CN115766181B - Space environment ground simulation device data sharing architecture and method based on block chain - Google Patents
Space environment ground simulation device data sharing architecture and method based on block chain Download PDFInfo
- Publication number
- CN115766181B CN115766181B CN202211402875.5A CN202211402875A CN115766181B CN 115766181 B CN115766181 B CN 115766181B CN 202211402875 A CN202211402875 A CN 202211402875A CN 115766181 B CN115766181 B CN 115766181B
- Authority
- CN
- China
- Prior art keywords
- data
- experiment
- data sharing
- sesri
- intelligent contract
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004088 simulation Methods 0.000 title claims abstract description 40
- 238000000034 method Methods 0.000 title claims abstract description 38
- 230000008520 organization Effects 0.000 claims abstract description 10
- 230000005540 biological transmission Effects 0.000 claims abstract description 8
- 230000003993 interaction Effects 0.000 claims abstract description 7
- 239000000969 carrier Substances 0.000 claims abstract description 4
- 230000000694 effects Effects 0.000 claims abstract description 4
- 238000012545 processing Methods 0.000 claims abstract description 4
- 238000002474 experimental method Methods 0.000 claims description 96
- 238000011160 research Methods 0.000 claims description 69
- 238000007726 management method Methods 0.000 claims description 49
- 230000007246 mechanism Effects 0.000 claims description 32
- 238000003860 storage Methods 0.000 claims description 16
- 238000005516 engineering process Methods 0.000 claims description 12
- 230000008569 process Effects 0.000 claims description 12
- 238000011065 in-situ storage Methods 0.000 claims description 8
- 239000000463 material Substances 0.000 claims description 8
- 238000012550 audit Methods 0.000 claims description 7
- 238000013500 data storage Methods 0.000 claims description 5
- 238000013461 design Methods 0.000 claims description 5
- 230000007613 environmental effect Effects 0.000 claims description 5
- 230000009471 action Effects 0.000 claims description 4
- 230000015556 catabolic process Effects 0.000 claims description 4
- 238000012512 characterization method Methods 0.000 claims description 4
- 238000006731 degradation reaction Methods 0.000 claims description 4
- 230000004044 response Effects 0.000 claims description 4
- 238000004458 analytical method Methods 0.000 claims description 3
- 238000013475 authorization Methods 0.000 claims description 3
- 238000004891 communication Methods 0.000 claims description 3
- 238000010276 construction Methods 0.000 claims description 3
- 238000011217 control strategy Methods 0.000 claims description 3
- 238000013524 data verification Methods 0.000 claims description 3
- 238000012423 maintenance Methods 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims description 3
- 238000013523 data management Methods 0.000 claims description 2
- 238000010586 diagram Methods 0.000 description 4
- 239000011825 aerospace material Substances 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a space environment ground simulation device data sharing architecture and a method based on a block chain, wherein the data sharing architecture consists of a data resource layer, a block chain network layer, an intelligent contract layer and an application layer, wherein the data sharing architecture comprises the following components: the data resource layer is responsible for providing a transmission platform required by data support and under-chain exchange for data transactions on the blockchain; the block chain network layer is responsible for information transmission and service realization; the intelligent contract layer is responsible for processing various complex transaction logics in the system; the application layer mainly provides a man-machine interaction interface, and an intelligent contract is called by using SDKs, information exchange carriers in different forms such as a browser, a client application and the like are provided according to different business activity conditions, and different departments and different posts in different organization structures can acquire data resources or use other data services provided by the system in a corresponding mode. The invention can provide a safer and more reliable data sharing scheme for large scientific engineering.
Description
Technical Field
The invention belongs to the field of big data sharing, relates to a space environment ground simulation device, and in particular relates to a space environment ground simulation device data sharing architecture and method based on a block chain.
Background
As human exploration of space continues to go deep, there is a need for intensive research in the space environmental effects of aerospace materials, devices and their functional systems. The space environment ground simulation device is used as one of large scientific engineering, provides a large space comprehensive environment ground simulation platform, can realize in-situ/semi-in-situ characterization of the space comprehensive environment and the material action process based on comprehensive simulation of a plurality of space environment factors, and explores the space-time evolution theory of performance/function degradation of materials, devices and systems in the space comprehensive environment.
The space environment ground simulation device is used as an open space environment simulation experiment platform, and can provide a good experiment environment for enterprises, research institutions and the like taking space environment as the background. But considering that trust problems exist among the multiple groups of cooperations, and the generated data is huge in experimental operation, and has the characteristics of multiple categories, large scale and high value. Therefore, it is necessary to study how to efficiently manage data among multiple organizations and to realize safe and reliable sharing of data.
The blockchain is considered as a brand new decentralization infrastructure and distributed computing paradigm, and the decentralization data structure enables the data to have the characteristics of data non-falsification, traceability and the like, so that a new solution is brought for solving the problems of single-point faults, easy private falsification and the like of the traditional data sharing system.
Disclosure of Invention
Aiming at the problems that trust exists among organizations in the process of data sharing among the organizations, and the data has low safety performance, is easy to tamper in the sharing process, the invention provides a space environment ground simulation device data sharing architecture and a method based on a blockchain. The invention combines the blockchain technology with the encryption technology and the access control technology, further ensures the safety of data, and can provide a safer and more reliable data sharing scheme for large scientific engineering.
The invention aims at realizing the following technical scheme:
A space environment ground simulation device data sharing architecture based on a block chain is composed of a data resource layer, a block chain network layer, an intelligent contract layer and an application layer 4, wherein:
The data resource layer is responsible for providing a transmission platform required by data support and under-chain exchange for data transactions on the blockchain, and the data resource layer adopts IPFS (Inter Planetary File System) distributed storage technology for storage;
the block chain network layer adopts a P2P communication mechanism to provide a block chain network and is responsible for information transmission and service realization, and the block chain network layer consists of 3 parts of a distributed account book, a consensus mechanism and network service;
The distributed account book records blockchain network data information in a blockdata format, wherein the blockchain network data information comprises a data abstract, a data index, access strategy information, an authorization record, key information and a transaction record;
The block data is divided into a block head and a block body, wherein the block head comprises a previous block hash value, a block chain number, a time stamp, a Merkle root, a version number and other contents, a current block hash value and a random number; the zone block is used as a carrier for actually storing data and comprises transaction data related to transactions; for each transaction record in the block, generating a corresponding hash value through a hash algorithm, then generating a unique Merkle root of the current block according to Merkle construction rules and counting into a block head; a plurality of blocks are combined according to the generation time sequence to form a front-back linked chain structure, and a hash algorithm is utilized to give a hash mark to each block, so that the blocks are prevented from being tampered;
the consensus mechanism adopts Raft consensus strategy, so that a system management mechanism, a SESRI experiment platform and each research mechanism achieve consensus, the consistency of the distributed account book is ensured, and the trust problem between the system management mechanism and the SESRI experiment platform is solved;
The network service is used for the propagation and verification of data among the block chain nodes, and each department in the system management mechanism, SESRI experiment platform and each research institution joins the block chain network after checking, and the nodes are subjected to data broadcasting through a Gossip protocol and synchronize the data in an organization mode;
The intelligent contract layer is responsible for processing various complex transaction logics in the system, is a key link for realizing interaction between a bottom data account book and an upper user, and has main functions of account registration and cancellation, encryption technology management, access control, data storage, inquiry and the like;
The application layer mainly provides a man-machine interaction interface, and an intelligent contract is called by using SDKs, information exchange carriers in different forms such as a browser, a client application and the like are provided according to different business activity conditions, and different departments and different posts in different organization structures acquire data resources or use other data services provided by a system in a corresponding mode;
The organization structure comprises a system management mechanism, SESRI experiment platforms and various research institutions:
the system management mechanism is an admission control function added for preventing malicious users from joining, is responsible for the maintenance of the whole shared platform software and the network on one hand, and is responsible for the management of the whole system user on the other hand, and comprises the steps of creating roles, managing account numbers, auditing roles, authority management and the like for SESRI experiment platforms and research institutions;
The SESRI experimental platform is used as a large-scale space comprehensive environment ground simulation platform, based on comprehensive simulation of a plurality of space environment factors, in-situ/semi-in-situ characterization of space comprehensive environment and material action process can be realized, space-time evolution theory of performance/function degradation of materials, devices and systems in the space comprehensive environment is explored, and a space comprehensive environment ground simulation experimental platform is provided for a research institution, wherein the SESRI experimental platform is divided into experiment management personnel, experiment engineers, data sharing submitting personnel and data sharing management personnel;
the research institution refers to a research institution taking space environment as a background, when the research institution needs to simulate space comprehensive environment during experiments, corresponding experiments can be performed by means of SESRI experiment platforms, and generally, the research institution is divided into experiment management personnel, experiment engineers and data sharing request personnel.
A space environment ground simulation device data sharing method based on a block chain comprises the following steps:
S101: experiment management personnel of a research institution conduct experiment design and apply for experimental projects from a SESRI experiment platform;
S102: an experiment manager of SESRI experiment platform carries out auditing on experiment items applied by experiment managers of a research institution;
s103: if the verification is not passed, the step S104 is entered, otherwise, the step S105 is entered;
S104: submitting the reason for the application for rejection, and ending the flow;
S105: an experiment engineer of SESRI experiment platforms and an experiment engineer of a research institution perform experiments according to experiment projects and collect experiment data;
S106: the experimental engineers of SESRI experimental platforms and the experimental engineers of research institutions analyze the experimental data and submit the results to an analysis result storage;
S107: the data sharing request personnel of the research institution applies for accessing experimental data;
S108: a data sharing manager of SESRI experiment platform adopts an access control method to audit the access authority of a data sharing request person of a research institution, and the access strategy is recorded in a distributed account book of a blockchain network layer;
S109: if SESRI the data sharing manager of the experimental platform does not pass the audit, returning to S107, otherwise entering S110;
S110: the data sharing submitting personnel of the SESRI experiment platform encrypts the data to be shared and sends the data through a blockchain network;
S111: and obtaining ciphertext data by a data sharing request personnel of the research institution, and decrypting the ciphertext data through a secret key to obtain the required data.
Compared with the prior art, the invention has the following advantages:
In order to realize the safe sharing of data of the space environment ground simulation device, the invention designs a sharing framework with a data resource layer, a blockchain network layer, an intelligent contract layer and an application layer, and designs a safe data sharing method based on the data sharing framework. Meanwhile, an access control technology based on attributes is adopted, so that access control of fine granularity of the device is realized, and unauthorized access of illegal personnel is prevented. And finally, adding the data summary information, the key information and the related information of the access control strategy into the blockchain to prevent the data from being illegally tampered, thereby enhancing the stability of the system.
Drawings
FIG. 1 is a block chain based architecture for data sharing in a spatial environment ground simulation device;
FIG. 2 is a block data structure diagram of a block-chain-based spatial environment ground simulation device data sharing architecture;
FIG. 3 is a flow chart of a method for data sharing of a space environment ground simulation device based on a blockchain;
FIG. 4 is a block chain based data encryption transmission flow chart of a space environment ground simulation device data sharing method;
FIG. 5 is a schematic diagram of a preparation stage for data sharing access control of a block-chain-based spatial environment ground simulation device;
FIG. 6 is a schematic diagram of a block-chain-based implementation stage of data sharing access control for a space environment ground simulation device;
FIG. 7 is a block chain based spatial environment ground simulation device data sharing access policy block diagram.
Detailed Description
The following description of the present invention is provided with reference to the accompanying drawings, but is not limited to the following description, and any modifications or equivalent substitutions of the present invention should be included in the scope of the present invention without departing from the spirit and scope of the present invention.
The invention provides a space environment ground simulation device data sharing architecture based on a blockchain technology, as shown in fig. 1, the data sharing architecture consists of a data resource layer, a blockchain network layer, an intelligent contract layer and an application layer 4, wherein:
1. Data resource layer: a transport platform responsible for providing data support and under-chain exchanges for data transactions on a blockchain, wherein:
The data is derived from a SESRI experiment platform, databases of various projects, technical achievements and the like of a research institution, various business information systems, file servers and the like generated by the operation management of various organizations experiments, and specifically comprises experimental data, business data, personnel management data, data analysis achievements and the like. Because of the limitations of the database of blockchain nodes in terms of data storage, the on-chain data is exchanged through the blockchain network, while the off-chain data is stored under blockchain control through the IPFS-based distributed storage technology.
2. Block chain network layer: the method adopts a P2P communication mechanism to provide a blockchain network which is responsible for information transmission and service realization, wherein the blockchain network layer consists of 3 parts of a distributed account book, network service and a consensus mechanism, wherein:
the distributed ledger records blockchain network data information in the format of blockdata, including data digests, data indexes, access policy information, authorization records, key information, and transaction records.
As shown in fig. 2, the block data is divided into a block header and a block body, wherein the block header contains the previous block hash value, the block chain number, the timestamp, the Merkle root, the version number and other contents, and the current block hash value and the random number; the block body is used as a carrier for actually storing data and comprises transaction data related to transactions; for each transaction record in the block, generating a corresponding hash value through a hash algorithm, then generating a unique Merkle root of the current block according to Merkle construction rules and counting into a block head; the blocks are combined according to the generation time sequence to form a front-back linked chain structure, and a hash algorithm is utilized to give a hash mark to each block, so that the blocks are prevented from being tampered.
The network service is used for the propagation and verification of data among the block chain nodes, and each department in the system management mechanism, SESRI experiment platform and each research mechanism joins the block chain network after checking, and the nodes broadcast the data through the Gossip protocol and synchronize the data in an organization mode;
The consensus mechanism adopts Raft consensus strategy, so that the system management mechanism, the SESRI experiment platform and each research mechanism reach consensus, the consistency of the distributed account book is ensured, and the trust problem between the system management mechanism and the SESRI experiment platform is solved.
3. Intelligent contract layer: the intelligent contract is mainly responsible for processing various complex transaction logics in a system, such as data storage, data sharing, authority management, access control, key management and the like, is a key link for realizing interaction between a bottom data account book and an upper user, and has the main functions of account registration and cancellation, encryption technology management, access control, data storage, inquiry and the like;
4. Application layer: the method mainly provides a man-machine interaction interface, an intelligent contract is called by SDKs, information exchange carriers in different forms such as a browser, a client application and the like are provided according to different business activity conditions, different departments and different post staff in different organization mechanisms acquire data resources or use other data services provided by a system in a corresponding mode, and the organization mechanisms comprise a system management mechanism, a SESRI experiment platform and various research mechanisms, wherein:
the system management mechanism is an admission control function added for preventing malicious users from joining, is responsible for the maintenance of the whole shared platform software and the network on one hand, and is responsible for the management of the whole system user on the other hand, and comprises the steps of creating roles, managing account numbers, auditing roles, authority management and the like for SESRI experiment platforms and research institutions;
The SESRI experimental platform is used as a large-scale space comprehensive environment ground simulation platform, based on comprehensive simulation of a plurality of space environment factors, in-situ/semi-in-situ characterization of space comprehensive environment and material action process can be realized, space-time evolution theory of performance/function degradation of materials, devices and systems in the space comprehensive environment is explored, and a space comprehensive environment ground simulation experimental platform is provided for a research institution, wherein the SESRI experimental platform is divided into experiment management personnel, experiment engineers, data sharing submitting personnel and data sharing management personnel;
the research institution refers to a research institution taking space environment as a background, when the research institution needs to simulate space comprehensive environment during experiments, the corresponding experiments can be carried out by means of the SESRI experiment platform, and generally, the research institution is divided into experiment management personnel, experiment engineers and data sharing request personnel.
A data sharing method of a space environment ground simulation device based on a block chain by utilizing the data sharing architecture is shown in fig. 3, and comprises the following steps:
S101: experiment management personnel of a research institution conduct experiment design and apply for experimental projects from a SESRI experiment platform;
S102: an experiment manager of SESRI experiment platform carries out auditing on experiment items applied by experiment managers of a research institution;
s103: if the verification is not passed, the step S104 is entered, otherwise, the step S105 is entered;
S104: submitting the reason for the application for rejection, and ending the flow;
S105: an experiment engineer of SESRII experiment platforms and an experiment engineer of a research institution perform experiments according to experiment projects and collect experiment data;
S106: the experimental engineers of SESRI experimental platforms and the experimental engineers of research institutions analyze the experimental data and submit the results to an analysis result storage;
S107: the data sharing request personnel of the research institution applies for accessing experimental data;
S108: a data sharing manager of SESRI experiment platform adopts an access control method to audit the access authority of a data sharing request person of a research institution, and the access strategy is recorded in a distributed account book of a blockchain network layer;
S109: if SESRI the data sharing manager of the experimental platform does not pass the audit, returning to S107, otherwise entering S110;
S110: the data sharing submitting personnel of the SESRI experiment platform encrypts the data to be shared and sends the data through a blockchain network;
S111: and obtaining ciphertext data by a data sharing request personnel of the research institution, and decrypting the ciphertext data through a secret key to obtain the required data.
As shown in fig. 4, in step S110 and step S111, the specific steps of submitting data by the data sharing submitting person of the SESRI experiment platform and receiving data by the data sharing requesting person of the research institution are as follows:
s201: the data sharing submitting personnel of the SESRI experiment platform share the data and encrypt the data to be uploaded by adopting an AES encryption algorithm;
S202: the data sharing submitting personnel of SESRI experiment platform stores the encrypted data to IPFS to obtain a storage address of IPFS to form a data abstract;
s203: the data sharing submitting personnel of SESRI experiment platform call the data management contract to store the data information into the chain state database, wherein the data information comprises data name, storage address, encryption key, dynamic access strategy, author information storage and the like;
S204: the data sharing request personnel of the research institution call a data list method to locate the required data;
s205: the data sharing request personnel of the research institution acquire storage address information through access authority judgment;
s206: the data sharing request personnel of the research institution locate to the IPFS position of the data according to the storage address information and downloads the encrypted data content;
S207: generating an RSA key by a data sharing request personnel of a research institution, and transmitting the generated public key to a data sharing submitting personnel of a SESRI experiment platform through a blockchain network;
S208: the data sharing submitting personnel of the SESRI experiment platform encrypt the AES key according to the public key of the data sharing requesting personnel of the research institution and transmit the AES key to the data sharing requesting personnel of the research institution through the blockchain network;
S209: the research institution's data sharing request personnel decrypt the transmitted AES key according to its own private key to obtain the key, in this step, the decryption process of RSA algorithm is optimized by using China's law (CHINESE REMAINDER Theore, CRT), and the optimized decryption process is as follows:
(1) Let d p =d mod (p-1) and d q =d mod (q-1);
(2) Calculating m 1=Cdp mod p and m 2=Cdq mod q;
(3) Calculate qInv from qInv ×q=1 mod p;
(4)h=(qInv×((m1-m2)mod p)mod p);
(5) The decryption result m=m 2 +h×q;
Wherein d is a public key of RSA algorithm, p and q are two unequal large prime numbers, and M is a plaintext result;
S210: the original data content can be obtained by decrypting with the AES key.
In the present invention, the access control method in step S108 adopts a combination of attribute-based access control and blockchain technology to perform fine-grained access control on data sharing, and mainly includes a preparation stage and an implementation stage, as shown in fig. 5, where the preparation stage includes the following steps:
s301: the attribute management side plans and formulates attributes and attribute domains of a main body, rights, environment and the like according to the actual situation of a research institution, and determines attribute relation information while issuing attribute sets into a blockchain;
S302: the strategy management issues an access control strategy of the data resource in the block chain;
As shown in fig. 6, the implementation phase includes the following steps:
s401: when the policy enforcement point intelligent contract receives a request of a certain operation on certain data sent by the client, the policy enforcement point intelligent contract starts to analyze and obtain an intelligent contract of which the subject, the object and the operation information in the original access request are sent to a policy decision point;
S402: after receiving the request, the policy decision point intelligent contract requests related access policies from the policy management point intelligent contract according to the object and the operation information, and the policy management point intelligent contract returns a policy set to the policy decision point intelligent contract after combining the policies designated in the preparation stage;
S403: the policy decision point intelligent contract requests the subject, object and environment attribute information required by the policy set from the policy information point intelligent contract according to the returned result of the policy management point intelligent contract, and the policy information point intelligent contract returns the result to the policy decision point intelligent contract after extracting the related attribute information;
s404: the policy decision point intelligent contract makes access control judgment on the request according to the grasped attribute and policy information, and returns the judgment result response to the policy implementation point intelligent contract;
s405: and the policy enforcement point intelligent contract performs compliance access operation on the data resources according to the response result of the policy decision point intelligent contract, and records the data transaction information on the blockchain.
In the present invention, the access policy attributes described in step S402 include a subject attribute, an object attribute, a rights attribute, and an environment attribute, where:
the main body attribute refers to a node attribute which initiatively initiates a request to a data file;
The object attribute refers to an attribute corresponding to the accessed data file;
the authority attribute refers to various operations on data, such as inquiry, update and the like;
the environmental attribute refers to environmental information such as time or network location when the data access control process occurs.
In a specific embodiment, as shown in fig. 7, a simple access policy structure in step S402 may be expressed as AP (Access Policy) = { O (data type=file, data subject=plasma experiment data, department=plasma microsystem), P (view), S (job position=advanced engineer, department=all), E (access time=working time, IP location=company intranet) }, and the meaning information expressed by this policy is that the file of the plasma microsystem about the plasma experiment data can be viewed by the advanced engineer level user of all departments in the research institution through the company intranet at normal working time, and tested to reject the application if this condition is not satisfied.
Claims (10)
1. The utility model provides a space environment ground analogue means data sharing framework based on blockchain which characterized in that the data sharing framework comprises data resource layer, blockchain network layer, intelligent contract layer and 4 parts of application layer, wherein:
The data resource layer is responsible for providing a transmission platform required by data support and under-chain exchange for data transactions on the blockchain;
the block chain network layer adopts a P2P communication mechanism to provide a block chain network and is responsible for information transmission and service realization, and the block chain network layer consists of 3 parts of a distributed account book, a consensus mechanism and network service;
the distributed account book records blockchain network data information in a blockdata format;
the consensus mechanism adopts Raft consensus strategy, so that a system management mechanism, a SESRI experiment platform and each research mechanism achieve consensus, the consistency of the distributed account book is ensured, and the trust problem between the system management mechanism and the SESRI experiment platform is solved;
The network service is used for the propagation and verification of data among the block chain nodes, and each department in the system management mechanism, SESRI experiment platform and each research institution joins the block chain network after checking, and the nodes are subjected to data broadcasting through a Gossip protocol and synchronize the data in an organization mode;
the intelligent contract layer is responsible for processing various complex transaction logics in the system and is a key link for realizing interaction between the bottom data account book and the upper user;
The application layer provides a man-machine interaction interface, and an intelligent contract is called by using SDKs, so that information exchange carriers in different forms are provided for a browser and a client according to different business activity conditions, and different departments and different staff in different organization structures acquire data resources or use other data services provided by the system in a corresponding mode.
2. The architecture of claim 1, wherein the blockchain network data information includes a data digest, a data index, access policy information, an authorization record, key information, and a transaction record, the blockdata is divided into a block header and a block body, the block header includes a previous block hash value, a blockchain number, a timestamp, a Merkle root, a version number, and a current block hash value, a random number; the zone block is used as a carrier for actually storing data and comprises transaction data related to transactions; for each transaction record in the block, generating a corresponding hash value through a hash algorithm, then generating a unique Merkle root of the current block according to Merkle construction rules and counting into a block head; the blocks are combined according to the generation time sequence to form a front-back linked chain structure, and a hash algorithm is utilized to give a hash mark to each block, so that the blocks are prevented from being tampered.
3. The architecture for sharing data of a blockchain-based spatial environment ground simulation device according to claim 1, wherein the intelligent contract functions are divided into account registration and cancellation, encryption technology management, access control, data storage and query functions.
4. The blockchain-based spatial environment ground simulation device data sharing architecture of claim 1, wherein the organization structure comprises a system management mechanism, a SESRI experimental platform, and research institutions, wherein:
the system management mechanism is an admission control function added for preventing malicious users from joining, and is responsible for the maintenance of the whole shared platform software and the network on one hand and the management of the whole system user on the other hand;
the SESRI experimental platform is used as a large-scale space comprehensive environment ground simulation platform, is based on comprehensive simulation of a plurality of space environment factors, can realize in-situ/semi-in-situ characterization of the space comprehensive environment and the material action process, explores the space-time evolution theory of performance/function degradation of materials, devices and systems in the space comprehensive environment, and provides a space comprehensive environment ground simulation experimental platform for research institutions;
The research institution refers to a research institution taking a space environment as a background, and when the space comprehensive environment needs to be simulated during the experiment, the corresponding experiment is carried out by means of SESRI experiment platforms.
5. The blockchain-based spatial environment ground simulation device data sharing architecture of claim 1, wherein the system management mechanism comprises creating roles, management accounts, audit roles and rights management for SESRI experimental platforms and research institutions; SESRI the experimental platform is divided into an experiment manager, an experiment engineer, a data sharing submitting person and a data sharing manager; research institutions are divided into experiment managers, experiment engineers, and data sharing requesters.
6. A method for implementing data sharing of a blockchain-based spatial environment ground simulation device by using the data sharing architecture as claimed in any one of claims 1 to 5, characterized in that the method comprises the following steps:
S101: experiment management personnel of a research institution conduct experiment design and apply for experimental projects from a SESRI experiment platform;
S102: an experiment manager of SESRI experiment platform carries out auditing on experiment items applied by experiment managers of a research institution;
s103: if the verification is not passed, the step S104 is entered, otherwise, the step S105 is entered;
S104: submitting the reason for the application for rejection, and ending the flow;
S105: an experiment engineer of SESRI experiment platforms and an experiment engineer of a research institution perform experiments according to experiment projects and collect experiment data;
S106: the experimental engineers of SESRI experimental platforms and the experimental engineers of research institutions analyze the experimental data and submit the results to an analysis result storage;
S107: the data sharing request personnel of the research institution applies for accessing experimental data;
S108: a data sharing manager of SESRI experiment platform adopts an access control method to audit the access authority of a data sharing request person of a research institution, and the access strategy is recorded in a distributed account book of a blockchain network layer;
S109: if SESRI the data sharing manager of the experimental platform does not pass the audit, returning to S107, otherwise entering S110;
S110: the data sharing submitting personnel of the SESRI experiment platform encrypts the data to be shared and sends the data through a blockchain network;
S111: and obtaining ciphertext data by a data sharing request personnel of the research institution, and decrypting the ciphertext data through a secret key to obtain the required data.
7. The method for sharing data of the space environment ground simulation device based on the blockchain as defined in claim 6, wherein in the step S110 and the step S111, the specific steps of submitting data by a data sharing submitting person of the SESRI experiment platform and receiving data by a data sharing requesting person of the research institution are as follows:
s201: the data sharing submitting personnel of the SESRI experiment platform share the data and encrypt the data to be uploaded by adopting an AES encryption algorithm;
S202: the data sharing submitting personnel of SESRI experiment platform stores the encrypted data to IPFS to obtain a storage address of IPFS to form a data abstract;
S203: the data sharing submitting personnel of the SESRI experiment platform call a data management contract and store data information into a chain state database, wherein the data information comprises a data name, a storage address, an encryption key, a dynamic access strategy and author information storage;
S204: the data sharing request personnel of the research institution call a data list method to locate the required data;
s205: the data sharing request personnel of the research institution acquire storage address information through access authority judgment;
s206: the data sharing request personnel of the research institution locate to the IPFS position of the data according to the storage address information and downloads the encrypted data content;
S207: generating an RSA key by a data sharing request personnel of a research institution, and transmitting the generated public key to a data sharing submitting personnel of a SESRI experiment platform through a blockchain network;
S208: the data sharing submitting personnel of the SESRI experiment platform encrypt the AES key according to the public key of the data sharing requesting personnel of the research institution and transmit the AES key to the data sharing requesting personnel of the research institution through the blockchain network;
S209: decrypting the transmitted AES key by a data sharing request personnel of the research institution according to the private key of the data sharing request personnel to obtain the key;
S210: and decrypting by using the AES key to obtain the original data content.
8. The data sharing method of the space environment ground simulation device based on the blockchain as in claim 7, wherein in the step S209, the decryption process of the RSA algorithm is optimized by using the chinese remainder theorem, and the optimized decryption process is as follows:
(1) Let d p =d mod (p-1) and d q =d mod (q-1);
(2) Calculating m 1=Cdp mod p and m 2=Cdq mod q;
(3) Calculate qInv from qInv ×q=1 mod p;
(4)h=(qInv×((m1-m2)mod p)mod p);
(5) The decryption result m=m 2 +h×q;
wherein d is a public key of RSA algorithm, p and q are two unequal large prime numbers, and M is a plaintext result.
9. The blockchain-based spatial environment ground simulation device data sharing method according to claim 6, wherein in the step S108, the access control method adopts a combination of attribute-based access control and blockchain technology to perform fine-grained access control on the data sharing, and the method comprises a preparation phase and an implementation phase, wherein:
the preparation stage comprises the following steps:
S301: the attribute management side plans and formulates a main body, authority, environment attributes and attribute domains according to the actual situation of a research institution, and determines attribute relationship information while issuing attribute sets into a blockchain;
S302: the strategy management issues an access control strategy of the data resource in the block chain;
The implementation stage comprises the following steps:
s401: when the policy enforcement point intelligent contract receives a request of a certain operation on certain data sent by the client, the policy enforcement point intelligent contract starts to analyze and obtain an intelligent contract of which the subject, the object and the operation information in the original access request are sent to a policy decision point;
S402: after receiving the request, the policy decision point intelligent contract requests related access policies from the policy management point intelligent contract according to the object and the operation information, and the policy management point intelligent contract returns a policy set to the policy decision point intelligent contract after combining the policies designated in the preparation stage;
S403: the policy decision point intelligent contract requests the subject, object and environment attribute information required by the policy set from the policy information point intelligent contract according to the returned result of the policy management point intelligent contract, and the policy information point intelligent contract returns the result to the policy decision point intelligent contract after extracting the related attribute information;
s404: the policy decision point intelligent contract makes access control judgment on the request according to the grasped attribute and policy information, and returns the judgment result response to the policy implementation point intelligent contract;
s405: and the policy enforcement point intelligent contract performs compliance access operation on the data resources according to the response result of the policy decision point intelligent contract, and records the data transaction information on the blockchain.
10. The blockchain-based spatial environment ground simulation device data sharing method according to claim 9, wherein in the step S402, the access policy attributes include a subject attribute, a guest attribute, a rights attribute, and an environment attribute, wherein:
the main body attribute refers to a node attribute which initiatively initiates a request to a data file;
The object attribute refers to an attribute corresponding to the accessed data file;
The authority attribute refers to various operations on the data;
the environmental attribute refers to environmental information when the data access control process occurs.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211402875.5A CN115766181B (en) | 2022-11-09 | 2022-11-09 | Space environment ground simulation device data sharing architecture and method based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211402875.5A CN115766181B (en) | 2022-11-09 | 2022-11-09 | Space environment ground simulation device data sharing architecture and method based on block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115766181A CN115766181A (en) | 2023-03-07 |
| CN115766181B true CN115766181B (en) | 2024-05-03 |
Family
ID=85368926
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211402875.5A Active CN115766181B (en) | 2022-11-09 | 2022-11-09 | Space environment ground simulation device data sharing architecture and method based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115766181B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116582352B (en) * | 2023-06-13 | 2023-11-14 | 国网浙江省电力有限公司宁波供电公司 | Intelligent digital supervision method and system for data interaction |
| CN117335960B (en) * | 2023-11-02 | 2024-04-02 | 北京邮电大学 | Block chain-based carbon data sharing access method and device in zero trust network |
| CN117633748B (en) * | 2023-12-05 | 2024-06-21 | 国网四川省电力公司 | Financial system authority management method based on blockchain |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110351381A (en) * | 2019-07-18 | 2019-10-18 | 湖南大学 | A kind of Distributed data share method that Internet of Things based on block chain is credible |
| CN112491804A (en) * | 2020-11-04 | 2021-03-12 | 沈阳化工大学 | ICS (Internet connection sharing) security policy method based on block chain |
| US10984400B1 (en) * | 2021-01-05 | 2021-04-20 | Mythical, Inc. | Systems and methods for using shared user inventory information to initiate a peer-to-peer exchange of a non-fungible digital asset |
| CN113116258A (en) * | 2019-12-31 | 2021-07-16 | 裕添源工贸(厦门)有限公司 | Network management and control labor-saving commercial handcart type sterile intelligent batch washing system equipment |
| CN113242122A (en) * | 2021-04-15 | 2021-08-10 | 哈尔滨工业大学 | Encryption method based on DH and RSA encryption algorithm |
| US11138580B1 (en) * | 2021-01-05 | 2021-10-05 | Mythical, Inc. | Systems and methods for peer-to-peer exchanges of non-fungible digital assets |
| CN113516368A (en) * | 2021-06-11 | 2021-10-19 | 北京大学 | Method, device, equipment and medium for predicting uncertainty risk of city and community |
| CN113783696A (en) * | 2021-08-14 | 2021-12-10 | 西安电子科技大学 | Internet of things perception data sharing transaction platform, control method, equipment and terminal |
| CN113869883A (en) * | 2021-10-30 | 2021-12-31 | 哈尔滨工业大学 | Experimental project operation management method based on template instance strategy |
| CN114172735A (en) * | 2021-12-11 | 2022-03-11 | 中国人民解放军战略支援部队信息工程大学 | Double-chain mixed block chain data sharing method and system based on intelligent contract |
-
2022
- 2022-11-09 CN CN202211402875.5A patent/CN115766181B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110351381A (en) * | 2019-07-18 | 2019-10-18 | 湖南大学 | A kind of Distributed data share method that Internet of Things based on block chain is credible |
| CN113116258A (en) * | 2019-12-31 | 2021-07-16 | 裕添源工贸(厦门)有限公司 | Network management and control labor-saving commercial handcart type sterile intelligent batch washing system equipment |
| CN112491804A (en) * | 2020-11-04 | 2021-03-12 | 沈阳化工大学 | ICS (Internet connection sharing) security policy method based on block chain |
| US10984400B1 (en) * | 2021-01-05 | 2021-04-20 | Mythical, Inc. | Systems and methods for using shared user inventory information to initiate a peer-to-peer exchange of a non-fungible digital asset |
| US11138580B1 (en) * | 2021-01-05 | 2021-10-05 | Mythical, Inc. | Systems and methods for peer-to-peer exchanges of non-fungible digital assets |
| CN113242122A (en) * | 2021-04-15 | 2021-08-10 | 哈尔滨工业大学 | Encryption method based on DH and RSA encryption algorithm |
| CN113516368A (en) * | 2021-06-11 | 2021-10-19 | 北京大学 | Method, device, equipment and medium for predicting uncertainty risk of city and community |
| CN113783696A (en) * | 2021-08-14 | 2021-12-10 | 西安电子科技大学 | Internet of things perception data sharing transaction platform, control method, equipment and terminal |
| CN113869883A (en) * | 2021-10-30 | 2021-12-31 | 哈尔滨工业大学 | Experimental project operation management method based on template instance strategy |
| CN114172735A (en) * | 2021-12-11 | 2022-03-11 | 中国人民解放军战略支援部队信息工程大学 | Double-chain mixed block chain data sharing method and system based on intelligent contract |
Non-Patent Citations (2)
| Title |
|---|
| 一种基于区块链的可信数据共享解决方案;汪菲;沈苏彬;;计算机技术与发展;20200910(09);第1.1节-1.2节 * |
| 多智能体技术在高级量测体系信息集成中的应用;陈培友;金显吉;佟为明;;低压电器;20131215(23);第39页-第41页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115766181A (en) | 2023-03-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112989415B (en) | Private data storage and access control method and system based on block chain | |
| CN115766181B (en) | Space environment ground simulation device data sharing architecture and method based on block chain | |
| Ryu et al. | A blockchain-based decentralized efficient investigation framework for IoT digital forensics | |
| CN108830601B (en) | Smart city information safe use method and system based on block chain | |
| CN111400749B (en) | Government affair financial data sharing platform based on block chain and implementation method thereof | |
| CN110032545A (en) | File memory method, system and electronic equipment based on block chain | |
| CN108830709A (en) | A kind of crowdsourcing transaction system based on block chain | |
| Ma et al. | Blockchain-driven trusted data sharing with privacy protection in IoT sensor network | |
| JP5365502B2 (en) | File management apparatus, file management program, and file management method | |
| CN109525570A (en) | A kind of data hierarchy safety access control method of Cargo Oriented on Group client | |
| US9112886B2 (en) | Method and system for providing centralized data field encryption, and distributed storage and retrieval | |
| Bai et al. | Decentralized and self-sovereign identity in the era of blockchain: a survey | |
| CN110414256A (en) | A kind of accurate poverty alleviation data exchange sharing method and platform based on block chain | |
| CN114866346B (en) | Password service platform based on decentralization | |
| CN111901432A (en) | Block chain-based safety data exchange method | |
| Xu et al. | An efficient blockchain‐based privacy‐preserving scheme with attribute and homomorphic encryption | |
| CN113922957A (en) | Virtual cloud wallet based on privacy protection calculation | |
| CN115883214A (en) | Electronic medical data sharing system and method based on alliance chain and CP-ABE | |
| Jiang et al. | Research on the application of blockchain in copyright protection | |
| CN113269563A (en) | Enterprise credit investigation data sharing system based on block chain | |
| Shen et al. | Design of trusted aviation data exchange platform based on blockchain | |
| Chen et al. | An attribute-encryption-based cross-chain model in urban internet of vehicles | |
| Xi et al. | Decentralized access control for secure microservices cooperation with blockchain | |
| CN110428215B (en) | Intelligent robot data information mutual interaction safe and reliable transmission handling method and system | |
| CN113987561A (en) | Trusted execution environment-based private data classification method, system and terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |