CN115622762A - Cloud edge data distribution method based on block chain and cross-chain interaction method - Google Patents

Cloud edge data distribution method based on block chain and cross-chain interaction method Download PDF

Info

Publication number
CN115622762A
CN115622762A CN202211221163.3A CN202211221163A CN115622762A CN 115622762 A CN115622762 A CN 115622762A CN 202211221163 A CN202211221163 A CN 202211221163A CN 115622762 A CN115622762 A CN 115622762A
Authority
CN
China
Prior art keywords
chain
node
information
consensus
cross
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211221163.3A
Other languages
Chinese (zh)
Other versions
CN115622762B (en
Inventor
张翀
吴菲
杨济伟
何春辉
徐浩
葛斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National University of Defense Technology
Original Assignee
National University of Defense Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National University of Defense Technology filed Critical National University of Defense Technology
Priority to CN202211221163.3A priority Critical patent/CN115622762B/en
Publication of CN115622762A publication Critical patent/CN115622762A/en
Application granted granted Critical
Publication of CN115622762B publication Critical patent/CN115622762B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

本发明针对现有云边端数据分发方法以及跨链交互的安全性不足,提出一种基于区块链的云边端数据分发方法以及跨链交互方法,所述方法包括:通过上传节点和下载节点将待分发数据进行加密构建数据凭证结构;上传节点将其上传至区块链网络,共识节点将其共识验证,并将验证通过的数据凭证结构存入智能合约;下载节点下载存储空间的信息,并将信息与存入智能合约中数据凭证结构对比,对比成功后触发下载共识完成数据的安全交互;构建区块链网络架构,设计跨链架构方法及其可信协调方法。采用此方法能保证数据信息在进行全局跨链交互的安全可信,提高了数据信息交互的速率,适用于当前各种物联网场景,具有广阔的应用前景,且效益明显。

Figure 202211221163

Aiming at the lack of security of the existing cloud-side terminal data distribution method and cross-chain interaction, the present invention proposes a blockchain-based cloud-side terminal data distribution method and cross-chain interaction method. The method includes: uploading nodes and downloading The node encrypts the data to be distributed to build a data certificate structure; the upload node uploads it to the blockchain network, the consensus node verifies its consensus, and stores the verified data certificate structure into the smart contract; the download node downloads the information of the storage space , and compare the information with the data certificate structure stored in the smart contract. After the comparison is successful, the download consensus is triggered to complete the safe interaction of the data; the blockchain network architecture is constructed, and the cross-chain architecture method and its trusted coordination method are designed. Using this method can ensure the security and credibility of data information in the global cross-chain interaction, improve the rate of data information interaction, and is applicable to various current IoT scenarios, with broad application prospects and obvious benefits.

Figure 202211221163

Description

基于区块链的云边端数据分发方法以及跨链交互方法Blockchain-based cloud-side data distribution method and cross-chain interaction method

技术领域technical field

本申请涉及数字信息的传输技术领域,特别是涉及一种基于区块链的云边端数据分发方法以及跨链交互方法。This application relates to the technical field of digital information transmission, and in particular to a blockchain-based cloud-side data distribution method and a cross-chain interaction method.

背景技术Background technique

随着移动计算、边缘计算、物联网技术与应用不断深入发展,云中心-边缘计算节点-传感器所形成的云边端架构正在成为主流的工业物联网计算架构。由于云边端架构具有良好的适应性和灵活性,大量的物联网场景都采用这种方式进行服务协同。而云边端架构中云、边和端三者的管控方存在异构情况,这对云边端架构中的信息交互安全可信度提出了更高挑战。With the continuous development of mobile computing, edge computing, and Internet of Things technology and applications, the cloud-edge-end architecture formed by cloud center-edge computing nodes-sensors is becoming the mainstream industrial Internet of Things computing architecture. Due to the good adaptability and flexibility of the cloud-edge-device architecture, a large number of IoT scenarios use this method for service collaboration. However, in the cloud-edge-device architecture, there are heterogeneous control parties among the cloud, edge, and device, which poses a higher challenge to the security and reliability of information interaction in the cloud-edge-device architecture.

应用区块链技术能解决上述的安全问题,传统技术在应用区块链技术解决云边端三者在信息交互的安全性问题时,往往只对云边端架构中的一层结构在进行信息交互时,采用区块链技术解决信息交互的安全可信问题,并没有考虑跨链设计;同时传统共识方法在获记账权的共识节点打包出块、其他共识节点接收该块时,都需要对区块体的数据进行验证,如是否双花、余额是否够用等验证。The application of blockchain technology can solve the above-mentioned security problems. When traditional technology uses blockchain technology to solve the security problem of information interaction among the cloud, edge and terminal, it often only performs information processing on one layer of the cloud, edge and terminal architecture. When interacting, blockchain technology is used to solve the problem of security and credibility of information interaction, and cross-chain design is not considered; at the same time, traditional consensus methods need to Verify the data of the block body, such as whether it is double spent, whether the balance is sufficient, etc.

这使得云边端三者之间的交互缺乏可信机制,信息只能在独立的封闭的区块链内可信记录,并不支持全局的安全服务协作,三者之间的网络通信协议、数据传输分发等交互过程中可信度不高,无显式的确认机制,缺乏全局的安全服务协作能力。This makes the interaction between the cloud, edge and terminal lack a trusted mechanism. Information can only be trusted and recorded in an independent closed blockchain, which does not support global security service collaboration. The network communication protocol between the three, The credibility of the interaction process such as data transmission and distribution is not high, there is no explicit confirmation mechanism, and there is a lack of global security service collaboration capabilities.

发明内容Contents of the invention

基于云边端架构中云、边和端三者的管控方存在异构情况、交互过程中信息传达的不确定性以及缺乏缺乏全局的安全服务协作能力,提供一种基于区块链的云边端数据分发方法以及跨链交互方法。Based on the heterogeneity of the cloud, edge, and end controllers in the cloud-edge-end architecture, the uncertainty of information transmission during the interaction process, and the lack of global security service collaboration capabilities, a blockchain-based cloud-edge Terminal data distribution method and cross-chain interaction method.

本发明从云边端数据可靠分发与跨链可信交互出发,开展一种基于区块链的云边端数据可靠分发方法以及跨链可信交互方法,应用于云边端区块链网络架构中,云边端区块链网络架构包括:端层结构、边层结构以及云层结构;端层结构包括控制器,传感器设备,传感器设备用于采集任务数据,控制器用于执行指令;边层结构包括边缘计算节点,由边缘计算节点组成轻量级区块链;云层结构包括云中心计算节点,云中心计算节点组成主区块链;Starting from the reliable distribution of cloud-side data and cross-chain trusted interaction, the present invention develops a blockchain-based cloud-side data reliable distribution method and cross-chain trusted interaction method, which is applied to the cloud-side blockchain network architecture Among them, the cloud-edge-end blockchain network architecture includes: end-layer structure, edge-layer structure, and cloud-layer structure; the end-layer structure includes controllers, sensor devices, sensor devices are used to collect task data, and controllers are used to execute instructions; Including edge computing nodes, which form a lightweight blockchain; the cloud layer structure includes cloud center computing nodes, and cloud center computing nodes form the main blockchain;

上传节点将待分发数据取哈希值,得到明文哈希值,并且根据下载节点的公钥对待分发数据进行加密,得到第一加密值,采用上传节点的私钥对第一加密值进行加密,得到第二加密值,取第二加密值的哈希,得到加密哈希值;The upload node takes the hash value of the data to be distributed to obtain the plaintext hash value, and encrypts the data to be distributed according to the public key of the download node to obtain the first encrypted value, and encrypts the first encrypted value with the private key of the upload node, obtain a second encrypted value, take a hash of the second encrypted value, and obtain an encrypted hash value;

上传节点将第一加密值和第二加密值存储至存储空间中,并反馈存储空间中的存储路径;The upload node stores the first encrypted value and the second encrypted value in the storage space, and feeds back the storage path in the storage space;

上传节点根据上传节点的上传节点信息、下载节点的下载节点信息、明文哈希值、加密哈希值以及存储路径,构建数据凭证结构;The upload node builds a data credential structure based on the upload node information of the upload node, the download node information of the download node, the plaintext hash value, the encrypted hash value, and the storage path;

将数据凭证结构上传至云边端区块链网络架构中,通过云边端区块链网络架构中的共识节点对数据凭证结构进行验证并加入云边端区块链网络架构,并将上传节点信息和下载节点信息作为key值,明文哈希值作为value值存储在智能合约中;共识节点为边缘计算节点或云中心计算节点;Upload the data certificate structure to the cloud-side blockchain network architecture, verify the data certificate structure through the consensus nodes in the cloud-side blockchain network architecture and join the cloud-side blockchain network architecture, and upload the node The information and download node information are used as the key value, and the plaintext hash value is stored in the smart contract as the value value; the consensus node is an edge computing node or a cloud center computing node;

下载节点根据数据凭证结构的存储路径下载得到待确认第一加密,根据下载节点的私钥解密待确认第一加密值,得到待确认明文哈希值,调用智能合约,并比较待确认明文哈希值和明文哈希值,当相同时,则确定上传节点的待分发数据分发至下载节点。The download node downloads the first encryption to be confirmed according to the storage path of the data certificate structure, decrypts the first encrypted value to be confirmed according to the private key of the download node, obtains the hash value of the plaintext to be confirmed, invokes the smart contract, and compares the hash of the plaintext to be confirmed value and plaintext hash value, when they are the same, it is determined that the data to be distributed by the upload node is distributed to the download node.

其中,通过云边端区块链网络架构中的共识节点对数据凭证结构进行验证并加入云边端区块链网络架构,包括:Among them, the data certificate structure is verified through the consensus nodes in the cloud-edge blockchain network architecture and added to the cloud-edge blockchain network architecture, including:

通过云边端区块链网络架构中的共识节点接收上传节点上传的数据凭证结构,根据存储路径下载数据凭证结构,解析数据凭证结构得到上传节点信息、明文哈希值和加密哈希值;根据上传节点信息和加密哈希值对数据凭证结构进行验证通过后,将数据凭证结构对应的区块挂载在云边端区块链网络架构的区块队列中;将数据凭证结构发送至其他共识节点进行二次验证,若验证不通过,则抛弃区块,若验证通过,则将数据凭证结构对应的区块挂载在云边端区块链网络架构的区块队列中。云边端区块链网络中所有共识节点将持续监测数据凭证结构,数据凭证结构经验证确认,形成上传共识确认。通过上传共识确认,共识节点调用智能合约的存储功能,解析数据凭证结构得到上传节点信息、下载节点信息和明文哈希值;根据上传节点信息、下载节点信息和明文哈希值,将上传节点信息、下载节点信息作为key值,明文哈希值作为value值进行存储,存储的位置为云边端区块链网络中的智能合约。Receive the data credential structure uploaded by the uploading node through the consensus node in the cloud-edge blockchain network architecture, download the data credential structure according to the storage path, and analyze the data credential structure to obtain the uploading node information, plaintext hash value and encrypted hash value; according to After uploading the node information and encrypted hash value to verify the data certificate structure, mount the block corresponding to the data certificate structure in the block queue of the cloud edge blockchain network architecture; send the data certificate structure to other consensus The node performs secondary verification. If the verification fails, the block is discarded. If the verification is passed, the block corresponding to the data certificate structure is mounted in the block queue of the cloud-side blockchain network architecture. All consensus nodes in the cloud edge blockchain network will continue to monitor the data certificate structure, and the data certificate structure is verified and confirmed to form an upload consensus confirmation. Through the upload consensus confirmation, the consensus node invokes the storage function of the smart contract, analyzes the data credential structure to obtain the upload node information, download node information and plaintext hash value; according to the upload node information, download node information and plaintext hash value, the upload node information , The downloaded node information is used as the key value, and the plaintext hash value is stored as the value value, and the storage location is the smart contract in the cloud edge blockchain network.

在其中一个实施例中,还包括:上传节点上传待分发数据至存储空间,将存储凭证上链至区块链网络,同时将访问权限规则写入智能合约;智能合约中按照RBAC机制设置访问权限,访问控制细化到数据的条目;下载节点下载数据信息时首先调用智能合约检查权限,智能合约返回该节点所能访问的条目及对应的存储地址;下载节点下载对应的数据条目,将下载结果上链。其中RBAC机制即Role-Based Access Control,基于角色的访问控制机制。In one of the embodiments, it also includes: the upload node uploads the data to be distributed to the storage space, uploads the storage certificate to the blockchain network, and writes the access authority rules into the smart contract; the access authority is set in the smart contract according to the RBAC mechanism , the access control is refined to the entry of the data; when the download node downloads the data information, it first calls the smart contract to check the authority, and the smart contract returns the entries that the node can access and the corresponding storage address; the download node downloads the corresponding data entry, and downloads the result winding. Among them, the RBAC mechanism is Role-Based Access Control, a role-based access control mechanism.

在其中一个实施例中,还包括:将主区块链作为主链,轻量级区块链作为侧链;云中心计算节点调用侧链读取自身区块头,基于侧链的区块头信息生成上链信息,上链信息包括数据凭证结构;侧链对数据凭证结构进行共识确认,经过共识确认后,侧链调用主链SPV验证合约对上链信息进行验证;当验证通过,侧链将上链信息根据主链SPV验证合约中规定上链;边缘计算节点调用主链读取自身区块头,基于主链的区块头信息生成上链信息,上链信息包括数据凭证结构;主链对数据凭证结构进行共识确认,共识确认后,主链调用侧链SPV验证合约;当验证通过,主链将上链信息根据侧链SPV验证合约中规定上链。In one of the embodiments, it also includes: using the main blockchain as the main chain, and the lightweight blockchain as the side chain; the cloud center computing node calls the side chain to read its own block header, and generates block header information based on the side chain On-chain information, on-chain information includes the data certificate structure; the side chain confirms the data certificate structure by consensus, after the consensus confirmation, the side chain calls the main chain SPV verification contract to verify the on-chain information; when the verification is passed, the side chain will upload The chain information is uploaded to the chain according to the main chain SPV verification contract; the edge computing node calls the main chain to read its own block header, and generates the chain information based on the block header information of the main chain. The chain information includes the data certificate structure; The structure is confirmed by consensus. After the consensus is confirmed, the main chain calls the side chain SPV verification contract; when the verification is passed, the main chain uploads the chain information according to the provisions in the side chain SPV verification contract.

其中,数据凭证结构经共识确认后,云中心计算节点通过侧链的区块头、与侧链对应的Merkle树根以及存储路径验证数据凭证结构经共识确认后的结果,当验证结果为通过,则根据主链SPV验证合约中规定上链;数据凭证结构经共识确认后,边缘计算节点通过主链的区块头、与主链对应的Merkle树根以及存储路径验证数据凭证结构经共识确认后的结果,当验证结果为通过,则根据侧链SPV验证合约中规定上链。Among them, after the data certificate structure is confirmed by the consensus, the cloud center computing node verifies the result after the data certificate structure is confirmed by the consensus through the block header of the side chain, the Merkle tree root corresponding to the side chain, and the storage path. When the verification result is passed, then On-chain according to the provisions of the main chain SPV verification contract; after the data certificate structure is confirmed by the consensus, the edge computing node verifies the result of the data certificate structure being confirmed by the consensus through the block header of the main chain, the Merkle tree root corresponding to the main chain, and the storage path , when the verification result is passed, it will be uploaded to the chain according to the provisions in the side chain SPV verification contract.

在其中一个实施例中,还包括:端传感器采集待分发数据,通过可靠分发机制将待分发数据构建数据凭证结构,存储至边缘计算节点,并将存储凭证上链至轻量级区块链;边缘计算节点将数据凭证结构上链至轻量级区块链或主区块链,共识节点验证数据凭证结构,触发智能合约的比较功能,比较通过后将数据凭证结构的信息特征提取代码,将代码下载至边缘计算节点;边缘计算节点向主区块链发出跨链请求验证代码的正确性,并提取信息特征;边缘计算节点将提取的信息特征上链至的轻量级区块链,经的轻量级区块链共识验证后调用SPV验证合约,将信息特征跨链至主区块链;主区块链共识确认信息特征后,生成对端层结构的指令下发;指令在主区块链共识验证后调用轻量级区块链SPV验证合约,将指令跨链至轻量级区块链,指令到轻量级区块链共识确认后,分发至端层结构中指定的控制器进行对应的指令操作。In one of the embodiments, it also includes: the terminal sensor collects the data to be distributed, constructs a data credential structure for the data to be distributed through a reliable distribution mechanism, stores it in the edge computing node, and links the stored credential to the lightweight blockchain; The edge computing node chains the data certificate structure to the lightweight blockchain or the main blockchain. The consensus node verifies the data certificate structure and triggers the comparison function of the smart contract. After the comparison is passed, the information feature code of the data certificate structure is extracted, and the The code is downloaded to the edge computing node; the edge computing node sends a cross-chain request to the main block chain to verify the correctness of the code, and extracts information features; the edge computing node links the extracted information features to the lightweight block chain, through After the lightweight blockchain consensus verification, the SPV verification contract is called to cross-chain the information characteristics to the main blockchain; after the main blockchain consensus confirms the information characteristics, the instruction to generate the peer layer structure is issued; the instruction is in the main area After the blockchain consensus verification, call the lightweight blockchain SPV verification contract, cross-chain the instruction to the lightweight blockchain, and distribute the instruction to the controller specified in the end-layer structure after the consensus confirmation of the lightweight blockchain Carry out the corresponding instruction operation.

在其中一个实施例中,还包括:将一轻量级区块链作为A链,另一轻量级区块链作为B链;A链中边缘计算节点发起第一跨链上链动作,第一跨链上链动作经过A链共识验证通过后入链A链,即第一跨链事件;事件收集节点接收第一跨链事件后,对第一跨链上链动作进行数据凭证结构的真实性验证,验证通过后,构建第一跨链上链动作的Merkle树根,并使用事件收集节点私钥签名形成第三加密值,将第三加密值上链至云中心主链,云中心主链节点进行合法性验证并达成共识;事件收集节点监听到共识后,在服务链发起第二跨链上链动作,第二跨链上链动作经过共识节点验证,经过验证后入链B链,即第二跨链事件;事件收集节点监听到第二跨链事件后,对第二跨链上链动作进行数据凭证结构的验证,验证通过后,构建第二跨链上链动作的Merkle树根,并使用事件收集节点私钥签名形成第四加密值,将第四加密值上链至云中心主链,云中心主链节点进行合法性验证并达成共识;事件收集节点监听到共识后,在A链上发起跨链动作,完成跨域请求闭环。In one of the embodiments, it also includes: using a lightweight blockchain as the A chain, and another lightweight blockchain as the B chain; the edge computing node in the A chain initiates the first cross-chain up-chain action, and the second A cross-chain up-chain action passes the A-chain consensus verification and then enters the chain A chain, that is, the first cross-chain event; after the event collection node receives the first cross-chain event, it verifies the authenticity of the data certificate structure for the first cross-chain up-chain action After the verification is passed, build the Merkle tree root of the first cross-chain chain action, and use the private key signature of the event collection node to form the third encrypted value, and upload the third encrypted value to the main chain of the cloud center, and the main chain of the cloud center The chain nodes verify the legitimacy and reach a consensus; after the event collection node monitors the consensus, it initiates the second cross-chain up-chain action in the service chain. That is, the second cross-chain event; after the event collection node listens to the second cross-chain event, it verifies the data credential structure of the second cross-chain up-chain action, and after the verification is passed, builds the Merkle tree root of the second cross-chain up-chain action , and use the private key signature of the event collection node to form the fourth encrypted value, and upload the fourth encrypted value to the main chain of the cloud center, and the nodes of the main chain of the cloud center will verify the validity and reach a consensus; after the event collection node monitors the consensus, the A cross-chain action is initiated on the A chain to complete the cross-domain request closed loop.

其中事件收集节点收集主区块链和轻量级区块链的共识事件,并触发其中一个链对另一个链上链共识事件。Among them, the event collection node collects the consensus events of the main blockchain and the lightweight blockchain, and triggers one chain to another chain consensus event.

在其中一个实施例中,还包括:一轻量级区块链为第一域,另一轻量级区块链为第二域,第一域中有第一节点,第二域中有第二节点;第一节点请求在第二域中第二节点的认证;第一节点在第一域发起认证上链请求,边缘计算节点对第一节点身份进行共识确认,经共识确认后,将上链请求跨链至主区块链,主区块链对上链请求共识后,跨链提交至第二域;第二域对第二节点的身份进行共识确认,同样将上链请求经共识确认,上链请求至主区块链,主区块链对上链请求共识后,跨链提交至第一域;经共识后第一节点可以与第二节点进行服务交互。In one of the embodiments, it also includes: a lightweight block chain is the first domain, another lightweight block chain is the second domain, the first node is in the first domain, and the second domain is in the second domain Two nodes; the first node requests the authentication of the second node in the second domain; the first node initiates an authentication uplink request in the first domain, and the edge computing node confirms the identity of the first node by consensus. The chain request is cross-chained to the main blockchain. After the main blockchain agrees on the chain request, it submits the cross-chain to the second domain; the second domain confirms the identity of the second node by consensus, and also confirms the chain request through consensus , the uplink request is sent to the main blockchain, and after the main blockchain agrees on the uplink request, it submits it across the chain to the first domain; after the consensus, the first node can interact with the second node for services.

与现有技术对比,本发明提供一种基于区块链的云边端数据分发方法以及跨链交互方法,通过上传节点与下载节点对待分发数据进行一系列的加密,最终得到加密哈希值,并将加密过程的加密值存储至存储空间,反馈对应的存储路径,然后通过加密哈希值、存储路径及节点本身信息构建数据凭证结构,再经过反复严格的验证机制以及应用区块链技术将数据凭证结构存入智能合约,形成上传共识确认,最后下载节点根据对应的存储路径下载解密得到待确认的明文哈希值,并调用智能合约进行比较,完成数据的分发交互,为云边端三者在管控方存在异构的情况下,数据的传送交互建立了一个可信、可靠、可溯源、可验证的机制保障,实现了在区块链网络架构中数据信息的可信高效交互,提高了跨链交互的效率,为跨链应用提供了可信基础。Compared with the prior art, the present invention provides a block chain-based cloud-edge terminal data distribution method and a cross-chain interaction method. A series of encryptions are performed on the data to be distributed through the uploading node and the downloading node, and finally an encrypted hash value is obtained. And store the encrypted value of the encryption process in the storage space, feed back the corresponding storage path, and then construct the data credential structure through the encrypted hash value, storage path and node itself information, and then go through repeated strict verification mechanisms and apply blockchain technology to The data certificate structure is stored in the smart contract to form an upload consensus confirmation. Finally, the download node downloads and decrypts the plaintext hash value to be confirmed according to the corresponding storage path, and calls the smart contract for comparison to complete the data distribution interaction. In the case of heterogeneous control parties, the transmission and interaction of data establishes a credible, reliable, traceable, and verifiable mechanism guarantee, which realizes the credible and efficient interaction of data information in the blockchain network architecture, and improves It improves the efficiency of cross-chain interaction and provides a credible basis for cross-chain applications.

附图说明Description of drawings

图1为一个实施例中基于区块链的云边端数据分发过程图;Fig. 1 is a block chain-based cloud edge end data distribution process diagram in an embodiment;

图2为一个实施例中面向云边端的跨链架构设计图;Figure 2 is a design diagram of a cross-chain architecture for cloud-side terminals in an embodiment;

图3为一个实施例中数据增强共识算法流程示意图;Fig. 3 is a schematic flow chart of the data enhancement consensus algorithm in one embodiment;

图4为一个实施例中垂直式云-边跨链方法流程示意图;FIG. 4 is a schematic flow diagram of a vertical cloud-edge cross-chain method in an embodiment;

图5为一个实施例中垂直式云-边跨链可信协同方法流程示意图;Fig. 5 is a schematic flow diagram of a vertical cloud-edge cross-chain trusted collaboration method in an embodiment;

图6为一个实施例中跨域式边-云-边跨链方法流程示意图。Fig. 6 is a schematic flow diagram of a cross-domain edge-cloud-edge cross-chain method in an embodiment.

具体实施方式detailed description

为了使本申请的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本申请进行进一步详细说明。应当理解,此处描述的具体实施例仅仅用以解释本申请,并不用于限定本申请。In order to make the purpose, technical solution and advantages of the present application clearer, the present application will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present application, and are not intended to limit the present application.

本申请提供一种基于区块链的云边端数据分发方法以及跨链交互方法,包括:This application provides a blockchain-based cloud-side data distribution method and a cross-chain interaction method, including:

云边端区块链网络架构包括:端层结构、边层结构以及云层结构;端层结构包括控制器,传感器设备,传感器设备用于采集任务数据,控制器用于执行指令;边层结构包括边缘计算节点,由边缘计算节点组成轻量级区块链;云层结构包括云中心计算节点,云中心计算节点组成主区块链。The cloud-edge-end blockchain network architecture includes: end-layer structure, edge-layer structure, and cloud-layer structure; the end-layer structure includes controllers, sensor devices, sensor devices are used to collect task data, and controllers are used to execute instructions; The computing nodes consist of edge computing nodes to form a lightweight blockchain; the cloud layer structure includes cloud center computing nodes, and the cloud center computing nodes form the main blockchain.

在一个实施例中,如图1所示,提供了一种基于区块链的云边端数据分发方法以及跨链交互方法,应用于如图2的云边端跨链架构中,包括:In one embodiment, as shown in Figure 1, a blockchain-based cloud-side terminal data distribution method and a cross-chain interaction method are provided, which are applied to the cloud-side terminal cross-chain architecture as shown in Figure 2, including:

步骤302:上传节点将待分发数据取哈希值,得到明文哈希值,并且根据下载节点的公钥对所述待分发数据进行加密,得到第一加密值,采用上传节点的私钥对所述第一加密值进行加密,得到第二加密值,取所述第二加密值的哈希,得到加密哈希值。Step 302: The uploading node takes the hash value of the data to be distributed to obtain a plaintext hash value, and encrypts the data to be distributed according to the public key of the downloading node to obtain a first encrypted value, and uses the private key of the uploading node to encrypt all Encrypt the first encrypted value to obtain a second encrypted value, and obtain a hash of the second encrypted value to obtain an encrypted hash value.

上传节点和下载节点存在于区块链网络架构,上传节点主要负责将代分发数据进行加密并上传至存储空间,然后将存储地址和加密哈希值上链至区块链网络;下载节点负责用自身的公钥将明文哈希值进行加密得到第一加密值。The upload node and download node exist in the blockchain network architecture. The upload node is mainly responsible for encrypting the distribution data and uploading it to the storage space, and then uploading the storage address and encrypted hash value to the blockchain network; the download node is responsible for using The own public key encrypts the plaintext hash value to obtain the first encrypted value.

步骤304:上传节点将所述第一加密值和所述第二加密值存储至存储空间中,并反馈所述存储空间中的存储路径。Step 304: The upload node stores the first encrypted value and the second encrypted value in a storage space, and feeds back a storage path in the storage space.

本步骤中,存储空间存在于区块链网络架构,存储空间主要负责存储上传节点上传的第一加密值、第二加密值以及后续验证后的明文哈希值,并反馈给上传节点存储空间中的存储路径,以便后续信息数据的溯源和下载节点的下载。In this step, the storage space exists in the blockchain network architecture, and the storage space is mainly responsible for storing the first encrypted value uploaded by the uploading node, the second encrypted value and the hash value of the plaintext after subsequent verification, and feeds back to the storage space of the uploading node The storage path to facilitate the traceability of subsequent information data and the download of download nodes.

步骤306:上传节点根据上传节点的上传节点信息、下载节点的下载节点信息、明文哈希值、加密哈希值以及所述存储路径,构建数据凭证结构。Step 306: The uploading node constructs a data credential structure according to the uploading node information of the uploading node, the downloading node information of the downloading node, the plaintext hash value, the encrypted hash value and the storage path.

上传节点信息、下载节点信息和存储路径作为次要信息,加密哈希值作为核心信息,其中,次要信息用于待确认信息在交互过程中的溯源和定位,从而确保待确认信息的完整性,核心信息提供了高可信度的加密策略,从而确保待确认信息的真实性。通过上述步骤构建了数据凭证结构。The upload node information, download node information and storage path are used as secondary information, and the encrypted hash value is used as the core information. Among them, the secondary information is used for tracing and locating the information to be confirmed during the interaction process, so as to ensure the integrity of the information to be confirmed , the core information provides a highly reliable encryption strategy to ensure the authenticity of the information to be confirmed. The data credential structure is constructed through the above steps.

步骤308:将数据凭证结构上传至云边端区块链网络架构中,通过云边端区块链网络架构中的共识节点对数据凭证结构进行验证并加入云边端区块链网络架构,并将上传节点信息和下载节点信息作为key值,明文哈希值作为value值存储在智能合约中;共识节点为边缘计算节点或云中心计算节点;Step 308: Upload the data credential structure to the cloud-edge blockchain network architecture, verify the data credential structure through the consensus nodes in the cloud-edge blockchain network architecture and add it to the cloud-edge blockchain network architecture, and The upload node information and download node information are used as the key value, and the plaintext hash value is stored in the smart contract as the value value; the consensus node is an edge computing node or a cloud center computing node;

本实施例中,共识节点需要对数据凭证结构进行验证,具体可以通过对比的方式,对数据凭证结构中存储的信息进行验证,验证通过后将明文哈希值保存至存储空间;其中上传节点调用智能合约的存储功能,按照智能合约规定将对应信息存储至智能合约,以便后续下载节点正确的下载智能合约中对应的信息进行验证。In this embodiment, the consensus node needs to verify the data credential structure. Specifically, the information stored in the data credential structure can be verified by comparison. After the verification is passed, the plaintext hash value is saved to the storage space; the upload node calls The storage function of the smart contract stores the corresponding information in the smart contract according to the rules of the smart contract, so that subsequent download nodes can correctly download the corresponding information in the smart contract for verification.

步骤310:下载节点根据数据凭证结构的存储路径下载得到待确认第一加密值,根据下载节点的私钥解密待确认第一加密值,得到待确认明文哈希值,调用智能合约,并比较待确认明文哈希值和明文哈希值,当相同时,则确定上传节点的待分发数据分发至下载节点。Step 310: The downloading node downloads the first encrypted value to be confirmed according to the storage path of the data certificate structure, decrypts the first encrypted value to be confirmed according to the private key of the downloading node, obtains the hash value of the plaintext to be confirmed, invokes the smart contract, and compares the pending Confirm the plaintext hash value and the plaintext hash value, and if they are the same, it is determined that the data to be distributed by the upload node is distributed to the download node.

其中下载节点调用智能合约的比较功能,将智能合约中的对应信息解密得到的待确认的明文哈希值与根据对应存储路径从存储空间下载的明文哈希值进行比较。The download node calls the comparison function of the smart contract, and compares the unconfirmed plaintext hash value obtained by decrypting the corresponding information in the smart contract with the plaintext hash value downloaded from the storage space according to the corresponding storage path.

通过上传节点与下载节点对待分发数据进行一系列的加密,最终得到加密哈希值,并将加密过程的加密值存储至存储空间,反馈对应的存储路径,然后通过加密哈希值、存储路径及节点本身信息构建数据凭证结构,再经过反复严格的验证机制以及应用区块链技术将数据凭证结构存入智能合约,形成上传共识确认,最后下载节点根据对应的存储路径下载解密得到待确认的明文哈希值,并调用智能合约进行比较,完成数据的分发交互,为云边端三者在管控方存在异构的情况下,数据的传送交互建立了一个可信、可靠、可溯源、可验证的机制保障,实现了在区块链网络架构中数据信息的可信高效交互,提高了跨链交互的效率,为跨链应用提供了可信基础。A series of encryptions are performed on the data to be distributed through the uploading node and the downloading node, and finally the encrypted hash value is obtained, and the encrypted value of the encrypted process is stored in the storage space, and the corresponding storage path is fed back, and then through the encrypted hash value, storage path and The information of the node itself constructs the data certificate structure, and then through repeated strict verification mechanism and the application of blockchain technology, the data certificate structure is stored in the smart contract to form an upload consensus confirmation, and finally the download node downloads and decrypts the plaintext to be confirmed according to the corresponding storage path Hash value, and call the smart contract for comparison, complete the data distribution interaction, and establish a credible, reliable, traceable, and verifiable data transmission interaction for the cloud, edge, and terminal in the case of heterogeneous control parties. The mechanism guarantee realizes the credible and efficient interaction of data information in the blockchain network architecture, improves the efficiency of cross-chain interaction, and provides a credible foundation for cross-chain applications.

进一步地,验证方式具体为:共识节点接收上传节点上链数据凭证结构的信息,从存储空间下载之前存储的加密值,同时将数据凭证结构进行解析,得到数据凭证结构中的上传节点信息、明文哈希值、加密哈希值;然后将存储的加密值与解析得到的加密值进行对比验证,如果验证通过,则将数据凭证结构打包入块,并将明文哈希值保存至存储空间,以便后续与智能合约中的明文哈希值进行对应,否则,抛弃上链请求;共识节点将数据凭证结构中的其他数据信息进行验证,验证通过后将其挂载在区块链网络的当前区块之后,保证数据信息可溯源追踪;其他共识节点接收到区块链网络中刚刚挂载的区块后,发现有上传类型的数据,根据存储路径下载存储在存储空间的加密值数据,同样进行上述的验证,如果验证通过,则将数据凭证结构打包入块,并将明文哈希值保存至存储空间,以便后续与智能合约中的明文哈希值进行对应,否则,抛弃上链请求;当该区块中所有信息都验证通过后,将此块挂载至当前区块之后。Further, the verification method is as follows: the consensus node receives the information of the uploaded node’s on-chain data certificate structure, downloads the previously stored encrypted value from the storage space, and at the same time analyzes the data certificate structure to obtain the uploaded node information and plaintext information in the data certificate structure. hash value, encrypted hash value; then compare and verify the stored encrypted value with the parsed encrypted value, if the verification is passed, the data credential structure will be packaged into a block, and the plaintext hash value will be saved to the storage space, so that Subsequent correspondence with the plaintext hash value in the smart contract, otherwise, discard the chain request; the consensus node will verify other data information in the data certificate structure, and mount it on the current block of the blockchain network after the verification is passed Afterwards, ensure that the data information can be traced back to the source; after other consensus nodes receive the block just mounted in the blockchain network, they find that there is uploaded data, and download the encrypted value data stored in the storage space according to the storage path. If the verification is passed, the data credential structure will be packaged into a block, and the plaintext hash value will be saved to the storage space for subsequent correspondence with the plaintext hash value in the smart contract; otherwise, the uplink request will be discarded; when the After all the information in the block is verified, mount this block behind the current block.

进一步的存储过程具体为:通过上传共识确认,共识节点调用智能合约的存储功能,解析数据凭证结构得到上传节点信息、下载节点信息和明文哈希值;根据上传节点信息、下载节点信息和明文哈希值,将上传节点信息、下载节点信息作为key值,明文哈希值作为value值进行存储,存储的位置为云边端区块链网络中的智能合约。The further storage process is specifically as follows: through the upload consensus confirmation, the consensus node calls the storage function of the smart contract, analyzes the data certificate structure to obtain the upload node information, download node information and plaintext hash value; according to the upload node information, download node information and plaintext hash value Greek value, the upload node information and download node information are used as the key value, and the plaintext hash value is stored as the value value, and the storage location is the smart contract in the cloud edge blockchain network.

通过上述方法保证数据信息在分发交互过程中的真实性和完整性,但在云边端架构中,由于三者之间的异构环境,在数据信息交互时需要将其隐私性也作为加强三者彼此信任的一个重要要素。Through the above methods, the authenticity and integrity of data information in the process of distribution and interaction are guaranteed. However, in the cloud-edge-device architecture, due to the heterogeneous environment among the three, it is necessary to strengthen the privacy of the data information when interacting with the three. an important element of mutual trust.

在其中一个实施例中,还包括:上传节点上传待分发数据至存储空间,将存储凭证上链至区块链网络,同时将访问权限规则写入智能合约;智能合约中按照RBAC机制设置访问权限,访问控制细化到数据的条目;下载节点下载数据信息时首先调用智能合约检查权限,智能合约返回该节点所能访问的条目及对应的存储地址;下载节点下载对应的数据条目,将下载结果上链。其中RBAC机制即Role-Based Access Control,基于角色的访问控制机制。通过上传节点将访问权限的规则写入智能合约,其中访问规则具体为下载节点需要唯一且对应的下载令牌与智能合约相对应,智能合约识别通过后方可获得访问权限,使得数据信息在进行跨链交互时具备了隐私保护性。通过引入RBAC机制,在RBAC模型中,权限与角色相关联,不同的角色有不同的权限,用户通过被分配为不同的角色从而获得不同角色的权限用户与角色关联后,同能进行自主授权和权限专营,必须通过角色来控制授权信息,实现访问控制,这使得隐私保护可控可调,十分灵活。In one of the embodiments, it also includes: the upload node uploads the data to be distributed to the storage space, uploads the storage certificate to the blockchain network, and writes the access authority rules into the smart contract; the access authority is set in the smart contract according to the RBAC mechanism , the access control is refined to the entry of the data; when the download node downloads the data information, it first calls the smart contract to check the authority, and the smart contract returns the entries that the node can access and the corresponding storage address; the download node downloads the corresponding data entry, and downloads the result winding. Among them, the RBAC mechanism is Role-Based Access Control, a role-based access control mechanism. The rules of access rights are written into the smart contract through the upload node. The access rule is specifically that the download node needs a unique and corresponding download token corresponding to the smart contract. It has privacy protection when interacting with chains. By introducing the RBAC mechanism, in the RBAC model, permissions are associated with roles, and different roles have different permissions. Users can obtain permissions for different roles by being assigned to different roles. After users are associated with roles, they can also perform autonomous authorization and Authorization franchise must control authorization information through roles to achieve access control, which makes privacy protection controllable and adjustable, very flexible.

通过上述方法保证了数据信息在分发交互时的完整性、真实性及隐私性,为数据凭证结构在区块链网络框架中应用奠定了可靠安全的基础。Through the above method, the integrity, authenticity and privacy of data information during distribution and interaction are guaranteed, and a reliable and safe foundation is laid for the application of data certificate structure in the blockchain network framework.

如图2所示为一种面向云边端的跨链架构设计图,云边端跨链架构包括:由云中心节点构成的主区块链,边缘计算节点构成的轻量级区块链,事件收集节点。其中主区块链可以作为主链,轻量级区块链可以作为侧链,构建垂直式云-边跨链架构;主区块链也可以作为中继链,轻量级区块链作为子链,子链分为需求链和服务链两种,构成跨域式边-云-边跨链架构;事件收集节点专于负责收集主区块链和轻量级区块链的共识事件,并触发其中一个链对另一个链上链所述共识事件,完成信息的复杂跨链可信交互。As shown in Figure 2, it is a design diagram of a cloud-edge cross-chain architecture. The cloud-edge cross-chain architecture includes: a main blockchain composed of cloud center nodes, a lightweight blockchain composed of edge computing nodes, and event Collect nodes. Among them, the main blockchain can be used as the main chain, and the lightweight blockchain can be used as a side chain to build a vertical cloud-edge cross-chain architecture; the main blockchain can also be used as a relay chain, and the lightweight blockchain can be used as a subchain. Chain and sub-chain are divided into demand chain and service chain, forming a cross-domain edge-cloud-edge cross-chain architecture; event collection nodes are dedicated to collecting consensus events of the main blockchain and lightweight blockchains, and Trigger one of the chains to the consensus event on the other chain to complete the complex cross-chain trusted interaction of information.

其中垂直式云-边跨链架构中,侧链偏重于拓展主链的性能,以主链作为大脑,侧链作为四肢,完成一系列不同的操作场景;跨域式边-云-边跨链架构中,中继链偏重于拉通各子链的服务,以中继链作为验证机构,子链一端为需求方,一端为服务方,通过中继链的验证,以达成需求方与服务方的信息共通。Among them, in the vertical cloud-edge cross-chain architecture, the side chain focuses on expanding the performance of the main chain, with the main chain as the brain and the side chain as the limbs, to complete a series of different operation scenarios; cross-domain edge-cloud-edge cross-chain In the architecture, the relay chain focuses on the services of each sub-chain. The relay chain is used as the verification agency. One end of the sub-chain is the demander, and the other end is the server. Through the verification of the relay chain, the demander and the server can be reached. common information.

以下,针对所提出的两类架构,分别进行可靠分发与跨链可信交互进行说明In the following, for the two proposed architectures, reliable distribution and cross-chain trusted interaction will be explained respectively.

在一个实施例中,如图4所示,基于垂直式云-边跨链架构的可靠分发与跨链可信交互步骤如下:In one embodiment, as shown in Figure 4, the reliable distribution and cross-chain trusted interaction steps based on the vertical cloud-edge cross-chain architecture are as follows:

步骤402,云中心计算节点调用侧链读取自身区块头,基于侧链的区块头信息生成上链信息,上链信息中包括数据凭证结构。Step 402, the cloud center computing node invokes the side chain to read its own block header, and generates uplink information based on the sidechain block header information, and the uplink information includes the data certificate structure.

值得说明的是,上传数据凭证结构的具体过程为:云中心计算节点通过RPC(Remote Procedure Call,远程方法调用)从侧链读取区块头,基于侧链中区块头的信息生成上链信息,然后将上链信息上链至主链,区块头中的信息包括侧链的区块链网络中构建的数据凭证结构。通过上述步骤将数据凭证结构从侧链上链至主链的区块链网络当中。It is worth noting that the specific process of uploading the data certificate structure is as follows: the cloud center computing node reads the block header from the side chain through RPC (Remote Procedure Call, remote method call), and generates the chain information based on the information of the block header in the side chain. Then upload the on-chain information to the main chain, and the information in the block header includes the data certificate structure built in the blockchain network of the side chain. Through the above steps, the data certificate structure is linked from the side chain to the blockchain network of the main chain.

步骤404,侧链对数据凭证结构共识确认,并调用主链SPV验证合约对上链信息进行验证。Step 404, the side chain confirms the data certificate structure consensus, and calls the main chain SPV verification contract to verify the up chain information.

其中共识确认具体为云边端区块链网络中所有的共识节点持续监测所述数据凭证结构,直至数据凭证结构经验证确认,形成上传共识确认。通过上述步骤,既可以由共识确认机制保证数据信息是真实可靠的,又可以通过SPV验证合约(Simple PaymentVerification,简单支付验证)保证信息数据在交互时是高效的。Among them, the consensus confirmation is specifically that all consensus nodes in the cloud edge blockchain network continuously monitor the data certificate structure until the data certificate structure is verified and confirmed, forming an upload consensus confirmation. Through the above steps, the consensus confirmation mechanism can ensure that the data information is authentic and reliable, and the SPV verification contract (Simple Payment Verification, simple payment verification) can ensure that the information data is efficient during interaction.

步骤406,验证通过,侧链将该上链信息按照主链SPV合约中规定上链至主链。Step 406, if the verification is passed, the side chain uploads the uplink information to the main chain according to the provisions in the main chain SPV contract.

本步骤中上链信息在通过简单支付验证后,侧链将上链信息同样按照SPV合约中的规则,简单验证后上链至主链,保持上链信息在跨链时的高效性。In this step, after the on-chain information passes the simple payment verification, the side chain will upload the on-chain information to the main chain after simple verification according to the rules in the SPV contract, so as to maintain the efficiency of the on-chain information when crossing chains.

步骤408,边缘计算节点调用主链读取自身区块头,基于区块头生成上链信息,上链信息中包括数据凭证结构;Step 408, the edge computing node calls the main chain to read its own block header, and generates uplink information based on the block header, and the uplink information includes the data certificate structure;

同理,边缘计算节点通过RPC从主链读取区块头,基于主链中区块头的信息生成上链信息,然后将上链信息上链至侧链,区块头中的信息包括主链的区块链网络中构建的数据凭证结构。通过本步骤将数据凭证结构从主链上链至侧链的区块链网络当中。Similarly, the edge computing node reads the block header from the main chain through RPC, generates uplink information based on the information of the block header in the main chain, and then uploads the uplink information to the side chain. The information in the block header includes the area of the main chain. The data credential structure built in the block chain network. Through this step, the data certificate structure is uploaded from the main chain to the blockchain network of the side chain.

步骤410,主链对数据凭证结构共识确认,并调用侧链SPV验证合约对上链信息进行验证;Step 410, the main chain confirms the consensus of the data certificate structure, and calls the side chain SPV verification contract to verify the information on the chain;

同理,步骤112通过运用侧链的SPV合约验证和主链的共识确认对上链信息进行验证。Similarly, step 112 verifies the information on the chain by using the SPV contract verification of the side chain and the consensus confirmation of the main chain.

步骤412,验证通过,主链将该上链信息按照侧链SPV合约中规定上链至侧链。Step 412, if the verification is passed, the main chain uploads the uplink information to the sidechain according to the provisions in the sidechain SPV contract.

通过侧链的SPV验证合约验证,主链将该上链信息按照SPV合约中的合约规定上链至侧链,完成主链至侧链的上链,完成主链与侧链的双向锚定。Through the verification of the SPV verification contract of the side chain, the main chain will upload the uplink information to the sidechain according to the contract regulations in the SPV contract, complete the uplink from the main chain to the sidechain, and complete the two-way anchoring of the main chain and the sidechain.

上述将数据凭证结构应用于垂直式云-边跨链架构的方法针对云-边需要可信交互的需求,利用侧链跨链技术设计了云至边和边至云两个方向的跨链机制,再通区块链网络中的共识节点对数据凭证结构的共识确认以及SPV验证机制实现了链与链的双向锚定,进而保证了云-边之间信息交互时的安全性,同时也提高了其高效性。The above-mentioned method of applying the data credential structure to the vertical cloud-edge cross-chain architecture aims at the need for trusted interaction between cloud-edge, and uses side-chain cross-chain technology to design cross-chain mechanisms in two directions: cloud-to-edge and edge-to-cloud , and through the consensus confirmation of the data certificate structure by the consensus nodes in the blockchain network and the SPV verification mechanism, the two-way anchoring between the chain and the chain is realized, thereby ensuring the security of information interaction between the cloud and the edge, and also improving its efficiency.

在其中一个实施例中,SPV验证过程包括:数据凭证结构经共识确认后,云中心计算节点通过区块链的区块头、与区块链对应的Merkle树根以及存储路径验证数据凭证结构经共识确认后的结果,当验证结果为通过,则根据主链SPV验证合约中规定上链,从而保证了数据信息在高效交互过程中的可溯源。In one embodiment, the SPV verification process includes: after the data certificate structure is confirmed by the consensus, the cloud center computing node verifies the data certificate structure through the block header of the block chain, the Merkle tree root corresponding to the block chain, and the storage path. After confirmation, when the verification result is passed, it will be uploaded to the chain according to the provisions of the main chain SPV verification contract, thus ensuring the traceability of data information in the process of efficient interaction.

在一个实施例中,如图5所示,提供了一种基于区块链的云边端数据分发方法以及跨链交互方法,应用于图2垂直式跨链机制中的可信协同方法,包括:In one embodiment, as shown in Figure 5, a blockchain-based cloud-side data distribution method and a cross-chain interaction method are provided, which are applied to the trusted collaboration method in the vertical cross-chain mechanism in Figure 2, including :

步骤502,端传感器采集待分发数据,通过可靠分发机制将待分发数据加密构成信息特征,信息特征存储至边缘计算节点,并将存储凭证上链至轻量级区块链;Step 502, the terminal sensor collects the data to be distributed, encrypts the data to be distributed through a reliable distribution mechanism to form information features, stores the information features to the edge computing node, and uploads the storage certificate to the lightweight blockchain;

其中待分发数据是端层结构的传感器设备采集的任务数据,可靠分发机制即通过区块链网络架构中的上传节点及下载节点对待分发数据进行一些列加密和取哈希值,信息特征即通过可靠分发机制最终得到的加密哈希值。The data to be distributed is the task data collected by the sensor equipment of the end-layer structure. The reliable distribution mechanism is to encrypt and hash the data to be distributed through the upload node and download node in the blockchain network architecture, and the information characteristics are obtained through The resulting cryptographic hash of the reliable distribution mechanism.

步骤504,边缘计算节点将信息特征上链至区块链网络,区块链网络中的共识节点验证信息特征,触发智能合约的比较功能,比较通过后下载节点将信息特征的代码提取,并将代码下载至所述边缘计算节点;Step 504, the edge computing node uploads the information feature to the blockchain network, the consensus node in the blockchain network verifies the information feature, triggers the comparison function of the smart contract, after the comparison is passed, the download node extracts the code of the information feature, and The code is downloaded to the edge computing node;

其中区块链网络为轻量级区块链网络,提取的代码即数据凭证结构。在轻量级区块链网络架构中以加密哈希值为核心信息构建数据凭证结构,并上传凭证至轻量级区块链网络,区块链网络中边缘计算节点作为共识节点对数据凭证结构进行共识确认。Among them, the blockchain network is a lightweight blockchain network, and the extracted code is the data certificate structure. In the lightweight blockchain network architecture, the encrypted hash value is used as the core information to construct the data certificate structure, and the certificate is uploaded to the lightweight blockchain network. The edge computing nodes in the blockchain network serve as consensus nodes for the data certificate structure Carry out consensus confirmation.

步骤506,边缘计算节点向主区块链发出跨链请求验证所述代码的正确性,验证通过后提取代码的信息特征;Step 506, the edge computing node sends a cross-chain request to the main blockchain to verify the correctness of the code, and extracts the information features of the code after the verification is passed;

本步骤中跨链方式为垂直式云-边跨链,验证方式也是垂直式云-边跨链方法中的验证方式,即共识验证及SPV验证。在主区块链网络中对上链的数据结构凭证进行验证并解析,重新得到加密哈希值,即信息特征。保证了信息在跨链交互时的安全可靠。The cross-chain method in this step is vertical cloud-edge cross-chain, and the verification method is also the verification method in the vertical cloud-edge cross-chain method, that is, consensus verification and SPV verification. In the main blockchain network, the data structure certificate on the chain is verified and analyzed, and the encrypted hash value is obtained again, that is, the information feature. It ensures the safety and reliability of information when interacting across chains.

步骤508,边缘计算节点将提取的信息特征上链至的轻量级区块链,经轻量级区块链共识验证后调用SPV验证合约,将信息特征跨链至主区块链;Step 508, the edge computing node links the extracted information features to the lightweight blockchain, calls the SPV verification contract after the lightweight blockchain consensus verification, and cross-chains the information features to the main blockchain;

其中信息特征是已经经过验证的正确的信息特征,通过步骤208正确的信息特征完成从侧链至主链的跨链。The information feature is the correct information feature that has been verified, and the cross-chain from the side chain to the main chain is completed through the correct information feature in step 208.

步骤510,主区块链共识确认信息特征后,生成对端层结构的指令下发;Step 510, after the main block chain consensus confirms the characteristics of the information, generate an instruction for the structure of the peer layer;

其中指令下发主要是针对端层结构的控制器,通过本步骤,完成信息特征在主链的共识确认,并生成下发的指令。The instruction issuance is mainly aimed at the controller of the end-layer structure. Through this step, the consensus confirmation of the information characteristics on the main chain is completed, and the issued instructions are generated.

步骤512,指令在主区块链共识验证后调用轻量级区块链SPV验证合约,将指令跨链至轻量级区块链;Step 512, the instruction invokes the lightweight blockchain SPV verification contract after the consensus verification of the main blockchain, and cross-chains the instruction to the lightweight blockchain;

其中指令为通过验证正确的指令,指令作为信息同样经过区块链网络的共识验证和SPV验证,保持信息在转化过程中的核心信息始终一致。Among them, the instruction is the correct instruction through verification. As the information, the instruction is also verified by the consensus of the blockchain network and the SPV verification, so as to keep the core information consistent during the transformation process.

步骤514,指令到轻量级区块链共识确认后,分发至端层结构中指定的控制器进行对应的指令操作。Step 514, after the instruction is confirmed by the lightweight blockchain consensus, it is distributed to the controller specified in the end-layer structure to perform corresponding instruction operations.

同理指令作为信息经过轻量级区块链网络的共识确认,保持信息在转化过程中的核心信息始终一致,确保信息准确的下达到对应的控制器。In the same way, instructions are confirmed as information through the consensus of the lightweight blockchain network to keep the core information consistent during the transformation process and ensure that the information is accurately delivered to the corresponding controller.

上述垂直式云-边跨链架构的可信服务协同方法,通过基于共识算法的真实性与完整性,利用垂直式云-边跨链架构,区块链技术,将端传感器至边缘计算节点再到云中心节点之间的可信交互服务进行了设计,为垂直式云边端应用提供了安全可信的保证,为上层应用的设计开发奠定了基础。The trusted service collaboration method of the above-mentioned vertical cloud-edge cross-chain architecture, based on the authenticity and integrity of the consensus algorithm, utilizes the vertical cloud-edge cross-chain architecture and blockchain technology to connect end sensors to edge computing nodes. The trusted interactive service between the cloud center nodes is designed, which provides a safe and reliable guarantee for the vertical cloud edge application and lays the foundation for the design and development of the upper layer application.

在一个实施例中,如图6所示,基于跨域式云-边-云跨链架构的可靠分发与跨链可信交互步骤如下:In one embodiment, as shown in Figure 6, the reliable distribution and cross-chain trusted interaction steps based on the cross-domain cloud-edge-cloud cross-chain architecture are as follows:

步骤602,将一轻量级区块链作为A链,另一轻量级区块链作为B链,主区块链作为中继链;Step 602, using a lightweight blockchain as the A chain, another lightweight blockchain as the B chain, and the main blockchain as the relay chain;

其中A链为需求链,B链为服务链,轻量级区块链作为主区块链的子链,主区块链为中继链,中继链侧重于拉通各子链之间的服务,将需求链上传的需求信息进行合法验证形成共识,同时也会将服务链的反馈信息进行合法验证形成共识,在两者信息匹配时完成服务链与需求链的相互配合。为子链之间的信息交互搭建信任的桥梁。Among them, the A chain is the demand chain, the B chain is the service chain, the lightweight blockchain is the sub-chain of the main blockchain, the main blockchain is the relay chain, and the relay chain focuses on connecting the sub-chains. Service, the demand information uploaded by the demand chain is legally verified to form a consensus, and the feedback information of the service chain is also legally verified to form a consensus, and the mutual cooperation between the service chain and the demand chain is completed when the two information matches. Build a bridge of trust for information exchange between sub-chains.

步骤604,A链中边缘计算节点发起第一跨链上链动作,第一跨链上链动作经过A链共识验证通过后入链A链,将此事件作为第一跨链事件;Step 604, the edge computing node in the A chain initiates the first cross-chain up-chain action, and the first cross-chain up-chain action passes the consensus verification of the A chain and enters the chain A chain, and this event is regarded as the first cross-chain event;

本步骤中第一跨链上链动作就是将A链架构中的数据凭证结构上链至A链的区块链网络当中,并用A链的区块链网络中的共识节点进行共识验证,其中数据凭证结构中加密的数据信息即需求信息。其中第一跨链事件,即将数据凭证结构入链至区块链网络,经共识验证后形成共识确认。The first cross-chain linking action in this step is to link the data certificate structure in the A-chain architecture to the A-chain blockchain network, and use the consensus nodes in the A-chain blockchain network for consensus verification. The data information encrypted in the certificate structure is the demand information. Among them, the first cross-chain event is to enter the data certificate structure into the blockchain network, and form a consensus confirmation after consensus verification.

步骤606,事件收集节点接收第一跨链事件后,对第一跨链上链动作进行真实性验证,验证通过后,构建第一跨链上链动作的Merkle树根,并使用事件收集节点私钥签名形成第三加密值,将第三加密值上链至云中心主链,云中心主链节点进行合法性验证并达成第一共识;Step 606: After the event collection node receives the first cross-chain event, it verifies the authenticity of the first cross-chain uplink action. After the verification is passed, it constructs the Merkle tree root of the first cross-chain uplink action, and uses the event collection node private key signature to form the third encrypted value, and upload the third encrypted value to the main chain of the cloud center, and the nodes of the main chain of the cloud center will verify the validity and reach the first consensus;

其中第三加密值中包含需求链上传的需求信息,需求信息通过中继链节点合法验证后形成共识确认,即第一共识,完成需求信息从需求链递交给中继链。上链动作经过真实性验证以及加密处理保证了数据信息的完整性与真实性。The third encrypted value contains the demand information uploaded by the demand chain, and the demand information is legally verified by the nodes of the relay chain to form a consensus confirmation, that is, the first consensus, and the completion of the demand information is submitted from the demand chain to the relay chain. The uplink action has undergone authenticity verification and encryption processing to ensure the integrity and authenticity of data information.

步骤608,事件收集节点接收到第一共识后,在B链发起第二跨链上链动作,第二跨链上链动作经过共识节点验证,经过验证后入链所述B链,将此事件作为第二跨链事件;Step 608: After the event collection node receives the first consensus, it initiates the second cross-chain uplink action on the B chain. The second cross-chain uplink action is verified by the consensus node. As the second cross-chain event;

本步骤中上链的区域为服务链的网络,事件收集节点将第一共识这一共识事件上链至服务链,通过服务链网络中的共识节点验证其真实性,验证通过后才将其入链至该服务链的智能合约。The area on the chain in this step is the network of the service chain. The event collection node will upload the consensus event of the first consensus to the service chain, and verify its authenticity through the consensus nodes in the service chain network. Smart contracts linked to this service chain.

步骤610,事件收集节点接收第二跨链事件后,对第跨链上链动作进行真实性验证,验证通过后,构建第跨链上链动作的Merkle树根,并使用事件收集节点私钥签名形成第四加密值,将第四加密值上链至云中心主链,云中心主链节点进行合法性验证并达成第二共识;Step 610: After the event collection node receives the second cross-chain event, it verifies the authenticity of the first cross-chain on-chain action. After the verification is passed, builds the Merkle tree root of the first cross-chain on-chain action, and signs it with the private key of the event collection node Form the fourth encrypted value, upload the fourth encrypted value to the main chain of the cloud center, and the nodes of the main chain of the cloud center will verify the legality and reach the second consensus;

同理,第四加密值包含服务链的反馈信息,反馈信息通过中继链合法性验证后形成共识确认,即第二共识。本步骤中上链动作经过真实性验证以及加密处理保证了数据信息的完整性与真实性。Similarly, the fourth encrypted value contains the feedback information of the service chain, and the feedback information forms a consensus confirmation after passing the legality verification of the relay chain, that is, the second consensus. In this step, the uplink action has undergone authenticity verification and encryption processing to ensure the integrity and authenticity of the data information.

步骤612,事件收集节点接收到第二共识后,在A链上发起新一轮跨链动作,完成跨域请求闭环。Step 612: After receiving the second consensus, the event collection node initiates a new round of cross-chain actions on chain A to complete the cross-domain request closed loop.

本步骤通过将需求链的需求信息与服务链的反馈信息进行比较匹配,在两者信息匹配时完成服务链与需求链的相互配合。实现了数据信息从需求链到服务链的跨域式跨链。This step compares and matches the demand information of the demand chain with the feedback information of the service chain, and completes the cooperation between the service chain and the demand chain when the two information matches. It realizes the cross-domain cross-chain of data information from demand chain to service chain.

上述跨域式边-云-边跨链方法,针对边-云-边需要可信交互的需求,利用云中心区块链作为中继链的跨链技术设计了由边(需求链)至云(主链)再到另一个边(服务链)的跨链机制,通过事件收集节点不断收集与触发上链,使得需求链-主链-服务链之间的请求和响应非常高效,避开了共识节点扮演多个角色的问题,提高了跨域可信交互的效率,同时通过对数据凭证结构的共识验证和加密信息,保证了数据信息在进行跨域交互时安全可信。The above-mentioned cross-domain edge-cloud-edge cross-chain method, aiming at the requirement of trusted interaction between edge-cloud-edge, uses the cloud center block chain as the relay chain cross-chain technology to design the edge (demand chain) to cloud The cross-chain mechanism from (the main chain) to the other side (service chain) continuously collects and triggers the on-chain through the event collection node, making the request and response between the demand chain-main chain-service chain very efficient, avoiding The problem that consensus nodes play multiple roles improves the efficiency of cross-domain trusted interaction. At the same time, through the consensus verification of data credential structure and encrypted information, it ensures the security and credibility of data information during cross-domain interaction.

在一个实施例当中提供一种跨域式边-云-边可信服务协同方法,步骤如包括:一轻量级区块链为第一域,另一轻量级区块链为第二域,第一域中有第一节点,第二域中有第二节点;第一节点请求在第二域中第二节点的认证;第一节点在第一域发起认证上链请求,边缘计算节点对第一节点身份进行共识确认,经共识确认后,将上链请求跨链至主区块链,主区块链对上链请求共识后,跨链提交至第二域;第二域对第二节点的身份进行共识确认,同样将上链请求经共识确认,上链上链请求至主区块链,主区块链对上链请求共识后,跨链提交至第一域;经共识后第一节点可以与第二节点进行服务交互。In one embodiment, a cross-domain edge-cloud-edge trusted service collaboration method is provided, the steps include: a lightweight blockchain is the first domain, and another lightweight blockchain is the second domain , there is a first node in the first domain, and a second node in the second domain; the first node requests the authentication of the second node in the second domain; the first node initiates an authentication uplink request in the first domain, and the edge computing node Consensus confirmation is performed on the identity of the first node. After the consensus confirmation, the chain-up request is cross-chained to the main blockchain. After the main blockchain agrees on the chain-up request, the cross-chain is submitted to the second domain; the second domain The identities of the two nodes are confirmed by consensus, and the on-chain request is also confirmed by consensus, and the on-chain on-chain request is sent to the main blockchain. After the main blockchain agrees on the on-chain request, it is submitted to the first domain across the chain; The first node can perform service interaction with the second node.

上述跨域式云边端可信服务协同方法,基于共识算法的真实性与完整性,利用跨域式边-云-边跨链架构以及区块链的共识机制,建立了一个边缘计算域与另一个边缘计算域的可信认证机制,保证数据信息在跨域交互时是安全可信的,为跨域应用提供了可信基础。The above-mentioned cross-domain cloud-edge-end trusted service collaboration method, based on the authenticity and integrity of the consensus algorithm, uses the cross-domain edge-cloud-edge cross-chain architecture and the consensus mechanism of the blockchain to establish an edge computing domain and Another trusted authentication mechanism in the edge computing domain ensures that data information is safe and reliable when interacting across domains, and provides a trusted foundation for cross-domain applications.

进一步地,事件收集节点专于负责收集主区块链和轻量级区块链的共识事件,并触发其中一个链对另一个链上链共识事件,完成信息的复杂跨链可信交互,避免区块链网络中共识节点既要收集共识事件,又要确认共识事件真实性的问题,提高了数据处理过程的效率。Furthermore, the event collection node is dedicated to collecting the consensus events of the main blockchain and the lightweight blockchain, and triggering a chain consensus event on the other chain to complete the complex cross-chain trusted interaction of information and avoid Consensus nodes in the blockchain network need to collect consensus events and confirm the authenticity of consensus events, which improves the efficiency of data processing.

应该理解的是,虽然图3,图4,图5,图6的流程图中的各个步骤按照箭头的指示依次显示,但是这些步骤并不是必然按照箭头指示的顺序依次执行。除非本文中有明确的说明,这些步骤的执行并没有严格的顺序限制,这些步骤可以以其它的顺序执行。而且,图1中的至少一部分步骤可以包括多个子步骤或者多个阶段,这些子步骤或者阶段并不必然是在同一时刻执行完成,而是可以在不同的时刻执行,这些子步骤或者阶段的执行顺序也不必然是依次进行,而是可以与其它步骤或者其它步骤的子步骤或者阶段的至少一部分轮流或者交替地执行。It should be understood that although the various steps in the flow charts in FIG. 3 , FIG. 4 , FIG. 5 , and FIG. 6 are shown sequentially as indicated by the arrows, these steps are not necessarily executed sequentially in the order indicated by the arrows. Unless otherwise specified herein, there is no strict order restriction on the execution of these steps, and these steps can be executed in other orders. Moreover, at least some of the steps in Fig. 1 may include multiple sub-steps or multiple stages, these sub-steps or stages are not necessarily executed at the same time, but may be executed at different times, the execution of these sub-steps or stages The order is not necessarily performed sequentially, but may be performed alternately or alternately with at least a part of other steps or sub-steps or stages of other steps.

以上实施例的各技术特征可以进行任意的组合,为使描述简洁,未对上述实施例中的各个技术特征所有可能的组合都进行描述,然而,只要这些技术特征的组合不存在矛盾,都应当认为是本说明书记载的范围。The technical features of the above embodiments can be combined arbitrarily. To make the description concise, all possible combinations of the technical features in the above embodiments are not described. However, as long as there is no contradiction in the combination of these technical features, they should be It is considered to be within the range described in this specification.

以上实施例仅表达了本申请的几种实施方式,其描述较为具体和详细,但并不能因此而理解为对发明专利范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本申请构思的前提下,还可以做出若干变形和改进,这些都属于本申请的保护范围。因此,本申请专利的保护范围应以所附权利要求为准。The above examples only express several implementation modes of the present application, and the description thereof is relatively specific and detailed, but should not be construed as limiting the scope of the patent for the invention. It should be noted that those skilled in the art can make several modifications and improvements without departing from the concept of the present application, and these all belong to the protection scope of the present application. Therefore, the scope of protection of the patent application should be based on the appended claims.

Claims (10)

1. A cloud edge end data distribution method and a cross-chain interaction method based on a block chain are characterized in that the method is applied to a Yun Bianduan block chain network architecture, and the Yun Bianduan block chain network architecture comprises the following steps: an end layer structure, an edge layer structure and a cloud layer structure; the end layer structure comprises a controller and sensor equipment, wherein the sensor equipment is used for collecting task data, and the controller is used for executing instructions; the edge layer structure comprises edge computing nodes, and a lightweight block chain is formed by the edge computing nodes; the cloud layer structure comprises cloud center computing nodes, and the cloud center computing nodes form a main block chain;
the method comprises the following steps:
the uploading node obtains a plaintext Hash value from the data to be distributed, encrypts the data to be distributed according to a public key of the downloading node to obtain a first encryption value, encrypts the first encryption value by using a private key of the uploading node to obtain a second encryption value, and obtains an encrypted Hash value by taking the Hash of the second encryption value;
the uploading node stores the first encryption value and the second encryption value in a storage space and feeds back a storage path in the storage space;
the uploading node constructs a data certificate structure according to uploading node information of the uploading node, downloading node information of the downloading node, a plaintext hash value, an encrypted hash value and the storage path;
uploading the data certificate structure to the cloud edge block chain network architecture, verifying the data certificate structure through a consensus node in the Yun Bianduan block chain network architecture, adding the data certificate structure into the Yun Bianduan block chain network architecture, taking the uploading node information and the downloading node information as key values, and storing the plaintext hash value as a value in an intelligent contract; the consensus node is the edge computing node or the cloud center computing node;
and the downloading node downloads the data to be distributed according to the storage path of the data certificate structure to obtain a first encryption value to be confirmed, decrypts the first encryption value to be confirmed according to a private key of the downloading node to obtain a plaintext hash value to be confirmed, calls the intelligent contract, compares the plaintext hash value to be confirmed with the plaintext hash value, and determines that the data to be distributed of the uploading node is distributed to the downloading node when the plaintext hash value to be confirmed is the same as the plaintext hash value.
2. The method of claim 1, wherein validating and joining the data credential structure to the Yun Bianduan block-chain network architecture by a consensus node in the Yun Bianduan block-chain network architecture comprises:
receiving the data certificate structure uploaded by the uploading node through a consensus node in the Yun Bianduan block chain network architecture, downloading the data certificate structure according to the storage path, and analyzing the data certificate structure to obtain uploading node information, a plaintext hash value and an encrypted hash value;
after the data certificate structure is verified according to the uploading node information and the encrypted hash value, mounting a block corresponding to the data certificate structure in a block queue of the Yun Bianduan block chain network architecture; sending the data certificate structure to other common identification nodes for secondary verification, if the verification is not passed, discarding the block, and if the verification is passed, mounting the block corresponding to the data certificate structure in a block queue of the Yun Bianduan block chain network architecture;
and all the consensus nodes in the cloud edge block chain network continuously monitor the data certificate structure, and the data certificate structure is verified and confirmed to form uploading consensus confirmation.
3. The method according to claim 1, wherein the consensus node takes the uploading node information and the downloading node information as key values, and the plaintext hash value is stored as a value in an intelligent contract, comprising:
through the uploading consensus confirmation, the consensus node calls a storage function of the intelligent contract and analyzes the data certificate structure to obtain uploading node information, downloading node information and a plaintext hash value;
and according to the uploading node information, the downloading node information and the plaintext hash value, taking the uploading node information and the downloading node information as key values, taking the plaintext hash value as a value for storage, and taking the stored position as an intelligent contract in the cloud edge terminal block chain network.
4. The method according to claim 1, wherein the block chain-based cloud edge data distribution method and the cross-chain interaction method further include:
the main block chain is used as a main chain, and the lightweight block chain is used as a side chain to form a vertical cloud-edge spanning chain structure;
the cloud center computing node calls the side chain to read the block head of the cloud center computing node, and uplink information is generated based on the block head information of the side chain, wherein the uplink information comprises a data certificate structure;
the side chain carries out consensus confirmation on the data certificate structure, and after the consensus confirmation, the side chain calls a main chain SPV (shortest path variable) verification contract to verify the uplink information;
when the verification is passed, the side chain specifies uplink according to the uplink information in the main chain SPV verification contract;
the edge computing node calls the main chain to read the block head of the edge computing node, and generates uplink information based on the block head information of the main chain, wherein the uplink information comprises a data certificate structure;
the main chain carries out the consensus confirmation on the data certificate structure, and after the consensus confirmation, the main chain calls a side chain SPV verification contract;
when the verification is passed, the main chain specifies the uplink information according to the side chain SPV verification contract.
5. The method of claim 4, wherein the main chain SPV validation contract and the side chain SPV validation contract validate the uplink information, comprising:
after the data certificate structure is confirmed by the consensus, the cloud center computing node verifies the result of the data certificate structure after the consensus confirmation through the block head of the side chain, the Merkle tree root corresponding to the side chain and the storage path, and when the verification result is passed, the uplink is verified according to the rule in the main chain SPV verification contract;
after the data certificate structure is subjected to the consensus confirmation, the edge computing node verifies the result of the data certificate structure subjected to the consensus confirmation through the block head of the main chain, the Merkle tree root corresponding to the main chain and the storage path, and when the verification result is passed, the upper chain is verified according to the regulations in the side chain SPV verification contract.
6. The method according to claim 1, wherein the block chain-based cloud edge data distribution method and the cross-chain interaction method further include:
the end sensor collects data to be distributed, encrypts the data to be distributed through a reliable distribution mechanism to form information characteristics, stores the information characteristics to an edge computing node, and links a stored certificate to a lightweight block chain;
the edge computing node links the information features to a blockchain network, a consensus node in the blockchain network verifies the information features, a comparison function of the intelligent contract is triggered, a downloading node extracts codes of the information features after comparison is passed, and the codes are downloaded to the edge computing node;
the edge computing node sends a cross-chain request to the main block chain to verify the correctness of the code, and the information characteristic of the code is extracted after the verification is passed;
the edge computing node links the extracted information features to the lightweight block chain, calls an SPV (shortest path distance) verification contract after the lightweight block chain consensus verification, and links the information features to a main block chain in a cross-linking mode;
after the main block chain consensus confirms the information characteristics, generating and issuing an instruction to the end layer structure;
the instruction calls the light weight block chain SPV verification contract after the main block chain consensus is verified, and the instruction is linked to the light weight block chain in a cross mode;
and after the command is confirmed to the lightweight block chain consensus, the command is distributed to a designated controller in the end layer structure to carry out corresponding command operation.
7. The method according to claim 1, wherein the block chain-based cloud edge data distribution method and the cross-chain interaction method further include:
taking a lightweight block chain as an A chain, taking another lightweight block chain as a B chain, taking a main block chain as a relay chain, and constructing a cross-domain cloud-edge-cloud cross-chain architecture;
initiating a first cross-chain uplink action by an edge computing node in the A chain, wherein the first cross-chain uplink action enters the A chain after passing the A chain consensus verification, namely a first cross-chain event;
after receiving the first cross-chain event, the event collection node verifies the authenticity of the first cross-chain uplink action, after the first cross-chain uplink action passes the verification, a Merkle tree root of the first cross-chain uplink action is constructed, a third encryption value is formed by using a private key signature of the event collection node, the third encryption value is linked to the cloud center main chain, and the cloud center main chain node verifies the validity and achieves a first common identification;
after receiving the first common identifier, the event collection node initiates a second cross-link uplink action on the service chain, wherein the second cross-link uplink action is verified by the common identifier node and enters the B chain after the verification, namely a second cross-link event;
after the event collection node monitors the second cross-link event, authenticity verification is conducted on the second cross-link chain loading action, after the second cross-link chain loading action passes the verification, a Merkle tree root of the second cross-link chain loading action is constructed, a fourth encrypted value is formed by using a private key signature of the event collection node, the fourth encrypted value is chain loaded to the cloud center main chain, and the cloud center main chain node conducts validity verification and achieves second common identification;
and after monitoring the second consensus, the event collection node initiates a chain crossing action on the chain A to complete the closed loop of the cross-domain request.
8. The method of claim 7, wherein the trusted service coordination method specifically applied to the data credential structure in the information cross-domain interaction is as follows:
the first lightweight blockchain is a first domain, the other lightweight blockchain is a second domain, a first node is arranged in the first domain, and a second node is arranged in the second domain; the first node requesting authentication of a second node in a second domain;
the first node initiates an authenticated uplink request in the first domain, the edge computing node performs the consensus confirmation on the identity of the first node, after the consensus confirmation, the uplink request is linked to the main blockchain in a cross mode, and after the main blockchain performs the consensus confirmation on the uplink request, the main blockchain submits the link to the second domain in a cross mode; the second domain performs the common identification confirmation on the identity of the second node, and also performs the common identification confirmation on the uplink request, the uplink request is uplink to the main block chain, and after the main block chain identifies the uplink request, the main block chain submits the uplink request in a cross-chain manner to the first domain;
after the consensus, the first node can perform service interaction with the second node.
9. The method of claim 7 wherein the event collection node collects consensus events for both master and lightweight blockchains and triggers the consensus event to be linked one to the other.
10. The method of claim 1, wherein the upload node, download node, and storage do not belong to a blockchain network; the consensus node and the intelligent contract belong to a block chain network, and the block chain network architecture comprises a block chain network, an uploading node, a downloading node and a storage and event collection node.
CN202211221163.3A 2022-10-08 2022-10-08 Cloud edge end data distribution method and cross-chain interaction method based on block chain Active CN115622762B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211221163.3A CN115622762B (en) 2022-10-08 2022-10-08 Cloud edge end data distribution method and cross-chain interaction method based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211221163.3A CN115622762B (en) 2022-10-08 2022-10-08 Cloud edge end data distribution method and cross-chain interaction method based on block chain

Publications (2)

Publication Number Publication Date
CN115622762A true CN115622762A (en) 2023-01-17
CN115622762B CN115622762B (en) 2024-07-30

Family

ID=84861515

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211221163.3A Active CN115622762B (en) 2022-10-08 2022-10-08 Cloud edge end data distribution method and cross-chain interaction method based on block chain

Country Status (1)

Country Link
CN (1) CN115622762B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119011133A (en) * 2024-07-25 2024-11-22 杭州咔悠电子商务有限公司 Data security transmission method based on block chain

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111107136A (en) * 2019-12-05 2020-05-05 上海中信信息发展股份有限公司 Block chain cross-chain relay method based on IPFS
WO2020207264A1 (en) * 2019-04-08 2020-10-15 阿里巴巴集团控股有限公司 Network system, service provision and resource scheduling method, device, and storage medium
CN111866086A (en) * 2020-06-28 2020-10-30 青岛万民科技有限公司 Block chain control method and system based on cloud edge
CN112163045A (en) * 2020-10-29 2021-01-01 杭州谐云科技有限公司 Block chain-based edge data secure storage system
CN113010922A (en) * 2021-02-28 2021-06-22 昆明理工大学 Tamper-proof energy industry internet multi-edge chain data sharing method
CN114553883A (en) * 2022-03-02 2022-05-27 北京中科锐链科技有限公司 Cloud edge terminal cooperative data acquisition and privacy protection method and system based on block chain

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020207264A1 (en) * 2019-04-08 2020-10-15 阿里巴巴集团控股有限公司 Network system, service provision and resource scheduling method, device, and storage medium
CN111107136A (en) * 2019-12-05 2020-05-05 上海中信信息发展股份有限公司 Block chain cross-chain relay method based on IPFS
CN111866086A (en) * 2020-06-28 2020-10-30 青岛万民科技有限公司 Block chain control method and system based on cloud edge
CN112163045A (en) * 2020-10-29 2021-01-01 杭州谐云科技有限公司 Block chain-based edge data secure storage system
CN113010922A (en) * 2021-02-28 2021-06-22 昆明理工大学 Tamper-proof energy industry internet multi-edge chain data sharing method
CN114553883A (en) * 2022-03-02 2022-05-27 北京中科锐链科技有限公司 Cloud edge terminal cooperative data acquisition and privacy protection method and system based on block chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
YUGUO AN ET.AL: "Trusted collection, management and sharing of data based on blockchain and IoT devices", 《2019 IEEE INTERNATIONAL CONFERENCE ON SERVICE OPERATIONS AND LOGISTICS, AND INFORMATICS》, 13 January 2020 (2020-01-13) *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119011133A (en) * 2024-07-25 2024-11-22 杭州咔悠电子商务有限公司 Data security transmission method based on block chain

Also Published As

Publication number Publication date
CN115622762B (en) 2024-07-30

Similar Documents

Publication Publication Date Title
CN110602138B (en) Data processing method and device for block chain network, electronic equipment and storage medium
US12189793B2 (en) Cryptographically secure post-secrets-provisioning services
CN110380852B (en) Bidirectional authentication method and communication system
CN101409619B (en) Flash memory card and realization method of virtual private network key exchange
CN114008968B (en) System, method, and storage medium for license authorization in a computing environment
US20170118196A1 (en) Enforcing server authentication based on a hardware token
US11811739B2 (en) Web encryption for web messages and application programming interfaces
WO2022193984A1 (en) Cross-chain data transmission method and apparatus, and computer device, storage medium and computer program product
CN109587100A (en) A kind of cloud computing platform user authentication process method and system
CN113946877A (en) Data security computing method, system, computer equipment, storage medium and terminal
CN114268437B (en) Data processing method, blockchain node, system and computer-readable storage medium
CN116975901A (en) Identity verification method, device, equipment, medium and product based on block chain
CN115622762A (en) Cloud edge data distribution method based on block chain and cross-chain interaction method
CN115622812A (en) Digital identity verification method and system based on block chain intelligent contract
JP5624219B2 (en) Network access control method and system
CN113709734A (en) Unmanned aerial vehicle distributed identity authentication method based on block chain
Akram et al. Decentralized pki framework for data integrity in spatial crowdsourcing drone services
CN118869177A (en) Digital identity management method, system, electronic device and computer-readable storage medium based on blockchain
CN117874806A (en) Privacy joint computing method and device based on trusted execution environment
CN115795446A (en) Method for processing data in trusted computing platform and management device
CN116961911A (en) An information processing method, device and communication equipment
CN114650182A (en) Identity authentication method, system, device, gateway equipment, equipment and terminal
CN115935379A (en) Service processing method, device, equipment and computer readable storage medium
CN115967583B (en) Key management system and method based on alliance chain
CN118659930B (en) Identity authentication method and device for application, storage medium and vehicle

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant