CN115085902A - Power grid dispatching log management method and system - Google Patents
Power grid dispatching log management method and system Download PDFInfo
- Publication number
- CN115085902A CN115085902A CN202210646116.7A CN202210646116A CN115085902A CN 115085902 A CN115085902 A CN 115085902A CN 202210646116 A CN202210646116 A CN 202210646116A CN 115085902 A CN115085902 A CN 115085902A
- Authority
- CN
- China
- Prior art keywords
- log
- user
- power grid
- grid dispatching
- digital abstract
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/069—Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a power grid dispatching log management method and a system, comprising the following steps: acquiring user information of the log, and generating a unique user ID and a user key according to the user information; extracting a digital abstract of the log by using an SHA256 Hash algorithm, encrypting the log by using a CP-ABE algorithm according to an encryption strategy set by a user of the log to obtain a log ciphertext, uploading the log ciphertext to an IPFS, and receiving a Hash address returned by the IPFS; uploading the digital abstract, the hash address, the user ID, the log keywords, the user information and the log updating time to a block chain through an intelligent contract for log storage; and traversing data in the block chain by the intelligent contract according to the user ID to obtain a hash address, obtaining a log ciphertext from the IPFS according to the hash address, and decrypting the log ciphertext by using the user key to obtain a log plaintext. By the method, the safety problems of easiness in losing, damaging and tampering existing in the traditional storage method of the power grid dispatching log can be solved.
Description
Technical Field
The invention relates to the technical field of data management, in particular to a power grid dispatching log management method and system.
Background
The power grid dispatching log is an original record reflecting the operation and management work of power grid equipment, is the main basis for power grid dispatching and supervision, contains a large amount of confidential information, must be kept properly and safely, and avoids an attacker from carrying out targeted modification, deletion and counterfeiting of related records in the log and hiding the attack behavior. At present, a traditional centralized storage mode is usually adopted for a power grid dispatching log, so that various safety problems such as easiness in damage, loss and tampering exist, higher maintenance cost is needed, and higher difficulty is brought to retrieval, query, analysis and other applications of the log.
Disclosure of Invention
The invention aims to provide a power grid dispatching log management method and a system, which solve the safety problems of easy loss, damage and tampering of the traditional storage method of the power grid dispatching log and reduce the retrieval, query and analysis costs of the log.
In order to achieve the above object, the present invention provides a power grid dispatching log management method, including:
for any power grid dispatching log, the method comprises a power grid dispatching log storage step and a power grid dispatching log query step;
the power grid dispatching log storage step comprises the following steps:
acquiring user information of a power grid dispatching log, and generating a unique user ID and a user key according to the user information;
extracting a digital abstract of the power grid dispatching log by using an SHA256 hash algorithm, encrypting the power grid dispatching log by using a CP-ABE algorithm according to an encryption strategy set by a user of the power grid dispatching log to obtain a log ciphertext, uploading the log ciphertext to an IPFS (Internet protocol platform system), and receiving a hash address returned by the IPFS;
uploading the digital abstract, the hash address, the user ID, the log key words, the user information and the log updating time to a block chain through an intelligent contract to store the log;
the power grid dispatching log inquiring step comprises the following steps:
acquiring a user ID input by a user, traversing data in a block chain through an intelligent contract according to the user ID, and returning a retrieval result; the retrieval result comprises the hash address; when the power grid dispatching log cannot be retrieved, the retrieval comprises a preset instruction word which indicates that the log is not retrieved;
sending the hash address in the retrieval result to the IPFS, and receiving a log ciphertext returned by the IPFS according to the hash address;
decrypting the log ciphertext by using the user key to obtain a log plaintext;
extracting a digital digest of the log plaintext by using an SHA256 hash algorithm;
and comparing the digital abstract of the log plaintext with the digital abstract of the power grid dispatching log, if the digital abstract of the log plaintext is consistent with the digital abstract of the power grid dispatching log, inquiring a correct log, and if the digital abstract of the log plaintext is inconsistent with the digital abstract of the power grid dispatching log, not inquiring the correct log.
Preferably, the grid dispatching log storing step includes:
acquiring a log keyword and log updating time;
and uploading the digital abstract, the hash address, the user ID, the log keyword, the user information and the log updating time to a block chain through an intelligent contract.
The power grid dispatching log inquiring step comprises the following steps:
and acquiring a user ID or a log keyword input by a user, traversing data in the block chain through the intelligent contract according to the user ID or the log keyword, and returning a retrieval result.
Preferably, any power grid dispatching log comprises a step of changing inquiry authority;
wherein, the step of changing the inquiry authority comprises the following steps:
and adjusting an attribute encryption strategy in the CP-ABE algorithm according to the user input information, changing log access authority, and preventing the log from being consulted by the non-compliant user.
Preferably, the user is a log owner or a log user of the power grid dispatching log; the log owner comprises an on-duty dispatcher of each level of dispatching mechanism and a data responsible person of each station monitoring center, and the log user comprises a dispatching auditor and a safety auditor of each level of dispatching mechanism.
Preferably, the power grid scheduling log comprises a whole power grid scheduling process record in the jurisdiction range recorded by each class of on-duty dispatcher and a structured equipment state log collected by a data responsible person of each plant monitoring center, wherein the whole power grid scheduling process record comprises a scanning domain picture file of a comprehensive operation command ticket, a piece-by-piece operation command ticket and a scheduling operation written command ticket.
Preferably, the method comprises:
an open-source NoSQL database is used as a block chain state database to store a user data structure body uploaded by a user so as to support fuzzy query operation by using log keywords;
the user data structure body comprises six fields of a user ID, an IPFS data hash address, a log digital abstract, a log keyword, user information and log updating time, wherein the user ID is a Key Value, and the IPFS data hash address, the log digital abstract, the log keyword, the user information and the log updating time are all Value values.
Chain code structures adopted by the intelligent contract comprise Invoke, isAppendOk, isUserLogNull, addNewLog, isUpdateOk, updateLog, queryLogByID and queryLogByKeyword; the Invoke is used for receiving a request of a processing client, the ispappendok is used for detecting whether a log can be added or not, the isuserLogNull is used for detecting whether a current user log is empty or not, the addNewLog is used for adding a first log of the current user, the isupdateOk is used for detecting whether the log can be updated or not, the updateLog is used for updating the log, the queryLogByID is used for querying the log through the user ID, and the queryLogByKeyD is used for querying the log through a keyword.
Preferably, the traversing data in the blockchain by the intelligent contract includes:
step 101: invoking Invoke and accepting operation requests from users, including uploading and querying operations.
Step 102: if a user requests an uploading operation, calling ISAppendOk, inquiring user information of the user according to a current user ID, judging whether the user can perform log uploading operation, returning False to a non-grid dispatching mechanism personnel, prompting that the non-grid dispatching mechanism personnel does not have uploading authority and finishing the uploading operation, otherwise returning True, calling ISUserLoll, judging whether the current user uploads a historical log, if True, indicating that the user does not upload the log, calling addNewLog, packaging corresponding six fields into a user data structure body to be stored in a block chain, if False, indicating that the user has uploaded the log, calling ISUpdateOK, judging whether the user has an updating authority, if the grid dispatching mechanism personnel has a post adjusting or leaving situation, returning False, rejecting the log, otherwise calling updateLog, taking out data in the chain, and converting new information into the user data structure body to be written into the block chain;
103, if a user requests for query operation, automatically selecting a query mode according to the input of the user, calling queryLogByID when the user ID is input, using the user ID as a Key value to query a Nosql database and returning to a hash address of a power grid dispatching log; and calling queryLogByKeyword when the input is a log keyword, traversing all data in the block, and returning the hash address of the power grid dispatching log if the data is matched with the keyword.
The invention also provides a power grid dispatching log management system which is used for realizing the power grid dispatching log management method and comprises a power grid dispatching log storage module and a power grid dispatching log query module;
wherein, the power grid dispatching log storage module comprises:
the log obtaining unit is used for obtaining user information of the power grid dispatching log and generating a unique user ID and a user key according to the user information;
the log processing unit is used for extracting the digital abstract of the power grid dispatching log by using an SHA256 hash algorithm, encrypting the power grid dispatching log by using a CP-ABE algorithm according to an encryption strategy set by a user of the power grid dispatching log to obtain a log ciphertext, uploading the log ciphertext to an IPFS, and receiving a hash address returned by the IPFS;
the log uploading unit is used for uploading the digital abstract, the hash address, the user ID, the log keyword, the user information and the log updating time to a block chain through an intelligent contract to store the log;
the power grid dispatching log query module comprises:
the retrieval unit is used for acquiring a user ID input by a user, traversing data in the block chain through an intelligent contract according to the user ID and returning a retrieval result; the retrieval result comprises the hash address; when the power grid dispatching log cannot be retrieved, the retrieval comprises a preset instruction word which indicates that the log is not retrieved;
the ciphertext acquisition unit is used for sending the hash address in the search result to the IPFS and receiving a log ciphertext returned by the IPFS according to the hash address;
the decryption unit is used for decrypting the log ciphertext by using the user key to obtain a log plaintext;
the digest extracting unit is used for extracting the digital digest of the log plaintext by using an SHA256 hash algorithm;
and the comparison unit is used for comparing the digital abstract of the log plaintext with the digital abstract of the power grid dispatching log, inquiring a correct log if the digital abstract of the log plaintext is consistent with the digital abstract of the power grid dispatching log, and not inquiring the correct log if the digital abstract of the log plaintext is inconsistent with the digital abstract of the power grid dispatching log.
Preferably, the log uploading unit is specifically configured to:
acquiring a log keyword and log updating time; uploading the digital abstract, a hash address, the user ID, the log key words, the user information and the log updating time to a block chain for log storage through an intelligent contract;
the retrieval unit is specifically configured to:
and acquiring a user ID or a log keyword input by a user, traversing data in the block chain through the intelligent contract according to the user ID or the log keyword, and returning a retrieval result.
The power grid dispatching log management method at least has the following beneficial effects:
(1) the block chain and the interplanetary file system are comprehensively utilized to realize decentralized storage and retrieval of the power grid dispatching log, the problems of data loss, damage and tampering caused by natural or artificial damage attack to a centralized database server and a paper file are solved, the data storage cost on the block chain is reduced, the open-source NoSQL database is used as the block chain state database to store data to realize fuzzy query of log keywords, the tracing, retrieval and maintenance cost of the log is reduced, and quick responsibility tracing in a power grid dispatching safety responsibility asking scene is realized.
(2) The SHA256 algorithm and the CP-ABE algorithm are proposed to be jointly encrypted, fine-grained access control of an encrypted log is realized through the CP-ABE, and a log owner has complete control right on data. Compared with asymmetric encryption, the access strategy is set and encryption is executed once, so that the users meeting the strategy can look up the log without paying attention to the identity information of the receiver. Compared with symmetric encryption, the problem of key leakage in the key transmission process can be avoided. The integrity check is realized through the SHA256 algorithm, and the method has the advantages that 256-bit values output by the algorithm have low enough collision probability; for the scheduling command in the form of a picture, modifying any one of the pixel points causes a large change in the output value. In a log management scene of power grid dispatching, the safety of the log in the log transmission and storage process can be guaranteed, and the convenience of the log in the log using process can be guaranteed.
(3) The structure and calling process design of the intelligent contract chain code is provided, the use requirement of a power grid dispatching scene is met, the basic uploading and inquiring operation can be realized, and certain operation legality can be guaranteed. The user identity attribute is checked during log uploading, illegal adding operations of non-power grid dispatching mechanism personnel, such as false and forged dispatching logs, are avoided, and when the dispatching mechanism personnel are in shift, leave jobs and the like, the dispatching mechanism personnel can be prohibited from updating log authority in time. The intelligent contract is automatically executed through the system without human participation, so that the time is saved and the cost is reduced while the fairness is ensured, and the calling history can be recorded into the block chain transaction information, thereby realizing traceability and auditability of the calling process and result.
Additional features and advantages of the invention will be set forth in the description which follows.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a simplified flowchart of a power grid dispatching log management method according to an embodiment of the present invention.
Fig. 2 is a flowchart of a power grid dispatching log storage step in the embodiment of the present invention.
Fig. 3 is a specific flowchart of a power grid dispatching log storage step in the embodiment of the present invention.
Fig. 4 is a flowchart of a power grid dispatching log query step in the embodiment of the present invention.
Fig. 5 is a specific flowchart of a power grid dispatching log storing step in the embodiment of the present invention.
FIG. 6 is a specific flowchart illustrating traversal of data in a blockchain via an intelligent contract in accordance with an embodiment of the present invention.
Fig. 7 is a structural diagram of a power grid dispatching log management system in an embodiment of the present invention.
Detailed Description
Various exemplary embodiments, features and aspects of the present disclosure will be described in detail below with reference to the accompanying drawings. In addition, in the following detailed description, numerous specific details are set forth in order to provide a better understanding of the present invention. It will be understood by those skilled in the art that the present invention may be practiced without some of these specific details. In some instances, well known means have not been described in detail so as not to obscure the present invention.
An embodiment of the present invention provides a power grid dispatching log management method, which is implemented based on a block chain and an interplanetary file system IPFS, and includes five parts, referring to fig. 1, of a user, a joint encryption, an intelligent contract, an IPFS, and a block chain, where the joint encryption part is responsible for calculating encryption and decryption of a digital abstract and a log, the intelligent contract part is responsible for processing different operation requests of the user to a block chain network, the IPFS is responsible for storing a log ciphertext, and the block chain is responsible for storing log information, the method includes:
for any power grid dispatching log, the method comprises a power grid dispatching log storage step and a power grid dispatching log query step;
referring to fig. 2 to 3, the power grid dispatching log storing step includes:
step S11, obtaining user information of the power grid dispatching log, and generating a unique user ID and a user key according to the user information;
specifically, the user information includes information such as name, job number, affiliated organization, affiliated department, position, and the like;
step S12, extracting a digital abstract of the power grid dispatching log by using an SHA256 hash algorithm, encrypting the power grid dispatching log by using a CP-ABE algorithm according to an encryption strategy set by a user of the power grid dispatching log to obtain a log ciphertext, uploading the log ciphertext to an IPFS, and receiving a hash address returned by the IPFS;
specifically, step S12 is to jointly encrypt the grid dispatching log, and for the grid dispatching log for which the log owner is responsible, extract the digital digest using SHA256 hash algorithm, encrypt the log using CP-ABE algorithm according to the encryption policy created by the owner to obtain a ciphertext, and upload the ciphertext to IPFS, which returns a hash address to the owner, where the CP-ABE algorithm encryption process includes: and executing an Encrypt (PK, Y, m) algorithm to Encrypt a plaintext, constructing an attribute tree, and generating an encrypted log CTY. When the log is decrypted, a decryption (PK, SKX, CTY) algorithm is executed, a ciphertext CTY is decrypted according to a secret key SKX of a log user, and if the secret key meets an access strategy, the user can Decrypt the ciphertext to obtain log data;
in order to solve the problem of small data storage amount in the blockchain, the present embodiment uses an IPFS cluster with the same distributed characteristic to store a large file, and after the file is stored in the IPFS, an address hash address with a very small data amount is returned, and the hash address and other information of the log are stored in the blockchain, which not only can improve the efficiency of the method, ensure the integrity of the data, but also can reduce the cost of the method. The digital summary of the log: the digital abstract obtained by encrypting the log file by the SHA256 Hash algorithm can be used for verifying the authenticity and the integrity of the file, the length of the abstract is fixed, and the storage cost of a block chain is reduced;
and step S13, uploading the digital abstract, the hash address, the user ID, the log keyword, the user information and the log updating time to a block chain through an intelligent contract for log storage.
Referring to fig. 4 to 5, the power grid dispatching log query step includes:
step S21, acquiring a user ID input by a user, traversing data in a block chain through an intelligent contract according to the user ID, and returning a retrieval result; the retrieval result comprises the hash address; when the power grid dispatching log cannot be retrieved, the retrieval comprises a preset instruction word which indicates that the log is not retrieved;
step S22, sending the hash address in the search result to the IPFS, and receiving a log ciphertext returned by the IPFS according to the hash address;
step S23, the user key is used to decrypt the log ciphertext to obtain a log plaintext;
step S24, extracting the digital abstract of the log plaintext by using SHA256 hash algorithm;
and step S25, comparing the digital abstract of the log plaintext with the digital abstract of the power grid dispatching log, if the digital abstract of the log plaintext is consistent with the digital abstract of the power grid dispatching log, inquiring a correct log, and if the digital abstract of the log plaintext is inconsistent with the digital abstract of the power grid dispatching log, not inquiring the correct log.
Specifically, the embodiment combines the use of a blockchain and an IPFS, proposes the idea of jointly encrypting by using an attribute encryption technology (ABE) and a hash technology (SHA256), and designs an intelligent contract chain code structure and a calling process meeting the use requirements of a power grid scheduling scene, thereby realizing decentralized distributed storage and fine-grained access control on a scheduling log. The log owner has the control right of own log data, in the embodiment, the owner can construct an encryption access strategy, and only the log user with the attribute meeting the regulation of the strategy can decrypt the data by using the key, so that the method is more flexible than the traditional ABE scheme, and the authenticity and the integrity of the file can be verified by using the digital digest.
Further, step S13 specifically includes:
acquiring a log keyword and log updating time; and uploading the digital abstract, the hash address, the user ID, the log keyword, the user information and the log updating time to a block chain through an intelligent contract.
Wherein, the step S21 specifically includes:
and acquiring a user ID or a log keyword input by a user, traversing data in the block chain through the intelligent contract according to the user ID or the log keyword, and returning a retrieval result.
Specifically, a user searches according to an ID number or a log keyword, traverses data in a block chain through an intelligent contract and returns a search result, the user obtains a log ciphertext from an IPFS according to a hash address in the result, decrypts the log ciphertext by using a log key to obtain a log plaintext, and can perform SHA256 hash on the log plaintext, namely extract a log plaintext abstract, and compare a result value with a digital abstract in a block chain return result, so that if the result value is consistent with the result value, the log is true and reliable;
wherein the log keywords comprise: the present embodiment traverses data in the block chain according to the Value input, and searches for a matching block.
The log owner uploads the log owner information to the block chain, and if the log is stolen, the log owner can trace back and confirm the right according to the information stored in the block.
The log updating time can determine the latest time of log uploading, and a user can select logs in different periods to analyze and investigate when searching data.
Further, any power grid dispatching log comprises a step of changing inquiry authority;
wherein, the step of changing the inquiry authority comprises the following steps:
and step S31, adjusting the attribute encryption strategy in the CP-ABE algorithm according to the user input information, changing the log access authority, and preventing the non-compliant users from consulting the log.
Further, the user is a log owner or a log user of the power grid dispatching log; the log owner comprises an on-duty dispatcher of each level of dispatching mechanism and a data responsible person of each station monitoring center, and the log user comprises a dispatching auditor and a safety auditor of each level of dispatching mechanism.
Specifically, in this embodiment, an ID is generated according to the personal information of the user, the ID is used as a Key Value in the status database in blockchain storage, and other information is stored as a Value, so that the user can query data in a block according to the ID to obtain storage information corresponding to the user ID. It should be noted that the user ID is generated to be unique, and if two users share the same ID, an error occurs when one user stores information. The user key is as follows: in this embodiment, the corresponding key is generated according to the user attribute, and if the user attribute is updated, the key obtaining step needs to be performed again.
Furthermore, the power grid scheduling log comprises a power grid scheduling overall process record in the jurisdiction range recorded by each class of on-duty dispatcher and a structured equipment state log collected by a data responsible person of each plant monitoring center, wherein the power grid scheduling overall process record comprises a scanning domain picture file of a comprehensive operation command ticket, a successive operation command ticket and a scheduling operation written command ticket.
Further, the method comprises:
an open-source NoSQL database is used as a block chain state database to store a user data structure body uploaded by a user so as to support fuzzy query operation by using log keywords;
the user data structure body comprises six fields of a user ID, an IPFS data hash address, a log digital abstract, a log keyword, user information and log updating time, wherein the user ID is a Key Value, and the IPFS data hash address, the log digital abstract, the log keyword, the user information and the log updating time are all Value values.
The chain code structure adopted by the intelligent contract comprises Invoke, isAppendOk, isUserLogNull, addNewLog, isUpdateOk, updateLog, queryLogByID and queryLogByKeyword; the Invoke is used for receiving a request of a processing client, the ispappendok is used for detecting whether a log can be added or not, the isuserLogNull is used for detecting whether a current user log is empty or not, the addNewLog is used for adding a first log of the current user, the isupdateOk is used for detecting whether the log can be updated or not, the updateLog is used for updating the log, the queryLogByID is used for querying the log through the user ID, and the queryLogByKeyD is used for querying the log through a keyword.
Further, referring to fig. 6, traversing data in a blockchain by an intelligent contract includes:
step 101: invoking Invoke and accepting operation requests from users, including uploading and querying operations.
Step 102: if a user requests an uploading operation, calling ISAppendOk, inquiring user information of the user according to a current user ID, judging whether the user can perform log uploading operation, returning False to a non-grid dispatching mechanism personnel, prompting that the non-grid dispatching mechanism personnel does not have uploading authority and finishing the uploading operation, otherwise returning True, calling ISUserLoll, judging whether the current user uploads a historical log, if True, indicating that the user does not upload the log, calling addNewLog, packaging corresponding six fields into a user data structure body to be stored in a block chain, if False, indicating that the user has uploaded the log, calling ISUpdateOK, judging whether the user has an updating authority, if the grid dispatching mechanism personnel has a post adjusting or leaving situation, returning False, rejecting the log, otherwise calling updateLog, taking out data in the chain, and converting new information into the user data structure body to be written into the block chain;
103, if a user requests for query operation, automatically selecting a query mode according to the input of the user, calling queryLogByID when the user ID is input, using the user ID as a Key value to query a Nosql database and returning to a hash address of a power grid dispatching log; and calling queryLogByKeyword when the input is a log keyword, traversing all data in the block, and returning the hash address of the power grid dispatching log if the data is matched with the keyword.
Another embodiment of the present invention further provides a power grid dispatching log management system, which is configured to implement the power grid dispatching log management method according to the foregoing embodiment, and refer to fig. 7, where the system includes a power grid dispatching log storage module 1 and a power grid dispatching log query module 2;
the power grid dispatching log storage module 1 comprises:
the log obtaining unit 11 is configured to obtain user information of a power grid dispatching log, and generate a unique user ID and a unique user key according to the user information;
the log processing unit 12 is configured to extract a digital digest of the power grid dispatching log by using a SHA256 hash algorithm, encrypt the power grid dispatching log by using a CP-ABE algorithm according to an encryption policy set by a user of the power grid dispatching log to obtain a log ciphertext, upload the log ciphertext to an IPFS, and receive a hash address returned by the IPFS;
the log uploading unit 13 is configured to upload the digital digest, the hash address, the user ID, the log keyword, the user information, and the log update time to a block chain through an intelligent contract to store a log;
the power grid dispatching log query module 2 comprises:
the retrieval unit 21 is configured to acquire a user ID input by a user, traverse data in a block chain through an intelligent contract according to the user ID, and return a retrieval result; the retrieval result comprises the hash address; when the power grid dispatching logs cannot be retrieved, retrieving the power grid dispatching logs, wherein the retrieving comprises a preset instruction word which indicates that the logs are not retrieved;
a ciphertext obtaining unit 22, configured to send the hash address in the search result to the IPFS, and receive a log ciphertext returned by the IPFS according to the hash address;
a decryption unit 23, configured to decrypt the log ciphertext using the user key to obtain a log plaintext;
the abstract extracting unit 24 is used for extracting a digital abstract of the plain text of the log by using an SHA256 hash algorithm;
and the comparison unit 25 is used for comparing the digital abstract of the log plaintext with the digital abstract of the power grid dispatching log, inquiring a correct log if the digital abstract of the log plaintext is consistent with the digital abstract of the power grid dispatching log, and not inquiring the correct log if the digital abstract of the log plaintext is inconsistent with the digital abstract of the power grid dispatching log.
Further, the log uploading unit 13 is specifically configured to:
acquiring a log keyword and log updating time; uploading the digital abstract, the hash address, the user ID, the log key words, the user information and the log updating time to a block chain through an intelligent contract to store the log;
the retrieving unit 21 is specifically configured to:
and acquiring a user ID or a log keyword input by a user, traversing data in the block chain through the intelligent contract according to the user ID or the log keyword, and returning a retrieval result.
As can be seen from the above description of the embodiments, the embodiments of the present invention have the following advantages:
(1) the block chain and the interplanetary file system are comprehensively utilized to realize decentralized storage and retrieval of the power grid dispatching log, the problems of data loss, damage and tampering caused by natural or artificial damage attack to a centralized database server and a paper file are solved, the data storage cost on the block chain is reduced, the open-source NoSQL database is used as the block chain state database to store data to realize fuzzy query of log keywords, the tracing, retrieval and maintenance cost of the log is reduced, and quick responsibility tracing in a power grid dispatching safety responsibility asking scene is realized.
(2) The SHA256 algorithm and the CP-ABE algorithm are proposed to be jointly encrypted, fine-grained access control of an encrypted log is realized through the CP-ABE, and a log owner has complete control right on data. Compared with asymmetric encryption, the access strategy is set and encryption is executed once, so that the users meeting the strategy can look up the log without paying attention to the identity information of the receiver. Compared with symmetric encryption, the problem of key leakage in the key transmission process can be avoided. The integrity check is realized through the SHA256 algorithm, and the method has the advantages that 256-bit values output by the algorithm have low enough collision probability; for the scheduling command in the form of a picture, modifying any one of the pixel points causes a large change in the output value. In a log management scene of power grid dispatching, the safety of the log in the log transmission and storage process can be guaranteed, and the convenience of the log in the log using process can be guaranteed.
(3) The structure and calling process design of the intelligent contract chain code is provided, the use requirement of a power grid dispatching scene is met, the basic uploading and inquiring operation can be realized, and certain operation legality can be guaranteed. The identity attribute of the user is checked during log uploading, so that illegal addition operations of non-power grid dispatching mechanism personnel, such as false and forged dispatching logs, are avoided, and when the dispatching mechanism personnel are in shift, leave jobs and the like, the dispatching mechanism personnel can be prohibited from updating log authorities in time. The intelligent contract is automatically executed through the system without human participation, so that the time is saved and the cost is reduced while the fairness is ensured, and the calling history can be recorded into the block chain transaction information, thereby realizing traceability and auditability of the calling process and result.
Having described embodiments of the present invention, the foregoing description is intended to be exemplary, not exhaustive, and not limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein is chosen in order to best explain the principles of the embodiments, the practical application, or improvements made to the technology in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.
Claims (9)
1. A power grid dispatching log management method is characterized in that any power grid dispatching log comprises a power grid dispatching log storage step and a power grid dispatching log query step;
the power grid dispatching log storage step comprises the following steps:
acquiring user information of a power grid dispatching log, and generating a unique user ID and a user key according to the user information;
extracting a digital abstract of the power grid dispatching log by using an SHA256 hash algorithm, encrypting the power grid dispatching log by using a CP-ABE algorithm according to an encryption strategy set by a user of the power grid dispatching log to obtain a log ciphertext, uploading the log ciphertext to an IPFS, and receiving a hash address returned by the IPFS;
uploading the digital abstract, the hash address, the user ID, the log key words, the user information and the log updating time to a block chain through an intelligent contract to store the log;
the power grid dispatching log inquiring step comprises the following steps:
acquiring a user ID input by a user, traversing data in a block chain through an intelligent contract according to the user ID, and returning a retrieval result; the retrieval result comprises the hash address; when the power grid dispatching log cannot be retrieved, the retrieval comprises a preset instruction word which indicates that the log is not retrieved;
sending the hash address in the retrieval result to the IPFS, and receiving a log ciphertext returned by the IPFS according to the hash address;
decrypting the log ciphertext by using the user key to obtain a log plaintext;
extracting a digital digest of the log plaintext by using an SHA256 hash algorithm;
and comparing the digital abstract of the log plaintext with the digital abstract of the power grid dispatching log, if the digital abstract of the log plaintext is consistent with the digital abstract of the power grid dispatching log, inquiring a correct log, and if the digital abstract of the log plaintext is inconsistent with the digital abstract of the power grid dispatching log, not inquiring the correct log.
2. The method for managing the power grid dispatching log according to claim 1, wherein the step of storing the power grid dispatching log comprises the following steps:
acquiring a log keyword and log updating time;
and uploading the digital abstract, the hash address, the user ID, the log keyword, the user information and the log updating time to a block chain through an intelligent contract.
The power grid dispatching log inquiring step comprises the following steps:
and acquiring a user ID or a log keyword input by a user, traversing data in the block chain through the intelligent contract according to the user ID or the log keyword, and returning a retrieval result.
3. The power grid dispatching log management method according to claim 2, wherein any power grid dispatching log comprises a step of changing inquiry authority;
wherein, the step of changing the inquiry authority comprises the following steps:
and adjusting an attribute encryption strategy in the CP-ABE algorithm according to the user input information, changing log access authority, and preventing the log from being consulted by the non-compliant user.
4. The grid dispatching log management method according to claim 3, wherein the user is a log owner or log user of the grid dispatching log; the log owner comprises an on-duty dispatcher of each level of dispatching mechanism and a data responsible person of each station monitoring center, and the log user comprises a dispatching auditor and a safety auditor of each level of dispatching mechanism.
5. The power grid scheduling log management method according to claim 4, wherein the power grid scheduling log comprises a whole power grid scheduling process record in a jurisdiction range recorded by each level of on-duty dispatchers and a structured device state log collected by a data responsible person of each plant monitoring center, and the whole power grid scheduling process record comprises a scanning layout slice file of a comprehensive operation command ticket, a one-by-one operation command ticket and a scheduling operation written command ticket.
6. The grid dispatch log management method of claim 5, wherein the method comprises:
an open-source NoSQL database is used as a block chain state database to store a user data structure body uploaded by a user so as to support fuzzy query operation by using log keywords;
the user data structure body comprises six fields of a user ID, an IPFS data hash address, a log digital abstract, a log keyword, user information and log updating time, wherein the user ID is a Key Value, and the IPFS data hash address, the log digital abstract, the log keyword, the user information and the log updating time are all Value values.
The chain code structure adopted by the intelligent contract comprises Invoke, isAppendOk, isUserLogNull, addNewLog, isUpdateOk, updateLog, queryLogByID and queryLogByKeyword; the Invoke is used for receiving a request of a processing client, the ispappendok is used for detecting whether a log can be added or not, the isuserLogNull is used for detecting whether a current user log is empty or not, the addNewLog is used for adding a first log of the current user, the isupdateOk is used for detecting whether the log can be updated or not, the updateLog is used for updating the log, the queryLogByID is used for querying the log through the user ID, and the queryLogByKeyD is used for querying the log through a keyword.
7. The grid dispatch log management method of claim 6, wherein traversing the data in the blockchain via smart contracts comprises:
step 101: invoking Invoke and accepting operation requests from users, including uploading and querying operations.
Step 102: if a user requests an uploading operation, calling ISAppendOk, inquiring user information of the user according to a current user ID, judging whether the user can perform log uploading operation, returning False to a non-grid dispatching mechanism personnel, prompting that the non-grid dispatching mechanism personnel does not have uploading authority and finishing the uploading operation, otherwise returning True, calling ISUserLoll, judging whether the current user uploads a historical log, if True, indicating that the user does not upload the log, calling addNewLog, packaging corresponding six fields into a user data structure body to be stored in a block chain, if False, indicating that the user has uploaded the log, calling ISUpdateOK, judging whether the user has an updating authority, if the grid dispatching mechanism personnel has a post adjusting or leaving situation, returning False, rejecting the log, otherwise calling updateLog, taking out data in the chain, and converting new information into the user data structure body to be written into the block chain;
103, if a user requests for query operation, automatically selecting a query mode according to the input of the user, calling queryLogByID when the user ID is input, using the user ID as a Key value to query a Nosql database and returning to a hash address of a power grid dispatching log; and calling queryLogByKeyword when the input is a log keyword, traversing all data in the block, and returning the hash address of the power grid dispatching log if the data is matched with the keyword.
8. A power grid dispatching log management system is characterized in that the power grid dispatching log management system is used for realizing the power grid dispatching log management method in any one of claims 1-7, and comprises a power grid dispatching log storage module and a power grid dispatching log query module;
wherein, the power grid dispatching log storage module comprises:
the log obtaining unit is used for obtaining user information of the power grid dispatching log and generating a unique user ID and a user key according to the user information;
the log processing unit is used for extracting the digital abstract of the power grid dispatching log by using an SHA256 hash algorithm, encrypting the power grid dispatching log by using a CP-ABE algorithm according to an encryption strategy set by a user of the power grid dispatching log to obtain a log ciphertext, uploading the log ciphertext to an IPFS, and receiving a hash address returned by the IPFS;
the log uploading unit is used for uploading the digital abstract, the hash address, the user ID, the log key words, the user information and the log updating time to a block chain through an intelligent contract to store logs;
the power grid dispatching log query module comprises:
the retrieval unit is used for acquiring a user ID input by a user, traversing data in the block chain through an intelligent contract according to the user ID and returning a retrieval result; the retrieval result comprises the hash address; when the power grid dispatching log cannot be retrieved, the retrieval comprises a preset instruction word which indicates that the log is not retrieved;
the ciphertext acquisition unit is used for sending the hash address in the search result to the IPFS and receiving a log ciphertext returned by the IPFS according to the hash address;
the decryption unit is used for decrypting the log ciphertext by using the user key to obtain a log plaintext;
the digest extracting unit is used for extracting the digital digest of the log plaintext by using an SHA256 hash algorithm;
and the comparison unit is used for comparing the digital abstract of the log plaintext with the digital abstract of the power grid dispatching log, inquiring a correct log if the digital abstract of the log plaintext is consistent with the digital abstract of the power grid dispatching log, and not inquiring the correct log if the digital abstract of the log plaintext is inconsistent with the digital abstract of the power grid dispatching log.
9. The power grid dispatching log management system according to claim 8, wherein the log uploading unit is specifically configured to:
acquiring a log keyword and log updating time; uploading the digital abstract, the hash address, the user ID, the log key words, the user information and the log updating time to a block chain through an intelligent contract to store the log;
the retrieval unit is specifically configured to:
and acquiring a user ID or a log keyword input by a user, traversing data in the block chain through the intelligent contract according to the user ID or the log keyword, and returning a retrieval result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210646116.7A CN115085902A (en) | 2022-06-09 | 2022-06-09 | Power grid dispatching log management method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210646116.7A CN115085902A (en) | 2022-06-09 | 2022-06-09 | Power grid dispatching log management method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115085902A true CN115085902A (en) | 2022-09-20 |
Family
ID=83250908
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210646116.7A Pending CN115085902A (en) | 2022-06-09 | 2022-06-09 | Power grid dispatching log management method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115085902A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115632879A (en) * | 2022-12-07 | 2023-01-20 | 富算科技(上海)有限公司 | Log management method, system, electronic device and storage medium |
| CN116032793A (en) * | 2022-11-17 | 2023-04-28 | 中国联合网络通信集团有限公司 | Information processing method, information processing device, electronic equipment and computer readable medium |
| CN117251859A (en) * | 2023-03-15 | 2023-12-19 | 桂林电子科技大学 | System and method for sharing geographic information data based on blockchain |
-
2022
- 2022-06-09 CN CN202210646116.7A patent/CN115085902A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116032793A (en) * | 2022-11-17 | 2023-04-28 | 中国联合网络通信集团有限公司 | Information processing method, information processing device, electronic equipment and computer readable medium |
| CN116032793B (en) * | 2022-11-17 | 2024-04-02 | 中国联合网络通信集团有限公司 | Information processing method, information processing device, electronic equipment and computer readable medium |
| CN115632879A (en) * | 2022-12-07 | 2023-01-20 | 富算科技(上海)有限公司 | Log management method, system, electronic device and storage medium |
| CN117251859A (en) * | 2023-03-15 | 2023-12-19 | 桂林电子科技大学 | System and method for sharing geographic information data based on blockchain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106874461B (en) | A kind of workflow engine supports multi-data source configuration security access system and method | |
| CN115085902A (en) | Power grid dispatching log management method and system | |
| CN111914269A (en) | Data security sharing method and system under block chain and cloud storage environment | |
| CN110032545A (en) | File memory method, system and electronic equipment based on block chain | |
| CN107508812A (en) | A kind of industry control network date storage method, call method and system | |
| CN113961535A (en) | Data trusted storage sharing system and method based on block chain | |
| CN105426775B (en) | A kind of method and system for protecting smart mobile phone information security | |
| CN106127064B (en) | Date storage method for enterprise supply chain | |
| CN103229450A (en) | Systems and methods for secure multi-enant data storage | |
| CN111274599A (en) | Data sharing method based on block chain and related device | |
| CN112532718B (en) | Block chain based offshore equipment data sharing system, method and medium | |
| CN109995530B (en) | Safe distributed database interaction system suitable for mobile positioning system | |
| CN113065961A (en) | Power block chain data management system | |
| CN104995632A (en) | A privacy-preserving database system | |
| CN110581839A (en) | Content protection method and device | |
| CN106356066A (en) | Speech recognition system based on cloud computing | |
| CN110798483A (en) | Identity authentication method based on block chain | |
| CN115208665A (en) | Block chain-based germplasm resource data secure sharing method and system | |
| CN112508733A (en) | Big data intelligence service system in electric wire netting space-time based on big dipper | |
| CN114078061A (en) | Electric power core data traceability system based on block chain | |
| CN106487505B (en) | Key management, acquisition methods and relevant apparatus and system | |
| CN115567312A (en) | Alliance chain data authority management system and method capable of meeting multiple scenes | |
| CN106301791A (en) | A kind of realization method and system of unifying user authentication mandate based on big data platform | |
| CN113256470A (en) | Weapon equipment management system and method based on block chain | |
| CN112163811A (en) | Block chain-based port and navigation logistics remote monitoring system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |