CN115129266B - Data storage method, device and equipment based on block chain and storage medium - Google Patents
Data storage method, device and equipment based on block chain and storage medium Download PDFInfo
- Publication number
- CN115129266B CN115129266B CN202211059902.3A CN202211059902A CN115129266B CN 115129266 B CN115129266 B CN 115129266B CN 202211059902 A CN202211059902 A CN 202211059902A CN 115129266 B CN115129266 B CN 115129266B
- Authority
- CN
- China
- Prior art keywords
- storage
- party
- candidate
- attack
- determining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 47
- 238000013500 data storage Methods 0.000 title claims abstract description 40
- 239000012634 fragment Substances 0.000 claims abstract description 35
- 230000036541 health Effects 0.000 claims description 51
- 238000012546 transfer Methods 0.000 claims description 7
- 238000005516 engineering process Methods 0.000 abstract description 13
- 230000000875 corresponding effect Effects 0.000 description 18
- 238000012545 processing Methods 0.000 description 9
- 238000004891 communication Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 8
- 238000004590 computer program Methods 0.000 description 7
- 238000013473 artificial intelligence Methods 0.000 description 5
- 238000012937 correction Methods 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000007115 recruitment Effects 0.000 description 3
- 230000003993 interaction Effects 0.000 description 2
- 238000010801 machine learning Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 238000013135 deep learning Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000003924 mental process Effects 0.000 description 1
- 238000003058 natural language processing Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012549 training Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/061—Improving I/O performance
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/062—Securing storage systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0628—Interfaces specially adapted for storage systems making use of a particular technique
- G06F3/0638—Organizing or formatting or addressing of data
- G06F3/0644—Management of space entities, e.g. partitions, extents, pools
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0668—Interfaces specially adapted for storage systems adopting a particular infrastructure
- G06F3/067—Distributed or networked storage systems, e.g. storage area networks [SAN], network attached storage [NAS]
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Human Computer Interaction (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Virology (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The disclosure provides a data storage method, a data storage device, data storage equipment and a data storage medium based on a block chain, relates to the field of computers, particularly relates to a block chain technology, and can be applied to a cloud platform. The method comprises the following steps: dividing a target storage task to obtain target data fragments, and acquiring candidate storage parties in a storage system; calling a storage intelligent contract, and determining a malicious attack resistance certification value of the candidate storage party, wherein the malicious attack resistance certification value is used for representing the storage cost paid by the candidate storage party; and selecting a target storage party for the target data fragment from the candidate storage parties according to the malicious attack resisting proof value of the candidate storage parties. By the technical scheme, the safety and the stability of data storage can be improved.
Description
Technical Field
The present disclosure relates to the field of computers, and in particular, to a block chain technique applicable to a cloud platform, and more particularly, to a data storage method, apparatus, device, and storage medium based on a block chain.
Background
With the development of internet technology, data size is increasing day by day, and a single-machine storage scheme simply increasing the number of disks cannot meet the requirements in terms of storage capacity and storage performance.
The decentralized data storage scheme has obvious effects on the aspects of solving the global storage capacity, the trust problem related to storage, improving the data access efficiency and the like. However, how to protect the security and stability of data storage is very important.
Disclosure of Invention
The disclosure provides a data storage method, a device, equipment and a storage medium based on a block chain.
According to an aspect of the present disclosure, there is provided a method for storing data based on a block chain, the method including:
dividing a target storage task to obtain target data fragments, and acquiring candidate storage parties in a storage system;
calling a storage intelligent contract, and determining a malicious attack resistance certification value of the candidate storage party, wherein the malicious attack resistance certification value is used for representing the storage cost paid by the candidate storage party;
and selecting a target storage party for the target data fragment from the candidate storage parties according to the malicious attack resisting certification value of the candidate storage party.
According to an aspect of the present disclosure, there is provided a block chain-based data storage apparatus, the apparatus including:
the task dividing module is used for dividing a target storage task to obtain target data fragments and acquiring candidate storage parties in the storage system;
the anti-attack proof module is used for calling the intelligent storage contract and determining an anti-malicious-attack proof value of the candidate storage party, wherein the anti-malicious-attack proof value is used for representing the storage cost paid by the candidate storage party;
and the storage party selection module is used for selecting a target storage party for the target data fragment from the candidate storage parties according to the malicious attack resisting certification value of the candidate storage party.
According to another aspect of the present disclosure, there is provided an electronic device including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a blockchain based data storage method according to any embodiment of the present disclosure.
According to another aspect of the present disclosure, there is provided a non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the method for blockchain-based data storage according to any embodiment of the present disclosure.
According to the technology disclosed by the invention, the safety and the stability of data storage can be improved.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The drawings are included to provide a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
fig. 1 is a flowchart of a data storage method based on a block chain according to an embodiment of the present disclosure;
fig. 2a is a flowchart of another block chain-based data storage method provided in accordance with an embodiment of the present disclosure;
FIG. 2b is a schematic diagram illustrating a modification of a malicious attack proof value according to an embodiment of the disclosure;
FIG. 2c is a schematic diagram illustrating a screening of candidate depositors according to an embodiment of the present disclosure;
fig. 3 is a flowchart of another block chain-based data storage method provided in accordance with an embodiment of the present disclosure;
fig. 4 is a schematic structural diagram of a data storage device based on a block chain according to an embodiment of the present disclosure;
fig. 5 is a block diagram of an electronic device for implementing a blockchain-based data storage method according to an embodiment of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below with reference to the accompanying drawings, in which various details of the embodiments of the disclosure are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
Fig. 1 is a flowchart of a data storage method based on a block chain according to an embodiment of the present disclosure. The method is suitable for the case of selecting storage nodes for storage tasks from a distributed storage system. The method may be performed by a blockchain based data storage device, which may be implemented in software and/or hardware. As shown in fig. 1, the method for storing data based on a block chain according to this embodiment may include:
s101, dividing a target storage task to obtain target data fragments, and acquiring candidate storage parties in a storage system;
s102, calling a storage intelligent contract, and determining a malicious attack resisting certification value of the candidate storage party, wherein the malicious attack resisting certification value is used for representing the storage cost paid by the candidate storage party;
s103, selecting a target storage party for the target data fragment from the candidate storage parties according to the malicious attack resisting certification value of the candidate storage party.
The storage system is a decentralized storage system and comprises distributed storage nodes, and one storage party corresponds to at least one storage node. In a decentralized storage system, based on a backup policy, a storage task of a data owner (which may be referred to as a lease node) is divided into M data fragments, which are stored on M storage nodes (which may be referred to as lease nodes), respectively, any N data fragments can restore the storage task, M and N are positive integers, and N is smaller than M, for example, M and N may be 3 or 2, respectively. In order to improve the security of data storage, the data fragments can be encrypted to obtain data fragment ciphertexts, and the data fragment ciphertexts are stored in corresponding storage nodes.
If a malicious attacker forges a large amount of false identities to destroy the identity authentication system of the storage system, and responds to the storage recruitment transaction request of the data owner by using the malicious nodes corresponding to the false identities, interference is caused to the storage task of the data owner. Especially, under the condition that the ratio of forged malicious nodes in the storage system exceeds N/M, most of the storage nodes distributed by the storage task are malicious nodes, and the safety and the stability of data storage are seriously influenced.
The storage intelligent contract is used for processing data storage transaction between a data owner and a storage party, and can be a code segment written based on a plug-in mechanism. The malicious Attack may be a Sybil Attack (Sybil attach), and the value of proof of resistance to malicious Attack may be a value of proof of resistance to Sybil Attack. And the Sybil attack resisting proof value of the candidate storage party is used for representing the storage cost paid by the candidate storage party, and the candidate storage party proves that the candidate storage party is not a false storage node by constantly paying the storage cost. Each storage party in the storage system can write the anti-malicious-attack proof value of the storage party into a block chain, such as into a storage intelligent contract.
Specifically, target data to be stored by a data owner is used as a target storage task, and the target storage task is divided into M target data fragments based on a backup strategy. In response to a recruitment request of a data owner, acquiring storage parties participating in recruitment from the storage system as at least two candidate storage parties, wherein the number of the candidate storage parties may be greater than the number of the target data fragments. And calling an intelligent storage contract, determining the malicious attack resisting proof value of the candidate storage party, determining the selection probability of the candidate storage party according to the malicious attack resisting proof value of each candidate storage party, and selecting a target storage party for the target data fragment from the candidate storage parties according to the selection probability. The selection probability of the candidate storage party is positively correlated with the corresponding malicious attack resisting proof value, and the selection probability of the candidate storage party with higher storage cost is higher. There may be a one-to-one correspondence between target storage and target data shards.
The storage tasks are distributed to the candidate storage parties according to the storage cost paid by the candidate storage parties, and the attack cost of a malicious attacker is increased, so that the success rate of malicious attack is reduced, and the safety and the stability of the storage system are improved. Still taking the 2/3 backup strategy as an example, a malicious node forged by a malicious attacker needs to reach 2/3 of the total number of storage nodes in the storage system, and then the storage cost that the malicious attacker needs to pay is twice as much as the sum of the storage costs that other normal storage nodes need to pay. This brings an enormous loss to the malicious attacker, so the success rate of the malicious attack is extremely low under the condition that enough real storage nodes participate.
According to the technical scheme of the embodiment of the disclosure, the target data fragments are distributed to the candidate storage party according to the malicious attack resisting certification value of the candidate storage party, so that the candidate storage party can endorse the authenticity of the candidate storage party by paying out the storage cost, the attack cost of a malicious attacker is increased, and the safety and the stability of the storage system can be improved.
Fig. 2a is a flowchart of another block chain-based data storage method according to an embodiment of the present disclosure. This embodiment is an alternative proposed on the basis of the above-described embodiments. Referring to fig. 2a, the method for storing data based on a block chain according to this embodiment may include:
s201, dividing a target storage task to obtain target data fragments, and acquiring candidate storage parties in a storage system;
s202, calling a storage intelligent contract, and determining a first incentive element limit transferred by the candidate storage party according to an incentive element transfer transaction request initiated by the candidate storage party to the malicious attack proof account;
s203, determining a malicious attack resisting proof value of the candidate storage party according to the first incentive element limit;
s204, selecting a target storage party for the target data fragment from the candidate storage parties according to the malicious attack resisting certification value of the candidate storage party.
The block chain public key and the block chain private key of the account are extremely complex in mathematical computation complexity, and cannot be solved by a malicious attacker. The storage party continuously transfers the incentive elements to the anti-malicious attack proving account to serve as self storage cost, and the fact that the storage party is a real storage party is proved.
Specifically, each storage party in the storage system may invoke a storage intelligent contract, and initiate an incentive element transfer transaction request to the malicious attack resistant certification account, where the incentive element quota transferred at a single time may be fixed or may not be fixed, for example, the storage party may transfer 10 incentive elements per day. The first incentive element quota transferred by the candidate storage party can be counted and summarized, and the malicious attack resisting proof value of the candidate storage party is obtained according to the counting result. The anti-malicious attack proof value of the candidate storage party is determined through the incentive elements transferred to the anti-malicious attack proof account of the candidate storage party, so that the attack cost of a malicious attacker can be increased, and the stability of the storage system is improved.
In an optional embodiment, the determining, according to the first incentive element quota, a malicious attack proof resistance value of the candidate storage party includes: acquiring a historical storage task distributed by the candidate storage party, and determining a second incentive element limit corresponding to the historical storage task; and determining the malicious attack resisting proof value of the candidate storage party according to the first incentive element quota and a second incentive element quota corresponding to the historical storage task.
And the second incentive element quota corresponding to the historical storage task is the storage income obtained by executing the historical storage task. Specifically, the first incentive element quota paid by the candidate storage party can be used as a basic malicious attack resistance certification value of the candidate storage party, and the basic malicious attack resistance certification value is corrected according to a second incentive element quota and a correction coefficient obtained by the candidate storage party in the process of executing the historical storage task, so that a new malicious attack resistance certification value of the candidate storage party is obtained. That is to say, after the history storage task is allocated to the candidate storage party, the malicious attack resisting proof value of the candidate storage party can be corrected according to the second incentive element quota corresponding to the history storage task.
Specifically, the product of the second incentive element quota and the correction coefficient may be used as a third incentive element quota, and the difference between the basic malicious attack resistant certification value and the third incentive element quota may be used as a new malicious attack resistant certification value of the candidate storage party. The correction factor may be a predetermined fixed ratio, less than 1, and may be 0.1, for example. Taking the first incentive element quota of a certain storage party as 100 and the second incentive element quota corresponding to the stored task as 200 as an example, the new malicious attack resisting proof value of the storage party after being corrected may be 80. Referring to fig. 2b, if any candidate storage party obtains the storage task in the ith block height, the malicious attack resistant certification value of the candidate storage party can be modified according to the second incentive element quota corresponding to the storage task in the (i + 1) th block height. The basic malicious attack resisting proof value of the candidate storage party is corrected according to the second incentive element limit corresponding to the historical storage task, so that the malicious attack resisting proof value can take storage cost and storage income into consideration, and the malicious attack resisting difficulty is further improved.
In addition, referring to fig. 2c, when the candidate storage party applies for obtaining the target storage task, the to-be-corrected incentive element quota corresponding to the target storage task may be determined according to the target incentive element quota and the correction coefficient corresponding to the target storage task, and if the malicious attack resistant proof value of the candidate storage party is smaller than the corresponding to-be-corrected incentive element quota, the candidate storage party is rejected, that is, the participation right of the candidate storage party to the target storage task is cancelled, so that the candidate participant is not qualified to participate in the target storage task.
According to the technical scheme of the embodiment of the disclosure, the malicious attack resisting proof value of the candidate storage party is determined through the incentive elements transferred to the malicious attack resisting proof account of the candidate storage party, so that the attack cost of a malicious attacker can be increased, and the stability of the storage system is improved; and the malicious anti-attack proof is corrected through the historical storage task, the storage cost and the storage benefit can be considered, and the malicious attack difficulty is further improved.
Fig. 3 is a flowchart of another block chain-based data storage method according to an embodiment of the present disclosure. This embodiment is an alternative proposed on the basis of the above-described embodiments. Referring to fig. 3, the method for storing data based on a block chain according to this embodiment may include:
s301, dividing a target storage task to obtain target data fragments, and acquiring candidate storage parties in a storage system;
s302, calling a storage intelligent contract, and determining a malicious attack resisting certification value of the candidate storage party, wherein the malicious attack resisting certification value is used for representing the storage cost paid by the candidate storage party;
s303, determining the health degree of the candidate storage party; wherein the health degree comprises historical task completion conditions and/or historical heartbeat conditions;
s304, determining the selection probability of the candidate storage party according to a preset health degree coefficient, an anti-attack coefficient, the health degree and the malicious attack resisting proof value of the candidate storage party;
s305, selecting a target storage party for the target data fragment from the candidate storage parties according to the selection probability of the candidate storage parties.
Wherein, the health degree is a stability index of the candidate storage party.
After the data owner sends the data fragments to the storage party, the data owner can challenge the storage party through the block chain network, the storage party can generate a zero knowledge proof for the actually stored data fragments and feed the zero knowledge proof back to the data owner, the data owner verifies the zero knowledge proof to determine whether the storage party really stores the data fragments, and if the verification is successful, the challenge is successful. The historical task completion condition is a condition that the candidate should challenge the data owner within a period of time (such as within the last week), and may include the total number of times that the candidate storage should challenge the data owner within a period of time (i.e., the total number of times of handling), and the number of times of successfully handling the challenge. The historical heartbeat condition is the heartbeat condition sent by the candidate storage party for proving the survivability of the candidate storage party in a period of time, and can comprise the number of heartbeats of the candidate storage party in a period of time. Historical task completion and historical heartbeat conditions may also be stored in the storage intelligence contract.
Specifically, the intelligent contract is called, and the successful task completion proportion of the candidate storage party can be determined according to the historical task completion condition of the candidate storage party; determining the heartbeat proportion of the candidate storage party according to the historical heartbeat condition and the expected heartbeat data of the candidate storage party; and determining the health degree of the candidate storage party according to the task success completion ratio and/or the heartbeat ratio of the candidate storage party.
Wherein, the values of the health degree coefficient and the anti-attack coefficient are both less than 1. Specifically, a health degree coefficient and an anti-attack coefficient can be adopted to fuse the health degree and the anti-malicious-attack proof value of the candidate storage party to obtain the selection probability of the candidate storage party. The health degree of the candidate storage party is determined according to the historical task completion condition and/or the historical heartbeat condition, the selection probability of the candidate storage party is determined by combining the health degree and the malicious attack resisting proof value, and the storage tasks are distributed to the candidate storage party according to the selection probability, so that the stability of the storage system can be further improved.
In an alternative embodiment, the method further comprises: acquiring unit storage quotation of the candidate storage party; acquiring the block height from the first proving block corresponding to the candidate storage party to the current block; s304 includes: and determining the selection probability of the candidate storage party according to the unit storage price, the block height, the health degree coefficient, the anti-attack coefficient, the health degree and the anti-malicious attack proving value of the candidate storage party.
The unit storage price quote can be set by the requirement of the candidate storage party, and is a price quote of a unit time stored in data with a fixed size, for example, the data with the size of 1KB can be stored for 24 hours. The first proof block is used for representing the time when the candidate storage party joins the storage system, and a block where a first anti-malicious attack proof value, a first zero knowledge proof or a first heartbeat proof is located can be used as the first proof block. The lower the unit storage price, the higher the block height, the higher the health degree and the higher the malicious attack resistance proof value, the higher the corresponding selection probability, and the unit storage price, the block height, the health degree and the malicious attack resistance proof value can be used as the existence proof of the candidate storage nodes and written into the storage intelligent contract and the block chain. In the process of determining the selection probability, the storage cost can be also considered by introducing unit storage quotation, the authenticity of a candidate storage party can be further improved by introducing block height, and the malicious attack difficulty is increased.
In an alternative embodiment, the method further comprises: determining a storage state of the storage system; determining the health degree coefficient and the attack resistance coefficient according to the storage state; wherein, in the case that the storage state is a cold start stage, the anti-attack coefficient is greater than the health coefficient; and under the condition that the storage state is a running state, the anti-attack coefficient is smaller than the health coefficient.
In the cold start stage, most or even all storage nodes in the storage system are not allocated to the storage task, so that the cost for an attacker to forge the identity is relatively low, and a malicious attacker may cause the storage system to fail to normally enter the running stage through malicious attack. Under the condition of being in a cold start state, the anti-attack coefficient is controlled to be larger than the health degree coefficient, the selection probability of the candidate storage party is mainly determined according to the anti-malicious attack proof value of the candidate storage party, the influence of malicious attack on the cold start stage can be reduced, the start success rate of the storage system is improved, after the storage system is switched to the running state from the cold start state, the anti-attack coefficient is reduced, the health degree coefficient is improved, the selection probability of the candidate storage party is mainly determined according to the health degree of the candidate storage party, and the stability of the storage system can be further improved.
In an alternative embodiment, the determining the storage state of the storage system includes: determining the ratio of storage nodes allocated with storage tasks in a storage system according to the allocation condition of historical storage tasks; and determining the storage state of the storage system according to the storage node ratio.
Specifically, the number of storage nodes allocated with storage tasks in the storage system can be obtained according to the allocation condition of the historical storage tasks, and the proportion of the number of the storage nodes allocated with the storage tasks to the total number of the storage nodes in the storage system is used as the storage node proportion; determining that the storage system is in a cold start state under the condition that the ratio of the storage nodes is less than or equal to a preset ratio threshold; otherwise, determining that the storage system is switched to the running state. The proportional threshold may be set as desired.
The storage system is determined to be in a cold start state or an operation state according to the node occupation ratio distributed to the storage tasks, so that the health degree coefficient and the anti-attack coefficient are adjusted conveniently after the storage system is switched from the cold start state to the operation state, and the health degree of the candidate storage nodes is emphasized. When most storage nodes in the storage system undertake or complete some storage tasks, the health degrees of the storage nodes are differentiated, so that the attack capability of malicious nodes is further weakened. By reducing the anti-attack coefficient, the actual storage capacity of the candidate storage node is reflected, and the stability of the storage system can be further improved.
According to the technical scheme, the unit storage price, the block height, the health degree and the malicious attack resisting proof value are combined, the target storage party is selected for the target data fragment from the candidate participants, and the stability of the storage system can be further improved. And after the storage system is switched from the cold start state to the running state, the actual storage capacity of the candidate storage nodes is embodied by reducing the anti-attack coefficient.
Fig. 4 is a schematic structural diagram of a data storage device based on a block chain according to an embodiment of the present disclosure. The embodiment is suitable for the case of selecting the storage node for the storage task from the distributed storage system. The apparatus can be implemented in software and/or hardware. As shown in fig. 4, the block chain based data storage apparatus 400 of the present embodiment may include:
the task dividing module 410 is configured to divide a target storage task to obtain target data fragments, and obtain candidate storage parties in the storage system;
the anti-attack proof module 420 is configured to invoke the storage intelligent contract, and determine an anti-malicious-attack proof value of the candidate storage party, where the anti-malicious-attack proof value is used to characterize the storage cost paid by the candidate storage party;
and the storage party selecting module 430 is configured to select a target storage party for the target data segment from the candidate storage parties according to the malicious attack proof value of the candidate storage party.
In an alternative embodiment, the anti-attack attestation module 420 includes:
the first incentive element unit is used for calling the intelligent storage contract and determining a first incentive element quota transferred by the candidate storage party according to an incentive element transfer transaction request initiated by the candidate storage party to the malicious attack proof account;
and the anti-attack proving unit is used for determining the anti-malicious-attack proving value of the candidate storage party according to the first incentive element quota.
In an alternative embodiment, the anti-attack attestation unit includes:
the second incentive element subunit is used for acquiring the historical storage tasks distributed by the candidate storage party and determining a second incentive element limit corresponding to the historical storage tasks;
and the anti-attack proving subunit is used for determining the anti-malicious attack proving value of the candidate storage party according to the first incentive element quota and a second incentive element quota corresponding to the historical storage task.
In an alternative embodiment, the above block chain based data storage apparatus 400 further includes:
the health degree module is used for determining the health degree of the candidate storage party; wherein the health degree comprises historical task completion conditions and/or historical heartbeat conditions;
the storage party selecting module 430 includes:
the selection probability unit is used for determining the selection probability of the candidate storage party according to a preset health degree coefficient, an anti-attack coefficient, the health degree and an anti-malicious attack proof value of the candidate storage party;
and the storage party selecting unit is used for selecting a target storage party for the target data fragment from the candidate storage parties according to the selection probability of the candidate storage parties.
In an alternative embodiment, the above block chain based data storage apparatus 400 further includes:
the storage quotation module is used for acquiring unit storage quotation of the candidate storage party;
the block height module is used for acquiring the block height from the first proof block corresponding to the candidate storage party to the current block;
the selection probability unit is specifically configured to:
and determining the selection probability of the candidate storage party according to the unit storage price, the block height, the health degree coefficient, the anti-attack coefficient, the health degree and the anti-malicious attack proving value of the candidate storage party.
In an alternative embodiment, the storage side selection module 430 further comprises:
the storage state unit is used for determining the storage state of the storage system;
a coefficient determining unit, configured to determine the health coefficient and the attack resistance coefficient according to the storage state;
wherein, in the case that the storage state is a cold start stage, the anti-attack coefficient is greater than the health coefficient; and under the condition that the storage state is a running state, the anti-attack coefficient is smaller than the health coefficient.
In an optional implementation, the storage status unit is specifically configured to:
determining the ratio of storage nodes allocated with storage tasks in a storage system according to the allocation condition of historical storage tasks;
and determining the storage state of the storage system according to the storage node ratio.
According to the technical scheme of the embodiment of the disclosure, authenticity endorsement is carried out on the candidate storage party according to the malicious attack resisting proof value of the candidate storage party, so that the attack cost of a malicious attacker is increased; and selecting a target storage party for the target data fragment from the candidate participants by combining unit storage quotation, block height, health degree and malicious attack resisting proof value, so that the stability of the storage system can be further improved. And after the storage system is switched from a cold start state to an operation state, the actual storage capacity of the candidate storage nodes is embodied by reducing the anti-attack coefficient, and the availability and the usability are high.
In the technical scheme of the disclosure, the acquisition, storage, application and the like of the personal information of the related user all accord with the regulations of related laws and regulations, and do not violate the customs of public sequences.
The present disclosure also provides an electronic device, a readable storage medium, and a computer program product according to embodiments of the present disclosure.
Fig. 5 is a block diagram of an electronic device for implementing a blockchain-based data storage method according to an embodiment of the present disclosure. FIG. 5 illustrates a schematic block diagram of an example electronic device 500 that can be used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. Electronic devices may also represent various forms of mobile devices, such as personal digital processors, cellular telephones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not intended to limit implementations of the disclosure described and/or claimed herein.
As shown in fig. 5, the electronic device 500 includes a computing unit 501, which can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM) 502 or a computer program loaded from a storage unit 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data required for the operation of the electronic apparatus 500 can also be stored. The calculation unit 501, the ROM 502, and the RAM 503 are connected to each other by a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
A number of components in the electronic device 500 are connected to the I/O interface 505, including: an input unit 506 such as a keyboard, a mouse, or the like; an output unit 507 such as various types of displays, speakers, and the like; a storage unit 508, such as a magnetic disk, optical disk, or the like; and a communication unit 509 such as a network card, modem, wireless communication transceiver, etc. The communication unit 509 allows the electronic device 500 to exchange information/data with other devices through a computer network such as the internet and/or various telecommunication networks.
The computing unit 501 may be a variety of general-purpose and/or special-purpose processing components having processing and computing capabilities. Some examples of the computing unit 501 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various dedicated Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, and so forth. The computing unit 501 performs the various methods and processes described above, such as a blockchain-based data storage method. For example, in some embodiments, the blockchain-based data storage method may be implemented as a computer software program tangibly embodied in a machine-readable medium, such as storage unit 508. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 500 via the ROM 502 and/or the communication unit 509. When the computer program is loaded into the RAM 503 and executed by the computing unit 501, one or more steps of the above-described blockchain-based data storage method may be performed. Alternatively, in other embodiments, the computing unit 501 may be configured to perform the blockchain-based data storage method by any other suitable means (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), system on a chip (SOCs), complex Programmable Logic Devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for implementing the methods of the present disclosure may be written in any combination of one or more programming languages. These program codes may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the program codes, when executed by the processor or controller, cause the functions/operations specified in the flowchart and/or block diagram to be performed. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the Internet.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server may be a cloud server, a server of a distributed system, or a server combining a blockchain.
Artificial intelligence is the subject of research that makes computers simulate some human mental processes and intelligent behaviors (such as learning, reasoning, thinking, planning, etc.), both at the hardware level and at the software level. Artificial intelligence hardware technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing, and the like; the artificial intelligence software technology mainly comprises a computer vision technology, a voice recognition technology, a natural language processing technology, a machine learning/deep learning technology, a big data processing technology, a knowledge map technology and the like.
Cloud computing (cloud computing) refers to a technology system that accesses a flexibly extensible shared physical or virtual resource pool through a network, where resources may include servers, operating systems, networks, software, applications, storage devices, and the like, and may be deployed and managed in a self-service manner as needed. Through the cloud computing technology, high-efficiency and strong data processing capacity can be provided for technical application such as artificial intelligence and block chains and model training.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present disclosure may be executed in parallel, sequentially, or in different orders, as long as the desired results of the technical solutions disclosed in the present disclosure can be achieved, and the present disclosure is not limited herein.
The above detailed description should not be construed as limiting the scope of the disclosure. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present disclosure should be included in the scope of protection of the present disclosure.
Claims (12)
1. The data storage method based on the block chain comprises the following steps:
dividing a target storage task to obtain target data fragments, and acquiring candidate storage parties in a storage system;
calling a storage intelligent contract, and determining a malicious attack resistance proof value of the candidate storage party, wherein the malicious attack resistance proof value is used for representing the storage cost paid by the candidate storage party;
selecting a target storage party for the target data fragment from the candidate storage parties according to the malicious attack resisting certification value of the candidate storage party;
the method further comprises the following steps:
determining a health of the candidate storage party; wherein the health degree comprises historical task completion conditions and/or historical heartbeat conditions;
acquiring unit storage quotation of the candidate storage party;
acquiring the block height from the first proving block corresponding to the candidate storage party to the current block; the first proof block is used for representing the time when the candidate storage party is added into the storage system, and the first proof block is a block where a first malicious attack resistance proof value, a first zero knowledge proof or a first heartbeat proof is located;
selecting a target storage party for the target data fragment from the candidate storage parties according to the malicious attack proof value of the candidate storage party, including:
determining the selection probability of the candidate storage party according to the unit storage price, the block height, the health degree coefficient, the anti-attack coefficient, the health degree and the anti-malicious attack proving value of the candidate storage party;
and selecting a target storage party for the target data fragment from the candidate storage parties according to the selection probability of the candidate storage parties.
2. The method of claim 1, wherein said invoking a storage intelligence contract to determine a malicious attack resistant attestation value of the candidate storage party comprises:
calling a storage intelligent contract, and determining a first incentive element limit transferred by the candidate storage party according to an incentive element transfer transaction request initiated by the candidate storage party to the malicious attack proof account;
and determining the malicious attack resisting proof value of the candidate storage party according to the first incentive element limit.
3. The method of claim 2, wherein the determining a malicious attack proof value of the candidate storage party according to the first incentive element amount comprises:
acquiring a historical storage task distributed by the candidate storage party, and determining a second incentive element limit corresponding to the historical storage task;
and determining the malicious attack resisting proof value of the candidate storage party according to the first incentive element quota and a second incentive element quota corresponding to the historical storage task.
4. The method of claim 1, further comprising:
determining the storage state of the storage system;
determining the health degree coefficient and the anti-attack coefficient according to the storage state;
wherein, in the case that the storage state is a cold start stage, the anti-attack coefficient is greater than the health coefficient; and under the condition that the storage state is a running state, the anti-attack coefficient is smaller than the health coefficient.
5. The method of claim 4, wherein the determining the storage state the storage system is in comprises:
determining the ratio of storage nodes allocated with storage tasks in a storage system according to the allocation condition of historical storage tasks;
and determining the storage state of the storage system according to the storage node ratio.
6. A blockchain based data storage device comprising:
the task dividing module is used for dividing a target storage task to obtain target data fragments and acquiring candidate storage parties in the storage system;
the anti-attack proof module is used for calling the intelligent storage contract and determining an anti-malicious-attack proof value of the candidate storage party, wherein the anti-malicious-attack proof value is used for representing the storage cost paid by the candidate storage party;
the storage party selection module is used for selecting a target storage party for the target data fragment from the candidate storage parties according to the malicious attack resisting certification value of the candidate storage party;
the device further comprises:
the health degree module is used for determining the health degree of the candidate storage party; wherein the health degree comprises historical task completion conditions and/or historical heartbeat conditions;
the storage quotation module is used for acquiring unit storage quotation of the candidate storage party;
the block height module is used for acquiring the block height from the first proving block corresponding to the candidate storage party to the current block; the first proving block is used for representing the time when the candidate storage party joins the storage system, and the first proving block is a block where a first malicious attack resisting proving value, a first zero knowledge proving or a first heartbeat proving is located;
the depositor selection module comprises:
the selection probability unit is used for determining the selection probability of the candidate storage party according to the unit storage price, the block height, the health degree coefficient, the attack resistance coefficient, the health degree and the malicious attack resistance certification value of the candidate storage party;
and the storage party selecting unit is used for selecting a target storage party for the target data fragment from the candidate storage parties according to the selection probability of the candidate storage parties.
7. The apparatus of claim 6, wherein the anti-attack attestation module comprises:
the first incentive element unit is used for calling the intelligent storage contract and determining a first incentive element quota transferred by the candidate storage party according to an incentive element transfer transaction request initiated by the candidate storage party to the malicious attack proof account;
and the anti-attack proving unit is used for determining the anti-malicious-attack proving value of the candidate storage party according to the first incentive element quota.
8. The apparatus of claim 7, wherein the anti-attack attestation unit comprises:
the second incentive element subunit is used for acquiring the historical storage tasks distributed by the candidate storage party and determining a second incentive element limit corresponding to the historical storage tasks;
and the anti-attack proving subunit is used for determining the anti-malicious attack proving value of the candidate storage party according to the first incentive element quota and a second incentive element quota corresponding to the historical storage task.
9. The apparatus of claim 6, the depositor selection module further comprising:
the storage state unit is used for determining the storage state of the storage system;
a coefficient determining unit, configured to determine the health coefficient and the attack resistance coefficient according to the storage state;
wherein, in the case that the storage state is a cold start stage, the anti-attack coefficient is greater than the health coefficient; and under the condition that the storage state is a running state, the anti-attack coefficient is smaller than the health coefficient.
10. The apparatus of claim 9, wherein the storage state unit is specifically configured to:
determining the ratio of storage nodes allocated with storage tasks in a storage system according to the allocation condition of historical storage tasks;
and determining the storage state of the storage system according to the storage node ratio.
11. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the blockchain-based data storage method of any one of claims 1-5.
12. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the blockchain-based data storage method according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211059902.3A CN115129266B (en) | 2022-09-01 | 2022-09-01 | Data storage method, device and equipment based on block chain and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211059902.3A CN115129266B (en) | 2022-09-01 | 2022-09-01 | Data storage method, device and equipment based on block chain and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115129266A CN115129266A (en) | 2022-09-30 |
| CN115129266B true CN115129266B (en) | 2023-01-06 |
Family
ID=83387888
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211059902.3A Active CN115129266B (en) | 2022-09-01 | 2022-09-01 | Data storage method, device and equipment based on block chain and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115129266B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114513317A (en) * | 2020-10-27 | 2022-05-17 | 香港城市大学深圳研究院 | Method, system, equipment and storage medium for resisting distributed denial of service attack |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10104097B1 (en) * | 2014-12-12 | 2018-10-16 | Symantec Corporation | Systems and methods for preventing targeted malware attacks |
| CN110443614B (en) * | 2018-09-07 | 2021-04-09 | 腾讯科技(深圳)有限公司 | Node equipment deleting method and device, computer equipment and storage medium |
| CN109615527A (en) * | 2019-02-19 | 2019-04-12 | 航天恒星科技有限公司 | A kind of method and apparatus for block chain community access |
| US11489854B2 (en) * | 2019-07-30 | 2022-11-01 | Nagravision S.A. | Techniques for incentivized intrusion detection system |
| CN113918102B (en) * | 2021-12-10 | 2022-06-17 | 北京百度网讯科技有限公司 | Data processing method, device and equipment based on block chain and storage medium |
| CN114827176B (en) * | 2022-04-08 | 2023-05-09 | 华中科技大学 | Method and system for defending Sybil attacks in distributed storage system |
-
2022
- 2022-09-01 CN CN202211059902.3A patent/CN115129266B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114513317A (en) * | 2020-10-27 | 2022-05-17 | 香港城市大学深圳研究院 | Method, system, equipment and storage medium for resisting distributed denial of service attack |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115129266A (en) | 2022-09-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2019104250A1 (en) | Incrementally perfected digital asset collateral wallet | |
| CN101706937A (en) | Method and system for monitoring electronic bank risks | |
| CN108921558A (en) | Assets settle accounts calculation method, system, equipment and storage medium based on block chain | |
| CN113807960A (en) | Cross-link processing method, device and system between heterogeneous chains and electronic equipment | |
| EP3646256A1 (en) | Dynamic reputation score for a digital identity | |
| CN113037489B (en) | Data processing method, device, equipment and storage medium | |
| CN115129266B (en) | Data storage method, device and equipment based on block chain and storage medium | |
| CN111340574B (en) | Risk user identification method and device and electronic equipment | |
| CN110399409B (en) | Transaction abnormity monitoring method and device | |
| CN117172809A (en) | Transaction fee determining method, device, electronic equipment and storage medium | |
| CN114327802B (en) | Method, apparatus, device and medium for block chain access to data outside chain | |
| CN116204843A (en) | Abnormal account detection method and device, electronic equipment and storage medium | |
| CN110197374B (en) | Transaction interception control method and device | |
| CN114997576B (en) | Method, device, equipment, medium and product for determining standard prompt object | |
| CN113935069B (en) | Data verification method, device and equipment based on block chain and storage medium | |
| CN115017236B (en) | Data processing method, device and equipment based on block chain and storage medium | |
| CN115328621A (en) | Transaction processing method, device and equipment based on block chain and storage medium | |
| CN113918102B (en) | Data processing method, device and equipment based on block chain and storage medium | |
| CN114048010A (en) | Method, device, equipment and storage medium for controlling service timeout time | |
| CN115545088A (en) | Model construction method, classification method and device and electronic equipment | |
| CN107958142B (en) | User account generation method and device | |
| CN112232824A (en) | Abstract syntax tree-based risk result calculation method and equipment | |
| CN115589391B (en) | Instant messaging processing method, device and equipment based on block chain and storage medium | |
| CN118587002A (en) | Risk identification method, device and equipment based on answer sheet and storage medium | |
| CN113870014A (en) | Risk identification method, device and equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |