CN112270007A - Data safe box implementation method based on block chain - Google Patents
Data safe box implementation method based on block chain Download PDFInfo
- Publication number
- CN112270007A CN112270007A CN202011202563.0A CN202011202563A CN112270007A CN 112270007 A CN112270007 A CN 112270007A CN 202011202563 A CN202011202563 A CN 202011202563A CN 112270007 A CN112270007 A CN 112270007A
- Authority
- CN
- China
- Prior art keywords
- data
- user
- ciphertext
- block chain
- handheld terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 238000012217 deletion Methods 0.000 claims description 8
- 230000037430 deletion Effects 0.000 claims description 8
- 238000012790 confirmation Methods 0.000 claims description 6
- 239000012634 fragment Substances 0.000 claims description 5
- 238000013475 authorization Methods 0.000 claims description 3
- 238000013467 fragmentation Methods 0.000 claims description 3
- 238000006062 fragmentation reaction Methods 0.000 claims description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 238000013523 data management Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Bioethics (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Business, Economics & Management (AREA)
- Health & Medical Sciences (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- Technology Law (AREA)
- General Business, Economics & Management (AREA)
- Computing Systems (AREA)
- Data Mining & Analysis (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a block chain-based data safe implementation method. The invention utilizes the encryption technology to comprehensively encrypt the data content of the user, ensures the end-to-end safety and privacy of the data, utilizes the block chain technology to create a decentralized block chain network, supports the user to trace and trace the storage and use conditions of the data on the chain through a unique identity through terminals such as mobile phone application and the like, and enhances the controllability and traceability of the user to the data. The invention has the characteristics that the right of an individual to own data is effectively ensured, and the data are marked in the block chain network in the using process, so that the information is ensured to be real, credible, untrustable and traceable.
Description
Technical Field
The invention relates to a block chain technology-based safe and controllable cloud storage and cloud transmission method for providing data of a user.
Background
In the internet era, secure storage and circulation of electronic data is of great importance, especially with respect to the user's own private data. On one hand, the traditional privacy data management scheme needs to completely depend on credit endorsements of service providers, and users lack controllability on own data; on the other hand, security events such as leakage, tampering, loss and embezzlement of user privacy data occur frequently, effective and credible supervision of the data in the use process of the internet cannot be achieved, and when disputes occur, authoritative evidence data are lacked for tracing.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: in the online storage and transmission of user data, the existing system scheme relying on centralization cannot meet the requirements of high safety and high controllability.
In order to solve the technical problem, the technical scheme of the invention is to provide a block chain-based data safe implementation method, which is characterized by comprising the following steps:
step 1, a user registers a distributed identity which can uniquely identify the identity in a block chain network, obtains an address and a key which are uniquely corresponding to the current distributed identity, manages the data operation authority of the current user, and obtains authority information which is uniquely corresponding to the current distributed identity;
step 2, the registered user logs in the data safe system by using the handheld terminal APP, the data safe system confirms the identity by using the received distributed identity of the current user through the authentication or authorization module, and after the identity is confirmed, the registered user enters the data safe system;
step 3, after the user logs in the data safe box system, if the data needs to be stored, the step 4 is entered, and if the data stored in the data safe box system needs to be subjected to related operation according to the corresponding authority, the step 5 is entered;
step 4, the step of storing the data into the data safe box system by the user comprises the following steps:
step 401, after selecting data to be stored, a user calls a local encryption module of the handheld terminal, and the encryption module uses a key generated by an encryption service and issued to the current handheld terminal to perform one-to-one encryption on the data to be stored to form a ciphertext file;
step 402, the handheld terminal APP sends the ciphertext file to the corresponding block link node through the network by using a digital envelope and digital signature technology;
step 403, each node of the block chain receives a ciphertext file transmitted by the handheld terminal APP, checks the signature through an intelligent contract, makes corresponding business rule judgment, returns a unique hash value generated based on a certificate storage object for chaining after multi-block chain node consensus confirmation, and records a block chain account book;
404, the ciphertext file of the user is uploaded to an IPFS distributed file system in a ciphertext mode by adopting a data fragmentation technology and encryption, and is stored in a plurality of machine rooms in a scattered manner, so that the data is stored in a data safe box system, the data safe box system cannot decrypt the ciphertext file transmitted by the user in the process, and the privacy of the user data is ensured;
step 5, the user carries out related operation on the data stored in the data safe box system, and the method comprises the following steps:
step 501, a user sends a data operation request to a data safe system by using a handheld terminal APP;
step 502, the block chain network confirms whether the current user has the corresponding operation authority or not by using the distributed identity of the current user and the corresponding authority information, and enters the next step after the confirmation is passed;
step 503, the node server collects ciphertext data required by the current user to perform relevant operations and feeds the ciphertext data back to the handheld terminal APP;
and step 504, after the handheld terminal APP locally calls the encryption and decryption software to decrypt the data according to the key corresponding to the ciphertext, the data is subjected to relevant operation.
Preferably, in step 401, the encryption module is embedded in the handheld terminal APP.
Preferably, in step 503, downloading the file fragment from the node server with the best performance provided by the IPFS distributed file system, restoring the ciphertext data required by the current user to perform the relevant operation, and feeding back the ciphertext data to the handheld terminal APP.
Preferably, when the user performs related operations on the data stored in the data safe system, the user calls the process record of the data to chain, so as to realize the full-life-cycle management on the use of the data.
Preferably, the operation performed by the user on the data stored in the data safe system comprises data viewing, data downloading, data moving, data deleting or data sharing.
Preferably, when a user executes data downloading or data deletion on a chain, the deletion of source data or ciphertext data is really executed, the data downloading is to be executed to take out data from the IPFS distributed file system, and the data deletion is to be executed to destroy the data from the IPFS distributed file system.
Preferably, the user searches the storage and use conditions of the personal data of the target user on the blockchain through a blockchain browser provided by the data safe system at least according to the distributed identity, the data identifier and the transaction hash, and traces the source.
The invention utilizes the encryption technology to comprehensively encrypt the data content of the user, ensures the end-to-end safety and privacy of the data, utilizes the block chain technology to create a decentralized block chain network, supports the user to trace and trace the storage and use conditions of the data on the chain through a unique identity through terminals such as mobile phone application and the like, and enhances the controllability and traceability of the user to the data. The invention has the characteristics that the right of an individual to own data is effectively ensured, and the data are marked in the block chain network in the using process, so that the information is ensured to be real, credible, untrustable and traceable.
Drawings
FIG. 1 is a flow chart of a user storing data in a data safe system;
FIG. 2 is a flow chart of a user's associated operations on data stored in a data safe system.
Detailed Description
The invention will be further illustrated with reference to the following specific examples. It should be understood that these examples are for illustrative purposes only and are not intended to limit the scope of the present invention. Further, it should be understood that various changes or modifications of the present invention may be made by those skilled in the art after reading the teaching of the present invention, and such equivalents may fall within the scope of the present invention as defined in the appended claims.
The invention provides a block chain-based data safe implementation method which comprises the following steps:
step 1, a user registers a distributed identity which can uniquely identify the identity in a block chain network, obtains an address and a key which are uniquely corresponding to the current distributed identity, manages the data operation authority of the current user, and obtains authority information which is uniquely corresponding to the current distributed identity;
step 2, the registered user logs in the data safe system by using the handheld terminal APP, the data safe system confirms the identity by using the received distributed identity of the current user through the authentication or authorization module, and after the identity is confirmed, the registered user enters the data safe system;
step 3, after the user logs in the data safe box system, if the data needs to be stored, the step 4 is entered, and if the data stored in the data safe box system needs to be subjected to related operation according to the corresponding authority, the step 5 is entered;
step 4, as shown in fig. 1, the step of storing data into the data safe system by the user comprises the following steps:
step 401, after selecting data to be stored, a user calls an encryption module embedded in a handheld terminal APP, and the encryption module generates and issues a key to the current handheld terminal by using an encryption service to encrypt the data to be stored one to form a ciphertext file;
step 402, the handheld terminal APP sends the ciphertext file to the corresponding block link node through the network by using a digital envelope and digital signature technology;
step 403, each node of the block chain receives a ciphertext file transmitted by the handheld terminal APP, checks the signature through an intelligent contract, makes corresponding business rule judgment, returns a unique hash value generated based on a certificate storage object for chaining after multi-block chain node consensus confirmation, and records a block chain account book;
404, the ciphertext File of the user is uploaded to an IPFS (Internet File System) distributed File System in a ciphertext form by adopting a data fragmentation technology and encryption, and is stored in a plurality of machine rooms in a scattered manner, so that the data is stored in a data safe box System, the data safe box System cannot decrypt the ciphertext File transmitted by the user in the process, and the privacy of the user data is ensured;
step 5, as shown in fig. 2, the user performing the relevant operation on the data of the stored data safe system includes the following steps:
step 501, a user sends a data checking, data downloading, data moving, data deleting or data sharing request to a data safe system by using a handheld terminal APP;
step 502, the block chain network confirms whether the current user has the corresponding operation authority or not by using the distributed identity of the current user and the corresponding authority information, and enters the next step after the confirmation is passed;
step 503, the node server collects ciphertext data required by the current user to perform the relevant operation and feeds the ciphertext data back to the handheld terminal APP, the method supports downloading and restoring the file fragments from the node with the optimal performance provided by the IPFS distributed file system, and therefore in the step, the file fragments are downloaded from the node server with the optimal performance provided by the IPFS distributed file system, and the ciphertext data required by the current user to perform the relevant operation is returned to the handheld terminal APP after restoring the ciphertext fragments;
and step 504, after the handheld terminal APP locally calls the encryption and decryption software to decrypt data according to the key corresponding to the ciphertext, the preview, the download, the movement, the deletion or the sharing of the privacy data are realized. When a user executes data downloading or data deleting on the chain, the deletion of source data or ciphertext data is really executed, the data downloading is to be taken out from the IPFS distributed file system, and the data deleting is to be destroyed from the IPFS distributed file system.
When the user carries out related operation on the data stored in the data safe box system, the user calls the process record of the data to chain, and the management of the full life cycle of the use of the data is realized.
The invention also provides a blockchain browser, and a user can inquire the storage and use conditions of personal data of a target user on the blockchain according to the distributed identity identifier, the data identifier, the transaction hash and the like through the blockchain browser provided by the data safe system, and can trace the origin.
According to the method, a multi-node blockchain network is built by using a blockchain technology, data uploaded to a cloud end by a user are encrypted, stored and transmitted, the operation condition of traceable personal data on the blockchain is tracked, the user has absolute management authority on the data, including an attribution right, a viewing right, a tracing right, a calling right and a using right, the platform cannot decrypt the data of the user, the attribution right is not possessed, and the controllability of the user on the data is enhanced.
With the importance of citizens on personal privacy data, the invention can effectively manage and define the attribution authority of the data of the users, and overcomes the unique defect of a central node in the traditional data storage scheme; and related records can not be tampered and traced, so that the problems that data can not be traced and cannot be monitored in the storage and use processes are solved, and the privacy and the safety of the data can still be ensured in a distrusted environment.
Claims (7)
1. A block chain-based data safe implementation method is characterized by comprising the following steps:
step 1, a user registers a distributed identity which can uniquely identify the identity in a block chain network, obtains an address and a key which are uniquely corresponding to the current distributed identity, manages the data operation authority of the current user, and obtains authority information which is uniquely corresponding to the current distributed identity;
step 2, the registered user logs in the data safe system by using the handheld terminal APP, the data safe system confirms the identity by using the received distributed identity of the current user through the authentication or authorization module, and after the identity is confirmed, the registered user enters the data safe system;
step 3, after the user logs in the data safe box system, if the data needs to be stored, the step 4 is entered, and if the data stored in the data safe box system needs to be subjected to related operation according to the corresponding authority, the step 5 is entered;
step 4, the step of storing the data into the data safe box system by the user comprises the following steps:
step 401, after selecting data to be stored, a user calls a local encryption module of the handheld terminal, and the encryption module uses a key generated by an encryption service and issued to the current handheld terminal to perform one-to-one encryption on the data to be stored to form a ciphertext file;
step 402, the handheld terminal APP sends the ciphertext file to the corresponding block link node through the network by using a digital envelope and digital signature technology;
step 403, each node of the block chain receives a ciphertext file transmitted by the handheld terminal APP, checks the signature through an intelligent contract, makes corresponding business rule judgment, returns a unique hash value generated based on a certificate storage object for chaining after multi-block chain node consensus confirmation, and records a block chain account book;
404, the ciphertext file of the user is uploaded to an IPFS distributed file system in a ciphertext mode by adopting a data fragmentation technology and encryption, and is stored in a plurality of machine rooms in a scattered manner, so that the data is stored in a data safe box system, the data safe box system cannot decrypt the ciphertext file transmitted by the user in the process, and the privacy of the user data is ensured;
step 5, the user carries out related operation on the data stored in the data safe box system, and the method comprises the following steps:
step 501, a user sends a data operation request to a data safe system by using a handheld terminal APP;
step 502, the block chain network confirms whether the current user has the corresponding operation authority or not by using the distributed identity of the current user and the corresponding authority information, and enters the next step after the confirmation is passed;
step 503, the node server collects ciphertext data required by the current user to perform relevant operations and feeds the ciphertext data back to the handheld terminal APP;
and step 504, after the handheld terminal APP locally calls the encryption and decryption software to decrypt the data according to the key corresponding to the ciphertext, the data is subjected to relevant operation.
2. The method according to claim 1, wherein in step 401, the encryption module is embedded in the handheld terminal APP.
3. The method according to claim 1, wherein in step 503, the file fragments are downloaded from the node server with the best performance provided by the IPFS distributed file system, and the ciphertext data required by the current user for performing the relevant operation is restored and fed back to the handheld terminal APP.
4. The method as claimed in claim 1, wherein when the user performs the related operation on the data stored in the data safe system, the user links the process record of the data invoked by the user, so as to implement the full-life management on the use of the data.
5. The method as claimed in claim 1, wherein the operation performed by the user on the data stored in the data safe system includes data viewing, data downloading, data moving, data deleting, or data sharing.
6. The method as claimed in claim 5, wherein when a user performs data download or data deletion on a chain, the user actually performs deletion of source data or ciphertext data, the data download is performed to remove data from the IPFS distributed file system, and the data deletion is performed to destroy data from the IPFS distributed file system.
7. The method as claimed in claim 1, wherein the user traces the source by querying the storage and usage of the personal data of the target user on the blockchain at least according to the distributed id, the data id and the transaction hash through a blockchain browser provided by the data safe system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011202563.0A CN112270007A (en) | 2020-11-02 | 2020-11-02 | Data safe box implementation method based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011202563.0A CN112270007A (en) | 2020-11-02 | 2020-11-02 | Data safe box implementation method based on block chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112270007A true CN112270007A (en) | 2021-01-26 |
Family
ID=74345497
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011202563.0A Pending CN112270007A (en) | 2020-11-02 | 2020-11-02 | Data safe box implementation method based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112270007A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113468578A (en) * | 2021-07-23 | 2021-10-01 | 永旗(北京)科技有限公司 | Block chain-based Internet of things data privacy protection method |
| CN113656824A (en) * | 2021-10-21 | 2021-11-16 | 成都理工大学 | Intelligent terminal information safety interaction method of Internet of things based on block chain and IPFS technology |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110245511A (en) * | 2019-06-24 | 2019-09-17 | 浪潮卓数大数据产业发展有限公司 | A kind of file encryption storage method based on block chain |
| CN110390370A (en) * | 2019-07-24 | 2019-10-29 | 北京派克盛宏电子科技有限公司 | Livestock culturing source tracing method based on block chain and RFID |
| CN111368319A (en) * | 2020-03-04 | 2020-07-03 | 西安电子科技大学 | Block chain-based data security access method in federated learning environment |
| CN111695648A (en) * | 2019-06-24 | 2020-09-22 | 刘启强 | Block chain electronic tag device and product traceability authentication system |
| CN111726343A (en) * | 2020-06-11 | 2020-09-29 | 桂林电子科技大学 | Electronic official document safe transmission method based on IPFS and block chain |
-
2020
- 2020-11-02 CN CN202011202563.0A patent/CN112270007A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110245511A (en) * | 2019-06-24 | 2019-09-17 | 浪潮卓数大数据产业发展有限公司 | A kind of file encryption storage method based on block chain |
| CN111695648A (en) * | 2019-06-24 | 2020-09-22 | 刘启强 | Block chain electronic tag device and product traceability authentication system |
| CN110390370A (en) * | 2019-07-24 | 2019-10-29 | 北京派克盛宏电子科技有限公司 | Livestock culturing source tracing method based on block chain and RFID |
| CN111368319A (en) * | 2020-03-04 | 2020-07-03 | 西安电子科技大学 | Block chain-based data security access method in federated learning environment |
| CN111726343A (en) * | 2020-06-11 | 2020-09-29 | 桂林电子科技大学 | Electronic official document safe transmission method based on IPFS and block chain |
Non-Patent Citations (2)
| Title |
|---|
| 郭叶斌等: "基于区块链的加密云存储平台模型研究", 《软件导刊》, vol. 19, no. 1, pages 2 - 4 * |
| 陈烨等: "基于区块链的网络安全技术综述", 《电信科学》, no. 03, pages 16 - 22 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113468578A (en) * | 2021-07-23 | 2021-10-01 | 永旗(北京)科技有限公司 | Block chain-based Internet of things data privacy protection method |
| CN113656824A (en) * | 2021-10-21 | 2021-11-16 | 成都理工大学 | Intelligent terminal information safety interaction method of Internet of things based on block chain and IPFS technology |
| CN113656824B (en) * | 2021-10-21 | 2021-12-28 | 成都理工大学 | Intelligent terminal information safety interaction method of Internet of things based on block chain and IPFS technology |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111914269A (en) | Data security sharing method and system under block chain and cloud storage environment | |
| TWI420339B (en) | Software authorization system and method | |
| CN103297428B (en) | A kind of cloud storage system data guard method | |
| CN101075866B (en) | Method and system for loading message on Internet | |
| CN113067699B (en) | Data sharing method and device based on quantum key and computer equipment | |
| CN113420319A (en) | Data privacy protection method and system based on block chain and permission contract | |
| CN103107889A (en) | System and method for cloud computing environment data encryption storage and capable of searching | |
| CN111292041A (en) | Electronic contract generating method, device, equipment and storage medium | |
| CN106100834B (en) | A kind of generation and update method in algorithm secret key library | |
| CN101841411B (en) | Data resource anti-copying encrypted transmission method and device system | |
| CN112270007A (en) | Data safe box implementation method based on block chain | |
| CN111488372A (en) | Data processing method, device and storage medium | |
| CN102546580A (en) | Method, system and device for updating user password | |
| CN107070856A (en) | Encryption/decryption speed improvement method of encryption is applied compoundly | |
| CN112860791A (en) | Cross-network data synchronous control system, method and storage medium | |
| CN101345624A (en) | Document access system and method | |
| CN111314066B (en) | Block chain-based data transfer method, terminal and computer-readable storage medium | |
| CN111523132A (en) | Data storage and transmission method and device based on identification technology | |
| CN108846671B (en) | Online secure transaction method and system based on block chain | |
| CN110008727B (en) | Encryption sensitive parameter processing method and device, computer equipment and storage medium | |
| CN115865461B (en) | Method and system for distributing data in high-performance computing cluster | |
| US20200043016A1 (en) | Network node for processing measurement data | |
| CN113810421A (en) | Block chain-based PRE Internet of things data sharing method and system | |
| CN113328860A (en) | Block chain-based user privacy data security providing method | |
| JP6424382B1 (en) | A secure cloud server that stores incoming data in an intra |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |