CN113938491A - Instruction data traceable tamper-proof method and system based on block chain technology - Google Patents

Instruction data traceable tamper-proof method and system based on block chain technology Download PDF

Info

Publication number
CN113938491A
CN113938491A CN202111027263.8A CN202111027263A CN113938491A CN 113938491 A CN113938491 A CN 113938491A CN 202111027263 A CN202111027263 A CN 202111027263A CN 113938491 A CN113938491 A CN 113938491A
Authority
CN
China
Prior art keywords
instruction
block
functional end
block chain
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111027263.8A
Other languages
Chinese (zh)
Other versions
CN113938491B (en
Inventor
蒋卓君
杨嵘
王凤梅
张成伟
张中一
郭江
李舒
刘庆云
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Information Engineering of CAS
Original Assignee
Institute of Information Engineering of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Information Engineering of CAS filed Critical Institute of Information Engineering of CAS
Priority to CN202111027263.8A priority Critical patent/CN113938491B/en
Publication of CN113938491A publication Critical patent/CN113938491A/en
Application granted granted Critical
Publication of CN113938491B publication Critical patent/CN113938491B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a traceable instruction data tamper-proof method and a traceable instruction data tamper-proof system based on a block chain technology. The invention mainly comprises the following steps: 1) instruction tamper-proofing technology based on blockchains: the abstract function values of all instruction issuing stage files are stored through a chain table and a block chain structure of a binary tree, the data volume of an issuing block is reduced to shorten the upstream and downstream communication time, and the data volume is issued along with a normal service instruction, so that the bandwidth cost is saved; when the file is tampered, the safety of the subsequent instruction issuing is not affected, the file is quickly positioned according to the abstract function value of each link file on the block chain, and then an alarm mechanism is matched to timely discover and effectively process the tampering action. 2) An instruction consistency checking technology based on double-chain dynamic adjustment comprises the following steps: two block chains are established at a functional end node, real-time verification of a downstream service system is realized through the modes of end-to-end connection of double chains, block confirmation, formal uplink and the like, and the performance problem caused by frequent decryption in the prior art is solved.

Description

Instruction data traceable tamper-proof method and system based on block chain technology
Technical Field
The invention designs an instruction data traceable tamper-proof method and system based on a block chain technology in a cross-domain environment, and belongs to the technical field of network security and instruction distribution.
Background
With the expansion of enterprise scale and the decentralization of target groups, the instruction data transmission technology plays an increasingly important role in the information age. When the corporate headquarters passes information to the affiliates, third party agencies, or other edge systems distributed throughout the locality by issuing command systems, the security of the system presents a significant challenge: firstly, network jitter is easy to occur in a cross-domain environment, and further, security attack events of some lawbreakers are triggered, such as data stealing, tampering, counterfeiting and the like; secondly, after the instruction is issued to the edge system, a series of historical files are formed, and when the instruction is read and used in downstream business, the integrity and the correctness of the instruction file need to be ensured, namely the data is not tampered after falling to the ground; finally, the security guarantee mechanism of the instruction and the service system need to keep synchronization in real time, that is, when the instruction data is issued to the edge system and forms a file, the security guarantee mechanism can check the data.
Most of the current security guarantee mechanisms are realized by encrypting and decrypting data. Patent CN108429735A proposes a feature data encryption method, which is to acquire original data, convert the original data into hexadecimal coded second data, and ensure the security of the data by means of software and hardware encryption. Patent CN107276744A proposes to convert the file text into binary text data in the form of data stream, and encrypt and combine them in sequence, and finally convert them into file ciphertext.
The defects of the prior art are mainly as follows:
1. diversification of instruction data forms. In order to cover as many service scenarios as possible, various forms of instruction data need to be considered. For example, some service requirements specify that the upstream and downstream instruction data are not completely consistent, that is, a certain logic conversion is required between the original data and the file issued to the edge system, at this time, the plaintext data needs to be operated, and the manner of encrypting and decrypting the instruction data is not suitable for this scenario.
2. The issue performance of the instruction. The influence of the encryption and decryption technology on the issuing performance is mainly reflected in the following three aspects: when the instruction data is issued, the data needs to be encrypted; when the instruction data falls to the ground, the instruction data is stored in a form of a ciphertext in order to ensure that the instruction data is not tampered; each time a downstream service reads a file, it needs to decrypt it. Due to the complexity of the encryption and decryption algorithm and the frequent downstream service access, the performance consumed in the process can seriously affect the issuing time of the instruction.
3. Tracking location of tampering. After the encryption and decryption algorithm encrypts the instruction data, once the system is attacked by the security of a third party, the encryption and decryption technology cannot diagnose which link of the issued instruction the attack comes from, and cannot give an alarm in time.
Disclosure of Invention
The invention provides a traceable instruction data tamper-proof method and a traceable instruction data tamper-proof system based on a block chain technology. In addition to solving the three security challenges faced by the aforementioned systems, the present invention also needs to perform root cause positioning and timely warning on the tampering problem.
The technical scheme adopted by the invention is as follows:
a traceable tamper-proof method for instruction data based on a blockchain technology comprises the following steps:
generating a block chain through a service agent node, issuing an incremental or full instruction each time to serve as a block of the block chain, storing a summary function value of a file generated from each stage from generation to landing of the instruction in each block, and processing the summary function value by using a hash algorithm to generate a unique value serving as a verified hash value;
the service agent node sends the instruction to the functional end node based on the block chain;
and the downstream service system reads the instruction data from the functional end node and verifies the instruction consistency by using the block chain in the functional end node.
Further, the instructions from the generation stage to the landing stage comprise: the method comprises an instruction generation stage, an instruction storage stage, an instruction distribution stage and an instruction receiving stage.
Further, the data structure in the blocks of the block chain adopts a binary tree, leaf nodes of the binary tree are the digest function values of the files generated at each stage, and non-leaf nodes of the binary tree are unique values generated by performing Hash function conversion on the digest function values.
Further, the uplink and distribution of blocks are realized by adopting the following steps:
when a command is sent down, the collected abstract function values of all stages are stored in a database through a feedback mechanism;
the service agent node monitors the database, and once the collected abstract function values of each stage are put in storage, links the abstract function values according to the data structure of the block chain;
when the next instruction is issued, the service agent node issues the block chain information generated in the period to all the functional end nodes, and the functional end nodes store the complete block chain information.
Further, two blockchains chainA and chainB are maintained at each functional end node; chainA stores historical block data updated for the previous times; the chainB stores the block which is not checked newly, and the leaf nodes of the chainB correspond to the summary function values of the files in the functional end nodes in the current defined area.
Further, the functional end node and the downstream service system adopt a double-chain dynamic adjustment-based instruction consistency verification mechanism to verify the instruction consistency, and the double-chain dynamic adjustment-based instruction consistency verification mechanism comprises:
1) when the abstract function values of all stages are stored in a database through a feedback mechanism, generating a corresponding block at a functional end node and chaining B as a temporary block;
2) when the downstream service system reads the instruction file from the functional end node for verification, the temporary block on the chainB is used as the tail block of the chainA for verification;
3) when the functional end node receives the confirmation identifier sent by the command data, the blocks successfully checked in the chainB for the first times are linked to the chainA.
Further, when the downstream service system reads the instruction file from the functional end node for verification, the verification is performed by taking the temporary block on the chainB as the tail block of the chainA, including:
a) the downstream service system firstly checks whether the Hash generated by the digest function value of the instruction file on the corresponding functional end node is consistent with the root Hash on the chainA, and if not, the downstream service system determines that tampering action occurs; if the two are consistent, entering b);
b) if the downstream service system is configured with a temporary block check support function, the temporary block check support function needs to be compared with the root Hash on the chainB, and if the temporary block check support function is consistent with the root Hash on the chainB, the downstream service system smoothly reads the instruction file; otherwise, confirming that tampering is performed; if the downstream service system is not configured to support the temporary block check, only waiting for the upstream to send the confirmation identifier of the corresponding temporary block 'turning right';
c) if the functional end node receives the confirmation identifier of the temporary block 'turning right' on the chainB, the step 3) is carried out; otherwise, continuing to wait, and if the waiting time exceeds the set duration, sending alarm information to the alarm platform.
Furthermore, the tampering behavior is quickly positioned according to the abstract function value of the file of each link on the block chain, and the timely discovery and effective processing of the tampering behavior are realized by matching with an alarm mechanism.
Further, the digest function values may be MD5 values, sha1 values, sha256 values, and the like.
The system for preventing the instruction data from being tampered based on the block chain technology by adopting the method comprises the following steps:
the instruction data issuing module is used for issuing the instruction data based on the block chain technology; issuing an instruction of each increment or full amount as a block of a block chain, storing a summary function value of a file generated from each stage of generation to landing of the instruction in each block, and processing the summary function value by using a hash algorithm to generate a unique value as a verified hash value;
and the instruction consistency checking module based on double-chain dynamic adjustment is used for checking the instruction consistency by the functional end node and the downstream service system by adopting an instruction consistency checking mechanism based on double-chain dynamic adjustment.
The invention has the following advantages and beneficial effects:
1. root cause positioning: when data is tampered, the technology can be positioned to a distributed stage and a specific historical instruction file.
2. Coupling property: the block chain processing logic and the instruction issuing service are independent and do not influence each other.
3. Performance: in order to reduce the data volume and the number of times of issuing, the system will transmit the combined tile root hash issued several times frequently to each functional end node at regular time or along with the next instruction issuing.
4. Checking the real-time property: the system introduces an instruction consistency verification technology based on double-chain dynamic adjustment, and ensures real-time verification of the downstream service system on instruction data.
Drawings
Fig. 1 is a block chain overall architecture diagram.
Fig. 2 shows a block uplink and distribution process diagram.
FIG. 3 is a schematic diagram of the double-stranded structure.
FIG. 4 is a diagram of the chain process in the chainB block.
FIG. 5 is a diagram of a business architecture of an instruction distribution system.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, the present invention shall be described in further detail with reference to the following detailed description and accompanying drawings.
In order to carry out security monitoring on each link of the instruction issuing system, the invention aims at the characteristic that the block chain technology does not need encryption processing, and solves the problem of system tamper resistance by applying the technology in a new framework from the self service.
The block chain is mainly stored in a chain block mode, and the system can issue instructions of increment or full quantity each time as blocks. In order to verify whether each stage of the issuing link is tampered, the digest function values of the files generated from the stages from generation to landing of the instruction (the instruction generation stage, the instruction storage stage, the instruction distribution stage and the instruction landing stage) need to be stored in each block, the digest function values in the embodiment adopt MD5 values, and a unique value is determined by using a hash algorithm as a verified hash value. Since the MD5 values for multiple stages need to be determined to be unique values, a binary tree is defined as the data structure within a block.
The whole data structure of the block chain is shown in fig. 1 and mainly comprises a linked list + binary tree data structure, leaf nodes are MD5 values of files generated at each stage, and the data center and the functional end need to verify that the MD5 values of all the nodes are consistent to consider the uplink; the non-leaf nodes are Hash-function converted to MD5 values to generate unique values. The data center is an instruction data forwarding module, is positioned at an instruction distribution stage of the instruction issuing system, and is used for landing data in the database to a function end; the "functional end" refers to an instruction data landing module, which is located at an instruction landing stage of the instruction issuing system and is used for downstream services to read required instruction data.
The system security guarantee mechanism mainly comprises an instruction data issuing module based on a block chain technology and an instruction consistency checking module based on double-chain dynamic adjustment, and respectively corresponds to an instruction issuing process and an anti-tampering technology of an instruction data landing stage.
The detailed steps of each module are explained below.
1. Instruction data issuing module based on block chain technology
The block chain information is mainly stored in an upstream service agent node and each functional end node, wherein the service agent node is used for generating a block chain and issuing blocks at a certain stage, and the functional end nodes are used for storing complete block chain information for verification of a downstream service system. The block chain stored on the service agent node is used as a consensus, and when the functional end node fails to check, the data of the upstream service agent node can be pulled to be used as a new block chain.
The uplink and distribution process of blocks is shown in fig. 2, and includes the following steps:
step 1011: when the system issues an instruction, the feedback mechanism of the landing data to the functional end node (as shown in fig. 5) can store the collected MD5 values of each stage in the database. The database is located upstream of the service agent node (the service agent layer in fig. 5), and the service agent node reads the instruction data in the database and then issues the instruction data.
Step 1012: the upstream service agent node monitors its database and once the MD5 values for each stage collected in step 1011 have been binned, links these MD5 values in the block chain data structure. The database will maintain a version number that marks whether the feedback mechanism has stored the MD5 values for each stage in the database, and if so, the version number will be incremented.
Step 1013: when the next instruction is issued, the service agent node issues the blockchain information (root hash of the block) generated in the period (between two instruction issues) to all the functional end nodes. In order not to affect the performance of instruction issuing, the upstream system does not need to issue the whole block structure, but only needs to transmit the confirmation identifier, and the functional end node updates a complete piece of block chain information through the instruction consistency check module based on double-chain dynamic adjustment.
2. Instruction consistency checking module based on double-chain dynamic adjustment
A certain time gap exists between step 1012 and step 1013 of the instruction data issuing module, and if the file (i.e., the issued instruction stored in the form of a file) falling to the functional end node is tampered during this period, since the block chain only records the blocks issued last several times, the downstream service system cannot verify the security of the latest issued file, so that the system cannot issue an alarm in time.
Based on the above problem, two block chains chainA and chainB need to be maintained at each functional end node, wherein the chainA stores historical block data updated for the previous times; chainB stores the latest unverified blocks, and unlike chainA, leaf nodes correspond to MD5 values of files in functional end nodes under the currently defined area and do not correspond to files of all functional end nodes. A schematic representation of the double strand is shown in FIG. 3.
The specific steps of the instruction consistency checking mechanism are as follows:
step 2001: while the MD5 values at each stage are stored in the database through a feedback mechanism, the command consistency check module creates a corresponding block at the functional end node and chains chainB as a temporary block.
Step 2002: when the downstream service system reads the instruction file from the functional end node for verification, the temporary block on the chainB can be used as the tail block of the chainA for verification. Specifically, the method for verifying comprises the following steps:
a) the downstream service system firstly checks whether the Hash generated by the MD5 value of the instruction file on the corresponding functional end node is consistent with the root Hash on the chainA, and if not, the system is determined to be tampered; if the two are consistent, entering b).
b) If the downstream service system is configured with a temporary block check support function, the temporary block check support function needs to be compared with the root Hash on the chainB, and if the temporary block check support function is consistent with the root Hash on the chainB, the downstream service system can smoothly read the instruction file; otherwise, the system is determined to be tampered; if the downstream service system is not configured to support the temporary block check, it can only wait for the upstream to send the acknowledgement identifier corresponding to the temporary block "forward".
c) If the functional end node receives the confirmation identifier of 'turning positive' of the temporary block on the chainB, the step 2003 is entered; otherwise, continuing to wait, and if the waiting time exceeds the set duration, sending alarm information to the alarm platform.
Step 2003: when the functional end node receives the confirmation identifier of the command data issuing module, the blocks successfully checked in the chainB for the previous times are linked to the chainA, and the specific schematic diagram is shown in FIG. 4.
The key points of the invention mainly comprise:
1. instruction tamper-proofing techniques based on blockchains. The MD5 value of each instruction issuing stage is stored through a linked list and a block chain structure of a binary tree, in order to reduce the influence of a security guarantee mechanism on the instruction issuing performance, the data volume of an issuing block is reduced to shorten the upstream and downstream communication time, the issuing block is issued along with a normal service instruction, an issuing line is multiplexed, and the bandwidth cost is saved. When the file is tampered, the safety of issuing a subsequent instruction is not influenced, the file can be quickly positioned according to the MD5 value of each link on the block chain, and the tampering behavior can be timely discovered and effectively processed by matching with an alarm mechanism of the system.
The "fast positioning according to the MD5 value of each link in the block chain" means: the block chain stores MD5 values of files generated by each link of the instruction issuing system, and when the root Hash is compared and inconsistency is found, the MD5 value of which link is inconsistent can be quickly found out according to the Hash value below the root Hash in the attached figure 1, so that a tampered root source is positioned.
Wherein, the "alarm mechanism" means: when the system positions the tampering behavior, the data is output to the alarm platform by calling the API, and the operations of large-screen display, statistical analysis and the like can be conveniently carried out at the later stage.
2. And (3) an instruction consistency checking technology based on double-chain dynamic adjustment. The real-time verification of the downstream service system is realized by establishing two block chains at the functional end node and adopting the modes of end-to-end connection, block confirmation, formal uplink and the like of the double chains, so that the performance problem caused by frequent decryption in the prior technical scheme is solved.
In the invention, the database can refer to any database, as long as the database is a data storage component, and the data center can also refer to various data distribution components.
The above embodiment of the present invention stores MD5 values of files through a blockchain, wherein MD5 values can be replaced by other values that can uniquely identify the contents of files (the same file contents and the same value), and these values are collectively called digest function values. For example, MD5 values may be replaced with sha1 values, sha256 values, and the like.
The particular embodiments of the present invention disclosed above are illustrative only and are not intended to be limiting, since various alternatives, modifications, and variations will be apparent to those skilled in the art without departing from the spirit and scope of the invention. The invention should not be limited to the disclosure of the embodiments in the present specification, but the scope of the invention is defined by the appended claims.

Claims (10)

1. A traceable instruction data tamper-proofing method based on a block chain technology is characterized by comprising the following steps:
generating a block chain through a service agent node, issuing an incremental or full instruction each time to serve as a block of the block chain, storing a summary function value of a file generated from each stage from generation to landing of the instruction in each block, and processing the summary function value by using a hash algorithm to generate a unique value serving as a verified hash value;
the service agent node sends the instruction to the functional end node based on the block chain;
and the downstream service system reads the instruction data from the functional end node and verifies the instruction consistency by using the block chain in the functional end node.
2. The method of claim 1, wherein the instructions from the generation stage to the landing stage comprise: the method comprises an instruction generation stage, an instruction storage stage, an instruction distribution stage and an instruction receiving stage.
3. The method of claim 1, wherein the data structure in the blocks of the block chain is a binary tree, wherein leaf nodes of the binary tree are digest function values of the file generated at each stage, and non-leaf nodes of the binary tree are unique values generated by performing a Hash function on the digest function values.
4. The method of claim 1 wherein the uplink and distribution of blocks is performed by:
when a command is sent down, the collected abstract function values of all stages are stored in a database through a feedback mechanism;
the service agent node monitors the database, and once the collected abstract function values of each stage are put in storage, links the abstract function values according to the data structure of the block chain;
when the next instruction is issued, the service agent node issues the block chain information generated in the period to all the functional end nodes, and the functional end nodes store the complete block chain information.
5. The method of claim 1, wherein two blockchains, chainA and chainB, are maintained at each functional end node; chainA stores historical block data updated for the previous times; the chainB stores the block which is not checked newly, and the leaf nodes of the chainB correspond to the summary function values of the files in the functional end nodes in the current defined area.
6. The method according to claim 5, wherein the functional end node and the downstream service system adopt a double-chain dynamic adjustment-based instruction consistency checking mechanism to check the instruction consistency, and the double-chain dynamic adjustment-based instruction consistency checking mechanism comprises:
1) when the abstract function values of all stages are stored in a database through a feedback mechanism, generating a corresponding block at a functional end node and chaining B as a temporary block;
2) when the downstream service system reads the instruction file from the functional end node for verification, the temporary block on the chainB is used as the tail block of the chainA for verification;
3) when the functional end node receives the confirmation identifier sent by the command data, the blocks successfully checked in the chainB for the first times are linked to the chainA.
7. The method as claimed in claim 6, wherein when the downstream traffic system reads the instruction file from the functional end node for checking, checking the temporary block on chainB as the last block of chainA, comprises:
a) the downstream service system firstly checks whether the Hash generated by the digest function value of the instruction file on the corresponding functional end node is consistent with the root Hash on the chainA, and if not, the downstream service system determines that tampering action occurs; if the two are consistent, entering b);
b) if the downstream service system is configured with a temporary block check support function, the temporary block check support function needs to be compared with the root Hash on the chainB, and if the temporary block check support function is consistent with the root Hash on the chainB, the downstream service system smoothly reads the instruction file; otherwise, confirming that tampering is performed; if the downstream service system is not configured to support the temporary block check, only waiting for the upstream to send the confirmation identifier of the corresponding temporary block 'turning right';
c) if the functional end node receives the confirmation identifier of the temporary block 'turning right' on the chainB, the step 3) is carried out; otherwise, continuing to wait, and if the waiting time exceeds the set duration, sending alarm information to the alarm platform.
8. The method according to claim 1, characterized in that the tampering behavior is quickly positioned according to the digest function value of the file of each link on the block chain, and an alarm mechanism is matched to realize timely discovery and effective processing of the tampering behavior.
9. The method of claim 1, wherein the summary function value is one of: MD5 value, sha1 value, sha256 value.
10. A tamper-resistant system for instruction data traceability based on a blockchain technique, using the method of any one of claims 1 to 9, comprising:
the instruction data issuing module is used for issuing the instruction data based on the block chain technology; issuing an instruction of each increment or full amount as a block of a block chain, storing a summary function value of a file generated from each stage of generation to landing of the instruction in each block, and processing the summary function value by using a hash algorithm to generate a unique value as a verified hash value;
and the instruction consistency checking module based on double-chain dynamic adjustment is used for checking the instruction consistency by the functional end node and the downstream service system by adopting an instruction consistency checking mechanism based on double-chain dynamic adjustment.
CN202111027263.8A 2021-09-02 2021-09-02 Instruction data traceable tamper-proof method and system based on block chain technology Active CN113938491B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111027263.8A CN113938491B (en) 2021-09-02 2021-09-02 Instruction data traceable tamper-proof method and system based on block chain technology

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111027263.8A CN113938491B (en) 2021-09-02 2021-09-02 Instruction data traceable tamper-proof method and system based on block chain technology

Publications (2)

Publication Number Publication Date
CN113938491A true CN113938491A (en) 2022-01-14
CN113938491B CN113938491B (en) 2022-10-14

Family

ID=79274935

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111027263.8A Active CN113938491B (en) 2021-09-02 2021-09-02 Instruction data traceable tamper-proof method and system based on block chain technology

Country Status (1)

Country Link
CN (1) CN113938491B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114785815A (en) * 2022-04-22 2022-07-22 广州大师明信息服务有限公司 Data storage method and device for user node of block chain

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107391735A (en) * 2017-08-04 2017-11-24 北京明朝万达科技股份有限公司 Business datum source tracing method, device, system and storage device based on block chain
CN108520293A (en) * 2018-04-03 2018-09-11 中兴能源(天津)有限公司 A kind of product false proof source tracing method, device, server and storage medium
CN110046992A (en) * 2018-12-12 2019-07-23 阿里巴巴集团控股有限公司 A kind of transaction Hash acquisition methods and system based on block chain intelligence contract
WO2020098373A1 (en) * 2018-11-14 2020-05-22 阿里巴巴集团控股有限公司 Method and device for storing merchant authentication data into blockchain, and method and device for obtaining merchant authentication data from blockchain
WO2020119380A1 (en) * 2018-12-12 2020-06-18 阿里巴巴集团控股有限公司 Signature verification method and system based on blockchain smart contract
CN111967875A (en) * 2020-08-19 2020-11-20 上海网班教育科技股份有限公司 Block chain-based file uplink evidence storing method and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107391735A (en) * 2017-08-04 2017-11-24 北京明朝万达科技股份有限公司 Business datum source tracing method, device, system and storage device based on block chain
CN108520293A (en) * 2018-04-03 2018-09-11 中兴能源(天津)有限公司 A kind of product false proof source tracing method, device, server and storage medium
WO2020098373A1 (en) * 2018-11-14 2020-05-22 阿里巴巴集团控股有限公司 Method and device for storing merchant authentication data into blockchain, and method and device for obtaining merchant authentication data from blockchain
CN110046992A (en) * 2018-12-12 2019-07-23 阿里巴巴集团控股有限公司 A kind of transaction Hash acquisition methods and system based on block chain intelligence contract
WO2020119380A1 (en) * 2018-12-12 2020-06-18 阿里巴巴集团控股有限公司 Signature verification method and system based on blockchain smart contract
CN111967875A (en) * 2020-08-19 2020-11-20 上海网班教育科技股份有限公司 Block chain-based file uplink evidence storing method and device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
张伟 等: "基于区块链和数字签名技术的智慧电厂数据安全传输***研究与设计", 《电力信息与通信技术》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114785815A (en) * 2022-04-22 2022-07-22 广州大师明信息服务有限公司 Data storage method and device for user node of block chain
CN114785815B (en) * 2022-04-22 2024-05-17 上海骋荣网络科技有限公司 Data storage method and device for blockchain user node

Also Published As

Publication number Publication date
CN113938491B (en) 2022-10-14

Similar Documents

Publication Publication Date Title
CN109002732B (en) Data evidence storage method, equipment and system and data evidence obtaining method
JP7330596B2 (en) BLOCKCHAIN DATA ARCHIVING METHOD, BLOCKCHAIN DATA ARCHIVING DEVICE, ELECTRONIC DEVICE, AND COMPUTER PROGRAM
Nikitin et al. {CHAINIAC}: Proactive {Software-Update} transparency via collectively signed skipchains and verified builds
CN109542888B (en) Data modification and synchronization method, device, equipment and storage medium of block chain
KR101887894B1 (en) Internet of things device managing system based on mesh type block chain
CN115210741B (en) Partially ordered blockchain
CN110008757A (en) Data guard method and system in a kind of internet-of-things terminal firmware update
CN109815748B (en) Central data source monitoring method based on block chain
SE541713C2 (en) Method and system for registering digital documents
CN113158248B (en) Method for credible data acquisition and evidence coexistence of electronic equipment based on block chain technology
CN110784495A (en) Block chain-based discovery and configuration information management method for big data cluster system
CN112417466A (en) Block chain-based electronic archive file evidence storage and verification method and system
US20080172649A1 (en) Strategies for Synchronizing a Product
CN112291376A (en) Data processing method and related equipment in block chain system
CN111625598B (en) Engineering collaboration block chain data structure and application method
US11239999B1 (en) Blockchain network communications system
CN111881109B (en) Database mergeable ledgers
CN111680105A (en) Block chain-based distributed relational database management method and system
CN110598375A (en) Data processing method, device and storage medium
CN113938491B (en) Instruction data traceable tamper-proof method and system based on block chain technology
CN110730074A (en) Implementation method and data structure of nested traceable digital twin body
CN111177265A (en) Block chain domain division method
CN112131041A (en) Method, apparatus and computer program product for managing data placement
CN109960512B (en) Software deployment method and system
CN102299927B (en) Content security supervision system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant