WO2020220641A1 - Data storage method and apparatus based on point-to-point network, and medium and server - Google Patents

Data storage method and apparatus based on point-to-point network, and medium and server Download PDF

Info

Publication number
WO2020220641A1
WO2020220641A1 PCT/CN2019/118129 CN2019118129W WO2020220641A1 WO 2020220641 A1 WO2020220641 A1 WO 2020220641A1 CN 2019118129 W CN2019118129 W CN 2019118129W WO 2020220641 A1 WO2020220641 A1 WO 2020220641A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
hash
data segment
peer
node
Prior art date
Application number
PCT/CN2019/118129
Other languages
French (fr)
Chinese (zh)
Inventor
雷琼
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2020220641A1 publication Critical patent/WO2020220641A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Definitions

  • This application belongs to the field of computer technology, and in particular relates to a data storage method, device, computer non-volatile readable storage medium, and server based on a peer-to-peer network.
  • the embodiments of the present application provide a data storage method and device based on a peer-to-peer network, a computer non-volatile readable storage medium, and a server to solve the lack of overall coordination in the existing peer-to-peer network for data storage.
  • the problem of confusion in the interaction process is a problem of confusion in the interaction process.
  • the first aspect of the embodiments of the present application provides a data storage method based on a peer-to-peer network, which may include:
  • Receiving data to be stored uploaded by a terminal device where the terminal device is any node in the peer-to-peer network;
  • the authorization information of each data segment is constructed separately, and the authorization information is sent to each target node.
  • the authorization information of the sth data segment is sent to the target node corresponding to the sth data segment, 1 ⁇ s ⁇ SN, SN is the number of data fragments;
  • the second aspect of the embodiments of the present application provides a data storage device, which may include a module for implementing the steps of the foregoing data storage method.
  • the third aspect of the embodiments of the present application provides a computer non-volatile readable storage medium, the computer non-volatile readable storage medium stores computer readable instructions, and the computer readable instructions are executed by a processor When realizing the steps of the above data storage method.
  • the fourth aspect of the embodiments of the present application provides a server, including a memory, a processor, and computer-readable instructions stored in the memory and running on the processor, and the processor executes the computer
  • the steps of the above data storage method are implemented when the instruction is read.
  • the traditional random distribution storage method is no longer used, but the hash operation is used to coordinate and determine the object of data distribution as a whole (that is, the target node), and through authorization and distribution with the object.
  • the verification mechanism ensures the safe and orderly progress of the entire data storage process.
  • FIG. 1 is a flowchart of an embodiment of a data storage method based on a peer-to-peer network in an embodiment of the application;
  • Figure 2 is a schematic flow chart of determining the target node corresponding to each data segment in a peer-to-peer network according to the hash value of each data segment;
  • Figure 3 is a schematic diagram of a hash ring
  • Figure 4 is a schematic diagram of nodes in a peer-to-peer network mapped to a hash ring;
  • Figure 5 is a schematic diagram of searching for a target node on a hash ring
  • FIG. 6 is a schematic flowchart of separately constructing authorization information for each data segment
  • FIG. 7 is a structural diagram of an embodiment of a data storage device in an embodiment of the application.
  • Fig. 8 is a schematic block diagram of a server in an embodiment of the application.
  • an embodiment of a data storage method based on a peer-to-peer network in an embodiment of the present application may include:
  • Step S101 Receive the data to be stored uploaded by the terminal device.
  • the terminal device is any node in the point-to-point network.
  • Step S102 Divide the to-be-stored data into each data segment, and use a preset first hash function to calculate the hash value of each data segment respectively.
  • the server After the server receives the data to be stored, it first performs fragmentation processing, that is, according to certain rules, a data set (ie the data to be stored) is divided into multiple independent and orthogonal data subsets (ie, Each piece of data) to facilitate distributed storage.
  • fragmentation processing that is, according to certain rules, a data set (ie the data to be stored) is divided into multiple independent and orthogonal data subsets (ie, Each piece of data) to facilitate distributed storage.
  • the server can first calculate the number of data fragments according to the following formula:
  • DataBytes is the number of bytes of the data to be stored
  • MaxShard is the maximum number of bytes of data fragments.
  • the specific value can be set according to the actual situation, for example, it can be set to 1024, 2048, 4096 or other Value
  • Ceil is a round-up function
  • SN is the number of data fragments.
  • s is the serial number of each data segment
  • 1 ⁇ s ⁇ SN ShdBytes s is the number of bytes of the sth data segment
  • Max is the maximum value function
  • Min is the minimum value function
  • Thresh is the preset
  • the specific value of the ratio threshold can be set according to actual conditions, for example, it can be set to 0.1, 0.2, 0.3 or other values.
  • the server can assign a segmentation identifier to each data segmentation, and the identifier of each data segmentation is unique in the entire peer-to-peer network, any two data segmentation segments The logos are all different. Then the server can calculate the hash value of each data segment according to the following formula:
  • ShardID s is the shard ID of the s-th data shard
  • FsHashFunc is the first hash function
  • ShardHash s is the hash value of the s-th data shard.
  • hash functions have the following basic characteristic: if two hash values are not the same (according to the same hash function), then the original input of the two hash values is also different. This feature gives the hash function a deterministic result. But on the other hand, the input and output of the hash function are not uniquely corresponding. If the two hash values are the same, the two input values are likely to be the same, but they may also be different. This situation is called “hash collision ", this is usually two different input values, deliberately calculated the same output value. However, for the commonly used hash functions in the prior art, the probability of collision is extremely low, almost negligible.
  • the first hash function and other hash functions in this embodiment may include, but are not limited to, any hash function commonly used in the prior art such as MD4, MD5, and SHA1.
  • Step S103 Determine a target node corresponding to each data segment in the peer-to-peer network according to the hash value of each data segment.
  • step S103 may include the process shown in Fig. 2:
  • Step S1031 Determine the target location point on the preset hash ring corresponding to the hash value of the s-th data segment.
  • the hash ring is a ring formed by connecting all the function values of the first hash function clockwise or counterclockwise in order from small to large, that is, each position on the hash ring is equal to Corresponding to a function value of the first hash function, if the value range of the first hash function is [0, N] and is arranged in a clockwise order, it can form a hash function as shown in FIG. 3 Greek ring.
  • Step S1032 obtain each reference position point on the Hash ring.
  • each reference location point is a location point corresponding to a node in the point-to-point network.
  • the setting process of the reference position point includes:
  • the identity of a node can be the International Mobile Equipment Identity (IMEI) of the node, which is an electronic serial number composed of 15 digits, which corresponds to each terminal device one-to-one , And the code is unique in the world.
  • IMEI International Mobile Equipment Identity
  • Each terminal device will be assigned a globally unique number after assembly. This number will be recorded by the manufacturer from production to delivery.
  • each node is expressed as: NodeID 1 , NodeID 2 , ..., NodeID m , ..., NodeID M , where m is the serial number of each node, 1 ⁇ m ⁇ M, and M is the point-to-point network
  • NodeID m is the identity of the mth node.
  • a preset second hash function is used to hash the identity of each node in the peer-to-peer network to obtain the hash value of each node.
  • the hash value of each node can be calculated separately according to the following formula:
  • NodeHash m SdHashFunc(NodeID m )
  • SdHashFunc is the second hash function
  • the value range of the second hash function is consistent with the value range of the first hash function, so as to ensure that the two can be mapped to the same hash ring
  • NodeHash m is the hash value of the mth node.
  • the location point on the hash ring corresponding to the hash value of the mth node is determined as the reference location point corresponding to the mth node.
  • Figure 4 shows the situation where the hash values of the four nodes are respectively mapped to the hash ring, and the location points corresponding to NodeHash 1 , NodeHash 2 , NodeHash 3 , and NodeHash 4 are the respective reference location points.
  • Step S1033 Search for the reference location point clockwise or counterclockwise from the target location point, and determine the node corresponding to the first reference location point found as the target node corresponding to the s-th data segment .
  • Data fragmentation Target node Data Shard 1, Data Shard 2 Node 2 Data fragment 3 Node 3 Data Shard 4, Data Shard 5 Node 4 Data Shard 6, Data Shard 7 Node 1
  • Step S104 Construct authorization information of each data segment respectively, and send the authorization information to each target node respectively.
  • the process of constructing authorization information may include the steps shown in FIG. 6:
  • Step S1041 encapsulate the fragment identification, hash value, target node identification, authorization aging information, and certificate hash value of the sth data fragment into authorized content of the sth data fragment.
  • the authorization aging information is generally a point in time, that is, the point in time when the authorization information becomes invalid, and the authorization information is valid before this point in time.
  • the certificate hash value is a hash value obtained by performing a hash operation on the electronic certificate of the peer-to-peer network.
  • the authorized content may also include Nonce, which is an arbitrary or non-repeated random value that is used only once, to ensure that the information is not reused in order to resist replay attacks.
  • Nonce is an arbitrary or non-repeated random value that is used only once, to ensure that the information is not reused in order to resist replay attacks.
  • Step S1042 using a preset third hash function to perform a hash calculation on the authorized content of the s-th data segment to obtain an authorization summary of the s-th data segment.
  • Step S1043 Use a preset data encryption algorithm to encrypt the authorization digest of the s-th data segment to obtain a digital signature of the s-th data segment.
  • the digital signature plays two roles here. First, it can confirm that the authorized content comes from the server. Second, it can confirm that the authorized content has not been tampered with during the transmission process and no data has been lost. Because of the characteristics of the hash function, as long as any bit in the authorized content changes, the authorization digest calculated by the hash function will change. Therefore, if the authorized content does not change during the transmission process, it can be Make sure that the authorized content has not been tampered with and that the authorized content has been completely transmitted.
  • Step S1044 Construct the authorized content of the sth data segment, the digital signature, and the electronic certificate into authorization information of the sth data segment.
  • the electronic certificate is issued by a root certificate trusted by each node in the peer-to-peer network, and is used to prove the authenticity of the public key of the server, so that each node can use the public key provided by the server to perform subsequent decryption operations.
  • the authorization information of the sth data segment is sent to the target node corresponding to the sth data segment.
  • Step S105 Receive feedback information sent by each target node after verifying the authorization information, and store each data fragment according to the feedback message.
  • any target node After any target node receives the authorization information sent by the server, it can perform four-fold verification through the following process:
  • the first verification extract the electronic certificate in the authorization information and perform a hash operation on it to obtain its hash value, record the hash value as verify_hash, then extract the certificate hash value in the authorization information, and record it For platform_certificate_hash, compare the two. If the comparison between the two is inconsistent, it means that the electronic certificate has been tampered with, and the current target node can reject the authorization information received this time and send rejection information to the server. If the two are consistent, it means that the electronic certificate has not been tampered with, and the subsequent verification process continues.
  • Second verification use the root certificate trusted by the target node to verify the electronic certificate in the authorization information. If the verification fails, it means that the electronic certificate is not a real electronic certificate, and the current target node can reject the receipt Authorization information, and send rejection information to the server. If the verification is passed, it means that the electronic certificate is a real electronic certificate, and the subsequent verification process continues.
  • the third verification extract the digital signature from the authorization information and verify it. Specifically, first extract the authorized content in the authorization information, and use the third hash function to calculate the authorization digest, then extract the public key from the electronic certificate, and use the public key to decrypt the digital signature to obtain the decrypted data , And finally compare the calculated authorization summary with the decrypted data. If the two comparisons are inconsistent, it means that the authorized content has been tampered with, and the current target node can reject the authorization information received this time and send it to the server Reject information. If the two are consistent, it means that the authorized content has not been tampered with, and the subsequent verification process continues.
  • Fourth verification extract the target node ID in the authorization information, and determine whether the node ID of the current target node is consistent with it. If the two are inconsistent, it means that the current target node is not the node that needs to perform storage data sharding, then the current target The node can reject the authorization information received this time and send the rejection information to the server. If the two are the same, it means that the current target node is the node that needs to perform storage data sharding. At this time, the current target node will send a confirmation message to the server.
  • the server After the server receives the feedback information sent by each target node after verifying the authorization information, it judges it, if the target node corresponding to the sth data segment has an authorization information for the sth data segment If the feedback information is rejection information, the authorization information of the s-th data segment is reconstructed according to step S104, and the authorization information is resent to the target node corresponding to the s-th data segment, until the authorization information corresponding to the s-th data segment is received.
  • the data fragment corresponds to the confirmation message sent by the target node. If the feedback information of the authorization information of the s-th data segment by the target node corresponding to the s-th data segment is confirmation information, the s-th data segment is sent to the target node corresponding to the s-th data segment Store it.
  • the target node After the target node receives the data fragment sent by the server, it compares the fragment ID of the data fragment with the fragment ID in the authorization information. If the two comparisons are inconsistent, it means that the data fragment is received incorrectly.
  • the server sends error feedback information. If the two are consistent, the data fragmentation is correct.
  • the content of the data fragmentation is further checked, the hash value of the data fragment is calculated, and the hash value is compared with the authorization information. The hash value is compared. If the two comparisons are inconsistent, it means that the content of the currently received data segment has been tampered with, and an error feedback message is sent to the server. If the two are consistent, it means the currently received data segment.
  • the content of the film is complete and correct, and it is stored in the current node for storage.
  • the traditional random distribution storage method is no longer used, but the hash operation is used to coordinate the overall determination of the data distribution object (that is, the target node), and the distribution object
  • the authorization and verification mechanism between them ensures the safe and orderly progress of the entire data storage process.
  • FIG. 7 shows a structural diagram of an embodiment of a data storage device provided in an embodiment of the present application.
  • a data storage device may include:
  • the data receiving module 701 is configured to receive data to be stored uploaded by a terminal device, where the terminal device is any node in the peer-to-peer network;
  • the data division module 702 is configured to divide the data to be stored into data fragments
  • the slice hash value calculation module 703 is configured to use the preset first hash function to calculate the hash value of each data slice respectively;
  • the target node determining module 704 is configured to determine a target node corresponding to each data segment in the peer-to-peer network according to the hash value of each data segment;
  • the authorization information construction module 705 is used for separately constructing authorization information of each data segment
  • the authorization information sending module 706 is configured to send the authorization information to each target node respectively, where the authorization information of the sth data segment is sent to the target node corresponding to the sth data segment, 1 ⁇ s ⁇ SN , SN is the number of data fragments;
  • the feedback information receiving module 707 is configured to receive feedback information sent by each target node after verifying the authorization information
  • the data segment sending module 708 is configured to send the sth data segment to the sth data segment if the feedback information of the target node corresponding to the sth data segment to the authorization information of the sth data segment is confirmation information.
  • the target node corresponding to the s data fragments is stored.
  • the data division module may include:
  • the number of fragments calculation unit is used to calculate the number of data fragments
  • the data division unit is configured to divide the data to be stored into SN data fragments.
  • the target node determining module may include:
  • the target location point determination unit is configured to determine a target location point on a preset hash ring corresponding to the hash value of the s-th data segment, where the hash ring is determined by the first hash function All the function values of is connected clockwise or counterclockwise in order from small to large to form a circular ring, that is, each position point on the hash ring corresponds to a function value of the first hash function;
  • a reference location point acquiring unit configured to acquire each reference location point on the Hash ring, where each reference location point is a location point corresponding to a node in the point-to-point network;
  • the target node determining unit is configured to search for the reference location point clockwise or counterclockwise from the target location point, and determine the node corresponding to the first reference location point found as the s-th data slice The corresponding target node.
  • the data storage device may further include:
  • An identity acquisition module used to acquire the identity of each node in the peer-to-peer network
  • the node hash value calculation module is configured to use a preset second hash function to hash the identity of each node in the peer-to-peer network to obtain the hash value of each node.
  • the second hash The value range of the function is consistent with the value range of the first hash function;
  • the reference location point determination module is used to determine the location point on the hash ring corresponding to the hash value of the mth node as the reference location point corresponding to the mth node, 1 ⁇ m ⁇ M, where M is State the number of nodes in the point-to-point network.
  • authorization information construction module may include:
  • the authorized content encapsulation unit is used to encapsulate the fragment identification, hash value, target node identification, authorization aging information, and certificate hash value of the sth data fragment into the authorized content of the sth data fragment, the certificate
  • the hash value is a hash value obtained by performing a hash operation on the electronic certificate of the peer-to-peer network;
  • the authorization summary calculation unit is configured to use a preset third hash function to hash the authorized content of the s-th data segment to obtain the authorization summary of the s-th data segment;
  • the data encryption unit is used to encrypt the authorization digest of the s-th data segment using a preset data encryption algorithm to obtain the digital signature of the s-th data segment;
  • the authorization information construction unit is used to construct the authorization content of the sth data segment, the digital signature, and the electronic certificate into the authorization information of the sth data segment.
  • FIG. 8 shows a schematic block diagram of a server provided by an embodiment of the present application. For ease of description, only the parts related to the embodiment of the present application are shown.
  • the server 8 may include: a processor 80, a memory 81, and computer-readable instructions 82 stored in the memory 81 and executable on the processor 80, such as executing the aforementioned point-to-point based Computer-readable instructions for network data storage methods.
  • the processor 80 executes the computer-readable instructions 82, the steps in the foregoing embodiments of the data storage method based on a peer-to-peer network are implemented, such as steps S101 to S105 shown in FIG. 1.
  • the processor 80 executes the computer-readable instructions 82
  • the functions of the modules/units in the foregoing device embodiments are implemented, for example, the functions of the modules 701 to 708 shown in FIG.
  • the computer-readable instruction 82 may be divided into one or more modules/units, and the one or more modules/units are stored in the memory 81 and executed by the processor 80, To complete this application.
  • the one or more modules/units may be a series of computer-readable instruction segments capable of completing specific functions, and the instruction segments are used to describe the execution process of the computer-readable instructions 82 in the server 8.
  • the processor 80 may be a central processing unit (Central Processing Unit, CPU), other general-purpose processors, digital signal processors (Digital Signal Processors, DSP), application specific integrated circuits (ASICs), Field-Programmable Gate Array (FPGA) or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components, etc.
  • the general-purpose processor may be a microprocessor or the processor may also be any conventional processor or the like.
  • the memory 81 may be an internal storage unit of the server 8, such as a hard disk or memory of the server 8.
  • the memory 81 may also be an external storage device of the server 8, such as a plug-in hard disk equipped on the server 8, a Smart Media Card (SMC), or a Secure Digital (SD) card, Flash Card, etc. Further, the memory 81 may also include both an internal storage unit of the server 8 and an external storage device.
  • the memory 81 is used to store the computer-readable instructions and other instructions and data required by the server 8.
  • the memory 81 can also be used to temporarily store data that has been output or will be output.
  • the functional units in the various embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit.
  • the above-mentioned integrated unit can be implemented in the form of hardware or software functional unit.
  • the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer non-volatile readable storage medium.
  • the technical solution of this application essentially or the part that contributes to the existing technology or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , Including several computer-readable instructions to enable a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the various embodiments of the present application.
  • the aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disks or optical disks, etc., which can store computer-readable instructions. Medium.
  • Non-volatile memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory.
  • Volatile memory may include random access memory (RAM) or external cache memory.
  • RAM is available in many forms, such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous chain Channel (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The present application belongs to the technical field of computers, and particularly relates to a data storage method and apparatus based on a point-to-point network, and a non-volatile computer-readable storage medium and a server. The method comprises: after receiving data to be stored uploaded by a terminal device, firstly, dividing the data to be stored into various data fragments, and calculating Hash values thereof; then, according to the Hash values of the various data fragments, determining, in a point-to-point network, target nodes respectively corresponding to the various data fragments; then, respectively constructing authorization information of the various data fragments, and sending the authorization information to the various target nodes; and finally, respectively receiving feedback information sent, after the authorization information is verified, by the various target nodes, and if the feedback information, regarding authorization information of a certain data fragment, of a target node corresponding to the data fragment is acknowledgment information, sending the data fragment to the target node corresponding to the data fragment for storage, thereby ensuring that the whole data storage process is safe and orderly.

Description

基于点对点网络的数据存储方法、装置、介质及服务器Data storage method, device, medium and server based on point-to-point network
本申请要求于2019年4月28日提交中国专利局、申请号为201910347838.0、发明名称为“基于点对点网络的数据存储方法、装置、介质及服务器”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed with the Chinese Patent Office on April 28, 2019, the application number is 201910347838.0, and the invention title is "Data storage methods, devices, media and servers based on peer-to-peer networks". The reference is incorporated in this application.
技术领域Technical field
本申请属于计算机技术领域,尤其涉及一种基于点对点网络的数据存储方法、装置、计算机非易失性可读存储介质及服务器。This application belongs to the field of computer technology, and in particular relates to a data storage method, device, computer non-volatile readable storage medium, and server based on a peer-to-peer network.
背景技术Background technique
目前大部分点对点网络在进行数据存储时,往往采取随机分发存储的方式,且在分发存储过程中,并没有有效的授权及验证机制,导致整个点对点网络缺乏整体协调,交互过程较为混乱。At present, most peer-to-peer networks often use random distribution and storage when storing data, and there is no effective authorization and verification mechanism in the distribution and storage process, resulting in the lack of overall coordination of the entire peer-to-peer network and the chaotic interaction process.
技术问题technical problem
有鉴于此,本申请实施例提供了一种基于点对点网络的数据存储方法、装置、计算机非易失性可读存储介质及服务器,以解决现有的点对点网络在进行数据存储时缺乏整体协调,交互过程较为混乱的问题。In view of this, the embodiments of the present application provide a data storage method and device based on a peer-to-peer network, a computer non-volatile readable storage medium, and a server to solve the lack of overall coordination in the existing peer-to-peer network for data storage. The problem of confusion in the interaction process.
技术解决方案Technical solutions
本申请实施例的第一方面提供了一种基于点对点网络的数据存储方法,可以包括:The first aspect of the embodiments of the present application provides a data storage method based on a peer-to-peer network, which may include:
接收终端设备上传的待存储数据,所述终端设备为所述点对点网络中的任意一个节点;Receiving data to be stored uploaded by a terminal device, where the terminal device is any node in the peer-to-peer network;
将所述待存储数据划分为各个数据分片,并使用预设的第一哈希函数分别计算各个数据分片的哈希值;Divide the data to be stored into each data segment, and calculate the hash value of each data segment by using a preset first hash function;
根据各个数据分片的哈希值在所述点对点网络中确定与各个数据分片分别对应的目标节点;Determining, in the peer-to-peer network, the target node corresponding to each data fragment according to the hash value of each data fragment;
分别构造各个数据分片的授权信息,并向各个目标节点分别发送所述授权信息,其中,第s个数据分片的授权信息被发送至与第s个数据分片对应的目标节点,1≤s≤SN,SN为数据分片的数目;The authorization information of each data segment is constructed separately, and the authorization information is sent to each target node. The authorization information of the sth data segment is sent to the target node corresponding to the sth data segment, 1≤ s≤SN, SN is the number of data fragments;
分别接收各个目标节点在对所述授权信息进行验证后发送的反馈信息,若与第s个数据分片对应的目标节点对第s个数据分片的授权信息的反馈信息为确认信息,则将第s个数据分片发送至与第s个数据分片对应的目标节点进行存储。Receive feedback information sent by each target node after verifying the authorization information, if the target node corresponding to the s-th data segment’s feedback information on the authorization information of the s-th data segment is confirmation information, then The s-th data segment is sent to the target node corresponding to the s-th data segment for storage.
本申请实施例的第二方面提供了一种数据存储装置,可以包括用于实现上述数据存储方法的步骤的模块。The second aspect of the embodiments of the present application provides a data storage device, which may include a module for implementing the steps of the foregoing data storage method.
本申请实施例的第三方面提供了一种计算机非易失性可读存储介质,所述计算机 非易失性可读存储介质存储有计算机可读指令,所述计算机可读指令被处理器执行时实现上述数据存储方法的步骤。The third aspect of the embodiments of the present application provides a computer non-volatile readable storage medium, the computer non-volatile readable storage medium stores computer readable instructions, and the computer readable instructions are executed by a processor When realizing the steps of the above data storage method.
本申请实施例的第四方面提供了一种服务器,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令,所述处理器执行所述计算机可读指令时实现上述数据存储方法的步骤。The fourth aspect of the embodiments of the present application provides a server, including a memory, a processor, and computer-readable instructions stored in the memory and running on the processor, and the processor executes the computer The steps of the above data storage method are implemented when the instruction is read.
有益效果Beneficial effect
在本申请实施例中,不再采用传统的随机分发存储方式,而是利用哈希运算从整体上协调确定数据分发的对象(即所述目标节点),并且通过与分发对象之间的授权及验证机制,保证了整个数据存储过程安全有序的进行。In the embodiments of this application, the traditional random distribution storage method is no longer used, but the hash operation is used to coordinate and determine the object of data distribution as a whole (that is, the target node), and through authorization and distribution with the object. The verification mechanism ensures the safe and orderly progress of the entire data storage process.
附图说明Description of the drawings
图1为本申请实施例中一种基于点对点网络的数据存储方法的一个实施例流程图;FIG. 1 is a flowchart of an embodiment of a data storage method based on a peer-to-peer network in an embodiment of the application;
图2为根据各个数据分片的哈希值在点对点网络中确定与各个数据分片分别对应的目标节点的示意流程图;Figure 2 is a schematic flow chart of determining the target node corresponding to each data segment in a peer-to-peer network according to the hash value of each data segment;
图3为哈希环的示意图;Figure 3 is a schematic diagram of a hash ring;
图4为点对点网络中的节点映射至哈希环上的示意图;Figure 4 is a schematic diagram of nodes in a peer-to-peer network mapped to a hash ring;
图5为在哈希环上查找目标节点的示意图;Figure 5 is a schematic diagram of searching for a target node on a hash ring;
图6为分别构造各个数据分片的授权信息的示意流程图;FIG. 6 is a schematic flowchart of separately constructing authorization information for each data segment;
图7为本申请实施例中一种数据存储装置的一个实施例结构图;FIG. 7 is a structural diagram of an embodiment of a data storage device in an embodiment of the application;
图8为本申请实施例中一种服务器的示意框图。Fig. 8 is a schematic block diagram of a server in an embodiment of the application.
本发明的实施方式Embodiments of the invention
请参阅图1,本申请实施例中一种基于点对点网络的数据存储方法的一个实施例可以包括:Referring to FIG. 1, an embodiment of a data storage method based on a peer-to-peer network in an embodiment of the present application may include:
步骤S101、接收终端设备上传的待存储数据。Step S101: Receive the data to be stored uploaded by the terminal device.
所述终端设备为所述点对点网络中的任意一个节点。The terminal device is any node in the point-to-point network.
在实际使用过程中,若某一用户需要将其手机、平板、电脑等等终端设备中的数据存储到所述点对点网络中,可以通过其终端设备向指定的服务器提交数据存储请求,在得到服务器的确认后,再通过该终端设备将待存储数据上传至服务器中。In the actual use process, if a user needs to store data in his mobile phone, tablet, computer and other terminal devices in the peer-to-peer network, he can submit a data storage request to the designated server through his terminal device, and get the server After confirming, upload the data to be stored to the server through the terminal device.
步骤S102、将所述待存储数据划分为各个数据分片,并使用预设的第一哈希函数分别计算各个数据分片的哈希值。Step S102: Divide the to-be-stored data into each data segment, and use a preset first hash function to calculate the hash value of each data segment respectively.
服务器在接收到待存储数据后,首先对其进行分片处理,即按照一定的规则,将一个数据集(即所述待存储数据)划分成多个相互独立、正交的数据子集(即各个数据分片),以便于分布式存储。After the server receives the data to be stored, it first performs fragmentation processing, that is, according to certain rules, a data set (ie the data to be stored) is divided into multiple independent and orthogonal data subsets (ie, Each piece of data) to facilitate distributed storage.
具体地,服务器可以首先根据下式计算数据分片的数目:Specifically, the server can first calculate the number of data fragments according to the following formula:
Figure PCTCN2019118129-appb-000001
Figure PCTCN2019118129-appb-000001
其中,DataBytes为所述待存储数据的字节数,MaxShard为数据分片的最大字节数,其具体取值可以根据实际情况进行设置,例如,可以将其设置为1024、2048、4096或者其它取值,Ceil为向上取整函数,SN为数据分片的数目。Among them, DataBytes is the number of bytes of the data to be stored, and MaxShard is the maximum number of bytes of data fragments. The specific value can be set according to the actual situation, for example, it can be set to 1024, 2048, 4096 or other Value, Ceil is a round-up function, and SN is the number of data fragments.
然后,将所述待存储数据划分为满足以下条件的SN个数据分片:Then, divide the data to be stored into SN data fragments that meet the following conditions:
Figure PCTCN2019118129-appb-000002
Figure PCTCN2019118129-appb-000002
其中,s为各个数据分片的序号,1≤s≤SN,ShdBytes s为第s个数据分片的字节数,Max为求最大值函数,Min为求最小值函数,Thresh为预设的比例阈值,其具体取值可以根据实际情况进行设置,例如,可以将其设置为0.1、0.2、0.3或者其它取值。 Among them, s is the serial number of each data segment, 1≤s≤SN, ShdBytes s is the number of bytes of the sth data segment, Max is the maximum value function, Min is the minimum value function, and Thresh is the preset The specific value of the ratio threshold can be set according to actual conditions, for example, it can be set to 0.1, 0.2, 0.3 or other values.
在完成数据分片的划分之后,服务器可以为每个数据分片均分配一个分片标识,且各个数据分片的标识在整个点对点网络中均是唯一的,任意两个数据分片的分片标识均不相同。然后服务器可以根据下式分别计算各个数据分片的哈希值:After the data segmentation is completed, the server can assign a segmentation identifier to each data segmentation, and the identifier of each data segmentation is unique in the entire peer-to-peer network, any two data segmentation segments The logos are all different. Then the server can calculate the hash value of each data segment according to the following formula:
ShardHash s=FsHashFunc(ShardID s) ShardHash s = FsHashFunc(ShardID s )
其中,ShardID s为第s个数据分片的分片标识,FsHashFunc为所述第一哈希函数,ShardHash s为第s个数据分片的哈希值。 Among them, ShardID s is the shard ID of the s-th data shard, FsHashFunc is the first hash function, and ShardHash s is the hash value of the s-th data shard.
所有的哈希函数都有如下一个基本特性:如果两个哈希值是不相同的(根据同一哈希函数),那么这两个哈希值的原始输入也是不相同的。这个特性使哈希函数具有确定性的结果。但另一方面,哈希函数的输入和输出不是唯一对应关系的,如果两个哈希值相同,两个输入值很可能是相同的,但也可能不同,这种情况称为“哈希碰撞”,这通常是两个不同的输入值,刻意计算出相同的输出值。但对于现有技术中常用的哈希函数而言,其发生碰撞的概率极低,几乎可以忽略不计,输入一些数据计算出哈希值,然后部分改变输入值,一个具有强混淆特性的哈希函数会产生一个完全不同的哈希值。本实施例中的第一哈希函数以及其它哈希函数可以包括但不限于MD4、MD5、SHA1等任意一个现有技术中常用的哈希函数。All hash functions have the following basic characteristic: if two hash values are not the same (according to the same hash function), then the original input of the two hash values is also different. This feature gives the hash function a deterministic result. But on the other hand, the input and output of the hash function are not uniquely corresponding. If the two hash values are the same, the two input values are likely to be the same, but they may also be different. This situation is called "hash collision ", this is usually two different input values, deliberately calculated the same output value. However, for the commonly used hash functions in the prior art, the probability of collision is extremely low, almost negligible. Input some data to calculate the hash value, and then partially change the input value, a hash with strong confusion characteristics The function will produce a completely different hash value. The first hash function and other hash functions in this embodiment may include, but are not limited to, any hash function commonly used in the prior art such as MD4, MD5, and SHA1.
步骤S103、根据各个数据分片的哈希值在所述点对点网络中确定与各个数据分片 分别对应的目标节点。Step S103: Determine a target node corresponding to each data segment in the peer-to-peer network according to the hash value of each data segment.
具体地,步骤S103可以包括如图2所示的过程:Specifically, step S103 may include the process shown in Fig. 2:
步骤S1031、将预设的哈希环上与第s个数据分片的哈希值对应的位置点确定目标位置点。Step S1031: Determine the target location point on the preset hash ring corresponding to the hash value of the s-th data segment.
所述哈希环为由所述第一哈希函数的所有函数值按照从小到大的顺序顺时针或者逆时针依次连接所构成的圆环,即所述哈希环上的每个位置点均对应于所述第一哈希函数的一个函数值,若所述第一哈希函数的值域为[0,N],且以顺时针的顺序排列,则可构成如图3所示的哈希环。The hash ring is a ring formed by connecting all the function values of the first hash function clockwise or counterclockwise in order from small to large, that is, each position on the hash ring is equal to Corresponding to a function value of the first hash function, if the value range of the first hash function is [0, N] and is arranged in a clockwise order, it can form a hash function as shown in FIG. 3 Greek ring.
步骤S1032、获取所述哈希环上的各个基准位置点。Step S1032, obtain each reference position point on the Hash ring.
其中,每个基准位置点均为与所述点对点网络中的一个节点对应的位置点。所述基准位置点的设置过程包括:Wherein, each reference location point is a location point corresponding to a node in the point-to-point network. The setting process of the reference position point includes:
首先,获取所述点对点网络中的各个节点的身份标识。First, obtain the identity of each node in the peer-to-peer network.
某一节点的身份标识可以为该节点的国际移动设备身份码(International Mobile Equipment Identity,IMEI),国际移动设备身份码是由15位数字组成的电子串号,它与每个终端设备一一对应,而且该码是全世界唯一的。每一个终端设备在组装完成后都将被赋予一个全球唯一的号码,这个号码从生产到交付使用都将被制造生产的厂商所记录。The identity of a node can be the International Mobile Equipment Identity (IMEI) of the node, which is an electronic serial number composed of 15 digits, which corresponds to each terminal device one-to-one , And the code is unique in the world. Each terminal device will be assigned a globally unique number after assembly. This number will be recorded by the manufacturer from production to delivery.
将获取到的各个节点的身份标识分别表示为:NodeID 1、NodeID 2、…、NodeID m、…、NodeID M,其中,m为各个节点的序号,1≤m≤M,M为所述点对点网络中的节点数目,NodeID m为第m个节点的身份标识。 The obtained identity of each node is expressed as: NodeID 1 , NodeID 2 , ..., NodeID m , ..., NodeID M , where m is the serial number of each node, 1≤m≤M, and M is the point-to-point network The number of nodes in, NodeID m is the identity of the mth node.
然后,使用预设的第二哈希函数分别对所述点对点网络中的各个节点的身份标识进行哈希运算,得到各个节点的哈希值。Then, a preset second hash function is used to hash the identity of each node in the peer-to-peer network to obtain the hash value of each node.
具体地,可以根据下式分别计算各个节点的哈希值:Specifically, the hash value of each node can be calculated separately according to the following formula:
NodeHash m=SdHashFunc(NodeID m) NodeHash m = SdHashFunc(NodeID m )
其中,SdHashFunc为所述第二哈希函数,且所述第二哈希函数的值域与所述第一哈希函数的值域一致,以此保证两者可以映射到同一个哈希环上,NodeHash m为第m个节点的哈希值。 Wherein, SdHashFunc is the second hash function, and the value range of the second hash function is consistent with the value range of the first hash function, so as to ensure that the two can be mapped to the same hash ring , NodeHash m is the hash value of the mth node.
最后,将所述哈希环上与第m个节点的哈希值对应的位置点确定为与第m个节点对应的基准位置点。Finally, the location point on the hash ring corresponding to the hash value of the mth node is determined as the reference location point corresponding to the mth node.
图4所示为4个节点的哈希值分别映射至哈希环上的情形,NodeHash 1、NodeHash 2、 NodeHash 3、NodeHash 4所对应的位置点即为各个基准位置点。 Figure 4 shows the situation where the hash values of the four nodes are respectively mapped to the hash ring, and the location points corresponding to NodeHash 1 , NodeHash 2 , NodeHash 3 , and NodeHash 4 are the respective reference location points.
步骤S1033、从所述目标位置点开始顺时针或者逆时针查找所述基准位置点,并将查找到的第一个基准位置点所对应的节点确定为与第s个数据分片对应的目标节点。Step S1033: Search for the reference location point clockwise or counterclockwise from the target location point, and determine the node corresponding to the first reference location point found as the target node corresponding to the s-th data segment .
以图5为例,从第1个数据分片的哈希值ShardHash 1对应的目标位置点开始顺时针查找,找到的第一个基准位置点为NodeHash 2对应的位置点,则将所述点对点网络中的第2个节点确定为与第1个数据分片对应的目标节点。 5 as an example, the first data fragments from the hash value corresponding to the target position ShardHash 1 clockwise to find the point, the position of the first reference point is found NodeHash 2 corresponding location point, then the point The second node in the network is determined as the target node corresponding to the first data fragment.
通过上述方法,可以确定出以下的存储对应关系:Through the above method, the following storage correspondence can be determined:
数据分片Data fragmentation 目标节点Target node
数据分片1、数据分片2Data Shard 1, Data Shard 2 节点2Node 2
数据分片3Data fragment 3 节点3Node 3
数据分片4、数据分片5Data Shard 4, Data Shard 5 节点4Node 4
数据分片6、数据分片7Data Shard 6, Data Shard 7 节点1 Node 1
若采用逆时针查找的方法,其具体过程与逆时针查找的过程类似,具体可参照上述过程,此处不再赘述。If the counterclockwise search method is adopted, the specific process is similar to the counterclockwise search process. For details, please refer to the above process, which will not be repeated here.
步骤S104、分别构造各个数据分片的授权信息,并向各个目标节点分别发送所述授权信息。Step S104: Construct authorization information of each data segment respectively, and send the authorization information to each target node respectively.
具体地,构造授权信息的过程可以包括如图6所示的步骤:Specifically, the process of constructing authorization information may include the steps shown in FIG. 6:
步骤S1041、将第s个数据分片的分片标识、哈希值、目标节点标识、授权时效信息、证书哈希值封装为第s个数据分片的授权内容。Step S1041 encapsulate the fragment identification, hash value, target node identification, authorization aging information, and certificate hash value of the sth data fragment into authorized content of the sth data fragment.
所述授权时效信息一般为一个时间点,也即授权信息失效的时间点,在该时间点之前授权信息才是有效的。The authorization aging information is generally a point in time, that is, the point in time when the authorization information becomes invalid, and the authorization information is valid before this point in time.
所述证书哈希值为对所述点对点网络的电子证书进行哈希运算得到的哈希值。The certificate hash value is a hash value obtained by performing a hash operation on the electronic certificate of the peer-to-peer network.
优选地,在授权内容中还可以包括Nonce,Nonce是一个只被使用一次的任意或非重复的随机数值,确保信息不被重复使用以对抗重放攻击(Replay Attack)。Preferably, the authorized content may also include Nonce, which is an arbitrary or non-repeated random value that is used only once, to ensure that the information is not reused in order to resist replay attacks.
步骤S1042、使用预设的第三哈希函数对第s个数据分片的授权内容进行哈希计算,得到第s个数据分片的授权摘要。Step S1042, using a preset third hash function to perform a hash calculation on the authorized content of the s-th data segment to obtain an authorization summary of the s-th data segment.
步骤S1043、使用预设的数据加密算法对第s个数据分片的授权摘要进行加密,得到第s个数据分片的数字签名。Step S1043: Use a preset data encryption algorithm to encrypt the authorization digest of the s-th data segment to obtain a digital signature of the s-th data segment.
数字签名在此处起到两个作用,第一,可以确定授权内容来自于服务器,第二,可以确定授权内容在传输过程中未被篡改,也没有损失数据。因为哈希函数的特性,只要授权内容中的任一比特发生改变,则通过哈希函数计算的授权摘要就会发生变化, 因此如果授权内容在传输过程中,其授权摘要未发生变化,即可以确定授权内容未被篡改,且授权内容被完整传输。The digital signature plays two roles here. First, it can confirm that the authorized content comes from the server. Second, it can confirm that the authorized content has not been tampered with during the transmission process and no data has been lost. Because of the characteristics of the hash function, as long as any bit in the authorized content changes, the authorization digest calculated by the hash function will change. Therefore, if the authorized content does not change during the transmission process, it can be Make sure that the authorized content has not been tampered with and that the authorized content has been completely transmitted.
步骤S1044、将第s个数据分片的授权内容、所述数字签名、所述电子证书构造为第s个数据分片的授权信息。Step S1044: Construct the authorized content of the sth data segment, the digital signature, and the electronic certificate into authorization information of the sth data segment.
所述电子证书由所述点对点网络中各个节点所信任的根证书所签发,用于证明服务器的公钥的真实性,使得各个节点可以使用服务器提供的公钥进行后续的解密操作。The electronic certificate is issued by a root certificate trusted by each node in the peer-to-peer network, and is used to prove the authenticity of the public key of the server, so that each node can use the public key provided by the server to perform subsequent decryption operations.
在上述授权信息的构造过程完成后,第s个数据分片的授权信息被发送至与第s个数据分片对应的目标节点。After the above authorization information construction process is completed, the authorization information of the sth data segment is sent to the target node corresponding to the sth data segment.
步骤S105、分别接收各个目标节点在对所述授权信息进行验证后发送的反馈信息,并根据所述反馈消息进行各个数据分片的存储。Step S105: Receive feedback information sent by each target node after verifying the authorization information, and store each data fragment according to the feedback message.
任意一个目标节点在接收到服务器发送的授权信息后,可以通过如下过程对其进行四重验证:After any target node receives the authorization information sent by the server, it can perform four-fold verification through the following process:
第一重验证:提取授权信息中的电子证书,并对其进行哈希运算,得到其哈希值,将该哈希值记为verify_hash,然后提取授权信息中的证书哈希值,将其记为platform_certificate_hash,对这两者进行比对。若两者比对不一致,则说明电子证书已被篡改,则当前的目标节点可以拒绝此次接收到的授权信息,向服务器发送拒绝信息。若两者比对一致,则说明电子证书未被篡改,继续执行后续验证过程。The first verification: extract the electronic certificate in the authorization information and perform a hash operation on it to obtain its hash value, record the hash value as verify_hash, then extract the certificate hash value in the authorization information, and record it For platform_certificate_hash, compare the two. If the comparison between the two is inconsistent, it means that the electronic certificate has been tampered with, and the current target node can reject the authorization information received this time and send rejection information to the server. If the two are consistent, it means that the electronic certificate has not been tampered with, and the subsequent verification process continues.
第二重验证:使用目标节点所信任的根证书对授权信息中的电子证书进行验证,若验证不通过,则说明该电子证书不是真实的电子证书,则当前的目标节点可以拒绝此次接收到的授权信息,向服务器发送拒绝信息。若验证通过,则说明该电子证书是真实的电子证书,继续执行后续验证过程。Second verification: use the root certificate trusted by the target node to verify the electronic certificate in the authorization information. If the verification fails, it means that the electronic certificate is not a real electronic certificate, and the current target node can reject the receipt Authorization information, and send rejection information to the server. If the verification is passed, it means that the electronic certificate is a real electronic certificate, and the subsequent verification process continues.
第三重验证:提取授权信息中的数字签名,并对其进行验证。具体地,首先提取授权信息中的授权内容,并采用所述第三哈希函数计算出其授权摘要,然后从电子证书中提取出公钥,使用该公钥对数字签名进行解密,得到解密数据,最后将计算得到的授权摘要与解密数据两者进行比对,若两者比对不一致,则说明授权内容已被篡改,则当前的目标节点可以拒绝此次接收到的授权信息,向服务器发送拒绝信息。若两者比对一致,则说明授权内容未被篡改,继续执行后续验证过程。The third verification: extract the digital signature from the authorization information and verify it. Specifically, first extract the authorized content in the authorization information, and use the third hash function to calculate the authorization digest, then extract the public key from the electronic certificate, and use the public key to decrypt the digital signature to obtain the decrypted data , And finally compare the calculated authorization summary with the decrypted data. If the two comparisons are inconsistent, it means that the authorized content has been tampered with, and the current target node can reject the authorization information received this time and send it to the server Reject information. If the two are consistent, it means that the authorized content has not been tampered with, and the subsequent verification process continues.
第四重验证:提取授权信息中的目标节点标识,判断当前目标节点的节点标识是否与其一致,若两者不一致,则说明当前目标节点并不是需要执行存储数据分片的节点,则当前的目标节点可以拒绝此次接收到的授权信息,向服务器发送拒绝信息。若两者一致,则说明当前的目标节点是需要执行存储数据分片的节点,此时,当前的目标节点会向服务器发送确认信息。Fourth verification: extract the target node ID in the authorization information, and determine whether the node ID of the current target node is consistent with it. If the two are inconsistent, it means that the current target node is not the node that needs to perform storage data sharding, then the current target The node can reject the authorization information received this time and send the rejection information to the server. If the two are the same, it means that the current target node is the node that needs to perform storage data sharding. At this time, the current target node will send a confirmation message to the server.
服务器在接收到各个目标节点在对所述授权信息进行验证后发送的反馈信息之后,对其进行判断,若与第s个数据分片对应的目标节点对第s个数据分片的授权信息的反馈信息为拒绝信息,则按照执行步骤S104重新构造第s个数据分片的授权信息,并向与第s个数据分片对应的目标节点重新发送所述授权信息,直至收到与第s个数据分片对应的目标节点发送的确认信息为止。若与第s个数据分片对应的目标节点对第s个数据分片的授权信息的反馈信息为确认信息,则将第s个数据分片发送至与第s个数据分片对应的目标节点进行存储。After the server receives the feedback information sent by each target node after verifying the authorization information, it judges it, if the target node corresponding to the sth data segment has an authorization information for the sth data segment If the feedback information is rejection information, the authorization information of the s-th data segment is reconstructed according to step S104, and the authorization information is resent to the target node corresponding to the s-th data segment, until the authorization information corresponding to the s-th data segment is received. The data fragment corresponds to the confirmation message sent by the target node. If the feedback information of the authorization information of the s-th data segment by the target node corresponding to the s-th data segment is confirmation information, the s-th data segment is sent to the target node corresponding to the s-th data segment Store it.
目标节点在接收到服务器发送的数据分片之后,将数据分片的分片标识与授权信息中的分片标识进行比对,若两者比对不一致,则说明数据分片接收有误,向服务器发送错误反馈信息,若两者比对一致,则说明数据分片无误,进一步对数据分片的内容进行核对,计算数据分片的哈希值,并将该哈希值与授权信息中的哈希值进行比对,若两者比对不一致,则说明当前接收到的数据分片内容已被篡改,向服务器发送错误反馈信息,若两者比对一致,则说明当前接收到的数据分片内容完整无误,将其存储在当前节点中进行存储。After the target node receives the data fragment sent by the server, it compares the fragment ID of the data fragment with the fragment ID in the authorization information. If the two comparisons are inconsistent, it means that the data fragment is received incorrectly. The server sends error feedback information. If the two are consistent, the data fragmentation is correct. The content of the data fragmentation is further checked, the hash value of the data fragment is calculated, and the hash value is compared with the authorization information. The hash value is compared. If the two comparisons are inconsistent, it means that the content of the currently received data segment has been tampered with, and an error feedback message is sent to the server. If the two are consistent, it means the currently received data segment. The content of the film is complete and correct, and it is stored in the current node for storage.
综上所述,在本申请实施例中,不再采用传统的随机分发存储方式,而是利用哈希运算从整体上协调确定数据分发的对象(即所述目标节点),并且通过与分发对象之间的授权及验证机制,保证了整个数据存储过程安全有序的进行。In summary, in the embodiments of the present application, the traditional random distribution storage method is no longer used, but the hash operation is used to coordinate the overall determination of the data distribution object (that is, the target node), and the distribution object The authorization and verification mechanism between them ensures the safe and orderly progress of the entire data storage process.
应理解,上述实施例中各步骤的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本申请实施例的实施过程构成任何限定。It should be understood that the size of the sequence number of each step in the foregoing embodiment does not mean the order of execution. The execution sequence of each process should be determined by its function and internal logic, and should not constitute any limitation to the implementation process of the embodiment of the present application.
对应于上文实施例所述的一种基于点对点网络的数据存储方法,图7示出了本申请实施例提供的一种数据存储装置的一个实施例结构图。Corresponding to the data storage method based on a peer-to-peer network described in the above embodiment, FIG. 7 shows a structural diagram of an embodiment of a data storage device provided in an embodiment of the present application.
本实施例中,一种数据存储装置可以包括:In this embodiment, a data storage device may include:
数据接收模块701,用于接收终端设备上传的待存储数据,所述终端设备为所述点对点网络中的任意一个节点;The data receiving module 701 is configured to receive data to be stored uploaded by a terminal device, where the terminal device is any node in the peer-to-peer network;
数据划分模块702,用于将所述待存储数据划分为各个数据分片;The data division module 702 is configured to divide the data to be stored into data fragments;
分片哈希值计算模块703,用于使用预设的第一哈希函数分别计算各个数据分片的哈希值;The slice hash value calculation module 703 is configured to use the preset first hash function to calculate the hash value of each data slice respectively;
目标节点确定模块704,用于根据各个数据分片的哈希值在所述点对点网络中确定与各个数据分片分别对应的目标节点;The target node determining module 704 is configured to determine a target node corresponding to each data segment in the peer-to-peer network according to the hash value of each data segment;
授权信息构造模块705,用于分别构造各个数据分片的授权信息;The authorization information construction module 705 is used for separately constructing authorization information of each data segment;
授权信息发送模块706,用于向各个目标节点分别发送所述授权信息,其中,第s 个数据分片的授权信息被发送至与第s个数据分片对应的目标节点,1≤s≤SN,SN为数据分片的数目;The authorization information sending module 706 is configured to send the authorization information to each target node respectively, where the authorization information of the sth data segment is sent to the target node corresponding to the sth data segment, 1≤s≤SN , SN is the number of data fragments;
反馈信息接收模块707,用于分别接收各个目标节点在对所述授权信息进行验证后发送的反馈信息;The feedback information receiving module 707 is configured to receive feedback information sent by each target node after verifying the authorization information;
数据分片发送模块708,用于若与第s个数据分片对应的目标节点对第s个数据分片的授权信息的反馈信息为确认信息,则将第s个数据分片发送至与第s个数据分片对应的目标节点进行存储。The data segment sending module 708 is configured to send the sth data segment to the sth data segment if the feedback information of the target node corresponding to the sth data segment to the authorization information of the sth data segment is confirmation information. The target node corresponding to the s data fragments is stored.
进一步地,所述数据划分模块可以包括:Further, the data division module may include:
分片数目计算单元,用于计算数据分片的数目;The number of fragments calculation unit is used to calculate the number of data fragments;
数据划分单元,用于将所述待存储数据划分为SN个数据分片。The data division unit is configured to divide the data to be stored into SN data fragments.
进一步地,所述目标节点确定模块可以包括:Further, the target node determining module may include:
目标位置点确定单元,用于将预设的哈希环上与第s个数据分片的哈希值对应的位置点确定目标位置点,所述哈希环为由所述第一哈希函数的所有函数值按照从小到大的顺序顺时针或者逆时针依次连接所构成的圆环,即所述哈希环上的每个位置点均对应于所述第一哈希函数的一个函数值;The target location point determination unit is configured to determine a target location point on a preset hash ring corresponding to the hash value of the s-th data segment, where the hash ring is determined by the first hash function All the function values of is connected clockwise or counterclockwise in order from small to large to form a circular ring, that is, each position point on the hash ring corresponds to a function value of the first hash function;
基准位置点获取单元,用于获取所述哈希环上的各个基准位置点,其中,每个基准位置点均为与所述点对点网络中的一个节点对应的位置点;A reference location point acquiring unit, configured to acquire each reference location point on the Hash ring, where each reference location point is a location point corresponding to a node in the point-to-point network;
目标节点确定单元,用于从所述目标位置点开始顺时针或者逆时针查找所述基准位置点,并将查找到的第一个基准位置点所对应的节点确定为与第s个数据分片对应的目标节点。The target node determining unit is configured to search for the reference location point clockwise or counterclockwise from the target location point, and determine the node corresponding to the first reference location point found as the s-th data slice The corresponding target node.
进一步地,所述数据存储装置还可以包括:Further, the data storage device may further include:
身份标识获取模块,用于获取所述点对点网络中的各个节点的身份标识;An identity acquisition module, used to acquire the identity of each node in the peer-to-peer network;
节点哈希值计算模块,用于使用预设的第二哈希函数分别对所述点对点网络中的各个节点的身份标识进行哈希运算,得到各个节点的哈希值,所述第二哈希函数的值域与所述第一哈希函数的值域一致;The node hash value calculation module is configured to use a preset second hash function to hash the identity of each node in the peer-to-peer network to obtain the hash value of each node. The second hash The value range of the function is consistent with the value range of the first hash function;
基准位置点确定模块,用于将所述哈希环上与第m个节点的哈希值对应的位置点确定为与第m个节点对应的基准位置点,1≤m≤M,M为所述点对点网络中的节点数目。The reference location point determination module is used to determine the location point on the hash ring corresponding to the hash value of the mth node as the reference location point corresponding to the mth node, 1≤m≤M, where M is State the number of nodes in the point-to-point network.
进一步地,所述授权信息构造模块可以包括:Further, the authorization information construction module may include:
授权内容封装单元,用于将第s个数据分片的分片标识、哈希值、目标节点标识、授权时效信息、证书哈希值封装为第s个数据分片的授权内容,所述证书哈希值为对所述点对点网络的电子证书进行哈希运算得到的哈希值;The authorized content encapsulation unit is used to encapsulate the fragment identification, hash value, target node identification, authorization aging information, and certificate hash value of the sth data fragment into the authorized content of the sth data fragment, the certificate The hash value is a hash value obtained by performing a hash operation on the electronic certificate of the peer-to-peer network;
授权摘要计算单元,用于使用预设的第三哈希函数对第s个数据分片的授权内容进行哈希计算,得到第s个数据分片的授权摘要;The authorization summary calculation unit is configured to use a preset third hash function to hash the authorized content of the s-th data segment to obtain the authorization summary of the s-th data segment;
数据加密单元,用于使用预设的数据加密算法对第s个数据分片的授权摘要进行加密,得到第s个数据分片的数字签名;The data encryption unit is used to encrypt the authorization digest of the s-th data segment using a preset data encryption algorithm to obtain the digital signature of the s-th data segment;
授权信息构造单元,用于将第s个数据分片的授权内容、所述数字签名、所述电子证书构造为第s个数据分片的授权信息。The authorization information construction unit is used to construct the authorization content of the sth data segment, the digital signature, and the electronic certificate into the authorization information of the sth data segment.
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的装置,模块和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that, for the convenience and conciseness of description, the specific working process of the devices, modules and units described above can refer to the corresponding processes in the foregoing method embodiments, which will not be repeated here.
在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述或记载的部分,可以参见其它实施例的相关描述。In the above-mentioned embodiments, the description of each embodiment has its own emphasis. For parts that are not described in detail or recorded in an embodiment, reference may be made to related descriptions of other embodiments.
图8示出了本申请实施例提供的一种服务器的示意框图,为了便于说明,仅示出了与本申请实施例相关的部分。FIG. 8 shows a schematic block diagram of a server provided by an embodiment of the present application. For ease of description, only the parts related to the embodiment of the present application are shown.
在本实施例中,所述服务器8可以包括:处理器80、存储器81以及存储在所述存储器81中并可在所述处理器80上运行的计算机可读指令82,例如执行上述的基于点对点网络的数据存储方法的计算机可读指令。所述处理器80执行所述计算机可读指令82时实现上述各个基于点对点网络的数据存储方法实施例中的步骤,例如图1所示的步骤S101至S105。或者,所述处理器80执行所述计算机可读指令82时实现上述各装置实施例中各模块/单元的功能,例如图7所示模块701至708的功能。In this embodiment, the server 8 may include: a processor 80, a memory 81, and computer-readable instructions 82 stored in the memory 81 and executable on the processor 80, such as executing the aforementioned point-to-point based Computer-readable instructions for network data storage methods. When the processor 80 executes the computer-readable instructions 82, the steps in the foregoing embodiments of the data storage method based on a peer-to-peer network are implemented, such as steps S101 to S105 shown in FIG. 1. Alternatively, when the processor 80 executes the computer-readable instructions 82, the functions of the modules/units in the foregoing device embodiments are implemented, for example, the functions of the modules 701 to 708 shown in FIG.
示例性的,所述计算机可读指令82可以被分割成一个或多个模块/单元,所述一个或者多个模块/单元被存储在所述存储器81中,并由所述处理器80执行,以完成本申请。所述一个或多个模块/单元可以是能够完成特定功能的一系列计算机可读指令段,该指令段用于描述所述计算机可读指令82在所述服务器8中的执行过程。Exemplarily, the computer-readable instruction 82 may be divided into one or more modules/units, and the one or more modules/units are stored in the memory 81 and executed by the processor 80, To complete this application. The one or more modules/units may be a series of computer-readable instruction segments capable of completing specific functions, and the instruction segments are used to describe the execution process of the computer-readable instructions 82 in the server 8.
所述处理器80可以是中央处理单元(Central Processing Unit,CPU),还可以是其它通用处理器、数字信号处理器(Digital Signal Processor,DSP)、专用集成电路(Application Specific Integrated Circuit,ASIC)、现场可编程门阵列(Field-Programmable Gate Array,FPGA)或者其它可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。The processor 80 may be a central processing unit (Central Processing Unit, CPU), other general-purpose processors, digital signal processors (Digital Signal Processors, DSP), application specific integrated circuits (ASICs), Field-Programmable Gate Array (FPGA) or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components, etc. The general-purpose processor may be a microprocessor or the processor may also be any conventional processor or the like.
所述存储器81可以是所述服务器8的内部存储单元,例如服务器8的硬盘或内存。所述存储器81也可以是所述服务器8的外部存储设备,例如所述服务器8上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。进一步地,所述存储器81还可以既包括所述服务器8的内部存储单元也包括外部存储设备。所述存储器81用于存储所述计算机可读指令以及所 述服务器8所需的其它指令和数据。所述存储器81还可以用于暂时地存储已经输出或者将要输出的数据。The memory 81 may be an internal storage unit of the server 8, such as a hard disk or memory of the server 8. The memory 81 may also be an external storage device of the server 8, such as a plug-in hard disk equipped on the server 8, a Smart Media Card (SMC), or a Secure Digital (SD) card, Flash Card, etc. Further, the memory 81 may also include both an internal storage unit of the server 8 and an external storage device. The memory 81 is used to store the computer-readable instructions and other instructions and data required by the server 8. The memory 81 can also be used to temporarily store data that has been output or will be output.
在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。The functional units in the various embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit. The above-mentioned integrated unit can be implemented in the form of hardware or software functional unit.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机非易失性可读存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干计算机可读指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储计算机可读指令的介质。If the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer non-volatile readable storage medium. Based on this understanding, the technical solution of this application essentially or the part that contributes to the existing technology or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , Including several computer-readable instructions to enable a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disks or optical disks, etc., which can store computer-readable instructions. Medium.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机可读指令来指令相关的硬件来完成,所述的计算机可读指令可存储于一计算机非易失性可读取存储介质中,该计算机可读指令在执行时,可包括如上述各方法的实施例的流程。其中,本申请所提供的各实施例中所使用的对存储器、存储、数据库或其它介质的任何引用,均可包括非易失性和/或易失性存储器。非易失性存储器可包括只读存储器(ROM)、可编程ROM(PROM)、电可编程ROM(EPROM)、电可擦除可编程ROM(EEPROM)或闪存。易失性存储器可包括随机存取存储器(RAM)或者外部高速缓冲存储器。作为说明而非局限,RAM以多种形式可得,诸如静态RAM(SRAM)、动态RAM(DRAM)、同步DRAM(SDRAM)、双数据率SDRAM(DDRSDRAM)、增强型SDRAM(ESDRAM)、同步链路(Synchlink)DRAM(SLDRAM)、存储器总线(Rambus)直接RAM(RDRAM)、直接存储器总线动态RAM(DRDRAM)、以及存储器总线动态RAM(RDRAM)等。A person of ordinary skill in the art can understand that all or part of the processes in the above-mentioned embodiment methods can be implemented by instructing relevant hardware through computer-readable instructions. The computer-readable instructions can be stored in a non-volatile computer. In a readable storage medium, when the computer-readable instructions are executed, they may include the processes of the above-mentioned method embodiments. Wherein, any reference to memory, storage, database or other media used in the embodiments provided in this application may include non-volatile and/or volatile memory. Non-volatile memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory. Volatile memory may include random access memory (RAM) or external cache memory. As an illustration and not a limitation, RAM is available in many forms, such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous chain Channel (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), etc.
以上所述实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围。The above-mentioned embodiments are only used to illustrate the technical solutions of the present application, not to limit them; although the present application has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that it can still implement the foregoing The technical solutions described in the examples are modified, or some of the technical features are equivalently replaced; these modifications or replacements do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of the present application.

Claims (20)

  1. 一种基于点对点网络的数据存储方法,其特征在于,包括:A data storage method based on a peer-to-peer network, characterized in that it comprises:
    接收终端设备上传的待存储数据,所述终端设备为所述点对点网络中的任意一个节点;Receiving data to be stored uploaded by a terminal device, where the terminal device is any node in the peer-to-peer network;
    将所述待存储数据划分为各个数据分片,并使用预设的第一哈希函数分别计算各个数据分片的哈希值;Divide the data to be stored into each data segment, and calculate the hash value of each data segment by using a preset first hash function;
    根据各个数据分片的哈希值在所述点对点网络中确定与各个数据分片分别对应的目标节点;Determining, in the peer-to-peer network, the target node corresponding to each data fragment according to the hash value of each data fragment;
    分别构造各个数据分片的授权信息,并向各个目标节点分别发送所述授权信息,其中,第s个数据分片的授权信息被发送至与第s个数据分片对应的目标节点,1≤s≤SN,SN为数据分片的数目;The authorization information of each data segment is constructed separately, and the authorization information is sent to each target node. The authorization information of the sth data segment is sent to the target node corresponding to the sth data segment, 1≤ s≤SN, SN is the number of data fragments;
    分别接收各个目标节点在对所述授权信息进行验证后发送的反馈信息,若与第s个数据分片对应的目标节点对第s个数据分片的授权信息的反馈信息为确认信息,则将第s个数据分片发送至与第s个数据分片对应的目标节点进行存储。Receive feedback information sent by each target node after verifying the authorization information, if the target node corresponding to the s-th data segment’s feedback information on the authorization information of the s-th data segment is confirmation information, then The s-th data segment is sent to the target node corresponding to the s-th data segment for storage.
  2. 根据权利要求1所述的数据存储方法,其特征在于,所述将所述待存储数据划分为各个数据分片包括:The data storage method according to claim 1, wherein the dividing the data to be stored into data fragments comprises:
    根据下式计算数据分片的数目:Calculate the number of data fragments according to the following formula:
    Figure PCTCN2019118129-appb-100001
    Figure PCTCN2019118129-appb-100001
    其中,DataBytes为所述待存储数据的字节数,MaxShard为数据分片的最大字节数,Ceil为向上取整函数;Wherein, DataBytes is the number of bytes of the data to be stored, MaxShard is the maximum number of bytes of data fragments, and Ceil is a round-up function;
    将所述待存储数据划分为满足以下条件的SN个数据分片:The data to be stored is divided into SN data fragments meeting the following conditions:
    Figure PCTCN2019118129-appb-100002
    Figure PCTCN2019118129-appb-100002
    其中,ShdBytes s为第s个数据分片的字节数,Max为求最大值函数,Min为求最小值函数,Thresh为预设的比例阈值。 Among them, ShdBytes s is the number of bytes of the s-th data fragment, Max is the maximum value function, Min is the minimum value function, and Thresh is the preset ratio threshold.
  3. 根据权利要求1所述的数据存储方法,其特征在于,所述根据各个数据分片的哈希值在所述点对点网络中确定与各个数据分片分别对应的目标节点包括:The data storage method according to claim 1, wherein the determining the target node corresponding to each data segment in the peer-to-peer network according to the hash value of each data segment comprises:
    将预设的哈希环上与第s个数据分片的哈希值对应的位置点确定目标位置点,所述哈希环为由所述第一哈希函数的所有函数值按照从小到大的顺序顺时针或者逆时针 依次连接所构成的圆环,即所述哈希环上的每个位置点均对应于所述第一哈希函数的一个函数值;Determine the target location point on the preset hash ring corresponding to the hash value of the s-th data segment. The hash ring is composed of all the function values of the first hash function in descending order The circular ring formed by sequentially connecting clockwise or counterclockwise, that is, each position point on the hash ring corresponds to a function value of the first hash function;
    获取所述哈希环上的各个基准位置点,其中,每个基准位置点均为与所述点对点网络中的一个节点对应的位置点;Acquiring each reference location point on the hash ring, where each reference location point is a location point corresponding to a node in the point-to-point network;
    从所述目标位置点开始顺时针或者逆时针查找所述基准位置点,并将查找到的第一个基准位置点所对应的节点确定为与第s个数据分片对应的目标节点。The reference location point is searched clockwise or counterclockwise from the target location point, and the node corresponding to the first reference location point found is determined as the target node corresponding to the s-th data segment.
  4. 根据权利要求3所述的数据存储方法,其特征在于,所述基准位置点的设置过程包括:The data storage method according to claim 3, wherein the process of setting the reference position point comprises:
    获取所述点对点网络中的各个节点的身份标识;Acquiring the identity of each node in the peer-to-peer network;
    使用预设的第二哈希函数分别对所述点对点网络中的各个节点的身份标识进行哈希运算,得到各个节点的哈希值,所述第二哈希函数的值域与所述第一哈希函数的值域一致;Use the preset second hash function to hash the identity of each node in the peer-to-peer network to obtain the hash value of each node. The value range of the second hash function is the same as that of the first The value range of the hash function is consistent;
    将所述哈希环上与第m个节点的哈希值对应的位置点确定为与第m个节点对应的基准位置点,1≤m≤M,M为所述点对点网络中的节点数目。The position point on the hash ring corresponding to the hash value of the mth node is determined as the reference position point corresponding to the mth node, 1≤m≤M, and M is the number of nodes in the point-to-point network.
  5. 根据权利要求1至4中任一项所述的数据存储方法,其特征在于,所述分别构造各个数据分片的授权信息包括:The data storage method according to any one of claims 1 to 4, wherein the authorization information for separately constructing each data segment comprises:
    将第s个数据分片的分片标识、哈希值、目标节点标识、授权时效信息、证书哈希值封装为第s个数据分片的授权内容,所述证书哈希值为对所述点对点网络的电子证书进行哈希运算得到的哈希值;Encapsulate the fragment identification, hash value, target node identification, authorization aging information, and certificate hash value of the sth data fragment into the authorized content of the sth data fragment, and the certificate hash value is The hash value obtained by hashing the electronic certificate of the peer-to-peer network;
    使用预设的第三哈希函数对第s个数据分片的授权内容进行哈希计算,得到第s个数据分片的授权摘要;Use the preset third hash function to hash the authorized content of the s-th data segment to obtain the authorization summary of the s-th data segment;
    使用预设的数据加密算法对第s个数据分片的授权摘要进行加密,得到第s个数据分片的数字签名;Use a preset data encryption algorithm to encrypt the authorization digest of the s-th data segment to obtain the digital signature of the s-th data segment;
    将第s个数据分片的授权内容、所述数字签名、所述电子证书构造为第s个数据分片的授权信息。The authorized content of the sth data segment, the digital signature, and the electronic certificate are constructed as the authorization information of the sth data segment.
  6. 一种数据存储装置,其特征在于,包括:A data storage device, characterized by comprising:
    数据接收模块,用于接收终端设备上传的待存储数据,所述终端设备为点对点网络中的任意一个节点;A data receiving module for receiving data to be stored uploaded by a terminal device, the terminal device being any node in a peer-to-peer network;
    数据划分模块,用于将所述待存储数据划分为各个数据分片;A data division module, used to divide the data to be stored into data fragments;
    分片哈希值计算模块,用于使用预设的第一哈希函数分别计算各个数据分片的哈希值;The slice hash value calculation module is used to calculate the hash value of each data slice using the preset first hash function;
    目标节点确定模块,用于根据各个数据分片的哈希值在所述点对点网络中确定与 各个数据分片分别对应的目标节点;A target node determining module, configured to determine the target node corresponding to each data segment in the peer-to-peer network according to the hash value of each data segment;
    授权信息构造模块,用于分别构造各个数据分片的授权信息;The authorization information construction module is used to separately construct the authorization information of each data segment;
    授权信息发送模块,用于向各个目标节点分别发送所述授权信息,其中,第s个数据分片的授权信息被发送至与第s个数据分片对应的目标节点,1≤s≤SN,SN为数据分片的数目;The authorization information sending module is used to send the authorization information to each target node, wherein the authorization information of the s-th data segment is sent to the target node corresponding to the s-th data segment, 1≤s≤SN, SN is the number of data fragments;
    反馈信息接收模块,用于分别接收各个目标节点在对所述授权信息进行验证后发送的反馈信息;The feedback information receiving module is configured to respectively receive the feedback information sent by each target node after verifying the authorization information;
    数据分片发送模块,用于若与第s个数据分片对应的目标节点对第s个数据分片的授权信息的反馈信息为确认信息,则将第s个数据分片发送至与第s个数据分片对应的目标节点进行存储。The data segment sending module is used to send the sth data segment to the sth data segment if the feedback information of the target node corresponding to the sth data segment to the authorization information of the sth data segment is confirmation information. The target node corresponding to each data fragment is stored.
  7. 根据权利要求6所述的数据存储装置,其特征在于,所述数据划分模块包括:The data storage device according to claim 6, wherein the data dividing module comprises:
    分片数目计算单元,用于根据下式计算数据分片的数目:The number of fragments calculation unit is used to calculate the number of data fragments according to the following formula:
    Figure PCTCN2019118129-appb-100003
    Figure PCTCN2019118129-appb-100003
    其中,DataBytes为所述待存储数据的字节数,MaxShard为数据分片的最大字节数,Ceil为向上取整函数;Wherein, DataBytes is the number of bytes of the data to be stored, MaxShard is the maximum number of bytes of data fragments, and Ceil is a round-up function;
    数据划分单元,用于将所述待存储数据划分为满足以下条件的SN个数据分片:The data dividing unit is configured to divide the data to be stored into SN data fragments that meet the following conditions:
    Figure PCTCN2019118129-appb-100004
    Figure PCTCN2019118129-appb-100004
    其中,ShdBytes s为第s个数据分片的字节数,Max为求最大值函数,Min为求最小值函数,Thresh为预设的比例阈值。 Among them, ShdBytes s is the number of bytes of the s-th data fragment, Max is the maximum value function, Min is the minimum value function, and Thresh is the preset ratio threshold.
  8. 根据权利要求6所述的数据存储装置,其特征在于,所述目标节点确定模块包括:The data storage device according to claim 6, wherein the target node determination module comprises:
    目标位置点确定单元,用于将预设的哈希环上与第s个数据分片的哈希值对应的位置点确定目标位置点,所述哈希环为由所述第一哈希函数的所有函数值按照从小到大的顺序顺时针或者逆时针依次连接所构成的圆环,即所述哈希环上的每个位置点均对应于所述第一哈希函数的一个函数值;The target location point determination unit is configured to determine a target location point on a preset hash ring corresponding to the hash value of the s-th data segment, where the hash ring is determined by the first hash function All the function values of is connected clockwise or counterclockwise in order from small to large to form a circular ring, that is, each position point on the hash ring corresponds to a function value of the first hash function;
    基准位置点获取单元,用于获取所述哈希环上的各个基准位置点,其中,每个基准位置点均为与所述点对点网络中的一个节点对应的位置点;A reference location point acquiring unit, configured to acquire each reference location point on the Hash ring, where each reference location point is a location point corresponding to a node in the point-to-point network;
    目标节点确定单元,用于从所述目标位置点开始顺时针或者逆时针查找所述基准 位置点,并将查找到的第一个基准位置点所对应的节点确定为与第s个数据分片对应的目标节点。The target node determining unit is configured to search for the reference location point clockwise or counterclockwise from the target location point, and determine the node corresponding to the first reference location point found as the s-th data slice The corresponding target node.
  9. 根据权利要求8所述的数据存储装置,其特征在于,还包括:8. The data storage device according to claim 8, further comprising:
    身份标识获取模块,用于获取所述点对点网络中的各个节点的身份标识;An identity acquisition module, used to acquire the identity of each node in the peer-to-peer network;
    节点哈希值计算模块,用于使用预设的第二哈希函数分别对所述点对点网络中的各个节点的身份标识进行哈希运算,得到各个节点的哈希值,所述第二哈希函数的值域与所述第一哈希函数的值域一致;The node hash value calculation module is configured to use a preset second hash function to hash the identity of each node in the peer-to-peer network to obtain the hash value of each node. The second hash The value range of the function is consistent with the value range of the first hash function;
    基准位置点确定模块,用于将所述哈希环上与第m个节点的哈希值对应的位置点确定为与第m个节点对应的基准位置点,1≤m≤M,M为所述点对点网络中的节点数目。The reference location point determination module is used to determine the location point on the hash ring corresponding to the hash value of the mth node as the reference location point corresponding to the mth node, 1≤m≤M, where M is State the number of nodes in the point-to-point network.
  10. 根据权利要求6至9中任一项所述的数据存储装置,其特征在于,所述授权信息构造模块可以包括:The data storage device according to any one of claims 6 to 9, wherein the authorization information construction module may comprise:
    授权内容封装单元,用于将第s个数据分片的分片标识、哈希值、目标节点标识、授权时效信息、证书哈希值封装为第s个数据分片的授权内容,所述证书哈希值为对所述点对点网络的电子证书进行哈希运算得到的哈希值;The authorized content encapsulation unit is used to encapsulate the fragment identification, hash value, target node identification, authorization aging information, and certificate hash value of the sth data fragment into the authorized content of the sth data fragment, the certificate The hash value is a hash value obtained by performing a hash operation on the electronic certificate of the peer-to-peer network;
    授权摘要计算单元,用于使用预设的第三哈希函数对第s个数据分片的授权内容进行哈希计算,得到第s个数据分片的授权摘要;The authorization summary calculation unit is configured to use a preset third hash function to hash the authorized content of the s-th data segment to obtain the authorization summary of the s-th data segment;
    数据加密单元,用于使用预设的数据加密算法对第s个数据分片的授权摘要进行加密,得到第s个数据分片的数字签名;The data encryption unit is used to encrypt the authorization digest of the s-th data segment using a preset data encryption algorithm to obtain the digital signature of the s-th data segment;
    授权信息构造单元,用于将第s个数据分片的授权内容、所述数字签名、所述电子证书构造为第s个数据分片的授权信息。The authorization information construction unit is used to construct the authorization content of the sth data segment, the digital signature, and the electronic certificate into the authorization information of the sth data segment.
  11. 一种计算机非易失性可读存储介质,所述计算机非易失性可读存储介质存储有计算机可读指令,其特征在于,所述计算机可读指令被处理器执行时实现如下步骤:A computer non-volatile readable storage medium, the computer non-volatile readable storage medium storing computer readable instructions, wherein the computer readable instructions are executed by a processor to implement the following steps:
    接收终端设备上传的待存储数据,所述终端设备为点对点网络中的任意一个节点;Receiving data to be stored uploaded by a terminal device, where the terminal device is any node in a peer-to-peer network;
    将所述待存储数据划分为各个数据分片,并使用预设的第一哈希函数分别计算各个数据分片的哈希值;Divide the data to be stored into each data segment, and calculate the hash value of each data segment by using a preset first hash function;
    根据各个数据分片的哈希值在所述点对点网络中确定与各个数据分片分别对应的目标节点;Determining, in the peer-to-peer network, the target node corresponding to each data fragment according to the hash value of each data fragment;
    分别构造各个数据分片的授权信息,并向各个目标节点分别发送所述授权信息,其中,第s个数据分片的授权信息被发送至与第s个数据分片对应的目标节点,1≤s≤SN,SN为数据分片的数目;The authorization information of each data segment is constructed separately, and the authorization information is sent to each target node. The authorization information of the sth data segment is sent to the target node corresponding to the sth data segment, 1≤ s≤SN, SN is the number of data fragments;
    分别接收各个目标节点在对所述授权信息进行验证后发送的反馈信息,若与第s 个数据分片对应的目标节点对第s个数据分片的授权信息的反馈信息为确认信息,则将第s个数据分片发送至与第s个数据分片对应的目标节点进行存储。Receive feedback information sent by each target node after verifying the authorization information. If the target node corresponding to the s-th data segment's feedback information on the authorization information of the s-th data segment is confirmation information, then The s-th data segment is sent to the target node corresponding to the s-th data segment for storage.
  12. 根据权利要求11所述的计算机非易失性可读存储介质,其特征在于,所述将所述待存储数据划分为各个数据分片包括:The computer non-volatile readable storage medium according to claim 11, wherein the dividing the to-be-stored data into data fragments comprises:
    计算数据分片的数目;Calculate the number of data fragments;
    将所述待存储数据划分为SN个数据分片。The data to be stored is divided into SN data fragments.
  13. 根据权利要求11所述的计算机非易失性可读存储介质,其特征在于,所述根据各个数据分片的哈希值在所述点对点网络中确定与各个数据分片分别对应的目标节点包括:The computer non-volatile readable storage medium according to claim 11, wherein the determining in the peer-to-peer network according to the hash value of each data fragment comprises: :
    将预设的哈希环上与第s个数据分片的哈希值对应的位置点确定目标位置点,所述哈希环为由所述第一哈希函数的所有函数值按照从小到大的顺序顺时针或者逆时针依次连接所构成的圆环,即所述哈希环上的每个位置点均对应于所述第一哈希函数的一个函数值;Determine the target location point on the preset hash ring corresponding to the hash value of the s-th data segment. The hash ring is composed of all the function values of the first hash function in descending order The circular ring formed by sequentially connecting clockwise or counterclockwise, that is, each position point on the hash ring corresponds to a function value of the first hash function;
    获取所述哈希环上的各个基准位置点,其中,每个基准位置点均为与所述点对点网络中的一个节点对应的位置点;Acquiring each reference location point on the hash ring, where each reference location point is a location point corresponding to a node in the point-to-point network;
    从所述目标位置点开始顺时针或者逆时针查找所述基准位置点,并将查找到的第一个基准位置点所对应的节点确定为与第s个数据分片对应的目标节点。The reference location point is searched clockwise or counterclockwise from the target location point, and the node corresponding to the first reference location point found is determined as the target node corresponding to the s-th data segment.
  14. 根据权利要求13所述的计算机非易失性可读存储介质,其特征在于,所述基准位置点的设置过程包括:The computer non-volatile readable storage medium according to claim 13, wherein the process of setting the reference position point comprises:
    获取所述点对点网络中的各个节点的身份标识;Acquiring the identity of each node in the peer-to-peer network;
    使用预设的第二哈希函数分别对所述点对点网络中的各个节点的身份标识进行哈希运算,得到各个节点的哈希值,所述第二哈希函数的值域与所述第一哈希函数的值域一致;Use the preset second hash function to hash the identity of each node in the peer-to-peer network to obtain the hash value of each node. The value range of the second hash function is the same as that of the first The value range of the hash function is consistent;
    将所述哈希环上与第m个节点的哈希值对应的位置点确定为与第m个节点对应的基准位置点,1≤m≤M,M为所述点对点网络中的节点数目。The position point on the hash ring corresponding to the hash value of the mth node is determined as the reference position point corresponding to the mth node, 1≤m≤M, and M is the number of nodes in the point-to-point network.
  15. 根据权利要求11至14中任一项所述的计算机非易失性可读存储介质,其特征在于,所述分别构造各个数据分片的授权信息包括:The computer non-volatile readable storage medium according to any one of claims 11 to 14, wherein the authorization information for separately constructing each data segment comprises:
    将第s个数据分片的分片标识、哈希值、目标节点标识、授权时效信息、证书哈希值封装为第s个数据分片的授权内容,所述证书哈希值为对所述点对点网络的电子证书进行哈希运算得到的哈希值;Encapsulate the fragment identification, hash value, target node identification, authorization aging information, and certificate hash value of the sth data fragment into the authorized content of the sth data fragment, and the certificate hash value is The hash value obtained by hashing the electronic certificate of the peer-to-peer network;
    使用预设的第三哈希函数对第s个数据分片的授权内容进行哈希计算,得到第s个数据分片的授权摘要;Use the preset third hash function to hash the authorized content of the s-th data segment to obtain the authorization summary of the s-th data segment;
    使用预设的数据加密算法对第s个数据分片的授权摘要进行加密,得到第s个数据分片的数字签名;Use a preset data encryption algorithm to encrypt the authorization digest of the s-th data segment to obtain the digital signature of the s-th data segment;
    将第s个数据分片的授权内容、所述数字签名、所述电子证书构造为第s个数据分片的授权信息。The authorized content of the sth data segment, the digital signature, and the electronic certificate are constructed as the authorization information of the sth data segment.
  16. 一种服务器,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令,其特征在于,所述处理器执行所述计算机可读指令时实现如下步骤:A server includes a memory, a processor, and computer readable instructions stored in the memory and running on the processor, wherein the processor executes the computer readable instructions to implement the following steps :
    接收终端设备上传的待存储数据,所述终端设备为点对点网络中的任意一个节点;Receiving data to be stored uploaded by a terminal device, where the terminal device is any node in a peer-to-peer network;
    将所述待存储数据划分为各个数据分片,并使用预设的第一哈希函数分别计算各个数据分片的哈希值;Divide the data to be stored into each data segment, and calculate the hash value of each data segment by using a preset first hash function;
    根据各个数据分片的哈希值在所述点对点网络中确定与各个数据分片分别对应的目标节点;Determining, in the peer-to-peer network, the target node corresponding to each data fragment according to the hash value of each data fragment;
    分别构造各个数据分片的授权信息,并向各个目标节点分别发送所述授权信息,其中,第s个数据分片的授权信息被发送至与第s个数据分片对应的目标节点,1≤s≤SN,SN为数据分片的数目;The authorization information of each data segment is constructed separately, and the authorization information is sent to each target node. The authorization information of the sth data segment is sent to the target node corresponding to the sth data segment, 1≤ s≤SN, SN is the number of data fragments;
    分别接收各个目标节点在对所述授权信息进行验证后发送的反馈信息,若与第s个数据分片对应的目标节点对第s个数据分片的授权信息的反馈信息为确认信息,则将第s个数据分片发送至与第s个数据分片对应的目标节点进行存储。Receive feedback information sent by each target node after verifying the authorization information, if the target node corresponding to the s-th data segment’s feedback information on the authorization information of the s-th data segment is confirmation information, then The s-th data segment is sent to the target node corresponding to the s-th data segment for storage.
  17. 根据权利要求16所述的服务器,其特征在于,所述将所述待存储数据划分为各个数据分片包括:The server according to claim 16, wherein the dividing the to-be-stored data into data fragments comprises:
    计算数据分片的数目;Calculate the number of data fragments;
    将所述待存储数据划分为SN个数据分片。The data to be stored is divided into SN data fragments.
  18. 根据权利要求16所述的服务器,其特征在于,所述根据各个数据分片的哈希值在所述点对点网络中确定与各个数据分片分别对应的目标节点包括:The server according to claim 16, wherein the determining, in the peer-to-peer network, the target node corresponding to each data fragment according to the hash value of each data fragment comprises:
    将预设的哈希环上与第s个数据分片的哈希值对应的位置点确定目标位置点,所述哈希环为由所述第一哈希函数的所有函数值按照从小到大的顺序顺时针或者逆时针依次连接所构成的圆环,即所述哈希环上的每个位置点均对应于所述第一哈希函数的一个函数值;Determine the target location point on the preset hash ring corresponding to the hash value of the s-th data segment. The hash ring is composed of all the function values of the first hash function in descending order The circular ring formed by sequentially connecting clockwise or counterclockwise, that is, each position point on the hash ring corresponds to a function value of the first hash function;
    获取所述哈希环上的各个基准位置点,其中,每个基准位置点均为与所述点对点网络中的一个节点对应的位置点;Acquiring each reference location point on the hash ring, where each reference location point is a location point corresponding to a node in the point-to-point network;
    从所述目标位置点开始顺时针或者逆时针查找所述基准位置点,并将查找到的第一个基准位置点所对应的节点确定为与第s个数据分片对应的目标节点。The reference location point is searched clockwise or counterclockwise from the target location point, and the node corresponding to the first reference location point found is determined as the target node corresponding to the s-th data segment.
  19. 根据权利要求18所述的服务器,其特征在于,所述基准位置点的设置过程包括:The server according to claim 18, wherein the process of setting the reference position point comprises:
    获取所述点对点网络中的各个节点的身份标识;Acquiring the identity of each node in the peer-to-peer network;
    使用预设的第二哈希函数分别对所述点对点网络中的各个节点的身份标识进行哈希运算,得到各个节点的哈希值,所述第二哈希函数的值域与所述第一哈希函数的值域一致;Use the preset second hash function to hash the identity of each node in the peer-to-peer network to obtain the hash value of each node. The value range of the second hash function is the same as that of the first The value range of the hash function is consistent;
    将所述哈希环上与第m个节点的哈希值对应的位置点确定为与第m个节点对应的基准位置点,1≤m≤M,M为所述点对点网络中的节点数目。The position point on the hash ring corresponding to the hash value of the mth node is determined as the reference position point corresponding to the mth node, 1≤m≤M, and M is the number of nodes in the point-to-point network.
  20. 根据权利要求16至19中任一项所述的服务器,其特征在于,所述分别构造各个数据分片的授权信息包括:The server according to any one of claims 16 to 19, wherein the authorization information for separately constructing each data segment comprises:
    将第s个数据分片的分片标识、哈希值、目标节点标识、授权时效信息、证书哈希值封装为第s个数据分片的授权内容,所述证书哈希值为对所述点对点网络的电子证书进行哈希运算得到的哈希值;Encapsulate the fragment identification, hash value, target node identification, authorization aging information, and certificate hash value of the sth data fragment into the authorized content of the sth data fragment, and the certificate hash value is The hash value obtained by hashing the electronic certificate of the peer-to-peer network;
    使用预设的第三哈希函数对第s个数据分片的授权内容进行哈希计算,得到第s个数据分片的授权摘要;Use the preset third hash function to hash the authorized content of the s-th data segment to obtain the authorization summary of the s-th data segment;
    使用预设的数据加密算法对第s个数据分片的授权摘要进行加密,得到第s个数据分片的数字签名;Use a preset data encryption algorithm to encrypt the authorization digest of the s-th data segment to obtain the digital signature of the s-th data segment;
    将第s个数据分片的授权内容、所述数字签名、所述电子证书构造为第s个数据分片的授权信息。The authorized content of the sth data segment, the digital signature, and the electronic certificate are constructed as the authorization information of the sth data segment.
PCT/CN2019/118129 2019-04-28 2019-11-13 Data storage method and apparatus based on point-to-point network, and medium and server WO2020220641A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910347838.0 2019-04-28
CN201910347838.0A CN110149373B (en) 2019-04-28 2019-04-28 Data storage method, device, medium and server based on peer-to-peer network

Publications (1)

Publication Number Publication Date
WO2020220641A1 true WO2020220641A1 (en) 2020-11-05

Family

ID=67593901

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/118129 WO2020220641A1 (en) 2019-04-28 2019-11-13 Data storage method and apparatus based on point-to-point network, and medium and server

Country Status (2)

Country Link
CN (1) CN110149373B (en)
WO (1) WO2020220641A1 (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112819483A (en) * 2020-12-30 2021-05-18 杭州趣链科技有限公司 Block chain-based product traceability management method and device and related equipment
CN112906016A (en) * 2021-01-28 2021-06-04 北京金山云网络技术有限公司 Data processing method and device and electronic equipment
CN112953835A (en) * 2021-01-18 2021-06-11 广州三七互娱科技有限公司 Data transmission method, device and system
CN112966545A (en) * 2020-12-31 2021-06-15 杭州拓深科技有限公司 Average hash-based fire fighting channel occupancy monitoring method and device, electronic device and storage medium
CN113132484A (en) * 2021-04-20 2021-07-16 北京奇艺世纪科技有限公司 Data transmission method and device
CN114285903A (en) * 2021-12-16 2022-04-05 奇安信科技集团股份有限公司 Request processing method, device and system and electronic equipment
CN114629824A (en) * 2022-03-24 2022-06-14 阿里巴巴(中国)有限公司 Packet loss positioning method, device, computing equipment and medium
CN114817272A (en) * 2022-06-30 2022-07-29 北京聚通达科技股份有限公司 Message processing method and device, electronic equipment and storage medium
CN115190136A (en) * 2021-04-21 2022-10-14 统信软件技术有限公司 Data storage method, data transmission method and computing equipment
CN115544026A (en) * 2022-12-02 2022-12-30 北京邮电大学 Data storage method and device, electronic equipment and storage medium

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110149373B (en) * 2019-04-28 2022-01-07 平安科技(深圳)有限公司 Data storage method, device, medium and server based on peer-to-peer network
CN110933022A (en) * 2019-10-11 2020-03-27 深圳壹账通智能科技有限公司 Block processing method and device, computer equipment and storage medium
CN111030930B (en) * 2019-12-02 2022-02-01 北京众享比特科技有限公司 Decentralized network data fragment transmission method, device, equipment and medium
CN111176842A (en) * 2019-12-23 2020-05-19 中国平安财产保险股份有限公司 Data processing method and device, electronic equipment and storage medium
CN111817844B (en) * 2020-07-20 2021-06-25 西安电子科技大学 Double-link wireless ad hoc network and security defense method in emergency scene
CN112052141B (en) * 2020-09-02 2022-04-01 平安科技(深圳)有限公司 Data fragment verification method and device, computer equipment and readable storage medium
CN112243160A (en) * 2020-09-14 2021-01-19 视联动力信息技术股份有限公司 Data transmission method, device, terminal equipment and storage medium
CN113612705B (en) * 2021-08-02 2023-08-22 广西电网有限责任公司 Hash algorithm slicing and recombination-based power grid monitoring system data transmission method
CN114629908B (en) * 2022-03-28 2023-10-13 浙江邦盛科技股份有限公司 Data slicing method based on hardware resource density of server node
CN117240478B (en) * 2023-11-13 2024-02-13 深圳合纵富科技有限公司 POS machine data transmission method and system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107219997A (en) * 2016-03-21 2017-09-29 阿里巴巴集团控股有限公司 A kind of method and device for being used to verify data consistency
WO2018109010A1 (en) * 2016-12-15 2018-06-21 Luxembourg Institute Of Science And Technology (List) P2p network data distribution and retrieval using blockchain log
CN109347893A (en) * 2018-08-09 2019-02-15 玄章技术有限公司 A kind of file memory method and device of block chain network
CN109600357A (en) * 2018-11-05 2019-04-09 电子科技大学 A kind of distributed identity authentication system, method and server
CN110149373A (en) * 2019-04-28 2019-08-20 平安科技(深圳)有限公司 Date storage method, device, medium and server based on point to point network

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102446250A (en) * 2010-10-13 2012-05-09 索尼公司 Methods, apparatuses and methods for protecting and verifying data integrity
CN106383665B (en) * 2016-09-05 2018-05-11 华为技术有限公司 Date storage method and coordination memory node in data-storage system
US10740733B2 (en) * 2017-05-25 2020-08-11 Oracle International Corporaton Sharded permissioned distributed ledgers
CN109309650B (en) * 2017-07-27 2020-12-08 华为技术有限公司 Data processing method, terminal equipment and network equipment
CN107547657A (en) * 2017-09-27 2018-01-05 柏科数据技术(深圳)股份有限公司 A kind of method, apparatus and storage medium numbered based on one point data in cloud storage system
US10261711B1 (en) * 2018-01-25 2019-04-16 Merck Sharp & Dohme Corp. Proof of non-tampering for stored data
CN109327512B (en) * 2018-09-19 2021-04-13 广东微链科技有限公司 Game data partition storage method based on block chain hash addressing and re-encryption
CN109522270A (en) * 2018-10-19 2019-03-26 平安科技(深圳)有限公司 File storing and reading method, electronic device and readable storage medium storing program for executing based on block chain

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107219997A (en) * 2016-03-21 2017-09-29 阿里巴巴集团控股有限公司 A kind of method and device for being used to verify data consistency
WO2018109010A1 (en) * 2016-12-15 2018-06-21 Luxembourg Institute Of Science And Technology (List) P2p network data distribution and retrieval using blockchain log
CN109347893A (en) * 2018-08-09 2019-02-15 玄章技术有限公司 A kind of file memory method and device of block chain network
CN109600357A (en) * 2018-11-05 2019-04-09 电子科技大学 A kind of distributed identity authentication system, method and server
CN110149373A (en) * 2019-04-28 2019-08-20 平安科技(深圳)有限公司 Date storage method, device, medium and server based on point to point network

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112819483A (en) * 2020-12-30 2021-05-18 杭州趣链科技有限公司 Block chain-based product traceability management method and device and related equipment
CN112966545A (en) * 2020-12-31 2021-06-15 杭州拓深科技有限公司 Average hash-based fire fighting channel occupancy monitoring method and device, electronic device and storage medium
CN112953835A (en) * 2021-01-18 2021-06-11 广州三七互娱科技有限公司 Data transmission method, device and system
CN112953835B (en) * 2021-01-18 2023-03-14 广州三七互娱科技有限公司 Data transmission method, device and system
CN112906016B (en) * 2021-01-28 2023-10-27 北京金山云网络技术有限公司 Data processing method and device and electronic equipment
CN112906016A (en) * 2021-01-28 2021-06-04 北京金山云网络技术有限公司 Data processing method and device and electronic equipment
CN113132484A (en) * 2021-04-20 2021-07-16 北京奇艺世纪科技有限公司 Data transmission method and device
CN115190136A (en) * 2021-04-21 2022-10-14 统信软件技术有限公司 Data storage method, data transmission method and computing equipment
CN115190136B (en) * 2021-04-21 2024-03-01 统信软件技术有限公司 Data storage method, data transmission method and computing equipment
CN114285903A (en) * 2021-12-16 2022-04-05 奇安信科技集团股份有限公司 Request processing method, device and system and electronic equipment
CN114285903B (en) * 2021-12-16 2024-04-19 奇安信科技集团股份有限公司 Request processing method, device and system and electronic equipment
CN114629824A (en) * 2022-03-24 2022-06-14 阿里巴巴(中国)有限公司 Packet loss positioning method, device, computing equipment and medium
CN114629824B (en) * 2022-03-24 2024-03-19 阿里巴巴(中国)有限公司 Packet loss positioning method, device, computing equipment and medium
CN114817272A (en) * 2022-06-30 2022-07-29 北京聚通达科技股份有限公司 Message processing method and device, electronic equipment and storage medium
CN115544026A (en) * 2022-12-02 2022-12-30 北京邮电大学 Data storage method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN110149373B (en) 2022-01-07
CN110149373A (en) 2019-08-20

Similar Documents

Publication Publication Date Title
WO2020220641A1 (en) Data storage method and apparatus based on point-to-point network, and medium and server
CN112446785B (en) Cross-chain transaction method, system, device, equipment and storage medium
CN109639714B (en) Internet of things identity registration and verification method based on block chain
US20210209373A1 (en) Media authentication using distributed ledger
CN107396360B (en) Block verification method and device
US10284372B2 (en) Method and system for secure management of computer applications
US8442218B2 (en) Method and apparatus for compound hashing via iteration
WO2020143317A1 (en) Fragmented file verification method and terminal device
CN110989922B (en) Distributed data storage method and system
US11563560B2 (en) Blockchain-based data evidence storage method and apparatus
US20230096457A1 (en) Data synchronization method, apparatus, and device, and computer readable storage medium
CN110059089B (en) Data synchronization method and device, storage medium and electronic equipment
WO2019080423A1 (en) Resource value transfer method and apparatus, storage medium, and server
WO2020093722A1 (en) Block chain-based prescription data verification method and device, and server
WO2020140626A1 (en) Salt-based data possession verification method and terminal device
CN110969207A (en) Electronic evidence processing method, device, equipment and storage medium
WO2020220540A1 (en) Point-to-point network-based data storage method and apparatus, medium and terminal device
CN111367923A (en) Data processing method, data processing device, node equipment and storage medium
US20200153622A1 (en) System and method for enforcement of correctness for key derivation
CN110995446A (en) Evidence verification method, device, server and storage medium
CN109698806B (en) User data verification method and system
WO2021196463A1 (en) Blockchain data synchronization method and apparatus, and electronic device and storage medium
CN112671881A (en) Node organization management method and device, electronic equipment and readable storage medium
CN114741704A (en) Privacy protection method, device, equipment and medium based on marriage and love dating
JP2017139733A (en) Generation and authentication of packet in process chain

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19926972

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19926972

Country of ref document: EP

Kind code of ref document: A1