[go: up one dir, main page]

CN106936818A - Data Audit method, client and block chain cloud device based on block chain technology - Google Patents

Data Audit method, client and block chain cloud device based on block chain technology Download PDF

Info

Publication number
CN106936818A
CN106936818A CN201710103752.4A CN201710103752A CN106936818A CN 106936818 A CN106936818 A CN 106936818A CN 201710103752 A CN201710103752 A CN 201710103752A CN 106936818 A CN106936818 A CN 106936818A
Authority
CN
China
Prior art keywords
client
target file
data block
unit
hash value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710103752.4A
Other languages
Chinese (zh)
Inventor
李春晓
梁赓
赵焕军
张凤军
武斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Software of CAS
Original Assignee
Institute of Software of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Software of CAS filed Critical Institute of Software of CAS
Priority to CN201710103752.4A priority Critical patent/CN106936818A/en
Publication of CN106936818A publication Critical patent/CN106936818A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention provides a kind of Data Audit method based on block chain technology, client and block chain cloud device.Methods described includes:File destination is uploaded to block chain high in the clouds;The audit tree of the dynamic generation file destination;According to the audit tree, the validity of the file destination is verified.The present invention can in real time verify the validity of storage file, and verification process consumes less network bandwidth resources.

Description

基于区块链技术的数据审计方法、客户端及区块链云端设备Data audit method, client and blockchain cloud device based on blockchain technology

技术领域technical field

本发明涉及区块链技术领域,尤其涉及一种基于区块链技术的数据审计方法、客户端及区块链云端设备。The present invention relates to the field of block chain technology, in particular to a data audit method based on block chain technology, a client and a block chain cloud device.

背景技术Background technique

我们将区块链技术作为基础,实现了去中心化且寓于分布式结构的数据存储、传输和证明的方法。在应用区块链技术进行数据存储备份的系统中,数据的审计是一个很重要的问题。目前的审计方法,基本上有两种,一种是通过实时回传数据进行审计的方法,很显然,这种方法对网络带宽的消耗比较大,实用性不强。第二种方法,将数据预先生成固定数量的校验值发布到网络进行验证,这种方法的缺陷是每一次验证都要消耗一个校验值,一旦校验值用完,将无法再进行有效验证。We use blockchain technology as the basis to realize the method of data storage, transmission and certification in a decentralized and distributed structure. In a system that uses blockchain technology for data storage and backup, data auditing is a very important issue. Currently, there are basically two auditing methods. One is auditing by returning data in real time. Obviously, this method consumes a lot of network bandwidth and is not very practical. The second method is to pre-generate a fixed number of check values and publish them to the network for verification. The disadvantage of this method is that each verification will consume a check value. Once the check value is used up, it will no longer be valid. verify.

发明内容Contents of the invention

本发明提供的基于区块链技术的数据审计方法、客户端及区块链云端设备,能够实时地验证存储文件的有效性,且验证过程消耗较少的网络带宽资源。The blockchain technology-based data audit method, client and blockchain cloud device provided by the present invention can verify the validity of stored files in real time, and the verification process consumes less network bandwidth resources.

第一方面,本发明提供一种基于区块链技术的数据审计方法,所述方法应用于客户端,所述方法包括:In the first aspect, the present invention provides a data audit method based on block chain technology, the method is applied to the client, and the method includes:

向区块链云端上传目标文件;Upload the target file to the blockchain cloud;

动态生成所述目标文件的审计树;Dynamically generate an audit tree of the target file;

根据所述审计树,验证所述目标文件的有效性。According to the audit tree, the validity of the target file is verified.

可选地,在所述向区块链云端上传目标文件之前,所述方法还包括:Optionally, before uploading the target file to the block chain cloud, the method also includes:

将所述目标文件进行切片,生成多个数据块;Slicing the target file to generate multiple data blocks;

对各个数据块进行加密处理。Each data block is encrypted.

可选地,所述向区块链云端上传目标文件包括:将经过加密处理后的各个数据块保存到区块链云端的各个宿主节点上。Optionally, the uploading the target file to the block chain cloud includes: saving each encrypted data block on each host node of the block chain cloud.

可选地,所述动态生成所述目标文件的审计树包括:Optionally, the dynamically generating the audit tree of the target file includes:

为区块链中各个宿主节点上存放的数据块生成一个随机数;Generate a random number for the data blocks stored on each host node in the blockchain;

将生成的各数据块的随机数与所述数据块合并,生成一个哈希值;Merge the generated random number of each data block with the data block to generate a hash value;

将生成的哈希值依次合并,生成一棵完整的审计树。Combine the generated hash values sequentially to generate a complete audit tree.

可选地,所述根据所述审计树,验证所述目标文件的有效性包括:Optionally, according to the audit tree, verifying the validity of the target file includes:

将生成的各数据块的随机数发送给对应的各宿主节点;Send the generated random numbers of each data block to the corresponding host nodes;

接收所述各宿主节点发送的的哈希值;receiving the hash value sent by each host node;

将接收到的哈希值与所述审计树中各宿主节点的哈希值进行对比;comparing the received hash value with the hash value of each host node in the audit tree;

判断各数据块是否有效,当对比一致时,所述数据块有效;Judging whether each data block is valid, when the comparison is consistent, the data block is valid;

验证所述目标文件的有效性,当所有数据块有效时,所述目标文件有效。The validity of the target file is verified, and when all data blocks are valid, the target file is valid.

第二方面,本发明提供一种基于区块链技术的数据审计方法,所述方法应用于区块链云端,所述方法包括:In a second aspect, the present invention provides a data audit method based on blockchain technology, the method is applied to the blockchain cloud, and the method includes:

接收客户端上传的目标文件;Receive the target file uploaded by the client;

接收客户端发送的各数据块的随机数;Receive the random number of each data block sent by the client;

将所述随机数与对应的数据块合并,计算各宿主节点的哈希值;向客户端发送所述各宿主节点的哈希值,以使客户端验证各数据块的有效性。Combining the random number with the corresponding data block, calculating the hash value of each host node; sending the hash value of each host node to the client, so that the client verifies the validity of each data block.

第三方面,本发明提供一种客户端,所述客户端包括:In a third aspect, the present invention provides a client, where the client includes:

上传单元,用于向区块链云端上传目标文件;The upload unit is used to upload the target file to the block chain cloud;

生成单元,用于动态生成所述目标文件的审计树;A generating unit, configured to dynamically generate the audit tree of the target file;

第一验证单元,用于根据所述审计树,验证所述目标文件的有效性。The first verification unit is configured to verify the validity of the target file according to the audit tree.

可选地,所述客户端还包括:Optionally, the client also includes:

切片单元,用于在所述上传单元上传所述目标文件之前,将所述目标文件进行切片,生成多个数据块;a slicing unit, configured to slice the target file to generate multiple data blocks before the upload unit uploads the target file;

加密单元,用于对所述切片单元生成的各个数据块进行加密处理。An encryption unit, configured to perform encryption processing on each data block generated by the slicing unit.

可选地,所述上传单元,用于将经过所述加密单元加密处理后的各个数据块保存到区块链云端的各个宿主节点上。Optionally, the upload unit is configured to save each data block encrypted by the encryption unit to each host node on the blockchain cloud.

可选地,所述生成单元包括:Optionally, the generating unit includes:

第一生成模块,用于为区块链中各个宿主节点上存放的数据块生成一个随机数;The first generation module is used to generate a random number for the data blocks stored on each host node in the blockchain;

第二生成模块,用于将所述第一生成模块生成的各数据块的随机数与所述数据块合并,生成一个哈希值;The second generation module is used to combine the random number of each data block generated by the first generation module with the data block to generate a hash value;

第三生成模块,用于将所述第二生成模块生成的哈希值依次合并,生成一颗完整的审计树。The third generation module is used to sequentially combine the hash values generated by the second generation module to generate a complete audit tree.

可选地,所述第一验证单元包括:Optionally, the first verification unit includes:

发送模块,用于将生成的各数据块的随机数发送给对应的各宿主节点;A sending module, configured to send the generated random numbers of each data block to corresponding host nodes;

接收模块,用于接收所述各宿主节点发送的哈希值;A receiving module, configured to receive the hash value sent by each host node;

第一对比模块,用于将接收到的哈希值与所述审计树中各宿主节点的哈希值进行对比;A first comparison module, configured to compare the received hash value with the hash value of each host node in the audit tree;

第一判断模块,用于判断各数据块是否有效,当所述第一对比模块对比的结果一致时,所述数据块有效;The first judging module is used to judge whether each data block is valid, and when the comparison results of the first comparison module are consistent, the data block is valid;

验证模块,用于验证所述目标文件的有效性,当所有数据块有效时,所述目标文件有效。The verification module is used to verify the validity of the target file. When all the data blocks are valid, the target file is valid.

第四方面,本发明提供一种区块链云端设备,所述区块链云端设备包括:In a fourth aspect, the present invention provides a block chain cloud device, and the block chain cloud device includes:

第一接收单元,用于接收客户端上传的目标文件;The first receiving unit is used to receive the target file uploaded by the client;

第二接收单元,用于接收客户端发送的各数据块的随机数;The second receiving unit is used to receive the random number of each data block sent by the client;

计算单元,用于将所述随机数与对应的数据块合并,计算各宿主节点的哈希值;a calculation unit, configured to combine the random number with the corresponding data block, and calculate the hash value of each host node;

发送单元,用于向客户端发送所述各宿主节点的哈希值,以使客户端验证各数据块的有效性。The sending unit is configured to send the hash values of the host nodes to the client, so that the client can verify the validity of each data block.

本发明实施例提供的基于区块链技术的数据审计方法、客户端及区块链云端设备,通过客户端实时生成目标文件的审计树,再将审计树经特定处理后发布到区块链中,然后根据需要向宿主备份节点发起审计,从而使客户端、宿主端根据审计树完成存储文件的有效性验证。与现有技术相比,本发明能够随时发起对存储文件的验证,并且验证过程消耗较少的网络带宽资源。The data audit method based on the block chain technology, the client and the block chain cloud device provided by the embodiment of the present invention generate the audit tree of the target file in real time through the client, and then publish the audit tree to the block chain after specific processing , and then initiate an audit to the host backup node as needed, so that the client and the host can complete the validity verification of the stored files according to the audit tree. Compared with the prior art, the invention can initiate verification of stored files at any time, and the verification process consumes less network bandwidth resources.

附图说明Description of drawings

图1为本发明一实施例基于区块链技术的数据审计方法的流程图;Fig. 1 is the flowchart of the data audit method based on block chain technology of an embodiment of the present invention;

图2为本发明另一实施例基于区块链技术的数据审计方法的流程图;Fig. 2 is the flow chart of another embodiment of the present invention based on the data auditing method of block chain technology;

图3为本发明生成审计树的实现方式示意图;Fig. 3 is a schematic diagram of an implementation of generating an audit tree in the present invention;

图4为本发明一实施例客户端的结构示意图;FIG. 4 is a schematic structural diagram of a client terminal according to an embodiment of the present invention;

图5为本发明一实施例客户端的生成单元的结构示意图;5 is a schematic structural diagram of a generating unit of a client according to an embodiment of the present invention;

图6为本发明一实施例客户端的第一验证单元的结构示意图;6 is a schematic structural diagram of a first verification unit of a client according to an embodiment of the present invention;

图7为本发明一实施例客户端的结构示意图;FIG. 7 is a schematic structural diagram of a client terminal according to an embodiment of the present invention;

图8为本发明一实施例区块链云端设备的结构示意图;8 is a schematic structural diagram of a block chain cloud device according to an embodiment of the present invention;

图9为本发明一实施例区块链云端设备的结构示意图;9 is a schematic structural diagram of a block chain cloud device according to an embodiment of the present invention;

图10为本发明一实施例区块链云端设备的第二验证单元结构示意图。FIG. 10 is a schematic structural diagram of a second verification unit of a blockchain cloud device according to an embodiment of the present invention.

具体实施方式detailed description

为使本发明实施例的目的、技术方案和优点更加清楚,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is only some embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

本发明提供一种基于区块链技术的数据审计方法,所述方法应用于客户端,如图1所示,所述方法包括:The present invention provides a data audit method based on block chain technology, the method is applied to the client, as shown in Figure 1, the method includes:

S11、向区块链云端上传目标文件;S11. Upload the target file to the blockchain cloud;

S12、生成所述目标文件的审计树;S12. Generate an audit tree of the target file;

S13、根据所述审计树,验证所述目标文件的有效性。S13. Verify the validity of the target file according to the audit tree.

本发明提供一种基于区块链技术的数据审计方法,所述方法应用于区块链云端,如图2所示,所述方法包括:The present invention provides a data audit method based on block chain technology, said method is applied to block chain cloud, as shown in Figure 2, said method includes:

S21、接收客户端上传的目标文件;S21. Receive the target file uploaded by the client;

S22、接收客户端发送的各数据块的随机数;S22. Receive the random number of each data block sent by the client;

S23、将所述随机数与对应的数据块合并,计算各宿主节点的哈希值;S23. Merge the random number with the corresponding data block, and calculate the hash value of each host node;

S24、向客户端返回所述随机数对应的各宿主节点的哈希值,以使客户端验证各数据块的有效性。S24. Return the hash value of each host node corresponding to the random number to the client, so that the client verifies the validity of each data block.

本发明实施例提供的基于区块链技术的数据审计方法,通过客户端实时生成目标文件的审计树,再将审计树经特定处理后发布到区块链中,然后根据需要向宿主备份节点发起审计,从而使客户端、宿主端根据审计树完成存储文件的有效性验证。与现有技术相比,本发明能够随时发起对存储文件的验证,并且验证过程消耗较少的网络带宽资源。In the data audit method based on blockchain technology provided by the embodiment of the present invention, the audit tree of the target file is generated in real time through the client, and then the audit tree is published to the blockchain after specific processing, and then initiated to the host backup node as needed. Audit, so that the client and the host can complete the validity verification of the stored files according to the audit tree. Compared with the prior art, the invention can initiate verification of stored files at any time, and the verification process consumes less network bandwidth resources.

具体地,用户通过客户端向区块链云端上传一个文件,为了保证区块链云端保存的文件数据不被篡改,客户端需要经常验证文件的有效性。本发明提供的基于区块链技术的数据审计方法的具体实现步骤如下:Specifically, the user uploads a file to the blockchain cloud through the client. In order to ensure that the file data stored in the blockchain cloud is not tampered with, the client needs to frequently verify the validity of the file. The specific implementation steps of the data audit method based on block chain technology provided by the present invention are as follows:

步骤一、用户通过客户端上传一个文件,系统会把文件进行切片分割成若干个数据块,每个数据块单独加密,然后保存到互联网上其他用户贡献出来的硬盘空间上。其中,贡献硬盘空间的用户节点在此成为宿主节点。Step 1. When the user uploads a file through the client, the system will slice the file into several data blocks, encrypt each data block separately, and then save it to the hard disk space contributed by other users on the Internet. Among them, the user node that contributes hard disk space becomes the host node here.

步骤二、客户端每次要验证文件时,为每个宿主节点(i)上存放的数据块(i)生成一个随机数(i),再将随机数(i)与数据块(i)合并,生成一个哈希值(i),然后依次合并,最终生成一颗完整的Merkle树(审计树),实现方式描述如图3所示。Step 2: Every time the client wants to verify the file, it generates a random number (i) for each data block (i) stored on the host node (i), and then merges the random number (i) with the data block (i) , to generate a hash value (i), and then merge them in turn to finally generate a complete Merkle tree (audit tree). The implementation description is shown in Figure 3.

步骤三、客户端将Merkle树删除叶子节点(哈希值0、哈希值1、哈希值2、哈希值3这一层)后发布到网络上,各宿主节点以此验证客户端。验证方法是,对比动态计算的根哈希值和客户端发布的根哈希值,一致则表示客户端是可信的。Step 3: The client deletes the leaf nodes of the Merkle tree (the layer with hash value 0, hash value 1, hash value 2, and hash value 3) and publishes it to the network, and each host node verifies the client. The verification method is to compare the dynamically calculated root hash value with the root hash value released by the client, and if they are consistent, it means that the client is trusted.

步骤四、客户端向宿主节点(i)验证数据块(i)时,将随机数(i)发送给宿主节点(i),然后对比宿主节点(i)返回的哈希值(i)即可判定该数据块的有效性。Step 4. When the client verifies the data block (i) to the host node (i), it sends the random number (i) to the host node (i), and then compares the hash value (i) returned by the host node (i). Determine the validity of the data block.

步骤五、当所有数据块验证有效时,确定整个文件的有效性。Step 5: When all data blocks are verified to be valid, determine the validity of the entire file.

本发明实施例还提供一种客户端,如图4所示,所述客户端包括:The embodiment of the present invention also provides a client, as shown in Figure 4, the client includes:

上传单元11,用于向区块链云端上传目标文件;Upload unit 11, for uploading the target file to the block chain cloud;

生成单元12,用于生成所述目标文件的审计树;A generating unit 12, configured to generate an audit tree of the target file;

第一验证单元13,用于根据所述审计树,验证所述目标文件的有效性。The first verification unit 13 is configured to verify the validity of the target file according to the audit tree.

可选地,如图5所示,所述客户端还包括:Optionally, as shown in Figure 5, the client further includes:

切片单元14,用于在所述上传单元11上传所述目标文件之前,将所述目标文件进行切片,生成多个数据块;A slicing unit 14, configured to slice the target file to generate a plurality of data blocks before the uploading unit 11 uploads the target file;

加密单元15,用于对所述切片单元生成的各个数据块进行加密处理。The encryption unit 15 is configured to perform encryption processing on each data block generated by the slicing unit.

可选地,如图6所示,所述生成单元12包括:Optionally, as shown in FIG. 6, the generation unit 12 includes:

第一生成模块121,用于为区块链中各个宿主节点上存放的数据块生成一个随机数;The first generation module 121 is used to generate a random number for the data blocks stored on each host node in the block chain;

第二生成模块122,用于将所述第一生成模块121生成的各数据块的随机数与所述数据块合并,生成一个哈希值;The second generating module 122 is configured to combine the random numbers of the data blocks generated by the first generating module 121 with the data blocks to generate a hash value;

第三生成模块123,用于将所述第二生成模块122生成的哈希值依次合并,生成一颗完整的审计树。The third generating module 123 is configured to sequentially combine the hash values generated by the second generating module 122 to generate a complete audit tree.

可选地,如图7所示,所述第一验证单元13包括:Optionally, as shown in FIG. 7, the first verification unit 13 includes:

发送模块131,用于将生成的各数据块的随机数发送给对应的各宿主节点;A sending module 131, configured to send the generated random numbers of each data block to corresponding host nodes;

接收模块132,用于接收所述各宿主节点发送的哈希值;A receiving module 132, configured to receive the hash value sent by each host node;

第一对比模块133,用于将所述接收模块132接收到的哈希值与所述审计树中各宿主节点的哈希值进行对比;The first comparison module 133 is configured to compare the hash value received by the receiving module 132 with the hash value of each host node in the audit tree;

第一判断模块134,用于判断各数据块是否有效,当所述第一对比模块133对比的结果一致时,所述数据块有效;The first judging module 134 is configured to judge whether each data block is valid, and when the results compared by the first comparison module 133 are consistent, the data block is valid;

验证模块135,用于验证所述目标文件的有效性,当所有数据块有效时,所述目标文件有效。The verification module 135 is configured to verify the validity of the target file. When all data blocks are valid, the target file is valid.

可选地,如图5所示,所述客户端还包括:Optionally, as shown in Figure 5, the client further includes:

发布单元16,用于在所述生成单元生成所述目标文件的审计树之后,将所述审计树删除叶子节点后发布到网络上,以使所述区块链云端验证客户端的可信性。The issuing unit 16 is configured to, after the generation unit generates the audit tree of the target file, delete the leaf nodes of the audit tree and publish it on the network, so that the blockchain cloud verifies the credibility of the client.

本发明实施例还提供一种区块链云端设备,如图8所示,所述区块链云端设备包括:The embodiment of the present invention also provides a block chain cloud device, as shown in Figure 8, the block chain cloud device includes:

第一接收单元21,用于接收客户端上传的目标文件;The first receiving unit 21 is configured to receive the target file uploaded by the client;

第二接收单元22,用于接收客户端发送的各数据块的随机数;The second receiving unit 22 is configured to receive the random number of each data block sent by the client;

计算单元23,用于将所述随机数与对应的数据块合并,计算各宿主节点的哈希值;A calculation unit 23, configured to combine the random number with the corresponding data block, and calculate the hash value of each host node;

发送单元24,用于向客户端发送所述各宿主节点的哈希值,以使客户端验证各数据块的有效性。The sending unit 24 is configured to send the hash values of the host nodes to the client, so that the client can verify the validity of each data block.

可选地,如图9所示,所述区块链云端设备还包括:Optionally, as shown in Figure 9, the block chain cloud device also includes:

第二验证单元25,用于在所述第二接收单元23接收客户端发送的各数据块的随机数之后,验证客户端的可信性。The second verification unit 25 is configured to verify the credibility of the client after the second receiving unit 23 receives the random number of each data block sent by the client.

可选地,如图10所示,所述第二验证单元25包括:Optionally, as shown in FIG. 10, the second verification unit 25 includes:

第二对比模块251,用于将所述客户端发布的审计树的哈希值与宿主节点回传的哈希值进行对比;The second comparison module 251 is used to compare the hash value of the audit tree issued by the client with the hash value returned by the host node;

第二判断模块252,用于判断所述客户端是否可信,当所述第二对比模块对比的结果一致时,判定所述客户端可信且不可抵赖。The second judging module 252 is configured to judge whether the client is credible, and when the comparison results of the second comparing module are consistent, it is judged that the client is credible and non-repudiable.

本发明实施例提供的客户端及区块链云端设备,通过客户端实时生成目标文件的审计树,再将审计树经特定处理后发布到区块链中,然后根据需要向宿主备份节点发起审计,从而使客户端、宿主端根据审计树完成存储文件的有效性验证。与现有技术相比,本发明能够随时发起对存储文件的验证,并且验证过程消耗较少的网络带宽资源。The client and the blockchain cloud device provided by the embodiment of the present invention generate the audit tree of the target file in real time through the client, and then publish the audit tree to the blockchain after specific processing, and then initiate an audit to the host backup node as needed , so that the client and the host complete the validity verification of the stored files according to the audit tree. Compared with the prior art, the invention can initiate verification of stored files at any time, and the verification process consumes less network bandwidth resources.

本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来指令相关的硬件来完成,所述的程序可存储于一计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。其中,所述的存储介质可为磁碟、光盘、只读存储记忆体(Read-Only Memory,ROM)或随机存储记忆体(Random AccessMemory,RAM)等。Those of ordinary skill in the art can understand that all or part of the processes in the methods of the above embodiments can be implemented through computer programs to instruct related hardware, and the programs can be stored in a computer-readable storage medium. During execution, it may include the processes of the embodiments of the above-mentioned methods. Wherein, the storage medium may be a magnetic disk, an optical disk, a read-only memory (Read-Only Memory, ROM) or a random access memory (Random Access Memory, RAM) and the like.

以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到的变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应该以权利要求的保护范围为准。The above is only a specific embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Anyone skilled in the art can easily think of changes or substitutions within the technical scope disclosed in the present invention. All should be covered within the protection scope of the present invention. Therefore, the protection scope of the present invention should be determined by the protection scope of the claims.

Claims (12)

1.一种基于区块链技术的数据审计方法,其特征在于,所述方法应用于客户端,所述方法包括:1. A data audit method based on blockchain technology, characterized in that, the method is applied to the client, and the method comprises: 向区块链云端上传目标文件;Upload the target file to the blockchain cloud; 动态生成所述目标文件的审计树;Dynamically generate an audit tree of the target file; 根据所述审计树,验证所述目标文件的有效性。According to the audit tree, the validity of the target file is verified. 2.根据权利要求1所述的方法,其特征在于,在所述向区块链云端上传目标文件之前,所述方法还包括:2. The method according to claim 1, wherein, before uploading the target file to the blockchain cloud, the method further comprises: 将所述目标文件进行切片,生成多个数据块;Slicing the target file to generate multiple data blocks; 对各个数据块进行加密处理。Each data block is encrypted. 3.根据权利要求2所述的方法,其特征在于,所述向区块链云端上传目标文件包括:将经过加密处理后的各个数据块保存到区块链云端的各个宿主节点上。3. The method according to claim 2, wherein the uploading the target file to the block chain cloud comprises: saving each encrypted data block on each host node of the block chain cloud. 4.根据权利要求3所述的方法,其特征在于,所述动态生成所述目标文件的审计树包括:4. The method according to claim 3, wherein the dynamically generating the audit tree of the target file comprises: 为区块链中各个宿主节点上存放的数据块生成一个随机数;Generate a random number for the data blocks stored on each host node in the blockchain; 将生成的各数据块的随机数与所述数据块合并,生成一个哈希值;Merge the generated random number of each data block with the data block to generate a hash value; 将生成的哈希值依次合并,生成一棵完整的审计树。Combine the generated hash values sequentially to generate a complete audit tree. 5.根据权利要求4所述的方法,其特征在于,所述验证所述目标文件的有效性包括:5. The method according to claim 4, wherein the verification of the validity of the target file comprises: 将生成的各数据块的随机数发送给对应的各宿主节点;Send the generated random numbers of each data block to the corresponding host nodes; 接收所述各宿主节点发送的的哈希值;receiving the hash value sent by each host node; 将接收到的哈希值与所述审计树中各宿主节点的哈希值进行对比;comparing the received hash value with the hash value of each host node in the audit tree; 判断各数据块是否有效,当对比一致时,所述数据块有效;Judging whether each data block is valid, when the comparison is consistent, the data block is valid; 验证所述目标文件的有效性,当所有数据块有效时,所述目标文件有效。The validity of the target file is verified, and when all data blocks are valid, the target file is valid. 6.一种基于区块链技术的数据审计方法,其特征在于,所述方法应用于区块链云端,所述方法包括:6. A data audit method based on block chain technology, characterized in that, the method is applied to block chain cloud, and the method comprises: 接收客户端上传的目标文件;Receive the target file uploaded by the client; 接收客户端发送的各数据块的随机数;Receive the random number of each data block sent by the client; 将所述随机数与对应的数据块合并,计算各宿主节点的哈希值;Merge the random number with the corresponding data block, and calculate the hash value of each host node; 向客户端发送所述各宿主节点的哈希值,以使客户端验证各数据块的有效性。Send the hash value of each host node to the client, so that the client verifies the validity of each data block. 7.一种客户端,其特征在于,所述客户端包括:7. A client, characterized in that the client includes: 上传单元,用于向区块链云端上传目标文件;The upload unit is used to upload the target file to the block chain cloud; 生成单元,用于动态生成所述目标文件的审计树;A generating unit, configured to dynamically generate the audit tree of the target file; 第一验证单元,用于根据所述审计树,验证所述目标文件的有效性。The first verification unit is configured to verify the validity of the target file according to the audit tree. 8.根据权利要求7所述的客户端,其特征在于,所述客户端还包括:8. The client according to claim 7, wherein the client further comprises: 切片单元,用于在所述上传单元上传所述目标文件之前,将所述目标文件进行切片,生成多个数据块;a slicing unit, configured to slice the target file to generate multiple data blocks before the upload unit uploads the target file; 加密单元,用于对所述切片单元生成的各个数据块进行加密处理。An encryption unit, configured to perform encryption processing on each data block generated by the slicing unit. 9.根据权利要求8所述的客户端,其特征在于,所述上传单元,用于将经过所述加密单元加密处理后的各个数据块保存到区块链云端的各个宿主节点上。9. The client according to claim 8, wherein the upload unit is configured to save each data block encrypted by the encryption unit to each host node on the block chain cloud. 10.根据权利要求9所述的客户端,其特征在于,所述生成单元包括:10. The client according to claim 9, wherein the generating unit comprises: 第一生成模块,用于为区块链中各个宿主节点上存放的数据块生成一个随机数;The first generation module is used to generate a random number for the data blocks stored on each host node in the blockchain; 第二生成模块,用于将所述第一生成模块生成的各数据块的随机数与所述数据块合并,生成一个哈希值;The second generation module is used to combine the random number of each data block generated by the first generation module with the data block to generate a hash value; 第三生成模块,用于将所述第二生成模块生成的哈希值依次合并,生成一颗完整的审计树。The third generation module is used to sequentially combine the hash values generated by the second generation module to generate a complete audit tree. 11.根据权利要求10所述的客户端,其特征在于,所述第一验证单元包括:11. The client according to claim 10, wherein the first verification unit comprises: 发送模块,用于将生成的各数据块的随机数发送给对应的各宿主节点;A sending module, configured to send the generated random numbers of each data block to corresponding host nodes; 接收模块,用于接收所述各宿主节点发送的哈希值;A receiving module, configured to receive the hash value sent by each host node; 第一对比模块,用于将所述接收模块接收到的哈希值与所述审计树中各宿主节点的哈希值进行对比;A first comparison module, configured to compare the hash value received by the receiving module with the hash value of each host node in the audit tree; 第一判断模块,用于判断各数据块是否有效,当所述第一对比模块对比的结果一致时,所述数据块有效;The first judging module is used to judge whether each data block is valid, and when the comparison results of the first comparison module are consistent, the data block is valid; 验证模块,用于验证所述目标文件的有效性,当所有数据块有效时,所述目标文件有效。The verification module is used to verify the validity of the target file. When all the data blocks are valid, the target file is valid. 12.一种区块链云端设备,其特征在于,所述区块链云端设备包括:12. A block chain cloud device, characterized in that, the block chain cloud device includes: 第一接收单元,用于接收客户端上传的目标文件;The first receiving unit is used to receive the target file uploaded by the client; 第二接收单元,用于接收客户端发送的各数据块的随机数;The second receiving unit is used to receive the random number of each data block sent by the client; 计算单元,用于将所述随机数与对应的数据块合并,计算各宿主节点的哈希值;a calculation unit, configured to combine the random number with the corresponding data block, and calculate the hash value of each host node; 发送单元,用于向客户端发送所述各宿主节点的哈希值,以使客户端验证各数据块的有效性。The sending unit is configured to send the hash values of the host nodes to the client, so that the client can verify the validity of each data block.
CN201710103752.4A 2017-02-24 2017-02-24 Data Audit method, client and block chain cloud device based on block chain technology Pending CN106936818A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710103752.4A CN106936818A (en) 2017-02-24 2017-02-24 Data Audit method, client and block chain cloud device based on block chain technology

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710103752.4A CN106936818A (en) 2017-02-24 2017-02-24 Data Audit method, client and block chain cloud device based on block chain technology

Publications (1)

Publication Number Publication Date
CN106936818A true CN106936818A (en) 2017-07-07

Family

ID=59423386

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710103752.4A Pending CN106936818A (en) 2017-02-24 2017-02-24 Data Audit method, client and block chain cloud device based on block chain technology

Country Status (1)

Country Link
CN (1) CN106936818A (en)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108076063A (en) * 2017-12-25 2018-05-25 天津理工大学 Network O&M auditing method, server terminal and client based on block chain
CN108256353A (en) * 2018-01-11 2018-07-06 武汉斗鱼网络科技有限公司 A kind of data integrity verifying method, apparatus and client
CN108364223A (en) * 2017-12-29 2018-08-03 阿里巴巴集团控股有限公司 A kind of method and device of Data Audit
CN108664221A (en) * 2018-05-11 2018-10-16 北京奇虎科技有限公司 A kind of data proof of possession method, apparatus and readable storage medium storing program for executing
CN108681583A (en) * 2018-05-11 2018-10-19 北京奇虎科技有限公司 Data proof of possession method, apparatus and readable storage medium storing program for executing based on block chain
CN108881421A (en) * 2018-06-05 2018-11-23 天津大学 Cloud service Data Audit method based on block chain
CN108900505A (en) * 2018-06-28 2018-11-27 中国科学院软件研究所 A kind of cluster audit management-control method based on block chain technology
CN109471903A (en) * 2018-10-25 2019-03-15 深圳壹账通智能科技有限公司 Method, device and computer equipment for sharing blockchain information
CN109697204A (en) * 2017-10-23 2019-04-30 阿里巴巴集团控股有限公司 Data auditing method and device
CN109768954A (en) * 2017-11-09 2019-05-17 诺基亚通信公司 Method and apparatus for the integrity protection system supported by block chain
CN110365766A (en) * 2019-07-12 2019-10-22 全链通有限公司 Cloud storage method, equipment and computer readable storage medium based on block chain
US10476701B2 (en) 2017-11-21 2019-11-12 National Chiao Tung University Method for high-security data transmission of blockchain
CN110636087A (en) * 2018-06-21 2019-12-31 北京果仁宝软件技术有限责任公司 Data processing method and system based on alliance chain
CN111652458A (en) * 2020-04-09 2020-09-11 南京审计大学 An engineering audit method based on blockchain technology
CN111698278A (en) * 2020-04-10 2020-09-22 湖南大学 Multi-cloud data storage method based on block chain
CN112311548A (en) * 2020-03-25 2021-02-02 北京沃东天骏信息技术有限公司 Data possession verification method, system, apparatus, and computer-readable storage medium

Cited By (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10789644B2 (en) 2017-10-23 2020-09-29 Alibaba Group Holding Limited Data auditing method and device
US11087398B2 (en) 2017-10-23 2021-08-10 Advanced New Technologies Co., Ltd. Data auditing method and device
CN109697204B (en) * 2017-10-23 2021-03-30 创新先进技术有限公司 Method and device for data auditing
US10885581B2 (en) 2017-10-23 2021-01-05 Advanced New Technologies Co., Ltd. Data auditing method and device
CN109697204A (en) * 2017-10-23 2019-04-30 阿里巴巴集团控股有限公司 Data auditing method and device
US11449932B2 (en) 2017-10-23 2022-09-20 Advanced New Technologies Co., Ltd. Data auditing method and device
CN109768954B (en) * 2017-11-09 2021-09-21 诺基亚通信公司 Method and apparatus for integrity protection system supported by blockchain
CN109768954A (en) * 2017-11-09 2019-05-17 诺基亚通信公司 Method and apparatus for the integrity protection system supported by block chain
US10476701B2 (en) 2017-11-21 2019-11-12 National Chiao Tung University Method for high-security data transmission of blockchain
CN108076063A (en) * 2017-12-25 2018-05-25 天津理工大学 Network O&M auditing method, server terminal and client based on block chain
US11295381B2 (en) 2017-12-29 2022-04-05 Advanced New Technologies Co., Ltd. Data auditing method and device
CN108364223A (en) * 2017-12-29 2018-08-03 阿里巴巴集团控股有限公司 A kind of method and device of Data Audit
CN108364223B (en) * 2017-12-29 2021-01-26 创新先进技术有限公司 Method and device for data auditing
CN108256353B (en) * 2018-01-11 2021-01-01 武汉斗鱼网络科技有限公司 Data integrity checking method and device and client
CN108256353A (en) * 2018-01-11 2018-07-06 武汉斗鱼网络科技有限公司 A kind of data integrity verifying method, apparatus and client
CN108664221B (en) * 2018-05-11 2022-04-01 北京奇虎科技有限公司 Data holding certification method, device and readable storage medium
CN108681583A (en) * 2018-05-11 2018-10-19 北京奇虎科技有限公司 Data proof of possession method, apparatus and readable storage medium storing program for executing based on block chain
CN108664221A (en) * 2018-05-11 2018-10-16 北京奇虎科技有限公司 A kind of data proof of possession method, apparatus and readable storage medium storing program for executing
CN108881421A (en) * 2018-06-05 2018-11-23 天津大学 Cloud service Data Audit method based on block chain
CN110636087B (en) * 2018-06-21 2022-04-12 北京果仁宝软件技术有限责任公司 Data processing method and system based on alliance chain
CN110636087A (en) * 2018-06-21 2019-12-31 北京果仁宝软件技术有限责任公司 Data processing method and system based on alliance chain
CN108900505A (en) * 2018-06-28 2018-11-27 中国科学院软件研究所 A kind of cluster audit management-control method based on block chain technology
CN109471903A (en) * 2018-10-25 2019-03-15 深圳壹账通智能科技有限公司 Method, device and computer equipment for sharing blockchain information
CN110365766A (en) * 2019-07-12 2019-10-22 全链通有限公司 Cloud storage method, equipment and computer readable storage medium based on block chain
CN112311548A (en) * 2020-03-25 2021-02-02 北京沃东天骏信息技术有限公司 Data possession verification method, system, apparatus, and computer-readable storage medium
CN111652458A (en) * 2020-04-09 2020-09-11 南京审计大学 An engineering audit method based on blockchain technology
CN111652458B (en) * 2020-04-09 2023-09-26 南京审计大学 Engineering auditing method based on blockchain technology
CN111698278A (en) * 2020-04-10 2020-09-22 湖南大学 Multi-cloud data storage method based on block chain

Similar Documents

Publication Publication Date Title
CN106936818A (en) Data Audit method, client and block chain cloud device based on block chain technology
US10878248B2 (en) Media authentication using distributed ledger
CN104333580B (en) A cloud service-based account management system and method thereof
CN108270874B (en) Application program updating method and device
US10237260B2 (en) Increased communication security
KR20220006623A (en) Blockchain consensus method, device and system
US11184168B2 (en) Method for storing data on a storage entity
CN102045356B (en) Cloud-storage-oriented trusted storage verification method and system
CN112866310A (en) CDN back-to-source verification method and verification server, and CDN cluster
CN109542862B (en) Method, device and system for controlling mounting of file system
CN108182367A (en) A kind of encrypted data chunk client De-weight method for supporting data update
EP3659311A1 (en) Data stream integrity
CN105991596B (en) An access control method and system
CN110175169A (en) A kind of encryption data De-weight method, system and relevant apparatus
US10389714B2 (en) Increased communication security
JP2023535633A (en) verifying tracked portions of received sensor data using computer cryptography;
CN105187218A (en) Digital record signature method for multicore infrastructure and verification method
CN112306970B (en) Processing method, device, equipment and storage medium of container mirror warehouse
US9860230B1 (en) Systems and methods for digitally signing executables with reputation information
Heo et al. Ppos: Practical proof of storage for blockchain full nodes
Wang et al. Outsourced data integrity checking with practical key update in edge-cloud resilient networks
Qi et al. Blockchain-Based Light-Weighted Provable Data Possession for Low Performance Devices.
CN107395772B (en) A kind of management method and management system of repeated data
Kumar et al. Analysis and design of an optimized secure auditing protocol for storing data dynamically in cloud computing
WO2020093609A1 (en) Block generation method, apparatus and device for blockchain, and non-volatile readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170707

RJ01 Rejection of invention patent application after publication