WO2021012500A1 - Blockchain-based parallel system deployment method and apparatus, and computer device - Google Patents

Blockchain-based parallel system deployment method and apparatus, and computer device Download PDF

Info

Publication number
WO2021012500A1
WO2021012500A1 PCT/CN2019/117215 CN2019117215W WO2021012500A1 WO 2021012500 A1 WO2021012500 A1 WO 2021012500A1 CN 2019117215 W CN2019117215 W CN 2019117215W WO 2021012500 A1 WO2021012500 A1 WO 2021012500A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
address
approval
designated
blockchain
Prior art date
Application number
PCT/CN2019/117215
Other languages
French (fr)
Chinese (zh)
Inventor
潘玲
姜颖
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2021012500A1 publication Critical patent/WO2021012500A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/103Workflow collaboration or project management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Definitions

  • This application relates to the computer field, in particular to a blockchain-based parallel system deployment method, device, computer equipment and storage medium.
  • the approval system adopted by traditional technology for example, the mail system is used to approve the process of specific items.
  • Applicants or reviewers use the processing terminals in these approval systems to perform application operations or review operations. Because of the confidentiality, security, and accuracy of data in these approval systems (because a certain process node in the traditional approval system only involves a small number of terminals, intervention on these small numbers of terminals can affect the confidentiality and security of data Sex, accuracy) cannot be guaranteed.
  • a data error occurs, it may lead to catastrophic consequences, and after an error, the traces of the approval process are not retained or easily modified, making it difficult to find the source of the error.
  • the method generally used is to install blockchain software on the terminal, which takes a long time; or the method of remote control is used to obtain the control authority of the terminal, and then the blockchain software is installed, which is very safe.
  • the remote control makes the installation of the blockchain not initiated by the terminal itself, it may lead to the loss of decentralization, contrary to the original intention of the blockchain, resulting in a decrease in security).
  • the traditional technology transplants the approval system, it usually transplants all the terminals of the original approval system, which cannot be effectively screened. Therefore, the transplanted approval system has the problem of low efficiency. Therefore, the prior art approval system has defects in confidentiality, security, and accuracy, and there is no mature technology for efficiently migrating the approval system to the blockchain under the premise of ensuring security, and there is no mature technology for effectively screening terminals.
  • the main purpose of this application is to provide a blockchain-based parallel system deployment method, device, computer equipment and storage medium, aiming to improve the deployment efficiency of the parallel system under the premise of ensuring information security and terminal usability.
  • this application proposes a blockchain-based parallel system deployment method, which is applied to a blockchain deployment center and includes the following steps:
  • the blockchain deployment center is a blockchain node in a pre-architected blockchain network ,
  • the blockchain deployment center pre-stores a virtual machine image and a blockchain node container image;
  • the designated data including at least the virtual machine image and the blockchain node container image
  • the registration request is accompanied by information about the IP address and communication port of the designated terminal;
  • the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the IP address and communication port information of the designated terminal, and generate it based on the IP address of the designated terminal Applying for a digital certificate or approving a digital certificate representing the identity of the designated terminal, and sending the applying for digital certificate or approving digital certificate to the designated terminal;
  • the received first HASH value is the same as the pre-stored HASH value
  • it is determined whether the flow data of the first terminal meets the preset If the flow data of the first terminal meets the preset flow standard, record the first terminal as a temporary terminal; collect the IP addresses of multiple temporary terminals of the current approval system; use the IP address , Send designated data to the application terminal and the approval terminal; receive the registration request of the designated terminal; if the designated terminal is the application terminal or the approval terminal, record the registration request information;
  • the designated terminal and all blockchain nodes send the IP address and communication port information to complete the deployment and improve the confidentiality, security, and information accuracy of the approval system.
  • FIG. 1 is a schematic flowchart of a parallel system deployment method based on blockchain according to an embodiment of the application
  • FIG. 2 is a schematic block diagram of the structure of a parallel system deployment device based on blockchain according to an embodiment of the application;
  • FIG. 3 is a schematic block diagram of the structure of a computer device according to an embodiment of the application.
  • an embodiment of the present application provides a blockchain-based parallel system deployment method, which is applied to a blockchain deployment center and includes the following steps:
  • IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the information of the IP address and communication port of the designated terminal, and use the IP address of the designated terminal Address generating an application for digital certificate or approval digital certificate representing the identity of the designated terminal, and sending the application for digital certificate or approval digital certificate to the designated terminal;
  • This application uses the blockchain deployment center to transplant the participating groups of the current approval system to the pre-architected blockchain network to form a parallel system based on the blockchain, so as to use the characteristics of the blockchain to ensure approval Confidentiality, security, and accuracy. It also uses the blockchain deployment center for deployment, where the deployment center does not have administrator rights, cannot log in or control other nodes, and can uniformly provide corresponding resources for deployment (virtual machine image and blockchain node container image, etc.), Thus, on the basis of insisting on decentralization, the efficiency of blockchain deployment is increased.
  • the function H(t) is also used to identify the first terminal, and the first terminal in a normal working state is used as the basis of the nodes of the subsequent deployment of the parallel system. Therefore, this application improves deployment efficiency, guarantees information security, and improves terminal authentication accuracy.
  • step S1 receive the first HASH value sent by the first terminal of the current approval system, and determine whether the first HASH value is the same as the pre-stored HASH value; if the first HASH value is the same as the pre-stored HASH value If the same, it is determined whether the flow data of the first terminal meets the preset flow standard, and if the flow data of the first terminal meets the preset flow standard, the first terminal is recorded as a temporary terminal.
  • the first HASH (hash) value may be obtained by calculating any data that can represent the identity of the first terminal through a preset HASH algorithm, and the blockchain deployment center prestores the data representing the first terminal The HASH value of the identity.
  • the method of recording the first terminal as a temporary terminal is for example As: According to the formula:
  • the function H(t) is used to characterize the flow status of the first terminal as the current approval system.
  • the value of the function H(t) is m, it means that the flow is too large and in an abnormal state; when the function H(t) is taken
  • the value is not m, it means that the flow rate is normal and in a normal state.
  • the normal flow rate time proportion is calculated, and it is determined whether the normal flow rate time proportion is greater than the preset proportion threshold value; If the ratio is greater than the preset ratio threshold, the first terminal is recorded as a temporary terminal. Therefore, the temporary terminal can be used as a candidate terminal of the new parallel approval system.
  • step S2 collect the IP addresses of multiple temporary terminals of the current approval system, where the multiple temporary terminals include at least an application terminal and an approval terminal, and the blockchain deployment center is a pre-architected blockchain network
  • the blockchain deployment center is a pre-architected blockchain network
  • One of the blockchain nodes in the blockchain deployment center has a virtual machine image and a blockchain node container image pre-stored in the blockchain deployment center.
  • the pre-built blockchain network may be a public chain, a consortium chain or a private chain.
  • the deployment center refers to a terminal or server pre-stored with a virtual machine image for deploying blockchain nodes and a blockchain node container image.
  • the virtual machine image is used to provide a basic operating environment, such as an environment for running a blockchain node container image, a programming language operating environment, or a basic toolkit.
  • the blockchain node container image saves data such as public ledgers (for example, transferring the existing approval records of the current approval system as a public account book) and other data, which are used to enable the
  • the terminal has the basic conditions to become a blockchain node (for example, it needs to obtain information such as the IP address of other blockchain nodes, and inform other blockchain nodes of the terminal's IP address and other information to complete joining the blockchain network ).
  • the application terminal refers to a terminal that issues an approval application
  • the approval terminal refers to a terminal that approves the approval application.
  • the pre-built block chain network can be a block chain network that can be built in any way, preferably a block chain network with only one node chain node (that is, the deployment center), and then the block chain network is implemented in this application. Deploy other blockchain nodes in the chain network.
  • the parallel system refers to a blockchain-based approval system parallel to the current approval system, that is, the deployed blockchain-based approval system and the current approval system are in a parallel relationship and can operate without interference.
  • the IP address is used to send designated data to the application terminal and the approval terminal, and the designated data includes at least the virtual machine image and the blockchain node container image.
  • the application terminal and the approval terminal are the participants of the current approval system and also the participants of the parallel system to be deployed. Therefore, all or part of the application terminal and the approval terminal should be added to the parallel system. Accordingly, the IP address is used to send designated data to the application terminal and the approval terminal, and the designated data includes at least the virtual machine image and the blockchain node container image. Therefore, the application terminal and the approval terminal can use the virtual machine image and the blockchain node container image to prepare for joining the blockchain (that is, install and start the block in the virtual machine image). After the chain node container is mirrored, the preparation for joining the blockchain can be completed).
  • the registration request is accompanied by the IP address and communication port of the designated terminal Information.
  • the designated terminal wants to join the blockchain, it should know the IP address and communication port information of other blockchain nodes, and at the same time, other blockchain nodes should also be allowed to learn the IP address and communication port information of the designated terminal. Therefore, after the designated terminal joins the blockchain, the information communication between the designated terminal and other blockchain nodes no longer needs to pass through the deployment center, that is, decentralization is realized.
  • the communication port is any port, for example, a port that provides communication for different services, for example, 999 is a data synchronization port.
  • step S5 it is determined whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal. If the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, respectively, it indicates that the designated terminal is the application terminal or the approval terminal of the current approval system, and will also serve as the application node of the parallel system And approval node. If the IP address of the designated terminal is neither the IP address of the application terminal nor the IP address of the approval terminal, that is, the designated terminal does not belong to the current approval system, the registration request should be rejected at this time.
  • the deployment center not only provides the resources (virtual machine mirroring, etc.) required for the deployment of blockchain nodes, it can also record the IP address and communication port information of the designated terminal, and provide information about the designated terminal and the blockchain node. At least the first exchange of information between the IP address and the communication port, and issuance of an application digital certificate or an approval digital certificate representing the identity of the designated terminal.
  • the application for a digital certificate indicates that the terminal holding the certificate has the authority to initiate an application approval request; the approval digital certificate indicates that the terminal holding the certificate has the authority to approve the application approval request. Accordingly, the designated terminal executes corresponding operations in the parallel system according to the application for the digital certificate or the approval of the digital certificate.
  • step S7 sending the pre-stored IP address and communication port information of all blockchain nodes to the designated terminal, and sending the IP address and communication port information of the designated terminal to all blockchain nodes, This completes the deployment of the designated terminal in the blockchain network parallel to the current approval system.
  • the designated terminal If the designated terminal is to be deployed in the blockchain network, it should know the IP address and communication port of other blockchain nodes, and let other blockchain nodes know the IP address and communication port of the designated terminal. Therefore, the pre-stored IP address and communication port information of all blockchain nodes are sent to the designated terminal, and the IP address and communication port information of the designated terminal is sent to all blockchain nodes, thereby completing the designation The deployment of the terminal in the blockchain network parallel to the current approval system.
  • the step S2 of collecting the IP addresses of multiple temporary terminals of the current approval system, wherein the multiple temporary terminals includes at least an application terminal and an approval terminal includes:
  • the IP addresses of multiple temporary terminals of the current approval system are collected.
  • the log of the current approval system records the approval record. From the approval record, you can learn the information of the terminal that initiated the approval application, the information of the terminal that participated in the review of the approval application, and the information about the approval or disapproval. Accordingly, by parsing the log, it can be obtained that the terminal that participates in the application operation of the current approval system and the terminal that performs the approval operation are recorded as the initial application terminal and the initial approval terminal, respectively. Due to this reason, some terminals are not competent for application or approval responsibilities.
  • this application counts the number of error records of the initial application terminal and the initial approval terminal, and the number of error records obtained is less than the preset first error
  • the initial application terminal is recorded as the application terminal, and the initial approval terminal whose number of error records is less than the preset second error number threshold is recorded as the approval terminal, and the terminal with the excessive number of error records is excluded
  • the IP addresses of the application terminal and the approval terminal are collected.
  • S302 Select a correct virtual machine image matching the operating system information from a plurality of pre-stored virtual machine images
  • the designated data is sent to the application terminal and the approval terminal, and the designated data includes at least the correct virtual machine image and the blockchain node container image.
  • the virtual machine image is provided with corresponding virtual machine images according to the type of operating system and the version of the operating system. For example, for different versions of linux operating systems, such as redhat, centos, and ubuntu, three corresponding virtual machine images are used.
  • the designated data of the correct virtual machine image and the blockchain node container image are sent in a targeted manner, so as to prevent the virtual machine image and the blockchain node container image from being unavailable, resulting in the failure of blockchain node deployment.
  • step S5 of determining whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal the method includes:
  • IP address of the designated terminal is not the IP address of the application terminal, and the IP address of the designated terminal is not the IP address of the approval terminal, then determine whether the IP address of the designated terminal is recorded In the preset new terminal IP address list;
  • this application passes if the IP address of the designated terminal is not the IP address of the application terminal, and the IP address of the designated terminal is not the IP address of the approval terminal, then the IP address of the designated terminal is determined Whether it is recorded in the preset IP address list of newly added terminals; if the IP address of the designated terminal is not recorded in the preset IP address list of newly added terminals, the registration request is rejected and the designated terminal’s IP address is reduced.
  • Access priority level if the IP address of the designated terminal is recorded in the preset IP address list of newly added terminals, the information of the IP address and communication port of the designated terminal is recorded and generated according to the IP address of the designated terminal An application for a digital certificate or an approval digital certificate representing the identity of the designated terminal, and the application for a digital certificate or an approval digital certificate is sent to the designated terminal. In this way, the number of terminals participating in the parallel system can be dynamically adjusted to improve the approval efficiency.
  • the access priority level refers to the priority level of the designated terminal to access the blockchain deployment center, that is, priority is given to accepting access requests from other terminals to the blockchain deployment center, and the designated terminal’s access to the blockchain deployment center is suspended request.
  • the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the IP address and communication port information of the designated terminal, and
  • the step S6 of generating the application digital certificate or the approval digital certificate representing the identity of the designated terminal by the IP address of the designated terminal, and sending the application digital certificate or the approval digital certificate to the designated terminal includes:
  • IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the information of the IP address and communication port of the designated terminal, and use the IP address of the designated terminal Address generation represents the application digital certificate or approval digital certificate representing the identity of the designated terminal;
  • S603 Send the smart contract to the designated terminal, and at the same time send the application for digital certificate or approval digital certificate to the designated terminal.
  • this embodiment generates smart contracts flexibly and in real time to limit that the parallel system obtained by deployment can realize the same functions as the current approval system.
  • the smart contract is a computer protocol designed to spread, verify, or execute the contract in an informationized manner. Smart contracts allow trusted transactions without a third party, which are traceable and irreversible.
  • the smart contract is sent to the designated terminal, and after the designated terminal installs and uses the smart contract, it can complete the approval process with other terminals that install and use the smart contract.
  • the smart contract is generated according to the approval process, so the approval rules in the limited parallel system are the same as the current approval system, thereby ensuring the consistency of the parallel blockchain system and the original approval system.
  • the pre-stored IP address and communication port information of all blockchain nodes are sent to the designated terminal, and the IP address and communication port information of the designated terminal is sent to all blockchain nodes , So as to complete step S7 of deployment of the designated terminal in the blockchain network parallel to the current approval system, including:
  • S71 Receive a modification request for modifying an IP address or communication port sent by the designated terminal;
  • the IP address or communication port is updated through the deployment center.
  • the modified IP address or communication port information should be sent to other blockchain nodes .
  • the deployment center receives a modification request for modifying the IP address or communication port sent by the designated terminal, and according to the modification request, modifies the terminal's IP address or communication port in the registration information of the designated terminal, and modifies The latter information of the terminal's IP address or communication port is sent to all blockchain nodes. In this way, the IP address or communication port is updated with the help of the deployment center.
  • the deployment center can also actively determine whether the IP address or communication port of the designated terminal has been modified, and if it has been modified, obtain the modified IP address or communication port of the designated terminal, and record it in the registration information of the designated terminal Modify the IP address or communication port of the terminal, and then send the modified IP address or communication port information of the terminal to all blockchain nodes.
  • the IP addresses of multiple temporary terminals of the current approval system are collected, where the multiple temporary terminals include at least an application terminal and an approval terminal, and the blockchain deployment center is a pre-architected blockchain A block chain node in the network, the block chain deployment center pre-stores the virtual machine image and the block chain node container image before step S2, including:
  • the language for creating the blockchain class can be any feasible language, such as JAVA, C++, Go language, etc.
  • the Go language is preferred in this embodiment to optimize the blockchain class.
  • the block chain class (class) is the definition of the block chain, and instantiating the block chain class is to determine the specific parameters of the block chain, so as to obtain the first block (the genesis block), thereby As the basis for the generation of other blocks. Since the genesis block is the first block, there is actually no previous block, so the hash value of the previous block is set to 0 in the genesis block.
  • the preset terminal is a terminal that accepts the preset consensus mechanism of the blockchain network, and the preset consensus mechanism can be any consensus mechanism, such as a workload proof mechanism, an equity proof mechanism, a Byzantine fault tolerance mechanism, etc., In this embodiment, the Byzantine fault tolerance mechanism is preferred.
  • the preset block generation technology is, for example, setting block header and block body; in the block header, the hash value of the previous block, the hash value and timestamp of the block body; The pre-prepared data is stored in the body, so that the block header and the block body constitute a block.
  • an embodiment of the present application provides a blockchain-based parallel system deployment device applied to a blockchain deployment center, including:
  • the temporary terminal marking unit 10 is configured to receive the first HASH value sent by the first terminal of the current approval system, and determine whether the first HASH value is the same as the pre-stored HASH value; if the first HASH value is the same as the pre-stored HASH value If the value is the same, it is determined whether the flow data of the first terminal meets the preset flow standard, and if the flow data of the first terminal meets the preset flow standard, the first terminal is recorded as a temporary terminal;
  • the IP address collection unit 20 is used to collect the IP addresses of multiple temporary terminals of the current approval system, where the multiple temporary terminals include at least an application terminal and an approval terminal, and the blockchain deployment center is a pre-architected blockchain A block chain node in the network, the block chain deployment center pre-stores a virtual machine image and a block chain node container image;
  • the designated data sending unit 30 is configured to use the IP address to send designated data to the application terminal and the approval terminal, where the designated data includes at least the virtual machine image and the blockchain node container image;
  • the registration request receiving unit 40 is configured to receive a registration request of a designated terminal that has been installed in the virtual machine image and started the blockchain node container image, and the registration request is accompanied by the IP address and communication of the designated terminal Port information;
  • the IP address determining unit 50 is configured to determine whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal;
  • the digital certificate sending unit 60 is configured to record the IP address and communication port information of the designated terminal if the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, and according to Generating, by the IP address of the designated terminal, an application digital certificate or an approval digital certificate representing the identity of the designated terminal, and send the application digital certificate or the approval digital certificate to the designated terminal;
  • the letter sending unit 70 is configured to send pre-stored information of the IP addresses and communication ports of all blockchain nodes to the designated terminal, and send information of the IP addresses and communication ports of the designated terminal to all blockchain nodes , Thereby completing the deployment of the designated terminal in the blockchain network parallel to the current approval system.
  • the IP address collection unit 20 includes:
  • the log acquisition subunit is used to acquire the log of the current approval system, and parse the log to obtain the terminal participating in the current approval system performing the application operation and the terminal performing the approval operation, which are recorded as the initial application terminal and the initial approval respectively terminal;
  • the error record count subunit is configured to count the number of error records of the initial application terminal and the initial approval terminal, obtain the initial application terminal whose error record times are less than the preset first error number threshold, and obtain The initial approval terminal whose error recording times are less than a preset second error quantity threshold;
  • the terminal marking subunit is configured to mark the initial application terminal whose error recording times are less than a preset first error number threshold as an application terminal, and to mark the error recording times less than a preset second error number threshold
  • the initial approval terminal is recorded as an approval terminal
  • the IP address collection subunit is used to collect the IP addresses of the application terminal and the approval terminal.
  • the designated data sending unit 30 includes:
  • Operating system information acquisition sub-unit for acquiring operating system information of the application terminal and the approval terminal
  • the correct virtual machine image selection subunit is used to select a correct virtual machine image matching the operating system information from a variety of pre-stored virtual machine images;
  • the designated data sending subunit is configured to use the IP address to send designated data to the application terminal and the approval terminal, where the designated data includes at least the correct virtual machine image and the blockchain node container image.
  • the device includes:
  • a new terminal IP address judging unit is added for judging if the IP address of the designated terminal is not the IP address of the applying terminal, and the IP address of the designated terminal is also not the IP address of the approval terminal Whether the IP address of the designated terminal is recorded in the preset IP address list of newly added terminals;
  • the rejection unit is configured to reject the registration request and lower the access priority level of the designated terminal if the IP address of the designated terminal is not recorded in the preset IP address list of newly added terminals.
  • the digital certificate sending unit 60 includes:
  • the digital certificate generation subunit is configured to record the IP address and communication port information of the designated terminal if the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, and according to Generating an application digital certificate or an approval digital certificate representing the identity of the designated terminal from the IP address of the designated terminal;
  • the sending smart contract subunit is configured to send the smart contract to the designated terminal, and at the same time send the applied digital certificate or the approved digital certificate to the designated terminal.
  • the device includes:
  • a modification request receiving unit configured to receive a modification request for modifying an IP address or a communication port sent by the designated terminal
  • a modification unit configured to modify the IP address or communication port of the terminal in the registration information of the designated terminal according to the modification request
  • the modified information sending unit is used to send the modified information of the terminal's IP address or communication port to all blockchain nodes.
  • the device includes:
  • the creation block acquisition unit is used to create a block chain class in a specified language, and instantiate the block chain class to obtain a creation block, in which the previous block’s Ha
  • the value is set to 0;
  • the other block generation unit is configured to generate other blocks based on the genesis block using a preset block generation technology, wherein the other blocks record the hash value of the previous block;
  • the block chain node setting unit is used to use a preset terminal as a block chain node to build the block chain network.
  • an embodiment of the present application also provides a computer device.
  • the computer device may be a server, and its internal structure may be as shown in the figure.
  • the computer equipment includes a processor, a memory, a network interface and a database connected through a system bus. Among them, the computer designed processor is used to provide calculation and control capabilities.
  • the memory of the computer device includes a non-volatile storage medium and an internal memory.
  • the non-volatile storage medium stores an operating system, a computer program, and a database.
  • the memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage medium.
  • the database of the computer equipment is used to store the data used in the parallel system deployment method based on the blockchain.
  • the network interface of the computer device is used to communicate with an external terminal through a network connection.
  • the computer program is executed by the processor to realize a parallel system deployment method based on blockchain.
  • the above-mentioned processor executes the above-mentioned blockchain-based parallel system deployment method, wherein the steps included in the method respectively correspond to the steps of executing the blockchain-based parallel system deployment method of the foregoing embodiment, and will not be repeated here.
  • An embodiment of the present application also provides a computer-readable storage medium on which a computer program is stored.
  • a computer program is executed by a processor, a blockchain-based parallel system deployment method is implemented, wherein the steps included in the method are respectively executed The steps of the block chain-based parallel system deployment method in the foregoing embodiment correspond one to one, and will not be repeated here.
  • the computer-readable storage medium is, for example, a non-volatile computer-readable storage medium or a volatile computer-readable storage medium.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Strategic Management (AREA)
  • Human Resources & Organizations (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Computing Systems (AREA)
  • Operations Research (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Health & Medical Sciences (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Medical Informatics (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A blockchain-based parallel system deployment method and apparatus, and a computer device and a storage medium. The method comprises: receiving a first HASH value sent by a first terminal of the current examination and approval system, and determining whether the first HASH value is the same as a pre-stored HASH value; if the first HASH value is the same as the pre-stored HASH value, and traffic data of the first terminal satisfies a preset traffic standard, denoting the first terminal as being a temporary terminal; collecting IP addresses of a plurality of temporary terminals; sending specified data to an application terminal and an examination and approval terminal; receiving a registration request of a specified terminal; if the specified terminal is the application terminal or the examination and approval terminal, recording information of the registration request; and sending the IP addresses, and information of a communication port to the specified terminal and all blockchain nodes, so as to complete deployment. The confidentiality, the security and the information accuracy of the examination and approval system are thus improved.

Description

基于区块链的并行***部署方法、装置和计算机设备Block chain-based parallel system deployment method, device and computer equipment
本申请要求于2019年7月23日提交中国专利局、申请号为201910665972.5,发明名称为“基于区块链的并行***部署方法、装置和计算机设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application filed with the Chinese Patent Office on July 23, 2019, the application number is 201910665972.5, and the invention title is "Blockchain-based parallel system deployment method, device and computer equipment", and its entire content Incorporated in this application by reference.
技术领域Technical field
本申请涉及到计算机领域,特别是涉及到一种基于区块链的并行***部署方法、装置、计算机设备和存储介质。This application relates to the computer field, in particular to a blockchain-based parallel system deployment method, device, computer equipment and storage medium.
背景技术Background technique
传统技术采用的审批***,例如采用邮件***对具体事项流程进行审批,申请人员或者审核人员均通过这些审批***中的处理终端进行申请操作或者审核操作。由于这些审批***中对于数据的保密性、安全性、准确性(因为传统的审批***中某一流程节点仅涉及少部分终端,因此对这些少部分终端进行干涉就可以影响数据的保密性、安全性、准确性)不能保证。特别是在审批流程长、层级多的审批***中,一旦出现数据错误,有可能导致灾难性的后果,而且在出错之后,由于审批过程的痕迹未保留或者容易被修改,导致难以发现错误根源。并且,现有技术在部署区块链时,采用的方法一般是在终端安装区块链软件,耗时长;或者采用远程控制的方法获取终端的控制权限,进而安装区块链软件,安全性得不到保证(因为远程控制使区块链的安装并非是终端自身发起的,因此有可能导致了去中心化的丢失,违背了区块链的初衷,导致安全性下降)。并且,传统技术在移植审批***时,一般是将原审批***的终端全部移植,无法做到有效地筛选,因此移植后的审批***存在效率不高的问题。因此现有技术的审批***存在保密性、安全性、准确性方面的缺陷,也没有在保证安全性的前提下高效移植审批***至区块链的成熟技术,更没有有效筛选终端的成熟技术。The approval system adopted by traditional technology, for example, the mail system is used to approve the process of specific items. Applicants or reviewers use the processing terminals in these approval systems to perform application operations or review operations. Because of the confidentiality, security, and accuracy of data in these approval systems (because a certain process node in the traditional approval system only involves a small number of terminals, intervention on these small numbers of terminals can affect the confidentiality and security of data Sex, accuracy) cannot be guaranteed. Especially in an approval system with a long approval process and multiple levels, once a data error occurs, it may lead to catastrophic consequences, and after an error, the traces of the approval process are not retained or easily modified, making it difficult to find the source of the error. Moreover, when deploying blockchain in the prior art, the method generally used is to install blockchain software on the terminal, which takes a long time; or the method of remote control is used to obtain the control authority of the terminal, and then the blockchain software is installed, which is very safe. There is no guarantee (because the remote control makes the installation of the blockchain not initiated by the terminal itself, it may lead to the loss of decentralization, contrary to the original intention of the blockchain, resulting in a decrease in security). Moreover, when the traditional technology transplants the approval system, it usually transplants all the terminals of the original approval system, which cannot be effectively screened. Therefore, the transplanted approval system has the problem of low efficiency. Therefore, the prior art approval system has defects in confidentiality, security, and accuracy, and there is no mature technology for efficiently migrating the approval system to the blockchain under the premise of ensuring security, and there is no mature technology for effectively screening terminals.
技术问题technical problem
本申请的主要目的为提供一种基于区块链的并行***部署方法、装置、计算机设备和存储介质,旨在保证信息安全性、终端的可使用性的前提下,提高并行***的部署效率。The main purpose of this application is to provide a blockchain-based parallel system deployment method, device, computer equipment and storage medium, aiming to improve the deployment efficiency of the parallel system under the premise of ensuring information security and terminal usability.
技术解决方案Technical solutions
为了实现上述发明目的,本申请提出一种基于区块链的并行***部署方法,应用于区块链部署中心,包括以下步骤:In order to achieve the above-mentioned purpose of the invention, this application proposes a blockchain-based parallel system deployment method, which is applied to a blockchain deployment center and includes the following steps:
接收当前审批***的第一终端发送的第一HASH值,并判断所述第一HASH值与预存的HASH值是否相同;若所述第一HASH值与预存的HASH值相同,则判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端;Receive the first HASH value sent by the first terminal of the current approval system, and judge whether the first HASH value is the same as the pre-stored HASH value; if the first HASH value is the same as the pre-stored HASH value, judge the first HASH value Whether the flow data of a terminal meets the preset flow standard, and if the flow data of the first terminal meets the preset flow standard, record the first terminal as a temporary terminal;
采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批终端,所述区块链部署中心是预先架构的区块链网络中的一个区块链节点,所述区块链部署中心预存有虚 拟机镜像和区块链节点容器镜像;Collect the IP addresses of multiple temporary terminals of the current approval system, where the multiple temporary terminals include at least an application terminal and an approval terminal, and the blockchain deployment center is a blockchain node in a pre-architected blockchain network , The blockchain deployment center pre-stores a virtual machine image and a blockchain node container image;
利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述虚拟机镜像和所述区块链节点容器镜像;Using the IP address to send designated data to the application terminal and the approval terminal, the designated data including at least the virtual machine image and the blockchain node container image;
接收已在所述虚拟机镜像中安装并启动所述区块链节点容器镜像的指定终端的注册请求,所述注册请求附带有所述指定终端的IP地址和通信端口的信息;Receiving a registration request of a designated terminal that has installed and started the blockchain node container image in the virtual machine image, the registration request is accompanied by information about the IP address and communication port of the designated terminal;
判断所述指定终端的IP地址是否为所述申请终端的IP地址或者所述审批终端的IP地址;Determine whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal;
若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书,并将所述申请数字证书或者审批数字证书发送给所述指定终端;If the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the IP address and communication port information of the designated terminal, and generate it based on the IP address of the designated terminal Applying for a digital certificate or approving a digital certificate representing the identity of the designated terminal, and sending the applying for digital certificate or approving digital certificate to the designated terminal;
向所述指定终端发送预存的所有区块链节点的IP地址和通信端口的信息,以及向所有区块链节点发送所述指定终端的IP地址和通信端口的信息,从而完成所述指定终端在与当前审批***并行的所述区块链网络中的部署。Send the pre-stored IP address and communication port information of all blockchain nodes to the designated terminal, and send the IP address and communication port information of the designated terminal to all blockchain nodes, thereby completing the designated terminal’s Deployment in the blockchain network parallel to the current approval system.
有益效果Beneficial effect
本申请的基于区块链的并行***部署方法、装置、计算机设备和存储介质,当接收的第一HASH值与预存的HASH值相同时,则判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端;采集当前审批***的多个暂时终端的IP地址;利用所述IP地址,向所述申请终端和所述审批终端发送指定数据;接收指定终端的注册请求;若所述指定终端为所述申请终端或者所述审批终端,则记录所述注册请求的信息;向所述指定终端以及所有区块链节点发送IP地址和通信端口的信息,从而完成部署,提高了审批***的保密性、安全性、信息准确性。In the blockchain-based parallel system deployment method, device, computer equipment and storage medium of this application, when the received first HASH value is the same as the pre-stored HASH value, it is determined whether the flow data of the first terminal meets the preset If the flow data of the first terminal meets the preset flow standard, record the first terminal as a temporary terminal; collect the IP addresses of multiple temporary terminals of the current approval system; use the IP address , Send designated data to the application terminal and the approval terminal; receive the registration request of the designated terminal; if the designated terminal is the application terminal or the approval terminal, record the registration request information; The designated terminal and all blockchain nodes send the IP address and communication port information to complete the deployment and improve the confidentiality, security, and information accuracy of the approval system.
附图说明Description of the drawings
图1为本申请一实施例的基于区块链的并行***部署方法的流程示意图;FIG. 1 is a schematic flowchart of a parallel system deployment method based on blockchain according to an embodiment of the application;
图2为本申请一实施例的基于区块链的并行***部署装置的结构示意框图;2 is a schematic block diagram of the structure of a parallel system deployment device based on blockchain according to an embodiment of the application;
图3为本申请一实施例的计算机设备的结构示意框图。FIG. 3 is a schematic block diagram of the structure of a computer device according to an embodiment of the application.
本申请的最佳实施方式The best implementation of this application
参照图1,本申请实施例提供一种基于区块链的并行***部署方法,应用于区块链部署中心,包括以下步骤:1, an embodiment of the present application provides a blockchain-based parallel system deployment method, which is applied to a blockchain deployment center and includes the following steps:
S1、接收当前审批***的第一终端发送的第一HASH值,并判断所述第一HASH值与预存的HASH值是否相同;若所述第一HASH值与预存的HASH值相同,则判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端;S1. Receive the first HASH value sent by the first terminal of the current approval system, and determine whether the first HASH value is the same as the pre-stored HASH value; if the first HASH value is the same as the pre-stored HASH value, then judge all Whether the flow data of the first terminal meets the preset flow standard, and if the flow data of the first terminal meets the preset flow standard, record the first terminal as a temporary terminal;
S2、采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批 终端,所述区块链部署中心是预先架构的区块链网络中的一个区块链节点,所述区块链部署中心预存有虚拟机镜像和区块链节点容器镜像;S2. Collect the IP addresses of multiple temporary terminals of the current approval system, where the multiple temporary terminals include at least an application terminal and an approval terminal, and the blockchain deployment center is a block in a pre-architected blockchain network A chain node, where a virtual machine image and a blockchain node container image are pre-stored in the blockchain deployment center;
S3、利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述虚拟机镜像和所述区块链节点容器镜像;S3. Use the IP address to send designated data to the application terminal and the approval terminal, where the designated data includes at least the virtual machine image and the blockchain node container image;
S4、接收已在所述虚拟机镜像中安装并启动所述区块链节点容器镜像的指定终端的注册请求,所述注册请求附带有所述指定终端的IP地址和通信端口的信息;S4. Receive a registration request of a designated terminal that has installed and started the blockchain node container image in the virtual machine image, and the registration request is accompanied by information about the IP address and communication port of the designated terminal;
S5、判断所述指定终端的IP地址是否为所述申请终端的IP地址或者所述审批终端的IP地址;S5. Determine whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal;
S6、若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书,并将所述申请数字证书或者审批数字证书发送给所述指定终端;S6. If the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the information of the IP address and communication port of the designated terminal, and use the IP address of the designated terminal Address generating an application for digital certificate or approval digital certificate representing the identity of the designated terminal, and sending the application for digital certificate or approval digital certificate to the designated terminal;
S7、向所述指定终端发送预存的所有区块链节点的IP地址和通信端口的信息,以及向所有区块链节点发送所述指定终端的IP地址和通信端口的信息,从而完成所述指定终端在与当前审批***并行的所述区块链网络中的部署。S7. Send the pre-stored IP address and communication port information of all blockchain nodes to the designated terminal, and send the IP address and communication port information of the designated terminal to all blockchain nodes, thereby completing the designation The deployment of the terminal in the blockchain network parallel to the current approval system.
本申请利用区块链部署中心,将当前审批***的参与群体移植至预先架构的区块链网络中,以形成基于区块链的并行***,从而利用区块链的难以篡改等特性,保证审批的保密性、安全性、准确性。更利用了区块链部署中心进行部署,其中所述部署中心没有管理员权限,无法登陆或者控制其他节点,并且能够统一提供部署的相应资源(虚拟机镜像和区块链节点容器镜像等),从而在坚持去中心化的基础上,增加了区块链部署效率。更采用了函数H(t)以鉴别第一终端,并将处于正常工作状态中的第一终端作为后续部署的并行***的节点的基础。从而本申请提高了部署效率、保证信息安全性、提高了终端鉴别准确性。This application uses the blockchain deployment center to transplant the participating groups of the current approval system to the pre-architected blockchain network to form a parallel system based on the blockchain, so as to use the characteristics of the blockchain to ensure approval Confidentiality, security, and accuracy. It also uses the blockchain deployment center for deployment, where the deployment center does not have administrator rights, cannot log in or control other nodes, and can uniformly provide corresponding resources for deployment (virtual machine image and blockchain node container image, etc.), Thus, on the basis of insisting on decentralization, the efficiency of blockchain deployment is increased. The function H(t) is also used to identify the first terminal, and the first terminal in a normal working state is used as the basis of the nodes of the subsequent deployment of the parallel system. Therefore, this application improves deployment efficiency, guarantees information security, and improves terminal authentication accuracy.
如上述步骤S1所述,接收当前审批***的第一终端发送的第一HASH值,并判断所述第一HASH值与预存的HASH值是否相同;若所述第一HASH值与预存的HASH值相同,则判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端。所述第一HASH(哈希)值可以是通过预设HASH算法对任意能够代表所述第一终端的身份的数据进行计算而得,其中区块链部署中心预存有代表所述第一终端的身份的HASH值,若所述第一HASH值与预存的HASH值相同,则表明第一终端的身份验证无误。进一步地,判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端的方法例如为:根据公式:As described in step S1 above, receive the first HASH value sent by the first terminal of the current approval system, and determine whether the first HASH value is the same as the pre-stored HASH value; if the first HASH value is the same as the pre-stored HASH value If the same, it is determined whether the flow data of the first terminal meets the preset flow standard, and if the flow data of the first terminal meets the preset flow standard, the first terminal is recorded as a temporary terminal. The first HASH (hash) value may be obtained by calculating any data that can represent the identity of the first terminal through a preset HASH algorithm, and the blockchain deployment center prestores the data representing the first terminal The HASH value of the identity. If the first HASH value is the same as the pre-stored HASH value, it indicates that the identity verification of the first terminal is correct. Further, it is determined whether the flow data of the first terminal meets the preset flow standard, and if the flow data of the first terminal meets the preset flow standard, the method of recording the first terminal as a temporary terminal is for example As: According to the formula:
H(t)=min(G(t),m),其中
Figure PCTCN2019117215-appb-000001
E(t)=F(t)f(t),获取函数H(t),其中F(t)为所述第一终端的流量随时间变化的流量函数,f(t)为预设的标准流量函数,E(t)为所述流量函数F(t)与所 述标准流量函数f(t)的差值函数,
Figure PCTCN2019117215-appb-000002
为所述差值函数对时间的微分函数,min指最小值函数,t为时间,m为预设的大于0的误差参数值;获取所述H(t)在时间轴上不等于m时的第一时间长度和等于m时的第二时间长度;根据公式:正常流量时间占比=所述第一时间长度/(所述第一时间长度+所述第二时间长度),计算出所述正常流量时间占比;判断所述正常流量时间占比是否大于预设占比阈值;若所述正常流量时间占比大于预设占比阈值,则将所述第一终端记为暂时终端。 H(t)=min(G(t),m), where
Figure PCTCN2019117215-appb-000001
E(t)=F(t)f(t), obtain the function H(t), where F(t) is the flow function of the flow of the first terminal over time, f(t) is the preset standard Flow function, E(t) is the difference function of the flow function F(t) and the standard flow function f(t),
Figure PCTCN2019117215-appb-000002
Is the differential function of the difference function with respect to time, min is the minimum value function, t is the time, and m is the preset error parameter value greater than 0; obtain the H(t) when the time axis is not equal to m The first time length and the second time length when it is equal to m; according to the formula: normal flow time ratio = the first time length/(the first time length + the second time length), calculate the Normal flow time proportion; determine whether the normal flow time proportion is greater than the preset proportion threshold; if the normal flow time proportion is greater than the preset proportion threshold, then the first terminal is recorded as a temporary terminal.
其中函数H(t)用以表征所述第一终端作为当前审批***的流量状况,当函数H(t)取值为m时,表示流量过大,处于异常状态;当函数H(t)取值不为m时,表示流量正常,处于正常状态,据此计算出所述正常流量时间占比,并判断所述正常流量时间占比是否大于预设占比阈值;若所述正常流量时间占比大于预设占比阈值,则将所述第一终端记为暂时终端。从而所述暂时终端可以作为新的并行审批***的备选终端。The function H(t) is used to characterize the flow status of the first terminal as the current approval system. When the value of the function H(t) is m, it means that the flow is too large and in an abnormal state; when the function H(t) is taken When the value is not m, it means that the flow rate is normal and in a normal state. Based on this, the normal flow rate time proportion is calculated, and it is determined whether the normal flow rate time proportion is greater than the preset proportion threshold value; If the ratio is greater than the preset ratio threshold, the first terminal is recorded as a temporary terminal. Therefore, the temporary terminal can be used as a candidate terminal of the new parallel approval system.
如上述步骤S2所述,采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批终端,所述区块链部署中心是预先架构的区块链网络中的一个区块链节点,所述区块链部署中心预存有虚拟机镜像和区块链节点容器镜像。其中,所述预先搭建的区块链网络可以为公有链、联盟链或者私有链。部署中心指预存有用于部署区块链节点的虚拟机镜像和区块链节点容器镜像的终端或服务器。其中,虚拟机镜像用于提供基础运行环境,例如运行区块链节点容器镜像的环境、编程程序语言运行环境或者基础工具包等。区块链节点容器镜像保存有公共帐本(例如将所述当前审批***的已有审批记录转作为公共帐本)等数据,用于在安装并启动区块链节点容器镜像后,使所述终端具有成为区块链节点的基础条件(例如还需要获取其他区块链节点的IP地址等信息,以及告知其他区块链节点本终端的IP地址等信息,才能完成加入所述区块链网络)。其中,所述申请终端指发出审批申请的终端,所述审批终端指审批所述审批申请的终端。其中,预先搭建的区块链网络中可以为任意方式搭建起的区块链网络,优选仅有一个节点链节点(即部署中心)的区块链网络,再通过本申请实现在所述区块链网络中部署其他的区块链节点。所述并行***指与当前审批***并行的基于区块链的审批***,即部署而成的基于区块链的审批***与当前审批***为并行关系,可以互不干扰地运作。As described in step S2 above, collect the IP addresses of multiple temporary terminals of the current approval system, where the multiple temporary terminals include at least an application terminal and an approval terminal, and the blockchain deployment center is a pre-architected blockchain network One of the blockchain nodes in the blockchain deployment center has a virtual machine image and a blockchain node container image pre-stored in the blockchain deployment center. Wherein, the pre-built blockchain network may be a public chain, a consortium chain or a private chain. The deployment center refers to a terminal or server pre-stored with a virtual machine image for deploying blockchain nodes and a blockchain node container image. Among them, the virtual machine image is used to provide a basic operating environment, such as an environment for running a blockchain node container image, a programming language operating environment, or a basic toolkit. The blockchain node container image saves data such as public ledgers (for example, transferring the existing approval records of the current approval system as a public account book) and other data, which are used to enable the The terminal has the basic conditions to become a blockchain node (for example, it needs to obtain information such as the IP address of other blockchain nodes, and inform other blockchain nodes of the terminal's IP address and other information to complete joining the blockchain network ). Wherein, the application terminal refers to a terminal that issues an approval application, and the approval terminal refers to a terminal that approves the approval application. Among them, the pre-built block chain network can be a block chain network that can be built in any way, preferably a block chain network with only one node chain node (that is, the deployment center), and then the block chain network is implemented in this application. Deploy other blockchain nodes in the chain network. The parallel system refers to a blockchain-based approval system parallel to the current approval system, that is, the deployed blockchain-based approval system and the current approval system are in a parallel relationship and can operate without interference.
如上述步骤S3所述,利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述虚拟机镜像和所述区块链节点容器镜像。所述申请终端和所述审批终端是当前审批***的参与主体,也是将要部署的并行***的参与主体,因此应该将所述申请终端和所述审批终端的全部或者部分加入所述并行***中。据此,利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述虚拟机镜像和所述区块链节点容器镜像。从而所述申请终端和所述审批终端可以利用所述虚拟机镜像和所述区块链节点容器镜像做好加入区块链的准备(即在所述虚拟机镜像中安装并启动所述区块链节点容器镜像后,即可完成加入区块链的准备)。As described in step S3 above, the IP address is used to send designated data to the application terminal and the approval terminal, and the designated data includes at least the virtual machine image and the blockchain node container image. The application terminal and the approval terminal are the participants of the current approval system and also the participants of the parallel system to be deployed. Therefore, all or part of the application terminal and the approval terminal should be added to the parallel system. Accordingly, the IP address is used to send designated data to the application terminal and the approval terminal, and the designated data includes at least the virtual machine image and the blockchain node container image. Therefore, the application terminal and the approval terminal can use the virtual machine image and the blockchain node container image to prepare for joining the blockchain (that is, install and start the block in the virtual machine image). After the chain node container is mirrored, the preparation for joining the blockchain can be completed).
如上述步骤S4所述,接收已在所述虚拟机镜像中安装并启动所述区块链节点容器镜像的指定终端的 注册请求,所述注册请求附带有所述指定终端的IP地址和通信端口的信息。所述指定终端要加入区块链,应当获知其他区块链节点的IP地址和通信端口的信息,同时也应当让其他区块链节点获知所述指定终端的IP地址和通信端口的信息。从而,在所述指定终端加入区块链后,所述指定终端与其他区块链节点的信息通信就不再需要通过部署中心,也即实现了去中心化。其中,所述通信端口为任意端口,例如为不同服务提供通信的端口,例如999是数据同步端口等。As described in step S4 above, receiving a registration request of a designated terminal that has installed and started the blockchain node container image in the virtual machine image, the registration request is accompanied by the IP address and communication port of the designated terminal Information. If the designated terminal wants to join the blockchain, it should know the IP address and communication port information of other blockchain nodes, and at the same time, other blockchain nodes should also be allowed to learn the IP address and communication port information of the designated terminal. Therefore, after the designated terminal joins the blockchain, the information communication between the designated terminal and other blockchain nodes no longer needs to pass through the deployment center, that is, decentralization is realized. Wherein, the communication port is any port, for example, a port that provides communication for different services, for example, 999 is a data synchronization port.
如上述步骤S5所述,判断所述指定终端的IP地址是否为所述申请终端的IP地址或者所述审批终端的IP地址。若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,分别表明所述指定终端为当前审批***的申请终端或者审批终端,也即将作为并行***的申请节点与审批节点。若所述指定终端的IP地址不为所述申请终端的IP地址,同时也不为所述审批终端的IP地址,即所述指定终端不属于当前审批***,此时应当拒绝注册请求。As described in step S5 above, it is determined whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal. If the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, respectively, it indicates that the designated terminal is the application terminal or the approval terminal of the current approval system, and will also serve as the application node of the parallel system And approval node. If the IP address of the designated terminal is neither the IP address of the application terminal nor the IP address of the approval terminal, that is, the designated terminal does not belong to the current approval system, the registration request should be rejected at this time.
如上述步骤S6所述,若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书,并将所述申请数字证书或者审批数字证书发送给所述指定终端。本申请中,部署中心不仅提供区块链节点部署需要的资源(虚拟机镜像等),还能够记录指定终端的指定终端的IP地址和通信端口的信息,并提供指定终端和区块链节点之间至少第一次的IP地址和通信端口的信息交换,并签发代表所述指定终端身份的申请数字证书或者审批数字证书。其中所述申请数字证书表明执有此证书的终端有权限发起申请审批请求;所述审批数字证书表明执有此证书的终端有权限审批申请审批请求。据此,所述指定终端根据申请数字证书或者审批数字证书在并行***中执行相应的操作。As described in step S6 above, if the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the IP address and communication port information of the designated terminal, and The IP address of the designated terminal generates an application digital certificate or an approval digital certificate representing the identity of the designated terminal, and sends the application digital certificate or the approval digital certificate to the designated terminal. In this application, the deployment center not only provides the resources (virtual machine mirroring, etc.) required for the deployment of blockchain nodes, it can also record the IP address and communication port information of the designated terminal, and provide information about the designated terminal and the blockchain node. At least the first exchange of information between the IP address and the communication port, and issuance of an application digital certificate or an approval digital certificate representing the identity of the designated terminal. The application for a digital certificate indicates that the terminal holding the certificate has the authority to initiate an application approval request; the approval digital certificate indicates that the terminal holding the certificate has the authority to approve the application approval request. Accordingly, the designated terminal executes corresponding operations in the parallel system according to the application for the digital certificate or the approval of the digital certificate.
如上述步骤S7所述,向所述指定终端发送预存的所有区块链节点的IP地址和通信端口的信息,以及向所有区块链节点发送所述指定终端的IP地址和通信端口的信息,从而完成所述指定终端在与当前审批***并行的所述区块链网络中的部署。指定终端要部署在所述区块链网络中,应当获知其他区块链节点的IP地址和通信端口,并让其他区块链节点获知指定终端的IP地址和通信端口。因此,向所述指定终端发送预存的所有区块链节点的IP地址和通信端口的信息,以及向所有区块链节点发送所述指定终端的IP地址和通信端口的信息,从而完成所述指定终端在与当前审批***并行的所述区块链网络中的部署。As described in step S7 above, sending the pre-stored IP address and communication port information of all blockchain nodes to the designated terminal, and sending the IP address and communication port information of the designated terminal to all blockchain nodes, This completes the deployment of the designated terminal in the blockchain network parallel to the current approval system. If the designated terminal is to be deployed in the blockchain network, it should know the IP address and communication port of other blockchain nodes, and let other blockchain nodes know the IP address and communication port of the designated terminal. Therefore, the pre-stored IP address and communication port information of all blockchain nodes are sent to the designated terminal, and the IP address and communication port information of the designated terminal is sent to all blockchain nodes, thereby completing the designation The deployment of the terminal in the blockchain network parallel to the current approval system.
在一个实施方式中,所述采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批终端的步骤S2,包括:In one embodiment, the step S2 of collecting the IP addresses of multiple temporary terminals of the current approval system, wherein the multiple temporary terminals includes at least an application terminal and an approval terminal, includes:
S201、获取所述当前审批***的日志,并解析所述日志得到参与所述当前审批***的执行申请操作的终端与执行审批操作的终端,分别记为初始申请终端与初始审批终端;S201. Obtain a log of the current approval system, and parse the log to obtain a terminal participating in the current approval system for performing an application operation and a terminal performing an approval operation, which are recorded as an initial application terminal and an initial approval terminal, respectively;
S202、统计所述初始申请终端与所述初始审批终端的错误记录次数,获取所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端,以及获取所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端;S202. Count the number of error records between the initial application terminal and the initial approval terminal, acquire the initial application terminal whose error record number is less than a preset first error number threshold, and acquire the error record number less than The initial approval terminal that presets a second error number threshold;
S203、将所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端记为申请终端,以及,将所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端记为审批终端;S203. Record the initial application terminal where the number of error records is less than a preset first error number threshold as an application terminal, and the initial approval where the number of error records is less than a preset second error number threshold The terminal is recorded as the approval terminal;
S204、采集所述申请终端与所述审批终端的IP地址。S204. Collect the IP addresses of the application terminal and the approval terminal.
如上所述,实现了采集当前审批***的多个暂时终端的IP地址。当前审批***的日志记载了审批记录,从审批记录中可以获知发起审批申请的终端的信息,参与审核所述审批申请的终端的信息,审核通过或者不通过的信息等。据此,通过解析所述日志,可以得到参与所述当前审批***的执行申请操作的终端的与执行审批操作的终端,分别记为初始申请终端与初始审批终端。由于存在某此原因,导致部分终端不能胜任申请或者审批责任,因此本申请通过统计所述初始申请终端与所述初始审批终端的错误记录次数,获取所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端,以及获取所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端;将所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端记为申请终端,以及,将所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端记为审批终端的方式,将所述错误记录次数过多的终端排除出将要部署的并行***中,以保证并行***的运行质量。据此,采集所述申请终端与所述审批终端的IP地址。As mentioned above, the IP addresses of multiple temporary terminals of the current approval system are collected. The log of the current approval system records the approval record. From the approval record, you can learn the information of the terminal that initiated the approval application, the information of the terminal that participated in the review of the approval application, and the information about the approval or disapproval. Accordingly, by parsing the log, it can be obtained that the terminal that participates in the application operation of the current approval system and the terminal that performs the approval operation are recorded as the initial application terminal and the initial approval terminal, respectively. Due to this reason, some terminals are not competent for application or approval responsibilities. Therefore, this application counts the number of error records of the initial application terminal and the initial approval terminal, and the number of error records obtained is less than the preset first error The initial application terminal with the number threshold, and the initial approval terminal that obtains the number of error records less than the preset second error number threshold; the number of error records less than the preset first error number threshold The initial application terminal is recorded as the application terminal, and the initial approval terminal whose number of error records is less than the preset second error number threshold is recorded as the approval terminal, and the terminal with the excessive number of error records is excluded In the parallel system to be deployed, to ensure the running quality of the parallel system. Accordingly, the IP addresses of the application terminal and the approval terminal are collected.
在一个实施方式中,所述利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述虚拟机镜像和所述区块链节点容器镜像的步骤S3,包括:In one embodiment, the step of using the IP address to send designated data to the application terminal and the approval terminal, the designated data including at least the virtual machine image and the blockchain node container image S3, including:
S301、获取所述申请终端和所述审批终端的操作***信息;S301. Obtain operating system information of the application terminal and the approval terminal;
S302、从预存的多种虚拟机镜像中选择与所述操作***信息相匹配的正确虚拟机镜像;S302: Select a correct virtual machine image matching the operating system information from a plurality of pre-stored virtual machine images;
S303、利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述正确虚拟机镜像和所述区块链节点容器镜像。S303. Use the IP address to send designated data to the application terminal and the approval terminal, where the designated data includes at least the correct virtual machine image and the blockchain node container image.
如上所述,实现了向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述正确虚拟机镜像和所述区块链节点容器镜像。其中,虚拟机镜像根据操作***的种类和操作***的版本分别设置有对应的虚拟机镜像,例如对于不同版本的linux操作***,如redhat、centos、ubuntu,分别采用三种对应的虚拟机镜像,从而针对性地发送正确虚拟机镜像和所述区块链节点容器镜像的指定数据,避免所述虚拟机镜像和所述区块链节点容器镜像无法使用,造成区块链节点部署失败。As described above, the designated data is sent to the application terminal and the approval terminal, and the designated data includes at least the correct virtual machine image and the blockchain node container image. Among them, the virtual machine image is provided with corresponding virtual machine images according to the type of operating system and the version of the operating system. For example, for different versions of linux operating systems, such as redhat, centos, and ubuntu, three corresponding virtual machine images are used. In this way, the designated data of the correct virtual machine image and the blockchain node container image are sent in a targeted manner, so as to prevent the virtual machine image and the blockchain node container image from being unavailable, resulting in the failure of blockchain node deployment.
在一个实施方式中,所述判断所述指定终端的IP地址是否为所述申请终端的IP地址或者所述审批终端的IP地址的步骤S5之后,包括:In one embodiment, after step S5 of determining whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, the method includes:
S51、若所述指定终端的IP地址不为所述申请终端的IP地址,同时所述指定终端的IP地址也不为所述审批终端的IP地址,则判断所述指定终端的IP地址是否记载于预设的新增终端IP地址列表中;S51. If the IP address of the designated terminal is not the IP address of the application terminal, and the IP address of the designated terminal is not the IP address of the approval terminal, then determine whether the IP address of the designated terminal is recorded In the preset new terminal IP address list;
S52、若所述指定终端的IP地址未记载于预设的新增终端IP地址列表中,则拒绝所述注册请求,并降低所述指定终端的访问优先级别。S52. If the IP address of the designated terminal is not recorded in the preset IP address list of newly added terminals, reject the registration request and lower the access priority level of the designated terminal.
如上所述,实现了拒绝所述注册请求,并降低所述指定终端的访问优先级别。根据实际需要(例如 审批压力过大时),仅将当前审批***的终端作为所述并行***的参与终端,会使审批效率降低。因此本申请通过若所述指定终端的IP地址不为所述申请终端的IP地址,同时所述指定终端的IP地址也不为所述审批终端的IP地址,则判断所述指定终端的IP地址是否记载于预设的新增终端IP地址列表中;若所述指定终端的IP地址未记载于预设的新增终端IP地址列表中,则拒绝所述注册请求,并降低所述指定终端的访问优先级别;若所述指定终端的IP地址记载于预设的新增终端IP地址列表中,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书,并将所述申请数字证书或者审批数字证书发送给所述指定终端。从而实现了动态调整参与并行***的终端的数量,以提高审批效率。其中所述访问优先级别指所述指定终端访问区块链部署中心的优先级别,即优先接受其他终端对区块链部署中心的访问请求,而暂缓所述指定终端对区块链部署中心的访问请求。As described above, it is achieved that the registration request is rejected and the access priority level of the designated terminal is reduced. According to actual needs (for example, when the approval pressure is too high), only using the terminal of the current approval system as the participating terminal of the parallel system will reduce the approval efficiency. Therefore, this application passes if the IP address of the designated terminal is not the IP address of the application terminal, and the IP address of the designated terminal is not the IP address of the approval terminal, then the IP address of the designated terminal is determined Whether it is recorded in the preset IP address list of newly added terminals; if the IP address of the designated terminal is not recorded in the preset IP address list of newly added terminals, the registration request is rejected and the designated terminal’s IP address is reduced. Access priority level; if the IP address of the designated terminal is recorded in the preset IP address list of newly added terminals, the information of the IP address and communication port of the designated terminal is recorded and generated according to the IP address of the designated terminal An application for a digital certificate or an approval digital certificate representing the identity of the designated terminal, and the application for a digital certificate or an approval digital certificate is sent to the designated terminal. In this way, the number of terminals participating in the parallel system can be dynamically adjusted to improve the approval efficiency. The access priority level refers to the priority level of the designated terminal to access the blockchain deployment center, that is, priority is given to accepting access requests from other terminals to the blockchain deployment center, and the designated terminal’s access to the blockchain deployment center is suspended request.
在一个实施方式中,所述若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书,并将所述申请数字证书或者审批数字证书发送给所述指定终端的步骤S6,包括:In one embodiment, if the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the IP address and communication port information of the designated terminal, and The step S6 of generating the application digital certificate or the approval digital certificate representing the identity of the designated terminal by the IP address of the designated terminal, and sending the application digital certificate or the approval digital certificate to the designated terminal, includes:
S601、若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书;S601. If the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the information of the IP address and communication port of the designated terminal, and use the IP address of the designated terminal Address generation represents the application digital certificate or approval digital certificate representing the identity of the designated terminal;
S602、解析所述当前审批***,获取所述当前审批***的审批流程,并根据所述审批流程,生成智能合约;S602. Analyze the current approval system, obtain the approval process of the current approval system, and generate a smart contract according to the approval process;
S603、将所述智能合约发送给所述指定终端,同时将所述申请数字证书或者审批数字证书发送给所述指定终端。S603: Send the smart contract to the designated terminal, and at the same time send the application for digital certificate or approval digital certificate to the designated terminal.
如上所述,实现了记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书,并将所述申请数字证书或者审批数字证书发送给所述指定终端。本实施方式根据当前审批***的审批流程,灵活且实时地生成智能合约,以限定部署得到的并行***能够实现与当前审批***相同的功能。其中所述智能合约是一种旨在以信息化方式传播、验证或执行合同的计算机协议。智能合约允许在没有第三方的情况下进行可信交易,这些交易可追踪且不可逆转。将所述智能合约发送给所述指定终端,所述指定终端安装并使用所述智能合约后,即可与其他安装并使用所述智能合约的终端完成审批流程。其中,所述智能合约根据所述审批流程生成,因此限定的并行***中的审批规则与当前审批***相同,从而保证了并行区块链***与原审批***的一致性。As mentioned above, it is realized to record the information of the IP address and communication port of the designated terminal, and according to the IP address of the designated terminal, to generate an application digital certificate representing the identity of the designated terminal or an approval digital certificate, and the application The digital certificate or the approval digital certificate is sent to the designated terminal. According to the approval process of the current approval system, this embodiment generates smart contracts flexibly and in real time to limit that the parallel system obtained by deployment can realize the same functions as the current approval system. The smart contract is a computer protocol designed to spread, verify, or execute the contract in an informationized manner. Smart contracts allow trusted transactions without a third party, which are traceable and irreversible. The smart contract is sent to the designated terminal, and after the designated terminal installs and uses the smart contract, it can complete the approval process with other terminals that install and use the smart contract. Wherein, the smart contract is generated according to the approval process, so the approval rules in the limited parallel system are the same as the current approval system, thereby ensuring the consistency of the parallel blockchain system and the original approval system.
在一个实施方式中,所述向所述指定终端发送预存的所有区块链节点的IP地址和通信端口的信息, 以及向所有区块链节点发送所述指定终端的IP地址和通信端口的信息,从而完成所述指定终端在与当前审批***并行的所述区块链网络中的部署的步骤S7之后,包括:In one embodiment, the pre-stored IP address and communication port information of all blockchain nodes are sent to the designated terminal, and the IP address and communication port information of the designated terminal is sent to all blockchain nodes , So as to complete step S7 of deployment of the designated terminal in the blockchain network parallel to the current approval system, including:
S71、接收所述指定终端发送的修改IP地址或者通信端口的修改请求;S71: Receive a modification request for modifying an IP address or communication port sent by the designated terminal;
S72、根据所述修改请求,在所述指定终端的注册信息中修改所述终端的IP地址或者通信端口;S72. Modify the IP address or communication port of the terminal in the registration information of the designated terminal according to the modification request;
S73、将修改后的所述终端的IP地址或者通信端口的信息发送给所有区块链节点。S73. Send the modified IP address or communication port information of the terminal to all blockchain nodes.
如上所述,通过部署中心实现了更新IP地址或者通信端口。当所述指定终端的IP地址或者通信端口发生改变后,为了使其他区块链节点还能找到所述指定终端,则应当将修改后的IP地址或者通信端口的信息发送给其他区块链节点。具体地,部署中心接收所述指定终端发送的修改IP地址或者通信端口的修改请求,根据所述修改请求,在所述指定终端的注册信息中修改所述终端的IP地址或者通信端口,将修改后的所述终端的IP地址或者通信端口的信息发送给所有区块链节点。从而借助部署中心实现了IP地址或者通信端口的更新。进一步地,部署中心还可以主动判断指定终端的IP地址或者通信端口是否发生修改,若发生了修改,则获取修改后的指定终端的IP地址或者通信端口,并在所述指定终端的注册信息中修改所述终端的IP地址或者通信端口,再将修改后的所述终端的IP地址或者通信端口的信息发送给所有区块链节点。As mentioned above, the IP address or communication port is updated through the deployment center. When the IP address or communication port of the designated terminal is changed, in order to enable other blockchain nodes to find the designated terminal, the modified IP address or communication port information should be sent to other blockchain nodes . Specifically, the deployment center receives a modification request for modifying the IP address or communication port sent by the designated terminal, and according to the modification request, modifies the terminal's IP address or communication port in the registration information of the designated terminal, and modifies The latter information of the terminal's IP address or communication port is sent to all blockchain nodes. In this way, the IP address or communication port is updated with the help of the deployment center. Further, the deployment center can also actively determine whether the IP address or communication port of the designated terminal has been modified, and if it has been modified, obtain the modified IP address or communication port of the designated terminal, and record it in the registration information of the designated terminal Modify the IP address or communication port of the terminal, and then send the modified IP address or communication port information of the terminal to all blockchain nodes.
在一个实施方式中,所述采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批终端,所述区块链部署中心是预先架构的区块链网络中的一个区块链节点,所述区块链部署中心预存有虚拟机镜像和区块链节点容器镜像的步骤S2之前,包括:In one embodiment, the IP addresses of multiple temporary terminals of the current approval system are collected, where the multiple temporary terminals include at least an application terminal and an approval terminal, and the blockchain deployment center is a pre-architected blockchain A block chain node in the network, the block chain deployment center pre-stores the virtual machine image and the block chain node container image before step S2, including:
S11、利用指定语言创建区块链类,并将所述区块链类实例化后获得创世区块,在所述创世区块中将前一区块的哈希值设置为0;S11. Use a designated language to create a blockchain class, instantiate the blockchain class to obtain a genesis block, and set the hash value of the previous block to 0 in the genesis block;
S12、基于所述创世区块,采用预设的区块生成技术生成其他区块,其中所述其他区块记载有前一区块的哈希值;S12. Based on the genesis block, use a preset block generation technology to generate other blocks, where the other blocks record the hash value of the previous block;
S13、将预设终端作为区块链节点,从而搭建所述区块链网络。S13. Use the preset terminal as a blockchain node to build the blockchain network.
如上所述,实现了搭建所述区块链网络。其中创建区块链类的语言可以为任意可行语言,例如JAVA、C++、Go语言等,本实施方式优选Go语言,从而优化区块链类。其中区块链类(class)是对区块链的定义,将所述区块链类实例化即是确定区块链的具体参数,从而获得第一个区块(创世区块),从而作为其他区块的生成依据。由于创世区块是第一个区块,实际上没有之前的区块,因此在创世区块中将前一区块的哈希值设置为0。其中所述预设终端为接受所述区块链网络的预设共识机制的终端,所述预设共识机制可为任意共识机制,例如为工作量证明机制、权益证明机制、拜占庭容错机制等,本实施方式优选拜占庭容错机制。其中采用预设的区块生成技术例如为,设置区块头、区块体;在所述区块头中前一区块的哈希值,本区块体的哈希值和时间戳;在区块体中存储预先准备的数据,从而所述区块头与所述区块体构成了一个区块。As mentioned above, the construction of the blockchain network is realized. The language for creating the blockchain class can be any feasible language, such as JAVA, C++, Go language, etc. The Go language is preferred in this embodiment to optimize the blockchain class. The block chain class (class) is the definition of the block chain, and instantiating the block chain class is to determine the specific parameters of the block chain, so as to obtain the first block (the genesis block), thereby As the basis for the generation of other blocks. Since the genesis block is the first block, there is actually no previous block, so the hash value of the previous block is set to 0 in the genesis block. The preset terminal is a terminal that accepts the preset consensus mechanism of the blockchain network, and the preset consensus mechanism can be any consensus mechanism, such as a workload proof mechanism, an equity proof mechanism, a Byzantine fault tolerance mechanism, etc., In this embodiment, the Byzantine fault tolerance mechanism is preferred. The preset block generation technology is, for example, setting block header and block body; in the block header, the hash value of the previous block, the hash value and timestamp of the block body; The pre-prepared data is stored in the body, so that the block header and the block body constitute a block.
参照图2,本申请实施例提供一种基于区块链的并行***部署装置,应用于区块链部署中心,包括:Referring to Figure 2, an embodiment of the present application provides a blockchain-based parallel system deployment device applied to a blockchain deployment center, including:
暂时终端标记单元10,用于接收当前审批***的第一终端发送的第一HASH值,并判断所述第一HASH值与预存的HASH值是否相同;若所述第一HASH值与预存的HASH值相同,则判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端;The temporary terminal marking unit 10 is configured to receive the first HASH value sent by the first terminal of the current approval system, and determine whether the first HASH value is the same as the pre-stored HASH value; if the first HASH value is the same as the pre-stored HASH value If the value is the same, it is determined whether the flow data of the first terminal meets the preset flow standard, and if the flow data of the first terminal meets the preset flow standard, the first terminal is recorded as a temporary terminal;
IP地址采集单元20,用于采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批终端,所述区块链部署中心是预先架构的区块链网络中的一个区块链节点,所述区块链部署中心预存有虚拟机镜像和区块链节点容器镜像;The IP address collection unit 20 is used to collect the IP addresses of multiple temporary terminals of the current approval system, where the multiple temporary terminals include at least an application terminal and an approval terminal, and the blockchain deployment center is a pre-architected blockchain A block chain node in the network, the block chain deployment center pre-stores a virtual machine image and a block chain node container image;
指定数据发送单元30,用于利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述虚拟机镜像和所述区块链节点容器镜像;The designated data sending unit 30 is configured to use the IP address to send designated data to the application terminal and the approval terminal, where the designated data includes at least the virtual machine image and the blockchain node container image;
注册请求接收单元40,用于接收已在所述虚拟机镜像中安装并启动所述区块链节点容器镜像的指定终端的注册请求,所述注册请求附带有所述指定终端的IP地址和通信端口的信息;The registration request receiving unit 40 is configured to receive a registration request of a designated terminal that has been installed in the virtual machine image and started the blockchain node container image, and the registration request is accompanied by the IP address and communication of the designated terminal Port information;
IP地址判断单元50,用于判断所述指定终端的IP地址是否为所述申请终端的IP地址或者所述审批终端的IP地址;The IP address determining unit 50 is configured to determine whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal;
数字证书发送单元60,用于若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书,并将所述申请数字证书或者审批数字证书发送给所述指定终端;The digital certificate sending unit 60 is configured to record the IP address and communication port information of the designated terminal if the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, and according to Generating, by the IP address of the designated terminal, an application digital certificate or an approval digital certificate representing the identity of the designated terminal, and send the application digital certificate or the approval digital certificate to the designated terminal;
信发发送单元70,用于向所述指定终端发送预存的所有区块链节点的IP地址和通信端口的信息,以及向所有区块链节点发送所述指定终端的IP地址和通信端口的信息,从而完成所述指定终端在与当前审批***并行的所述区块链网络中的部署。The letter sending unit 70 is configured to send pre-stored information of the IP addresses and communication ports of all blockchain nodes to the designated terminal, and send information of the IP addresses and communication ports of the designated terminal to all blockchain nodes , Thereby completing the deployment of the designated terminal in the blockchain network parallel to the current approval system.
其中上述单元分别用于执行的操作与前述实施方式的基于区块链的并行***部署方法的步骤一一对应,在此不再赘述。The operations performed by the above-mentioned units respectively correspond to the steps of the blockchain-based parallel system deployment method of the foregoing embodiment, and will not be repeated here.
在一个实施方式中,所述IP地址采集单元20,包括:In one embodiment, the IP address collection unit 20 includes:
日志获取子单元,用于获取所述当前审批***的日志,并解析所述日志得到参与所述当前审批***的执行申请操作的终端与执行审批操作的终端,分别记为初始申请终端与初始审批终端;The log acquisition subunit is used to acquire the log of the current approval system, and parse the log to obtain the terminal participating in the current approval system performing the application operation and the terminal performing the approval operation, which are recorded as the initial application terminal and the initial approval respectively terminal;
错误记录次数统计子单元,用于统计所述初始申请终端与所述初始审批终端的错误记录次数,获取所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端,以及获取所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端;The error record count subunit is configured to count the number of error records of the initial application terminal and the initial approval terminal, obtain the initial application terminal whose error record times are less than the preset first error number threshold, and obtain The initial approval terminal whose error recording times are less than a preset second error quantity threshold;
终端标记子单元,用于将所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端记为申请终端,以及,将所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端记为审批终端;The terminal marking subunit is configured to mark the initial application terminal whose error recording times are less than a preset first error number threshold as an application terminal, and to mark the error recording times less than a preset second error number threshold The initial approval terminal is recorded as an approval terminal;
IP地址采集子单元,用于采集所述申请终端与所述审批终端的IP地址。The IP address collection subunit is used to collect the IP addresses of the application terminal and the approval terminal.
其中上述子单元分别用于执行的操作与前述实施方式的基于区块链的并行***部署方法的步骤一一对应,在此不再赘述。The operations performed by the above-mentioned sub-units respectively correspond to the steps of the parallel system deployment method based on the blockchain of the foregoing embodiment, and will not be repeated here.
在一个实施方式中,所述指定数据发送单元30,包括:In one embodiment, the designated data sending unit 30 includes:
操作***信息获取子单元,用于获取所述申请终端和所述审批终端的操作***信息;Operating system information acquisition sub-unit for acquiring operating system information of the application terminal and the approval terminal;
正确虚拟机镜像选择子单元,用于从预存的多种虚拟机镜像中选择与所述操作***信息相匹配的正确虚拟机镜像;The correct virtual machine image selection subunit is used to select a correct virtual machine image matching the operating system information from a variety of pre-stored virtual machine images;
指定数据发送子单元,用于利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述正确虚拟机镜像和所述区块链节点容器镜像。The designated data sending subunit is configured to use the IP address to send designated data to the application terminal and the approval terminal, where the designated data includes at least the correct virtual machine image and the blockchain node container image.
其中上述子单元分别用于执行的操作与前述实施方式的基于区块链的并行***部署方法的步骤一一对应,在此不再赘述。The operations performed by the above-mentioned sub-units respectively correspond to the steps of the parallel system deployment method based on the blockchain of the foregoing embodiment, and will not be repeated here.
在一个实施方式中,所述装置,包括:In one embodiment, the device includes:
新增终端IP地址判断单元,用于若所述指定终端的IP地址不为所述申请终端的IP地址,同时所述指定终端的IP地址也不为所述审批终端的IP地址,则判断所述指定终端的IP地址是否记载于预设的新增终端IP地址列表中;A new terminal IP address judging unit is added for judging if the IP address of the designated terminal is not the IP address of the applying terminal, and the IP address of the designated terminal is also not the IP address of the approval terminal Whether the IP address of the designated terminal is recorded in the preset IP address list of newly added terminals;
拒绝单元,用于若所述指定终端的IP地址未记载于预设的新增终端IP地址列表中,则拒绝所述注册请求,并降低所述指定终端的访问优先级别。The rejection unit is configured to reject the registration request and lower the access priority level of the designated terminal if the IP address of the designated terminal is not recorded in the preset IP address list of newly added terminals.
其中上述单元分别用于执行的操作与前述实施方式的基于区块链的并行***部署方法的步骤一一对应,在此不再赘述。The operations performed by the above-mentioned units respectively correspond to the steps of the blockchain-based parallel system deployment method of the foregoing embodiment, and will not be repeated here.
在一个实施方式中,所述数字证书发送单元60,包括:In one embodiment, the digital certificate sending unit 60 includes:
数字证书生成子单元,用于若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书;The digital certificate generation subunit is configured to record the IP address and communication port information of the designated terminal if the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, and according to Generating an application digital certificate or an approval digital certificate representing the identity of the designated terminal from the IP address of the designated terminal;
生成智能合约子单元,用于解析所述当前审批***,获取所述当前审批***的审批流程,并根据所述审批流程,生成智能合约;Generate a smart contract subunit for analyzing the current approval system, obtaining the approval process of the current approval system, and generating a smart contract according to the approval process;
发送智能合约子单元,用于将所述智能合约发送给所述指定终端,同时将所述申请数字证书或者审批数字证书发送给所述指定终端。The sending smart contract subunit is configured to send the smart contract to the designated terminal, and at the same time send the applied digital certificate or the approved digital certificate to the designated terminal.
其中上述子单元分别用于执行的操作与前述实施方式的基于区块链的并行***部署方法的步骤一一对应,在此不再赘述。The operations performed by the above-mentioned sub-units respectively correspond to the steps of the parallel system deployment method based on the blockchain of the foregoing embodiment, and will not be repeated here.
在一个实施方式中,所述装置,包括:In one embodiment, the device includes:
修改请求接收单元,用于接收所述指定终端发送的修改IP地址或者通信端口的修改请求;A modification request receiving unit, configured to receive a modification request for modifying an IP address or a communication port sent by the designated terminal;
修改单元,用于根据所述修改请求,在所述指定终端的注册信息中修改所述终端的IP地址或者通信端口;A modification unit, configured to modify the IP address or communication port of the terminal in the registration information of the designated terminal according to the modification request;
修改后信息发送单元,用于将修改后的所述终端的IP地址或者通信端口的信息发送给所有区块链节点。The modified information sending unit is used to send the modified information of the terminal's IP address or communication port to all blockchain nodes.
其中上述单元分别用于执行的操作与前述实施方式的基于区块链的并行***部署方法的步骤一一对应,在此不再赘述。The operations performed by the above-mentioned units respectively correspond to the steps of the blockchain-based parallel system deployment method of the foregoing embodiment, and will not be repeated here.
在一个实施方式中,所述装置,包括:In one embodiment, the device includes:
创世区块获取单元,用于利用指定语言创建区块链类,并将所述区块链类实例化后获得创世区块,在所述创世区块中将前一区块的哈希值设置为0;The creation block acquisition unit is used to create a block chain class in a specified language, and instantiate the block chain class to obtain a creation block, in which the previous block’s Ha The value is set to 0;
其他区块生成单元,用于基于所述创世区块,采用预设的区块生成技术生成其他区块,其中所述其他区块记载有前一区块的哈希值;The other block generation unit is configured to generate other blocks based on the genesis block using a preset block generation technology, wherein the other blocks record the hash value of the previous block;
区块链节点设置单元,用于将预设终端作为区块链节点,从而搭建所述区块链网络。The block chain node setting unit is used to use a preset terminal as a block chain node to build the block chain network.
其中上述单元分别用于执行的操作与前述实施方式的基于区块链的并行***部署方法的步骤一一对应,在此不再赘述。The operations performed by the above-mentioned units respectively correspond to the steps of the blockchain-based parallel system deployment method of the foregoing embodiment, and will not be repeated here.
参照图3,本申请实施例中还提供一种计算机设备,该计算机设备可以是服务器,其内部结构可以如图所示。该计算机设备包括通过***总线连接的处理器、存储器、网络接口和数据库。其中,该计算机设计的处理器用于提供计算和控制能力。该计算机设备的存储器包括非易失性存储介质、内存储器。该非易失性存储介质存储有操作***、计算机程序和数据库。该内存器为非易失性存储介质中的操作***和计算机程序的运行提供环境。该计算机设备的数据库用于存储基于区块链的并行***部署方法所用数据。该计算机设备的网络接口用于与外部的终端通过网络连接通信。该计算机程序被处理器执行时以实现一种基于区块链的并行***部署方法。3, an embodiment of the present application also provides a computer device. The computer device may be a server, and its internal structure may be as shown in the figure. The computer equipment includes a processor, a memory, a network interface and a database connected through a system bus. Among them, the computer designed processor is used to provide calculation and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage medium. The database of the computer equipment is used to store the data used in the parallel system deployment method based on the blockchain. The network interface of the computer device is used to communicate with an external terminal through a network connection. The computer program is executed by the processor to realize a parallel system deployment method based on blockchain.
上述处理器执行上述基于区块链的并行***部署方法,其中所述方法包括的步骤分别与执行前述实施方式的基于区块链的并行***部署方法的步骤一一对应,在此不再赘述。The above-mentioned processor executes the above-mentioned blockchain-based parallel system deployment method, wherein the steps included in the method respectively correspond to the steps of executing the blockchain-based parallel system deployment method of the foregoing embodiment, and will not be repeated here.
本申请一实施例还提供一种计算机可读存储介质,其上存储有计算机程序,计算机程序被处理器执行时实现基于区块链的并行***部署方法,其中所述方法包括的步骤分别与执行前述实施方式的基于区块链的并行***部署方法的步骤一一对应,在此不再赘述。所述计算机可读存储介质,例如为非易失性的计算机可读存储介质,或者为易失性的计算机可读存储介质。An embodiment of the present application also provides a computer-readable storage medium on which a computer program is stored. When the computer program is executed by a processor, a blockchain-based parallel system deployment method is implemented, wherein the steps included in the method are respectively executed The steps of the block chain-based parallel system deployment method in the foregoing embodiment correspond one to one, and will not be repeated here. The computer-readable storage medium is, for example, a non-volatile computer-readable storage medium or a volatile computer-readable storage medium.

Claims (20)

  1. 一种基于区块链的并行***部署方法,应用于区块链部署中心,其特征在于,包括:A parallel system deployment method based on blockchain, applied to a blockchain deployment center, and is characterized in that it includes:
    接收当前审批***的第一终端发送的第一HASH值,并判断所述第一HASH值与预存的HASH值是否相同;若所述第一HASH值与预存的HASH值相同,则判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端;Receive the first HASH value sent by the first terminal of the current approval system, and judge whether the first HASH value is the same as the pre-stored HASH value; if the first HASH value is the same as the pre-stored HASH value, judge the first HASH value Whether the flow data of a terminal meets the preset flow standard, and if the flow data of the first terminal meets the preset flow standard, record the first terminal as a temporary terminal;
    采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批终端,所述区块链部署中心是预先架构的区块链网络中的一个区块链节点,所述区块链部署中心预存有虚拟机镜像和区块链节点容器镜像;Collect the IP addresses of multiple temporary terminals of the current approval system, where the multiple temporary terminals include at least an application terminal and an approval terminal, and the blockchain deployment center is a blockchain node in a pre-architected blockchain network , The blockchain deployment center pre-stores a virtual machine image and a blockchain node container image;
    利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述虚拟机镜像和所述区块链节点容器镜像;Using the IP address to send designated data to the application terminal and the approval terminal, the designated data including at least the virtual machine image and the blockchain node container image;
    接收已在所述虚拟机镜像中安装并启动所述区块链节点容器镜像的指定终端的注册请求,所述注册请求附带有所述指定终端的IP地址和通信端口的信息;Receiving a registration request of a designated terminal that has installed and started the blockchain node container image in the virtual machine image, the registration request is accompanied by information about the IP address and communication port of the designated terminal;
    判断所述指定终端的IP地址是否为所述申请终端的IP地址或者所述审批终端的IP地址;Determine whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal;
    若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书,并将所述申请数字证书或者审批数字证书发送给所述指定终端;If the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the IP address and communication port information of the designated terminal, and generate it based on the IP address of the designated terminal Applying for a digital certificate or approving a digital certificate representing the identity of the designated terminal, and sending the applying for digital certificate or approving digital certificate to the designated terminal;
    向所述指定终端发送预存的所有区块链节点的IP地址和通信端口的信息,以及向所有区块链节点发送所述指定终端的IP地址和通信端口的信息,从而完成所述指定终端在与当前审批***并行的所述区块链网络中的部署。Send the pre-stored IP address and communication port information of all blockchain nodes to the designated terminal, and send the IP address and communication port information of the designated terminal to all blockchain nodes, thereby completing the designated terminal’s Deployment in the blockchain network parallel to the current approval system.
  2. 根据权利要求1所述的基于区块链的并行***部署方法,其特征在于,所述判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端的步骤,包括:The method for deploying a parallel system based on blockchain according to claim 1, wherein the determining whether the flow data of the first terminal meets a preset flow standard, and if the flow data of the first terminal meets The preset flow standard, the step of recording the first terminal as a temporary terminal includes:
    根据公式:According to the formula:
    H(t)=min(G(t),m),其中
    Figure PCTCN2019117215-appb-100001
    E(t)=F(t) f(t),获取函数H(t),其中F(t)为所述第一终端的流量随时间变化的流量函数,f(t)为预设的标准流量函数,E(t)为所述流量函数F(t)与所述标准流量函数f(t)的差值函数,
    Figure PCTCN2019117215-appb-100002
    为所述差值函数对时间的微分函数,min指最小值函数,t为时间,m为预设的大于0的误差参数值;     H(t)=min(G(t),m), where
    Figure PCTCN2019117215-appb-100001
    E(t)=F(t) f(t), obtain the function H(t), where F(t) is the flow function of the flow of the first terminal over time, f(t) is the preset standard Flow function, E(t) is the difference function of the flow function F(t) and the standard flow function f(t),
    Figure PCTCN2019117215-appb-100002
    Is the differential function of the difference function with respect to time, min refers to the minimum value function, t is time, and m is a preset error parameter value greater than 0;
    获取所述H(t)在时间轴上不等于m时的第一时间长度和等于m时的第二时间长度;Acquiring the first time length when the H(t) is not equal to m on the time axis and the second time length when it is equal to m;
    根据公式:正常流量时间占比=所述第一时间长度/(所述第一时间长度+所述第二时间长度),计算出所述正常流量时间占比;According to the formula: normal flow time ratio=the first time length/(the first time length+the second time length), the normal flow time ratio is calculated;
    判断所述正常流量时间占比是否大于预设占比阈值;Judging whether the time proportion of the normal flow is greater than a preset proportion threshold;
    若所述正常流量时间占比大于预设占比阈值,则将所述第一终端记为暂时终端。If the time proportion of the normal traffic is greater than the preset proportion threshold, the first terminal is recorded as a temporary terminal.
  3. 根据权利要求1所述的基于区块链的并行***部署方法,其特征在于,所述采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批终端的步骤,包括:The method for deploying a parallel system based on blockchain according to claim 1, wherein the collecting IP addresses of multiple temporary terminals of the current approval system, wherein the multiple temporary terminals include at least an application terminal and an approval terminal The steps include:
    获取所述当前审批***的日志,并解析所述日志得到参与所述当前审批***的执行申请操作的终端与执行审批操作的终端,分别记为初始申请终端与初始审批终端;Obtain the log of the current approval system, and analyze the log to obtain the terminal that participates in the application operation of the current approval system and the terminal that executes the approval operation, which are respectively recorded as the initial application terminal and the initial approval terminal;
    统计所述初始申请终端与所述初始审批终端的错误记录次数,获取所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端,以及获取所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端;Count the number of error records of the initial application terminal and the initial approval terminal, obtain the initial application terminal whose error record number is less than a preset first error number threshold, and obtain the error record number less than the preset The initial approval terminal of the second error number threshold;
    将所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端记为申请终端,以及,将所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端记为审批终端;The initial application terminal whose error recording times are less than the preset first error number threshold is recorded as an application terminal, and the initial approval terminal whose error recording times are less than the preset second error number threshold is recorded Is the approval terminal;
    采集所述申请终端与所述审批终端的IP地址。Collect the IP addresses of the application terminal and the approval terminal.
  4. 根据权利要求1所述的基于区块链的并行***部署方法,其特征在于,所述利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述虚拟机镜像和所述区块链节点容器镜像的步骤,包括:The method for deploying a parallel system based on a blockchain according to claim 1, wherein the designated data is sent to the application terminal and the approval terminal by using the IP address, and the designated data includes at least all The steps of the virtual machine image and the blockchain node container image include:
    获取所述申请终端和所述审批终端的操作***信息;Acquiring operating system information of the application terminal and the approval terminal;
    从预存的多种虚拟机镜像中选择与所述操作***信息相匹配的正确虚拟机镜像;Selecting a correct virtual machine image matching the operating system information from a plurality of pre-stored virtual machine images;
    利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述正确虚拟机镜像和所述区块链节点容器镜像。The IP address is used to send designated data to the application terminal and the approval terminal, where the designated data includes at least the correct virtual machine image and the blockchain node container image.
  5. 根据权利要求1所述的基于区块链的并行***部署方法,其特征在于,所述判断所述指定终端的IP地址是否为所述申请终端的IP地址或者所述审批终端的IP地址的步骤之后,包括:The method for deploying a parallel system based on blockchain according to claim 1, wherein the step of judging whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal After that, include:
    若所述指定终端的IP地址不为所述申请终端的IP地址,同时所述指定终端的IP地址也不为所述审批终端的IP地址,则判断所述指定终端的IP地址是否记载于预设的新增终端IP地址列表中;If the IP address of the designated terminal is not the IP address of the application terminal, and the IP address of the designated terminal is also not the IP address of the approval terminal, then it is determined whether the IP address of the designated terminal is recorded in the preview. In the newly added terminal IP address list set;
    若所述指定终端的IP地址未记载于预设的新增终端IP地址列表中,则拒绝所述注册请求,并降低所述指定终端的访问优先级别。If the IP address of the designated terminal is not recorded in the preset IP address list of newly added terminals, the registration request is rejected and the access priority level of the designated terminal is lowered.
  6. 根据权利要求1所述的基于区块链的并行***部署方法,其特征在于,所述若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书,并将所述申请数字证书或者审批数字证书发送给所述指定终端的步骤,包括:The method for deploying a parallel system based on a blockchain according to claim 1, wherein if the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record Information about the IP address and communication port of the designated terminal, and generate an application digital certificate or an approval digital certificate representing the identity of the designated terminal according to the IP address of the designated terminal, and send the application digital certificate or approval digital certificate The steps for the designated terminal include:
    若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数 字证书或者审批数字证书;If the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the IP address and communication port information of the designated terminal, and generate it based on the IP address of the designated terminal Applying for a digital certificate or approving a digital certificate representing the identity of the designated terminal;
    解析所述当前审批***,获取所述当前审批***的审批流程,并根据所述审批流程,生成智能合约;Analyze the current approval system, obtain the approval process of the current approval system, and generate a smart contract according to the approval process;
    将所述智能合约发送给所述指定终端,同时将所述申请数字证书或者审批数字证书发送给所述指定终端。The smart contract is sent to the designated terminal, and the application for digital certificate or the approval digital certificate is sent to the designated terminal.
  7. 根据权利要求1所述的基于区块链的并行***部署方法,其特征在于,所述向所述指定终端发送预存的所有区块链节点的IP地址和通信端口的信息,以及向所有区块链节点发送所述指定终端的IP地址和通信端口的信息,从而完成所述指定终端在与当前审批***并行的所述区块链网络中的部署的步骤之后,包括:The method for deploying a parallel system based on a blockchain according to claim 1, wherein the pre-stored IP address and communication port information of all blockchain nodes are sent to the designated terminal, and to all the blocks After the chain node sends the information of the IP address and communication port of the designated terminal, so as to complete the deployment of the designated terminal in the blockchain network parallel to the current approval system, it includes:
    接收所述指定终端发送的修改IP地址或者通信端口的修改请求;Receiving a modification request for modifying an IP address or a communication port sent by the designated terminal;
    根据所述修改请求,在所述指定终端的注册信息中修改所述终端的IP地址或者通信端口;According to the modification request, modify the IP address or communication port of the terminal in the registration information of the designated terminal;
    将修改后的所述终端的IP地址或者通信端口的信息发送给所有区块链节点。Send the modified IP address or communication port information of the terminal to all blockchain nodes.
  8. 一种基于区块链的并行***部署装置,应用于区块链部署中心,其特征在于,包括:A parallel system deployment device based on block chain, applied to block chain deployment center, characterized in that it includes:
    暂时终端标记单元,用于接收当前审批***的第一终端发送的第一HASH值,并判断所述第一HASH值与预存的HASH值是否相同;若所述第一HASH值与预存的HASH值相同,则判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端;The temporary terminal marking unit is used to receive the first HASH value sent by the first terminal of the current approval system, and determine whether the first HASH value is the same as the pre-stored HASH value; if the first HASH value is the same as the pre-stored HASH value If the same, determine whether the flow data of the first terminal meets the preset flow standard, and if the flow data of the first terminal meets the preset flow standard, record the first terminal as a temporary terminal;
    IP地址采集单元,用于采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批终端,所述区块链部署中心是预先架构的区块链网络中的一个区块链节点,所述区块链部署中心预存有虚拟机镜像和区块链节点容器镜像;The IP address collection unit is used to collect the IP addresses of multiple temporary terminals of the current approval system, where the multiple temporary terminals include at least an application terminal and an approval terminal, and the blockchain deployment center is a pre-architected blockchain network A block chain node in the block chain deployment center, a virtual machine image and a block chain node container image are pre-stored in the block chain deployment center;
    指定数据发送单元,用于利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述虚拟机镜像和所述区块链节点容器镜像;A designated data sending unit, configured to use the IP address to send designated data to the application terminal and the approval terminal, the designated data including at least the virtual machine image and the blockchain node container image;
    注册请求接收单元,用于接收已在所述虚拟机镜像中安装并启动所述区块链节点容器镜像的指定终端的注册请求,所述注册请求附带有所述指定终端的IP地址和通信端口的信息;A registration request receiving unit for receiving a registration request of a designated terminal that has been installed in the virtual machine image and started the blockchain node container image, the registration request is accompanied by the IP address and communication port of the designated terminal Information;
    IP地址判断单元,用于判断所述指定终端的IP地址是否为所述申请终端的IP地址或者所述审批终端的IP地址;The IP address judging unit is configured to judge whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal;
    数字证书发送单元,用于若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书,并将所述申请数字证书或者审批数字证书发送给所述指定终端;The digital certificate sending unit is configured to record the IP address and communication port information of the designated terminal if the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, and according to the Generating an application digital certificate or an approval digital certificate representing the identity of the specified terminal from the IP address of the designated terminal, and sending the application digital certificate or the approval digital certificate to the designated terminal;
    信发发送单元,用于向所述指定终端发送预存的所有区块链节点的IP地址和通信端口的信息,以及向所有区块链节点发送所述指定终端的IP地址和通信端口的信息,从而完成所述指定终端在与当前 审批***并行的所述区块链网络中的部署。The message sending unit is used to send the pre-stored information of the IP addresses and communication ports of all blockchain nodes to the designated terminal, and send the information of the IP addresses and communication ports of the designated terminal to all blockchain nodes, This completes the deployment of the designated terminal in the blockchain network parallel to the current approval system.
  9. 根据权利要求8所述的基于区块链的并行***部署装置,其特征在于,所述暂时终端标记单元,包括:The device for deploying parallel systems based on blockchain according to claim 8, wherein the temporary terminal marking unit comprises:
    函数H(t)获取子单元,用于根据公式:The function H(t) gets the sub-unit, which is used according to the formula:
    H(t)=min(G(t),m),其中
    Figure PCTCN2019117215-appb-100003
    E(t)=F(t) f(t),获取函数H(t),其中F(t)为所述第一终端的流量随时间变化的流量函数,f(t)为预设的标准流量函数,E(t)为所述流量函数F(t)与所述标准流量函数f(t)的差值函数,
    Figure PCTCN2019117215-appb-100004
    为所述差值函数对时间的微分函数,min指最小值函数,t为时间,m为预设的大于0的误差参数值;     H(t)=min(G(t),m), where
    Figure PCTCN2019117215-appb-100003
    E(t)=F(t) f(t), obtain the function H(t), where F(t) is the flow function of the flow of the first terminal over time, f(t) is the preset standard Flow function, E(t) is the difference function of the flow function F(t) and the standard flow function f(t),
    Figure PCTCN2019117215-appb-100004
    Is the differential function of the difference function with respect to time, min refers to the minimum value function, t is time, and m is a preset error parameter value greater than 0;
    时间长度获取子单元,用于获取所述H(t)在时间轴上不等于m时的第一时间长度和等于m时的第二时间长度;The time length obtaining subunit is used to obtain the first time length when the H(t) is not equal to m on the time axis and the second time length when it is equal to m;
    正常流量时间占比计算子单元,用于根据公式:正常流量时间占比=所述第一时间长度/(所述第一时间长度+所述第二时间长度),计算出所述正常流量时间占比;The normal flow time ratio calculation subunit is used to calculate the normal flow time according to the formula: normal flow time ratio=the first time length/(the first time length+the second time length) Proportion
    占比阈值判断子单元,用于判断所述正常流量时间占比是否大于预设占比阈值;The proportion threshold judgment subunit is used to judge whether the proportion of the normal flow time is greater than the preset proportion threshold;
    暂时终端标记子单元,用于若所述正常流量时间占比大于预设占比阈值,则将所述第一终端记为暂时终端。The temporary terminal marking subunit is configured to mark the first terminal as a temporary terminal if the time proportion of the normal traffic is greater than a preset proportion threshold.
  10. 根据权利要求8所述的基于区块链的并行***部署装置,其特征在于,所述IP地址采集单元,包括:The device for deploying parallel systems based on blockchain according to claim 8, wherein the IP address collection unit comprises:
    日志获取子单元,用于获取所述当前审批***的日志,并解析所述日志得到参与所述当前审批***的执行申请操作的终端与执行审批操作的终端,分别记为初始申请终端与初始审批终端;The log acquisition subunit is used to acquire the log of the current approval system, and parse the log to obtain the terminal participating in the current approval system performing the application operation and the terminal performing the approval operation, which are recorded as the initial application terminal and the initial approval respectively terminal;
    错误记录次数统计子单元,用于统计所述初始申请终端与所述初始审批终端的错误记录次数,获取所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端,以及获取所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端;The error record count subunit is configured to count the number of error records of the initial application terminal and the initial approval terminal, obtain the initial application terminal whose error record times are less than the preset first error number threshold, and obtain The initial approval terminal whose error recording times are less than a preset second error quantity threshold;
    终端标记子单元,用于将所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端记为申请终端,以及,将所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端记为审批终端;The terminal marking subunit is configured to mark the initial application terminal whose error recording times are less than a preset first error number threshold as an application terminal, and to mark the error recording times less than a preset second error number threshold The initial approval terminal is recorded as an approval terminal;
    IP地址采集子单元,用于采集所述申请终端与所述审批终端的IP地址。The IP address collection subunit is used to collect the IP addresses of the application terminal and the approval terminal.
  11. 根据权利要求8所述的基于区块链的并行***部署装置,其特征在于,所述指定数据发送单元,包括:The device for deploying parallel systems based on blockchain according to claim 8, wherein the designated data sending unit comprises:
    操作***信息获取子单元,用于获取所述申请终端和所述审批终端的操作***信息;Operating system information acquisition sub-unit for acquiring operating system information of the application terminal and the approval terminal;
    正确虚拟机镜像选择子单元,用于从预存的多种虚拟机镜像中选择与所述操作***信息相匹配的正确虚拟机镜像;The correct virtual machine image selection subunit is used to select a correct virtual machine image matching the operating system information from a variety of pre-stored virtual machine images;
    指定数据发送子单元,用于利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述正确虚拟机镜像和所述区块链节点容器镜像。The designated data sending subunit is configured to use the IP address to send designated data to the application terminal and the approval terminal, where the designated data includes at least the correct virtual machine image and the blockchain node container image.
  12. 根据权利要求8所述的基于区块链的并行***部署装置,其特征在于,所述装置,包括:The device for deploying a parallel system based on blockchain according to claim 8, wherein the device comprises:
    新增终端IP地址判断单元,用于若所述指定终端的IP地址不为所述申请终端的IP地址,同时所述指定终端的IP地址也不为所述审批终端的IP地址,则判断所述指定终端的IP地址是否记载于预设的新增终端IP地址列表中;A new terminal IP address judging unit is added for judging if the IP address of the designated terminal is not the IP address of the applying terminal, and the IP address of the designated terminal is also not the IP address of the approval terminal Whether the IP address of the designated terminal is recorded in the preset IP address list of newly added terminals;
    拒绝单元,用于若所述指定终端的IP地址未记载于预设的新增终端IP地址列表中,则拒绝所述注册请求,并降低所述指定终端的访问优先级别。The rejection unit is configured to reject the registration request and lower the access priority level of the designated terminal if the IP address of the designated terminal is not recorded in the preset IP address list of newly added terminals.
  13. 根据权利要求8所述的基于区块链的并行***部署装置,其特征在于,所述数字证书发送单元,包括:The device for deploying parallel systems based on blockchain according to claim 8, wherein the digital certificate sending unit comprises:
    数字证书生成子单元,用于若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书;The digital certificate generation subunit is configured to record the IP address and communication port information of the designated terminal if the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, and according to Generating an application digital certificate or an approval digital certificate representing the identity of the designated terminal from the IP address of the designated terminal;
    生成智能合约子单元,用于解析所述当前审批***,获取所述当前审批***的审批流程,并根据所述审批流程,生成智能合约;Generate a smart contract subunit for analyzing the current approval system, obtaining the approval process of the current approval system, and generating a smart contract according to the approval process;
    发送智能合约子单元,用于将所述智能合约发送给所述指定终端,同时将所述申请数字证书或者审批数字证书发送给所述指定终端。The sending smart contract subunit is configured to send the smart contract to the designated terminal, and at the same time send the applied digital certificate or the approved digital certificate to the designated terminal.
  14. 根据权利要求8所述的基于区块链的并行***部署装置,其特征在于,所述装置,包括:The device for deploying a parallel system based on blockchain according to claim 8, wherein the device comprises:
    修改请求接收单元,用于接收所述指定终端发送的修改IP地址或者通信端口的修改请求;A modification request receiving unit, configured to receive a modification request for modifying an IP address or a communication port sent by the designated terminal;
    修改单元,用于根据所述修改请求,在所述指定终端的注册信息中修改所述终端的IP地址或者通信端口;A modification unit, configured to modify the IP address or communication port of the terminal in the registration information of the designated terminal according to the modification request;
    修改后信息发送单元,用于将修改后的所述终端的IP地址或者通信端口的信息发送给所有区块链节点。The modified information sending unit is used to send the modified information of the terminal's IP address or communication port to all blockchain nodes.
  15. 一种计算机设备,包括存储器和处理器,所述存储器存储有计算机程序,其特征在于,所述处理器执行所述计算机程序时实现基于区块链的并行***部署方法,所述基于区块链的并行***部署方法,包括:A computer device includes a memory and a processor, the memory stores a computer program, and is characterized in that, when the processor executes the computer program, a parallel system deployment method based on a blockchain is implemented. Parallel system deployment methods include:
    接收当前审批***的第一终端发送的第一HASH值,并判断所述第一HASH值与预存的HASH值是否相同;若所述第一HASH值与预存的HASH值相同,则判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端;Receive the first HASH value sent by the first terminal of the current approval system, and judge whether the first HASH value is the same as the pre-stored HASH value; if the first HASH value is the same as the pre-stored HASH value, judge the first HASH value Whether the flow data of a terminal meets the preset flow standard, and if the flow data of the first terminal meets the preset flow standard, record the first terminal as a temporary terminal;
    采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批终端,所述区块链部署中心是预先架构的区块链网络中的一个区块链节点,所述区块链部署中心预存有虚 拟机镜像和区块链节点容器镜像;Collect the IP addresses of multiple temporary terminals of the current approval system, where the multiple temporary terminals include at least an application terminal and an approval terminal, and the blockchain deployment center is a blockchain node in a pre-architected blockchain network , The blockchain deployment center pre-stores a virtual machine image and a blockchain node container image;
    利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述虚拟机镜像和所述区块链节点容器镜像;Using the IP address to send designated data to the application terminal and the approval terminal, the designated data including at least the virtual machine image and the blockchain node container image;
    接收已在所述虚拟机镜像中安装并启动所述区块链节点容器镜像的指定终端的注册请求,所述注册请求附带有所述指定终端的IP地址和通信端口的信息;Receiving a registration request of a designated terminal that has installed and started the blockchain node container image in the virtual machine image, the registration request is accompanied by information about the IP address and communication port of the designated terminal;
    判断所述指定终端的IP地址是否为所述申请终端的IP地址或者所述审批终端的IP地址;Determine whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal;
    若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书,并将所述申请数字证书或者审批数字证书发送给所述指定终端;If the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the IP address and communication port information of the designated terminal, and generate it based on the IP address of the designated terminal Applying for a digital certificate or approving a digital certificate representing the identity of the designated terminal, and sending the applying for digital certificate or approving digital certificate to the designated terminal;
    向所述指定终端发送预存的所有区块链节点的IP地址和通信端口的信息,以及向所有区块链节点发送所述指定终端的IP地址和通信端口的信息,从而完成所述指定终端在与当前审批***并行的所述区块链网络中的部署。Send the pre-stored IP address and communication port information of all blockchain nodes to the designated terminal, and send the IP address and communication port information of the designated terminal to all blockchain nodes, thereby completing the designated terminal’s Deployment in the blockchain network parallel to the current approval system.
  16. 根据权利要求15所述的计算机设备,其特征在于,所述判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端的步骤,包括:The computer device according to claim 15, wherein the determining whether the flow data of the first terminal meets a preset flow standard, and if the flow data of the first terminal meets the preset flow standard, then The step of marking the first terminal as a temporary terminal includes:
    根据公式:According to the formula:
    H(t)=min(G(t),m),其中
    Figure PCTCN2019117215-appb-100005
    E(t)=F(t) f(t),获取函数H(t),其中F(t)为所述第一终端的流量随时间变化的流量函数,f(t)为预设的标准流量函数,E(t)为所述流量函数F(t)与所述标准流量函数f(t)的差值函数,
    Figure PCTCN2019117215-appb-100006
    为所述差值函数对时间的微分函数,min指最小值函数,t为时间,m为预设的大于0的误差参数值;     H(t)=min(G(t),m), where
    Figure PCTCN2019117215-appb-100005
    E(t)=F(t) f(t), obtain the function H(t), where F(t) is the flow function of the flow of the first terminal over time, f(t) is the preset standard Flow function, E(t) is the difference function of the flow function F(t) and the standard flow function f(t),
    Figure PCTCN2019117215-appb-100006
    Is the differential function of the difference function with respect to time, min refers to the minimum value function, t is time, and m is a preset error parameter value greater than 0;
    获取所述H(t)在时间轴上不等于m时的第一时间长度和等于m时的第二时间长度;Acquiring the first time length when the H(t) is not equal to m on the time axis and the second time length when it is equal to m;
    根据公式:正常流量时间占比=所述第一时间长度/(所述第一时间长度+所述第二时间长度),计算出所述正常流量时间占比;According to the formula: normal flow time ratio=the first time length/(the first time length+the second time length), the normal flow time ratio is calculated;
    判断所述正常流量时间占比是否大于预设占比阈值;Judging whether the time proportion of the normal flow is greater than a preset proportion threshold;
    若所述正常流量时间占比大于预设占比阈值,则将所述第一终端记为暂时终端。If the time proportion of the normal traffic is greater than the preset proportion threshold, the first terminal is recorded as a temporary terminal.
  17. 根据权利要求15所述的计算机设备,其特征在于,所述采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批终端的步骤,包括:The computer device according to claim 15, wherein the collecting the IP addresses of multiple temporary terminals of the current approval system, wherein the multiple temporary terminals include at least an application terminal and an approval terminal, including:
    获取所述当前审批***的日志,并解析所述日志得到参与所述当前审批***的执行申请操作的终端与执行审批操作的终端,分别记为初始申请终端与初始审批终端;Obtain the log of the current approval system, and analyze the log to obtain the terminal that participates in the application operation of the current approval system and the terminal that executes the approval operation, which are respectively recorded as the initial application terminal and the initial approval terminal;
    统计所述初始申请终端与所述初始审批终端的错误记录次数,获取所述错误记录次数少于预设第一 错误数量阈值的所述初始申请终端,以及获取所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端;Count the number of error records of the initial application terminal and the initial approval terminal, obtain the initial application terminal whose error record number is less than a preset first error number threshold, and obtain the error record number less than the preset The initial approval terminal of the second error number threshold;
    将所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端记为申请终端,以及,将所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端记为审批终端;The initial application terminal whose error recording times are less than the preset first error number threshold is recorded as an application terminal, and the initial approval terminal whose error recording times are less than the preset second error number threshold is recorded Is the approval terminal;
    采集所述申请终端与所述审批终端的IP地址。Collect the IP addresses of the application terminal and the approval terminal.
  18. 一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现基于区块链的并行***部署方法,所述基于区块链的并行***部署方法,包括:A computer-readable storage medium having a computer program stored thereon, wherein the computer program implements a blockchain-based parallel system deployment method when the computer program is executed by a processor, and the blockchain-based parallel system deployment method ,include:
    接收当前审批***的第一终端发送的第一HASH值,并判断所述第一HASH值与预存的HASH值是否相同;若所述第一HASH值与预存的HASH值相同,则判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端;Receive the first HASH value sent by the first terminal of the current approval system, and judge whether the first HASH value is the same as the pre-stored HASH value; if the first HASH value is the same as the pre-stored HASH value, judge the first HASH value Whether the flow data of a terminal meets the preset flow standard, and if the flow data of the first terminal meets the preset flow standard, record the first terminal as a temporary terminal;
    采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批终端,所述区块链部署中心是预先架构的区块链网络中的一个区块链节点,所述区块链部署中心预存有虚拟机镜像和区块链节点容器镜像;Collect the IP addresses of multiple temporary terminals of the current approval system, where the multiple temporary terminals include at least an application terminal and an approval terminal, and the blockchain deployment center is a blockchain node in a pre-architected blockchain network , The blockchain deployment center pre-stores a virtual machine image and a blockchain node container image;
    利用所述IP地址,向所述申请终端和所述审批终端发送指定数据,所述指定数据至少包括所述虚拟机镜像和所述区块链节点容器镜像;Using the IP address to send designated data to the application terminal and the approval terminal, the designated data including at least the virtual machine image and the blockchain node container image;
    接收已在所述虚拟机镜像中安装并启动所述区块链节点容器镜像的指定终端的注册请求,所述注册请求附带有所述指定终端的IP地址和通信端口的信息;Receiving a registration request of a designated terminal that has installed and started the blockchain node container image in the virtual machine image, the registration request is accompanied by information about the IP address and communication port of the designated terminal;
    判断所述指定终端的IP地址是否为所述申请终端的IP地址或者所述审批终端的IP地址;Determine whether the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal;
    若所述指定终端的IP地址为所述申请终端的IP地址或者所述审批终端的IP地址,则记录所述指定终端的IP地址和通信端口的信息,并根据所述指定终端的IP地址生成代表所述指定终端身份的申请数字证书或者审批数字证书,并将所述申请数字证书或者审批数字证书发送给所述指定终端;If the IP address of the designated terminal is the IP address of the application terminal or the IP address of the approval terminal, record the IP address and communication port information of the designated terminal, and generate it based on the IP address of the designated terminal Applying for a digital certificate or approving a digital certificate representing the identity of the designated terminal, and sending the applying for digital certificate or approving digital certificate to the designated terminal;
    向所述指定终端发送预存的所有区块链节点的IP地址和通信端口的信息,以及向所有区块链节点发送所述指定终端的IP地址和通信端口的信息,从而完成所述指定终端在与当前审批***并行的所述区块链网络中的部署。Send the pre-stored IP address and communication port information of all blockchain nodes to the designated terminal, and send the IP address and communication port information of the designated terminal to all blockchain nodes, thereby completing the designated terminal’s Deployment in the blockchain network parallel to the current approval system.
  19. 根据权利要求18所述的计算机可读存储介质,其特征在于,所述判断所述第一终端的流量数据是否符合预设的流量标准,若所述第一终端的流量数据符合预设的流量标准,则将所述第一终端记为暂时终端的步骤,包括:18. The computer-readable storage medium of claim 18, wherein the determining whether the flow data of the first terminal meets a preset flow standard, and if the flow data of the first terminal meets the preset flow Standard, the step of recording the first terminal as a temporary terminal includes:
    根据公式:According to the formula:
    H(t)=min(G(t),m),其中
    Figure PCTCN2019117215-appb-100007
    E(t)=F(t) f(t),获取函数H(t),其中F(t)为所述第一终端的流量随时间变化的流量函数,f(t)为预设的标准流量函数,E(t)为所述流量函数F(t)与所 述标准流量函数f(t)的差值函数,
    Figure PCTCN2019117215-appb-100008
    为所述差值函数对时间的微分函数,min指最小值函数,t为时间,m为预设的大于0的误差参数值;     H(t)=min(G(t),m), where
    Figure PCTCN2019117215-appb-100007
    E(t)=F(t) f(t), obtain the function H(t), where F(t) is the flow function of the flow of the first terminal over time, f(t) is the preset standard Flow function, E(t) is the difference function of the flow function F(t) and the standard flow function f(t),
    Figure PCTCN2019117215-appb-100008
    Is the differential function of the difference function with respect to time, min refers to the minimum value function, t is time, and m is a preset error parameter value greater than 0;
    获取所述H(t)在时间轴上不等于m时的第一时间长度和等于m时的第二时间长度;Acquiring the first time length when the H(t) is not equal to m on the time axis and the second time length when it is equal to m;
    根据公式:正常流量时间占比=所述第一时间长度/(所述第一时间长度+所述第二时间长度),计算出所述正常流量时间占比;According to the formula: normal flow time ratio=the first time length/(the first time length+the second time length), the normal flow time ratio is calculated;
    判断所述正常流量时间占比是否大于预设占比阈值;Judging whether the time proportion of the normal flow is greater than a preset proportion threshold;
    若所述正常流量时间占比大于预设占比阈值,则将所述第一终端记为暂时终端。If the time proportion of the normal traffic is greater than the preset proportion threshold, the first terminal is recorded as a temporary terminal.
  20. 根据权利要求18所述的计算机可读存储介质,其特征在于,所述采集当前审批***的多个暂时终端的IP地址,其中所述多个暂时终端至少包括申请终端和审批终端的步骤,包括:The computer-readable storage medium according to claim 18, wherein said collecting the IP addresses of multiple temporary terminals of the current approval system, wherein the multiple temporary terminals include at least the steps of an application terminal and an approval terminal, including :
    获取所述当前审批***的日志,并解析所述日志得到参与所述当前审批***的执行申请操作的终端与执行审批操作的终端,分别记为初始申请终端与初始审批终端;Obtain the log of the current approval system, and analyze the log to obtain the terminal that participates in the application operation of the current approval system and the terminal that executes the approval operation, which are respectively recorded as the initial application terminal and the initial approval terminal;
    统计所述初始申请终端与所述初始审批终端的错误记录次数,获取所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端,以及获取所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端;Count the number of error records of the initial application terminal and the initial approval terminal, obtain the initial application terminal whose error record number is less than a preset first error number threshold, and obtain the error record number less than the preset The initial approval terminal of the second error number threshold;
    将所述错误记录次数少于预设第一错误数量阈值的所述初始申请终端记为申请终端,以及,将所述错误记录次数少于预设第二错误数量阈值的所述初始审批终端记为审批终端;The initial application terminal whose error recording times are less than the preset first error number threshold is recorded as an application terminal, and the initial approval terminal whose error recording times are less than the preset second error number threshold is recorded Is the approval terminal;
    采集所述申请终端与所述审批终端的IP地址。Collect the IP addresses of the application terminal and the approval terminal.
PCT/CN2019/117215 2019-07-23 2019-11-11 Blockchain-based parallel system deployment method and apparatus, and computer device WO2021012500A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910665972.5A CN110535654B (en) 2019-07-23 2019-07-23 Block chain based parallel system deployment method and device and computer equipment
CN201910665972.5 2019-07-23

Publications (1)

Publication Number Publication Date
WO2021012500A1 true WO2021012500A1 (en) 2021-01-28

Family

ID=68661848

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/117215 WO2021012500A1 (en) 2019-07-23 2019-11-11 Blockchain-based parallel system deployment method and apparatus, and computer device

Country Status (2)

Country Link
CN (1) CN110535654B (en)
WO (1) WO2021012500A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115065506A (en) * 2022-05-25 2022-09-16 深圳壹盆花文创科技有限公司 Management system for identifying authenticity of artwork and author identity based on block chain
CN116032788A (en) * 2022-12-22 2023-04-28 南凌科技股份有限公司 Method for single-arm deployment of SD-WAN system

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110378691A (en) * 2019-06-18 2019-10-25 重庆金融资产交易所有限责任公司 Block chain dispositions method, device and computer equipment based on deployment center
CN111382414A (en) * 2020-02-14 2020-07-07 深圳壹账通智能科技有限公司 Information processing method and platform based on block chain and electronic equipment
CN111541788B (en) 2020-07-08 2020-10-16 支付宝(杭州)信息技术有限公司 Hash updating method and device of block chain all-in-one machine
CN111541553B (en) 2020-07-08 2021-08-24 支付宝(杭州)信息技术有限公司 Trusted starting method and device of block chain all-in-one machine
CN112712452A (en) * 2020-12-02 2021-04-27 杭州趣链科技有限公司 Approval information processing method and device based on block chain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109194506A (en) * 2018-08-16 2019-01-11 北京京东尚科信息技术有限公司 Block chain network dispositions method, platform and computer storage medium
US20190149321A1 (en) * 2017-11-15 2019-05-16 International Business Machines Corporation Authenticating chaincode to chaincode invocations of a blockchain
CN109800056A (en) * 2019-01-16 2019-05-24 杭州趣链科技有限公司 A kind of block chain dispositions method based on container
CN109858262A (en) * 2019-01-17 2019-06-07 平安科技(深圳)有限公司 Workflow examination and approval method, apparatus, system and storage medium based on block catenary system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10944546B2 (en) * 2017-07-07 2021-03-09 Microsoft Technology Licensing, Llc Blockchain object interface
CN109426952B (en) * 2017-08-22 2021-06-01 汇链丰(北京)科技有限公司 Block chain structure
CN108769173B (en) * 2018-05-21 2021-11-09 阿里体育有限公司 Block chain implementation method and equipment for running intelligent contracts
CN108965468B (en) * 2018-08-16 2021-04-30 北京京东尚科信息技术有限公司 Block chain network service platform, chain code installation method thereof and storage medium
CN109543456B (en) * 2018-11-06 2021-07-09 北京新唐思创教育科技有限公司 Block generation method and computer storage medium
CN109783572A (en) * 2018-12-14 2019-05-21 平安科技(深圳)有限公司 Block chain multichain creation method, device, equipment and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190149321A1 (en) * 2017-11-15 2019-05-16 International Business Machines Corporation Authenticating chaincode to chaincode invocations of a blockchain
CN109194506A (en) * 2018-08-16 2019-01-11 北京京东尚科信息技术有限公司 Block chain network dispositions method, platform and computer storage medium
CN109800056A (en) * 2019-01-16 2019-05-24 杭州趣链科技有限公司 A kind of block chain dispositions method based on container
CN109858262A (en) * 2019-01-17 2019-06-07 平安科技(深圳)有限公司 Workflow examination and approval method, apparatus, system and storage medium based on block catenary system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115065506A (en) * 2022-05-25 2022-09-16 深圳壹盆花文创科技有限公司 Management system for identifying authenticity of artwork and author identity based on block chain
CN115065506B (en) * 2022-05-25 2024-04-30 深圳壹盆花文创科技有限公司 Management system for identifying authenticity of artwork and authorship based on blockchain
CN116032788A (en) * 2022-12-22 2023-04-28 南凌科技股份有限公司 Method for single-arm deployment of SD-WAN system
CN116032788B (en) * 2022-12-22 2023-08-11 南凌科技股份有限公司 Method for single-arm deployment of SD-WAN system

Also Published As

Publication number Publication date
CN110535654B (en) 2021-09-14
CN110535654A (en) 2019-12-03

Similar Documents

Publication Publication Date Title
WO2021012500A1 (en) Blockchain-based parallel system deployment method and apparatus, and computer device
US10445069B2 (en) System and method for generating an application structure for an application in a computerized organization
US9501345B1 (en) Method and system for creating enriched log data
US9088617B2 (en) Method, a system, and a computer program product for managing access change assurance
WO2020125389A1 (en) Image file acquisition method, apparatus, computer device and storage medium
JP2019160312A (en) Blockchain node, method of blockchain node, and computer program for blockchain node
JP2018523248A (en) Custom communication channel for application deployment
CN106911648B (en) Environment isolation method and equipment
WO2019224028A1 (en) Autocommit transaction management in a blockchain network
US11556874B2 (en) Block creation based on transaction cost and size
WO2022166637A1 (en) Blockchain network-based method and apparatus for data processing, and computer device
CN111628886B (en) Method, device and computer equipment for building blockchain network in private cloud environment
WO2021027570A1 (en) Blockchain deployment method, apparatus, computer device, and storage medium
US10114678B2 (en) Techniques for managing service definitions in an intelligent workload management system
US11070563B2 (en) Trace-based transaction validation and commitment
US20230361987A1 (en) Blockchain network control system and methods
CN112788031A (en) Envoy architecture-based micro-service interface authentication system, method and device
CN111158865A (en) Method for realizing multiplexing virtual serial port
CN113835836A (en) System, method, computer device and medium for dynamically publishing container service
CN113194099B (en) Data proxy method and proxy server
US11611435B2 (en) Automatic key exchange
JP2020204898A (en) Method, system, and program for managing operation of distributed ledger system
CN110730242B (en) File transmission method, device and equipment
WO2021201827A1 (en) Method and apparatus maintaining private data with consortium blockchain
US20220182375A1 (en) Method for hierarchical internet trust sharing

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19938167

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19938167

Country of ref document: EP

Kind code of ref document: A1