained, the data character information can be understood as the characters corresponding to the engineering audit data, and generally, the characters corresponding to different data are unique and fixed. The method can calculate the data character information based on a Hash algorithm to obtain a first Hash value, and the first Hash value can carry out traceability verification on corresponding engineering audit data.
And fusing the first tracing key character string in front of the second tracing key character string to obtain a first encryption key. For example, the second tracing key string is p @4u0 × q &3s, and the first encryption key obtained at this time is a101B102C103p @4u0 × q &3 s.
According to the technical scheme provided by the invention, two traceability key character strings with traceability functions are combined into the first encryption key, so that the first encryption key can encrypt the project audit data, and can perform traceability of transmission dimension and data correctness dimension on the project audit data. Therefore, data transmission and source tracing between the internal network block chain and the external network block chain are more convenient.
And S150, transmitting the encrypted engineering audit data at the intranet node of the outbound platform to an extranet node based on the network gate, and transmitting the encrypted engineering audit data to the extranet node of the third type of platform by the extranet node according to the data sending request. After the engineering audit data is encrypted, the corresponding intranet node and the corresponding extranet node are communicated and communicated through a gateway at the position of the external transmission platform, and after the corresponding engineering audit data is received by the extranet node, the encrypted engineering audit data can be transmitted to the extranet node of the third type platform according to a data sending request, so that the extranet node of the third type platform can audit the corresponding data.
Generally, the first encryption key and the engineering audit data may be transmitted separately, that is, may be transmitted via a mobile storage medium. And the behavior that each outbound platform transmits the project audit data to the third type platform can be booked through the extranet block chain.
In a possible embodiment of the technical solution provided by the present invention, step S150 specifically includes:
and if the outer network node of the outbound platform is judged to be disconnected from other networks, and the project audit data has the first transmission identifier, the network gate is opened to transmit the encrypted project audit data to the outer network node of the outbound platform. When the outer network node is disconnected with other networks, the outer network node is proved not to be attacked by other illegal nodes, the project audit data has a first transmission identifier, namely, the corresponding inner network node has the authority of transmitting the project audit data, and at the moment, the gatekeeper can be opened to transmit the encrypted project audit data to the outer network node of the outer transmission platform.
And if the external network node of the external transmission platform is judged to be disconnected from other networks, and the project audit data has the second transmission identifier, controlling the network gate to be closed, and not externally transmitting the project audit data and counting. In some scenes, some platforms may want to transmit files without an external transmission permission, at this time, a control unit at the gatekeeper will check a tag carried by the project audit data needing to be transmitted first, if the judgment is that the file is the second transmission identifier, the control unit will control the gatekeeper to close at this time, the project audit data is not transmitted externally, and counting is performed, the number of times that the platform corresponding to the gatekeeper wants to transmit the project audit data without the transmission permission is counted, and the more the number of times, the more the operation of the platform is proved to be irregular.
And after receiving the data sending request, the external network node transmits the encrypted engineering audit data to the external network node of the third type platform. And the external network node transmits the encrypted engineering audit data to the external network node of the third type platform according to the data sending request, so that the engineering audit data is transmitted to other companies outside the group.
And the extranet node of the third type platform decrypts the engineering audit data based on the first encryption key, and calculates the decrypted engineering audit data through a Hash algorithm to obtain a second Hash value. After receiving the engineering audit data, the extranet node of the third type platform decrypts the engineering audit data according to the first encryption key, and then calculates the engineering audit data through a Hash algorithm to obtain a second Hash value.
And verifying the engineering audit data according to the second hash value and the first hash value in the first encryption key. The method can compare and verify the second hash value obtained by the third type platform and the first hash value in the first encryption key, and if the second hash value is the same as the first hash value, the engineering audit data sent by the first type platform or the second type platform is proved to be the same as the engineering audit data received by the third type platform.
In a possible embodiment, in the step of opening the gatekeeper to transmit the encrypted engineering audit data to the extranet node of the outbound platform, if it is determined that the extranet node of the outbound platform is disconnected from other networks and the engineering audit data has the first transmission identifier, the method specifically includes:
and when the control unit at the gatekeeper judges that the external network node is disconnected from other networks and the project audit data has the first transmission identifier, the gatekeeper control unit acquires the verification coefficient corresponding to the gatekeeper. Generally, the opening and the connection of the gatekeeper may need to be controlled by a person with higher authority, and the gatekeeper control unit determines the verification coefficient after finding that the external network node is disconnected from other networks and the precondition that the engineering audit data has the first transmission identifier is reached. The validation factor may be 0, 1, 2, etc.
And determining at least one verification topological node in the multi-dimensional node topological graph based on the verification coefficient, and sending a data verification request to the verification topological node. The invention can determine at least one verification topological node in the multidimensional node topological graph according to the verification coefficient, for example, if the verification coefficient is 0, the verification topological node is 0, and if the verification coefficient is 1, the verification topological node is 1. The verification topology node may be a vertical up-dimension node. For example, the verification coefficient of the grandchild company is 1, and at this time, the corresponding verification topology nodes are 1, which may be the subsidiary companies 2. For example, the verification coefficient of the grandchild company is 2, and the verification topology nodes corresponding to the grandchild company are 2 nodes at this time, which may be the subsidiary company 2 and the parent company.
If all verification topology nodes respectively send verification information in a preset verification time period, the gatekeeper control unit controls the gatekeeper to open so that the encrypted project audit data is transmitted to the external network nodes of the external transmission platform. If all verification topology nodes respectively send the determined verification information within the corresponding verification preset time period, the data transmission is proved to be allowed, so that the gatekeeper control unit controls the gatekeeper to open at the moment so as to transmit the encrypted engineering audit data to the external network node of the external transmission platform, the data transmission between the internal network block chain and the external network block chain is realized, and the engineering audit data can be exposed in the external network at the moment.
In a possible embodiment, if the external network node of the outbound platform is disconnected from other networks and the project audit data has the second transmission identifier, the technical solution provided by the present invention specifically comprises the steps of controlling the gatekeeper to close and not transmitting the project audit data for outbound and counting:
and acquiring the total counting times of the gatekeeper after the current closing counting. After counting occurs in a certain gatekeeper, it is proved that the website wants to transmit data without transmission permission at the moment, and the platform corresponding to the gatekeeper is considered to have behavior of illegal operation at the moment, so that the number of illegal operations in a corresponding time period is determined by counting at the moment.
And comparing the total counting times with preset multi-level time intervals to obtain a verification coefficient of the current time, wherein each multi-level time interval has a preset verification coefficient. According to the technical scheme provided by the invention, a multi-level frequency interval can be preset, the multi-level frequency interval can be shown in table 1, the total counting frequency corresponding to the interval 1 of the multi-level frequency interval is 0-2, and the verification coefficient is 0, namely, a higher-dimensionality verification topological node is not needed at the moment, namely, the gatekeeper can be controlled to be opened and data transmission can be carried out without receiving and determining verification information in a verification preset time period. The total counting number of times corresponding to the interval 2 of the multi-level time interval is 3-5, the verification coefficient is 1, namely, the topology node with higher dimensionality is needed to be verified at the moment, namely, the gatekeeper can be controlled to be opened and data transmission can be carried out by receiving the verification information which is determined and sent by 1 verification topology node in the preset verification time period.
Figure DEST_PATH_IMAGE001
And if the verification coefficient at the current moment is the same as the verification coefficient at the previous moment of the gatekeeper, not updating the verification coefficient. If the verification coefficient at the current moment is the same as that at the previous moment of the gatekeeper, the verification coefficient does not need to be updated, for example, the verification coefficient at the previous moment is 1, the total counting number is 3, when counting is performed again subsequently, the total counting number is changed to 4, and the verification coefficient at the current moment is still 1, so that the verification coefficients at the current moment are the same, the verification coefficient does not need to be updated, and only the total counting number needs to be updated.
And if the verification coefficient at the current moment is different from the verification coefficient at the previous moment of the gatekeeper, updating the verification coefficient at the current moment to the verification coefficient at the previous moment. If the verification coefficient at the current time is different from the verification coefficient at the previous time of the gatekeeper, the verification coefficient needs to be updated, for example, the verification coefficient at the previous time is 1, the total counting number is 6, when counting is performed again subsequently, the total counting number is changed to 7, and the verification coefficient at the current time is still 2, so that the verification coefficient at the current time is different from the verification coefficient at the previous time, the verification coefficient needs to be updated, and the total counting number is also updated. The number of verification topology nodes at this time is 2, including corresponding subsidiary companies and parent companies.
In order to implement the multi-platform-based automatic engineering audit data processing method provided by the present invention, the present invention further provides a multi-platform-based automatic engineering audit data processing system, which processes the engineering audit data through the following modules, as shown in fig. 5, specifically including:
the block chain generating module is used for forming an inner network block chain according to inner network nodes of all the first type platforms and the second type platforms and forming an outer network block chain according to outer network nodes of all the first type platforms, the second type platforms and the third type platforms;
the node acquisition module is used for acquiring a first information node of an intranet node after the intranet node in the first type platform is stored with project audit price data;
the active distribution module is used for determining at least one second information node corresponding to a second type platform according to the first information node and a preset node authority list, and distributing the project audit data stored in the first information node to the second information node corresponding to the second type platform respectively based on an intranet block chain;
the platform external transmission encryption module is used for generating a dynamic first encryption key based on the first information nodes and the second information nodes of all the first type platforms and the second type platforms if any one of the first type platforms or the second type platforms is judged to receive the data sending request of the engineering audit price, and encrypting the engineering audit price data according to the first encryption key;
and the network external transmission encryption module is used for transmitting the encrypted engineering audit data at the intranet node of the external transmission platform to the external network node based on the network gate, and the external network node transmits the encrypted engineering audit data to the external network node of the third type platform according to the data sending request.
The present invention also provides a storage medium, in which a computer program is stored, and the computer program is used for realizing the methods provided by the various embodiments described above when being executed by a processor.
The storage medium may be a computer storage medium or a communication medium. Communication media includes any medium that facilitates transfer of a computer program from one place to another. Computer storage media may be any available media that can be accessed by a general purpose or special purpose computer. For example, a storage medium is coupled to the processor such that the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an Application Specific Integrated Circuits (ASIC). Additionally, the ASIC may reside in user equipment. Of course, the processor and the storage medium may reside as discrete components in a communication device. The storage medium may be read-only memory (ROM), random-access memory (RAM), CD-ROMs, magnetic tapes, floppy disks, optical data storage devices, and the like.
The present invention also provides a program product comprising execution instructions stored in a storage medium. The at least one processor of the device may read the execution instructions from the storage medium, and the execution of the execution instructions by the at least one processor causes the device to implement the methods provided by the various embodiments described above.
In the embodiment of the terminal or the server, it should be understood that the Processor may be a Central Processing Unit (CPU), other general-purpose processors, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), and the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the present invention may be embodied directly in a hardware processor, or in a combination of the hardware and software modules within the processor.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and these modifications or substitutions do not depart from the spirit of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. The automatic engineering audit data processing method based on the multiple platforms is characterized in that the multiple platforms comprise a first type platform, a second type platform and a third type platform, the first type platform and the second type platform respectively comprise an intranet node and an extranet node, the intranet node and the extranet node are connected through a network gate, and the processing of the engineering audit data is carried out through the following steps, and the method specifically comprises the following steps:
forming an intranet block chain according to intranet nodes of all the first type platforms and the second type platforms, and forming an extranet block chain according to extranet nodes of all the first type platforms, the second type platforms and the third type platforms;
when one intranet node in the first type platform is stored with project audit data, a first information node of the intranet node is obtained;
determining at least one second information node corresponding to a second type platform according to the first information node and a preset node authority list, and distributing project audit data stored in the first information node to the second information nodes corresponding to the second type platform respectively based on an intranet block chain;
if any one of the first type platform or the second type platform is judged to receive the data sending request of the engineering audit, the corresponding first type platform or the second type platform is taken as an outbound platform, a dynamic first encryption key is generated based on the first information node and the second information node of all the first type platform and the second type platform, and the engineering audit data is encrypted according to the first encryption key;
and based on the network gate, transmitting the encrypted engineering audit data at the intranet node of the external transmission platform to the external network node, and transmitting the encrypted engineering audit data to the external network node of the third type platform by the external network node according to the data sending request.
2. The multi-platform based automatic engineering audit data processing method of claim 1,
after a certain intranet node in a first type platform is stored with project audit data, the step of obtaining a first information node of the intranet node specifically comprises the following steps:
each intranet node monitors the data storage interface, and if the fact that engineering audit data are stored in the first intranet storage medium at the corresponding intranet node is judged, broadcasting is conducted;
after other intranet nodes receive the broadcast, the behavior of the project audit data received by one intranet node is booked to obtain an intranet account book;
the method comprises the steps that intranet nodes obtain first information nodes corresponding to first intranet storage media stored in engineering audit data, and each first information node comprises at least one first intranet storage medium.
3. The multi-platform based automatic engineering audit data processing method of claim 1,
in the step of determining, according to the first information node and a preset node permission list, at least one corresponding second information node corresponding to the second type platform, and distributing, based on an intranet block chain, the engineering audit data of the audit price review stored in the first information node to the second information node corresponding to the second type platform, the method specifically includes:
acquiring a node permission list generated by a plurality of intranet nodes based on a consensus mechanism, wherein the node permission list comprises a multidimensional node topological graph;
determining a first topological node corresponding to the first information node in the multi-dimensional node topological graph;
and determining at least one second topological node corresponding to the first topological node according to the multi-dimensional node topological graph, and sending the engineering audit data at the first information node to the second information node corresponding to the second topological node for storage.
4. The multi-platform based automatic engineering audit data processing method of claim 3 wherein,
in the step of determining at least one second topology node corresponding to the first topology node according to the multidimensional node topology map, and sending the engineering audit data at the first information node to the second information node corresponding to the second topology node for storage, the method specifically includes:
taking all vertical upper-dimensional nodes of the first topological node as a first type of second topological node, and acquiring a second information node corresponding to the first type of second topological node;
and after adding a first transmission identifier to the engineering audit data, the first information node sends the engineering audit data to a second information node corresponding to a second topology node of the first type for storage, wherein the first transmission identifier is an identifier allowing the engineering audit data to be transmitted to an extranet block chain through a gatekeeper.
5. The multi-platform based automatic engineering audit data processing method of claim 4 wherein,
in the step of determining at least one second topology node corresponding to the first topology node according to the multidimensional node topology graph, and sending the engineering audit data at the first information node to the second information node corresponding to the second topology node for storage, the method specifically includes:
if any one first type of second topology node sends a data different-dimensional transmission command to the first topology node, the first topology node acquires a second information node in the different-dimensional transmission command as a second type of second topology node;
and after adding a second transmission identifier to the engineering audit data, the first information node sends the engineering audit data to a second information node corresponding to a second topology node of a second type for storage, wherein the second transmission identifier is an identifier which does not allow the engineering audit data to be transmitted to an extranet block chain through a gatekeeper.
6. The multi-platform based automatic engineering audit data processing method of claim 5 wherein,
the method specifically comprises the steps of generating a dynamic first encryption key based on first information nodes and second information nodes of all first type platforms and second type platforms, and encrypting engineering audit data according to the first encryption key, wherein the steps specifically comprise:
initializing and setting a first key vacancy, a second key vacancy and a third key vacancy, wherein prefixes of the first key vacancy, the second key vacancy and the third key vacancy are respectively provided with a first fixed character, a second fixed character and a third fixed character;
filling first attribute information of a first information node, second attribute information of a second information node corresponding to a first type of second topology node, and third attribute information of a second information node corresponding to a second type of second topology node as tracing information to a first key vacancy, a second key vacancy and a third key vacancy respectively to obtain a first tracing key character string;
acquiring data character information of the engineering audit data, calculating the data character information based on a Hash algorithm to obtain a first Hash value, and obtaining a second traceability key character string based on the first Hash value;
and fusing the first tracing key character string and the second tracing key character string to obtain a first encryption key.
7. The multi-platform based automatic engineering audit data processing method of claim 6,
in the step of transmitting the encrypted engineering audit data at the intranet node of the external platform to the external network node based on the gatekeeper, and transmitting the encrypted engineering audit data to the external network node of the third type platform by the external network node according to the data sending request, the method specifically comprises the following steps:
if the outer network node of the outbound platform is judged to be disconnected from other networks, and the project audit data has the first transmission identifier, the network gate is opened, so that the encrypted project audit data is transmitted to the outer network node of the outbound platform;
if the external network node of the external transmission platform is disconnected with other networks and the project audit data is provided with a second transmission identifier, controlling a network gate to close and not transmitting the project audit data externally and counting;
after receiving the data sending request, the external network node transmits the encrypted project audit data to the external network node of the third type platform;
the external network node of the third type platform decrypts the engineering audit data based on the first encryption key, and calculates the decrypted engineering audit data through a Hash algorithm to obtain a second Hash value;
and verifying the engineering audit data according to the second hash value and the first hash value in the first encryption key.
8. The multi-platform based automatic engineering audit data processing method of claim 7 wherein,
if the situation that the external network node of the external transmission platform is disconnected with other networks is judged, and the engineering audit data has the first transmission identifier, the gateway is opened, so that the encrypted engineering audit data is transmitted to the external network node of the external transmission platform, and the method specifically comprises the following steps:
when a control unit at the gatekeeper judges that an external network node is disconnected from other networks and project audit data has a first transmission identifier, the control unit acquires a verification coefficient corresponding to the gatekeeper;
determining at least one verification topological node in the multi-dimensional node topological graph based on the verification coefficient, and sending a data verification request to the verification topological node;
and if all the verification topology nodes respectively send the confirmation verification information within the verification preset time period, the control unit controls the network gate to be opened, so that the encrypted project audit data is transmitted to the external network node of the external platform.
9. The multi-platform based automatic project audit data processing method of claim 8,
if the external network node of the external transmission platform is disconnected from other networks, and the project audit data has a second transmission identifier, the method specifically comprises the following steps of controlling a gateway to be closed and not externally transmitting the project audit data and counting:
acquiring the total counting times of the gatekeeper after the gatekeeper is currently closed and counted;
comparing the total counting times with preset multi-level time intervals to obtain a verification coefficient of the current moment, wherein each multi-level time interval has a preset verification coefficient;
if the verification coefficient at the current moment is the same as the verification coefficient at the previous moment of the gatekeeper, the verification coefficient is not updated;
and if the verification coefficient at the current moment is different from the verification coefficient at the previous moment of the gatekeeper, updating the verification coefficient at the current moment to the verification coefficient at the previous moment.
10. Automatic engineering audit data processing system that audits based on multi-platform, its characterized in that, multi-platform include first type platform, second type platform and third type platform, and first type platform, second type platform include intranet node and extranet node respectively, intranet node and extranet node pass through the gatekeeper and connect, carry out the processing of engineering audit data that audits through following module, specifically include:
the block chain generating module is used for forming an inner network block chain according to inner network nodes of all the first type platforms and the second type platforms and forming an outer network block chain according to outer network nodes of all the first type platforms, the second type platforms and the third type platforms;
the node acquisition module is used for acquiring a first information node of an intranet node after the intranet node in the first type platform is stored with project audit price data;
the active distribution module is used for determining at least one second information node corresponding to a second type platform according to the first information node and a preset node authority list, and distributing project audit data stored in the first information node to the second information node corresponding to the second type platform respectively based on an intranet block chain;
the platform external transmission encryption module is used for generating a dynamic first encryption key based on the first information nodes and the second information nodes of all the first type platforms and the second type platforms if any one of the first type platforms or the second type platforms is judged to receive the data sending request of the engineering audit price, and encrypting the engineering audit price data according to the first encryption key;
and the network external transmission encryption module is used for transmitting the encrypted engineering audit data at the intranet node of the external transmission platform to the external network node based on the network gate, and the external network node transmits the encrypted engineering audit data to the external network node of the third type platform according to the data sending request.
CN202210379737.3A 2022-04-12 2022-04-12 Multi-platform-based automatic project audit data processing method and system Active CN114500111B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210379737.3A CN114500111B (en) 2022-04-12 2022-04-12 Multi-platform-based automatic project audit data processing method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210379737.3A CN114500111B (en) 2022-04-12 2022-04-12 Multi-platform-based automatic project audit data processing method and system

Publications (2)

Publication Number Publication Date
CN114500111A CN114500111A (en) 2022-05-13
CN114500111B true CN114500111B (en) 2022-07-15

Family

ID=81488005

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210379737.3A Active CN114500111B (en) 2022-04-12 2022-04-12 Multi-platform-based automatic project audit data processing method and system

Country Status (1)

Country Link
CN (1) CN114500111B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114841789B (en) * 2022-06-27 2022-09-09 国网浙江省电力有限公司金华供电公司 Block chain-based auditing and auditing evaluation fault data online editing method and system
CN115065557B (en) * 2022-08-05 2022-11-04 国网浙江省电力有限公司 Data security interaction method suitable for multiple systems
CN115270162B (en) * 2022-09-26 2022-12-02 国网浙江省电力有限公司金华供电公司 Multi-party calculation-based auditing and auditing pricing heterogeneous data online integration method and system
CN116188188B (en) * 2023-03-01 2023-08-18 国网浙江省电力有限公司 Data encryption-based digital review method and system
CN116846611B (en) * 2023-06-20 2023-12-12 国网浙江省电力有限公司宁波供电公司 Data processing method and system suitable for engineering preposed audit and storage medium
CN117478427B (en) * 2023-12-26 2024-04-02 广东省能源集团贵州有限公司 Network security data processing method and system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108460298A (en) * 2016-12-09 2018-08-28 青岛璐琪信息科技有限公司 The guard method of movable storage device data
CN110971622A (en) * 2020-03-04 2020-04-07 信联科技(南京)有限公司 Bidirectional access method and system between public network application system and intranet application system
CN110996059A (en) * 2019-12-10 2020-04-10 浩云科技股份有限公司 Data transmission method and system
CN112491790A (en) * 2020-10-20 2021-03-12 国网河南省电力公司物资公司 Real-time response system based on internal and external network data interaction
CN113991870A (en) * 2021-11-22 2022-01-28 国网福建省电力有限公司 System and method for pushing internal and external network alarm information of power enterprise
CN113992366A (en) * 2021-10-15 2022-01-28 厦门市美亚柏科信息股份有限公司 Network data transmission method, device, equipment and storage medium
CN114296659A (en) * 2021-12-31 2022-04-08 深圳市利谱信息技术有限公司 Data one-way transmission method, intranet end unit and one-way isolation optical gate system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7366757B2 (en) * 2018-02-05 2023-10-23 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカ Communication system and control method
CN112738239B (en) * 2020-12-29 2023-03-31 杭州趣链科技有限公司 Block chain-based cross-network security data sharing method and system
CN113507480B (en) * 2021-07-23 2023-10-27 北京众享比特科技有限公司 Network equipment, gateway equipment and system and inter-network data transmission and reporting method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108460298A (en) * 2016-12-09 2018-08-28 青岛璐琪信息科技有限公司 The guard method of movable storage device data
CN110996059A (en) * 2019-12-10 2020-04-10 浩云科技股份有限公司 Data transmission method and system
CN110971622A (en) * 2020-03-04 2020-04-07 信联科技(南京)有限公司 Bidirectional access method and system between public network application system and intranet application system
CN112491790A (en) * 2020-10-20 2021-03-12 国网河南省电力公司物资公司 Real-time response system based on internal and external network data interaction
CN113992366A (en) * 2021-10-15 2022-01-28 厦门市美亚柏科信息股份有限公司 Network data transmission method, device, equipment and storage medium
CN113991870A (en) * 2021-11-22 2022-01-28 国网福建省电力有限公司 System and method for pushing internal and external network alarm information of power enterprise
CN114296659A (en) * 2021-12-31 2022-04-08 深圳市利谱信息技术有限公司 Data one-way transmission method, intranet end unit and one-way isolation optical gate system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Xingming Chen ; Shanshan Huang ; Houming Jiang ; Jun Wang.Data Interactive Access Gateway for Internal and External Networks in Dual Network Isolation Environment.《2020 IEEE 4th Conference on Energy Internet and Energy System Integration (EI2)》.2021, *
基于公安系统日志的安全审计平台研究与实现;赵彦;《中国优秀硕士学位论文全文数据库 信息科技辑》;20170615;全文 *

Also Published As

Publication number Publication date
CN114500111A (en) 2022-05-13

Similar Documents

Publication Publication Date Title
CN114500111B (en) Multi-platform-based automatic project audit data processing method and system
US11743054B2 (en) Method and system for creating and checking the validity of device certificates
CN109450910B (en) Data sharing method based on block chain, data sharing network and electronic equipment
CN109525671B (en) Block chain-based data storage method, electronic device and storage medium
CN103338188B (en) A kind of dynamic authentication method of client side being applicable to mobile cloud
US20050232421A1 (en) Secure logging of transactions
JP2006246543A (en) Cryptographic system and method with key escrow function
CN113495920A (en) Content auditing system, method and device based on block chain and storage medium
CN112115199A (en) Data management system based on block chain technology
CN113254947A (en) Vehicle data protection method, system, equipment and storage medium
CN108650261A (en) Mobile terminal system software method for burn-recording based on remote encryption interaction
CN104125230A (en) Short message authentication service system and authentication method
CN107426223A (en) Cloud file encryption and decryption method, encryption and decryption device and processing system
CN117332391A (en) Power distribution network data asset security access method and system considering authority hierarchical management and control
CN109889343B (en) Electronic invoice circulation control method, device and system
CN115270182A (en) Power grid project closed-loop control file management system
CN114254269A (en) System and method for determining rights of biological digital assets based on block chain technology
di Vimercati et al. Empowering owners with control in digital data markets
CN107403107B (en) Data security management method and system based on multipoint cooperation mechanism
CN113536372B (en) Data processing method and device and electronic equipment
CN112651713B (en) Energy statistical report sharing method based on block chain
CN114239081A (en) Business certificate processing method, system and electronic equipment
CN112769784A (en) Text processing method and device, computer readable storage medium and processor
US20230370270A1 (en) Anti-cloning architecture for device identity provisioning
Goplakrishnan et al. Sensitive product feature integrity and confidentiality using blockchain-based internet of things (IoT) architecture

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant