CN115665177A - Block chain-based private cloud file guarantee method, storage medium and terminal - Google Patents
Block chain-based private cloud file guarantee method, storage medium and terminal Download PDFInfo
- Publication number
- CN115665177A CN115665177A CN202211282396.4A CN202211282396A CN115665177A CN 115665177 A CN115665177 A CN 115665177A CN 202211282396 A CN202211282396 A CN 202211282396A CN 115665177 A CN115665177 A CN 115665177A
- Authority
- CN
- China
- Prior art keywords
- data
- file data
- shared file
- client node
- block chain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a private cloud file data guarantee method based on a block chain, a storage medium and a terminal, wherein a first client node of the block chain uploads first shared file data and a first data traceability model corresponding to the first shared file data to the block chain; a second client node of the block chain performs data operation on the first shared file data stored on the block chain to generate corresponding second shared file data, and uploads the second shared file data and a corresponding second data traceability model to the block chain; wherein the block chain includes: the client node corresponds to a private cloud user; the client node includes: a first client node, a second client node. By means of the scheme, when data are shared in a cross-device and cross-user mode in a private cloud environment, shared file data are prevented from being tampered and forged, and therefore safety and effectiveness of the private cloud file data are guaranteed.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a private cloud file guarantee method based on a block chain, a storage medium and a terminal.
Background
With the rapid development of the internet of things, big data and edge computing, the life style of people is greatly changed, the data value is increasingly accepted by the public, but the problems about feasibility, safety and the like of the data are also exposed. To better address these issues, private cloud environments have gained widespread popularity in businesses and individuals. The user can use the private storage and the computing equipment to integrate a set of service resources for the user to use, and the flexibility, the safety and the independence are really achieved. However, when data is shared across devices and users in a private cloud environment, the shared file data is easily tampered and forged.
Therefore, how to provide a technical scheme for effectively protecting shared file data when cross-device and cross-user data are shared in a private cloud environment becomes a technical problem which needs to be solved urgently.
Disclosure of Invention
The invention mainly aims to provide a private cloud file guarantee method based on a block chain, a computer readable storage medium and a terminal, and aims to solve the problem that shared file data is easy to be distorted and forged when data is shared by cross-equipment and cross-user under a private cloud environment in the prior art.
In order to achieve the above object, an embodiment of the present invention provides a private cloud file data securing method based on a block chain, where the method includes:
a first client node of the block chain uploads first shared file data and a first data source model corresponding to the first shared file data to the block chain;
a second client node of the block chain performs data operation on first shared file data stored on the block chain to generate corresponding second shared file data, and uploads the second shared file data and a corresponding second data traceability model to the block chain;
wherein the blockchain comprises: a client node, the client node corresponding to a private cloud user; the client node includes: the first client node, the second client node.
Optionally, the uploading, by a first client node of the blockchain, the first shared file data and the first data traceability model corresponding to the first shared file data to the blockchain specifically includes:
the first client node acquires the traceability information of the first shared file data and generates a corresponding first digital watermark according to the traceability information of the first shared file data; and
generating a first key corresponding to the first shared file data according to a preset symmetric encryption system;
encrypting the first digital watermark according to the first key, and embedding the encrypted first digital watermark into the first shared file data through steganography technology to obtain embedded first shared file data;
and the first client node uploads the embedded first shared file data and the corresponding first data traceability model to the block chain.
Optionally, after the first client node obtains the tracing information of the first shared file data, the method further includes:
the first client node acquires a file identifier of the first shared file data;
and storing the file identifier of the first shared file data and the first key in a key-value pair form in a preset data watermark set non-relational database.
Optionally, the uploading the second shared file data and the corresponding second data traceability model to the block chain specifically includes:
the second client node acquires the traceability information of the second shared file data and generates a corresponding second digital watermark according to the traceability information of the second shared file data; and
generating a second secret key corresponding to the second shared file data according to a preset symmetric encryption system;
encrypting the second digital watermark according to the second key, and embedding the encrypted second digital watermark into the second shared file data through a steganography technology to obtain embedded second shared file data;
and the second client node uploads the embedded second shared file data and the corresponding second data source tracing model to the block chain.
Optionally, after the second client node obtains the tracing information of the second shared file data, the method further includes:
the second client node acquires the file identifier of the second shared file data;
and storing the file identifier of the second shared file data and the second key in a key-value pair form in a preset data watermark set non-relational database.
Optionally, before the first client node of the blockchain uploads the first shared file data and the first data sourcing model corresponding to the first shared file data to the blockchain, the method further includes:
the CA authentication center of the block chain receives a block chain adding application from a client to be added;
the CA authentication center of the block chain authenticates the client to be added, and the client to be added which passes the authentication is used as a client node of the block chain;
and the CA authentication center of the block chain distributes a corresponding key pair for the client node, and stores a private key in the key pair to the client node.
Optionally, the uploading, by the first client node, the embedded first shared file data and the corresponding first data traceability model to the block chain specifically includes:
the first client node makes a treaty statement on the embedded first shared file data and the corresponding first data tracing model through a uplink file contract;
the first client node uploads the embedded first shared file data and the corresponding first data traceability model subjected to the treaty statement to the blockchain.
Optionally, the uploading, by the second client node, the embedded second shared file data and the corresponding second data traceability model to the block chain specifically includes:
the second client node performs a treaty statement on the second shared file data and the corresponding second data tracing model through a file sharing contract;
and the second client node uploads the second shared file data subjected to the treaty statement and the corresponding second data traceability model to the block chain.
In order to achieve the above object, an embodiment of the present invention further provides a computer-readable storage medium storing one or more programs, where the one or more programs are executable by one or more processors to implement the steps in the block chain-based private cloud file data assurance method according to any one of the above.
In order to achieve the above object, an embodiment of the present invention further provides a terminal, including: a processor and a memory; the memory has stored thereon a computer readable program executable by the processor; the processor, when executing the computer readable program, implements the steps in the block chain-based private cloud file data assurance method as described in any one of the above.
According to the method, the first shared file data needing file sharing and the corresponding first data traceability model are subjected to uplink storage through the first client node, when the second client node in the block chain performs data operation on the uplink first shared file data, corresponding second file shared data and a corresponding second data traceability model are generated, and the second file shared data and the corresponding second data traceability model are uploaded to the block chain for storage, so that source storage, process evidence and result evidence of the file data operation are stored, the situations of data stealing, forging and tampering easily occurring in a private cloud file sharing scene are effectively avoided, and the safety and effectiveness of the file data are guaranteed when data are shared by cross-equipment and cross-users in a private cloud environment.
Drawings
Fig. 1 is a schematic structural diagram of a private cloud environment platform provided in an embodiment of the present invention;
fig. 2 is a flowchart of a private cloud file data securing method based on a block chain according to an embodiment of the present invention;
FIG. 3 is a schematic structural diagram of a blockchain data tracing environment according to an embodiment of the present invention
Fig. 4 is another flowchart of a private cloud file data securing method based on a block chain according to an embodiment of the present invention.
Fig. 5 is a flowchart of step S401 provided by the embodiment of the present invention;
fig. 6 is a flowchart of step S403 provided by the embodiment of the present invention;
fig. 7 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer and clearer, the present invention is further described in detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The private cloud file data guarantee method based on the block chain is realized based on a private cloud platform environment and a block chain data traceability environment. The private cloud platform environment can be a WebDAV-based peer-to-peer file data storage and sharing system architecture, and the blockchain data tracing environment can be a built trusted network and distributed storage based on a federation chain R3 Corda.
In the embodiment of the present invention, as shown in fig. 1, the private cloud platform environment may be divided into three layers: an application platform layer, an edge storage layer and a terminal operation layer.
The application platform layer is a back-end program of user service management and is mainly used for providing service interface calling of a front-end program of a user terminal operation layer so as to realize basic services (such as functions of login registration, private cloud mirror image management, backup fault-tolerant mechanism, file operation management and the like) of a user.
The edge storage layer is a private cloud server built based on a WebDAV data transmission protocol, a user can designate an edge device as the private cloud server, and read-write backup operation is performed on the private file through the client operation layer. A user takes a principal server or terminal equipment as a principal machine, then builds a file server based on a WebDAV protocol, and selects a storage space as a principal mirror image. Meanwhile, in order to perform a backup fault-tolerant mechanism on the stored data, the user can select other spaces as the slave images. Then, a user performs operations such as file addition, modification, deletion, viewing, sharing, downloading and the like on the mirror image based on an HTTP protocol, a data traceability model based on Prov is constructed in each operation and is sent to a block chain data traceability environment for verification and recording, and the data traceability model comprises: an operation entity, an operator and an operation behavior. Each file server of the edge storage layer is a data producer and a data consumer, and based on the p2p data sharing architecture, the data producer authorizes and shares local file data, so that risks of stealing, forging and tampering are easy to occur, and a data traceability model based on the prov needs to be constructed and recorded on a block chain every operation.
The terminal operation layer is a client side which can be operated by a user on the private cloud and comprises a computer, a mobile terminal and other equipment. The user can synchronize the sensitive data or the backup data of the terminal equipment to the primary mirror image file server by installing the plug-in to the operation terminal equipment of the user through the front-end program, and then the user selects the uplink storage of the local file according to the safety requirement of the user. The method specifically comprises the following steps: selecting uplink files by a user; the user shares file data to other users; and the user performs operations of viewing, modifying, deleting, downloading and the like on the file.
The blockchain data tracing environment can be divided into two layers: a trusted network layer and a data storage layer. The trusted network layer of the blockchain performs identity authentication and authorization on the data tracing environment, and only the authenticated client can join the blockchain network to chain up files, trace to the source, query files and other conventional operations, as shown in fig. 2. The data storage layer of the blockchain can use a Prov data traceability model based on UTXO (unconsumed output), the description is carried out from the operation of files, operators and operation activities, the file traceability data is stored on the blockchain distributed ledger, and the effect of tamper resistance traceability is achieved.
In the embodiment of the present invention, as shown in fig. 3, the trusted network layer of the blockchain data tracing environment at least includes: intelligent contract layer, consensus layer, recording layer.
The intelligent contract layer is a code on the chain in the block chain, and once the intelligent contract layer is well defined, the intelligent contract layer cannot be tampered, so that the credible behaviors in multi-party transactions are standardized. The intelligent contract layer in the embodiment of the invention at least comprises three intelligent contracts: a chain file contract, a file sharing contract, and a watermark contract. The uplink file contract is responsible for carrying out a contract declaration on uplink operation on private cloud user dedicated files; the file sharing contract is responsible for carrying out treaty statement on the uplink file operation (searching, deleting, updating, downloading, sharing and the like); the watermark contract is responsible for matching and searching the latest tracing model, positioning the operator and preparing for generating the latest digital watermark.
Because the storage credibility of the block chain tracing data depends on the consensus mechanism, a byzantine fault-tolerant consensus mechanism can be used in the embodiment of the invention, and because each node in the federation chain network needs to be authenticated and authorized, the byzantine attack behavior can be resisted based on a credible voting mechanism, and the consistency of the data is maintained.
In order to record shared file data selected by a private cloud user to link up and avoid data forgery, tampering and other situations, modeling needs to be performed on information storage modes such as the data content of the linked-up file, the operation behavior of the file, and the identity of an operator. In the embodiment of the invention, a PROV-based data tracing model can be selectively established to describe the characteristics of uplink file operation by private cloud file users. Meanwhile, malicious behaviors of other users or malicious arbitration of the central platform are prevented, an intelligent contract is managed by tracing the source of a file defined based on a trusted environment such as a block chain, and the tracing file (namely a data tracing model) is stored on the block chain through the intelligent contract, so that the tracing data obtained by the user is ensured to be real and reliable.
In the embodiment of the present invention, a data tracing model may be defined by three dimensions of file data, operations, and operators, and the data tracing model may at least include: a document data model, an operator behavior model, an operator type dictionary model, and the like.
Wherein the file data model at least comprises: file identification (such as file ID), file content, file format, file uplink time, file uplink user ID, file uplink result, file watermark hash, and file privacy type. The operator model includes at least: operator ID, operator digital certificate, operator other information description. The operational behavior model includes at least: file identification, operator ID, operation type number, operation time, operation result and watermark privacy result. The operation type dictionary model includes at least: the operation type comprises an operation type ID, an operation type number and an operation type name, wherein the operation type comprises the types of file uplink, deletion, updating, viewing, downloading, authorized operation and the like.
In an embodiment of the present invention, the block chain may include: client nodes, public square nodes, endorsement nodes, CA authentication centers, and the like.
The client node is a data transaction side node and is used for uplink transmission of the file data or deletion, modification, viewing, authorization and other operations of the uplink file data. In the embodiment of the invention, each private cloud user needing to perform the transaction to the blockchain environment adds the blockchain client to the blockchain permission network in a plug-in mode to become a party of the transaction. In each subsequent transaction, the private cloud user completes the transaction in the block chain network by calling the operation client through the RPC remote procedure.
The public square nodes are cluster nodes which guarantee data consistency in the block chain through a consensus mechanism. In the embodiment of the invention, a public square node cluster is used for executing the PBFT consensus algorithm, so that the consistency of transaction states is ensured, and the condition of data inconsistency during the recording of a file tracing model is avoided.
The endorsement node is used as a verification node and an accounting node in the block chain network and is used for verifying, signing and accounting the transaction behavior of the transaction node (namely the client node). In the embodiment of the present invention, the endorsement node may be a client node, and a multi-party client node involved in a transaction is used as an endorsement node, for example, the file uplink operator client node a uploads a source tracing model of a file into a block chain, so that the file shared by the client node a is provided to the client nodes B, C and D, and then any one of the client nodes B, C and D needs the client node A, B, C and D as an endorsement node to perform transaction verification and signature if any one of the client nodes needs to operate on the file, then a consensus algorithm and signature are executed through a public square node, and finally the results are stored in the block chain after all the results pass.
The CA authentication center is responsible for authenticating and authorizing the client side applying for joining, and the node passing the authentication distributes a corresponding key pair, wherein the key pair comprises: the method comprises the steps that a digital certificate (public key) and a private key are adopted, all subsequent shared file operation transactions are subjected to identity verification through the digital certificate, and the private key is stored in the private cloud user local.
It should be noted that, in the embodiment of the present invention, any operation performed by a private cloud user on uplink of file data and on the uplink file data is regarded as a transaction on a blockchain, and if the verification passes, each transaction is recorded in a blockchain distributed ledger, so as to ensure safety and reliability.
In the embodiment of the invention, in order to ensure the security of file data sharing, a private cloud user can designate uplink protection file data (namely file data to be shared) through a block chain data tracing environment, so that the shared file data is prevented from being tampered and stolen.
Further details are set forth below in conjunction with the drawings.
An embodiment of the present invention provides a private cloud file data securing method based on a block chain, and as shown in fig. 4, the private cloud file data securing method based on the block chain at least includes the following steps:
s401, a first client node of the block chain uploads first shared file data and a first data traceability model corresponding to the first shared file data to the block chain.
In an embodiment of the present invention, the blockchain includes: the client node corresponds to a private cloud user; the client node includes: a first client node, a second client node. Specifically, the device corresponding to the private cloud user in the private cloud may be used as a client node of the block chain to construct the block chain.
The first client node is a client node that uploads file data to be shared, that is, first shared file data, to the block chain. The second client node refers to a client node performing data operation on the first shared file data in the block chain. It is to be understood that the client node in the blockchain may be either the first client node or the second client node, that is, the first shared file data is uploaded and the data operation is performed on the first shared file data.
In view of the above, the first data tracing model is record information for indicating uplink operation performed on the first shared file data. Before the first client node performs the uplink operation on the first shared file data, a corresponding first data tracing model must be constructed to record the uplink operation of the first shared file data and perform uplink storage. That is to say, when a private cloud file owner wants to perform behavioral endorsement on important file data, the private cloud operating platform needs to select shared file data to be linked, a file linking interface is called after reading is error-free, and a data tracing model corresponding to the shared file data to be linked needs to be built before triggering a file data tracing function of a block chain.
As shown in fig. 5, step S401 may be implemented at least by the following steps:
s501, the first client node obtains the traceability information of the first shared file data, and generates a corresponding first digital watermark according to the traceability information of the first shared file data.
In the embodiment of the present invention, the tracing information of the first shared file data may be determined according to a first data tracing model corresponding to the first shared file data. The tracing information at least includes an operator performing uplink operation on the first shared file data, an operator identifier, an operation behavior, an operation time, and the like, similar to the first data tracing model.
Specifically, the operator identifier and the operation behavior in the tracing information in the first shared file data may be used as the corresponding watermark information, so as to generate the corresponding first digital watermark. For example, the first digital watermark is: the operator identifies the operation behavior, such as 0001 uplink sharing.
S502, the first client node generates a first key corresponding to the first shared file data according to a preset symmetric encryption system.
In this embodiment of the present invention, the first key corresponding to the first shared file data may be randomly generated according to a preset symmetric encryption system.
S503, the first client node encrypts the first digital watermark according to the first key, and embeds the encrypted first digital watermark into the first shared file data through a steganography technology to obtain the embedded first shared file data.
S504, the first client node uploads the embedded first shared file data and the corresponding first data source tracing model to the block chain.
Specifically, the first client node makes a treaty statement on the embedded first shared file data and the corresponding first data traceability model through an uplink file contract; the first client node uploads the embedded first shared file data and the corresponding first data traceability model which are subject to the treaty statement to the blockchain.
S505, the first client node obtains the file identification of the first shared file data.
Step S505 may be executed after step S501.
S506, the first client node stores the file identifier of the first shared file data and the first key in a preset data watermark set relational database in a key-value pair mode.
In the embodiment of the invention, the first digital watermark is generated through the traceability information of the first shared file data, and the first digital watermark is encrypted through the first key, so that the encrypted first digital watermark is embedded into the first shared file data, the first shared file data embedded with the encrypted first digital watermark is uploaded to the block chain for storage, when the shared file data on the block chain is stolen, the digital watermark on the stolen shared file data can be decrypted through the corresponding key, so that the traceability information of the shared file data is obtained, namely, the source of the stolen file can be positioned, and the security of the shared file data in the private cloud environment is further ensured. Moreover, the steganography technology has certain robustness, and a complete digital watermark can be extracted from the damaged file.
S402, the second client node of the block chain performs data operation on the first shared file data stored in the block chain to generate corresponding second shared file data.
And S403, uploading the second shared file data and the corresponding second data traceability model to the block chain by the second client node of the block chain.
Similarly, the second data tracing model is record information used for representing data operation on the first shared file data.
As shown in fig. 6, step S403 can be implemented by at least the following steps:
s601, the second client node obtains the traceability information of the second shared file data, and generates a corresponding second digital watermark according to the traceability information of the second shared file data.
Similarly, in the embodiment of the present invention, the tracing information of the second shared file data may be determined according to the second data tracing model corresponding to the second shared file data. The tracing information is the same as the second data tracing model, and may at least include information such as an operator performing data operation on the second shared file data, and an operation behavior.
S602, the second client node generates a second key corresponding to the second shared file data according to a preset symmetric encryption system.
S603, the second client node encrypts the second digital watermark according to the second key, and embeds the encrypted second digital watermark into the second shared file data through the steganography technology to obtain the embedded second shared file data.
S604, the second client node uploads the embedded second shared file data and the corresponding second data source tracing model to the block chain.
Specifically, a second client node of the blockchain performs a treaty statement on the embedded second shared file data and a corresponding second data source tracing model through a file sharing contract; and the second client node uploads the second shared file data subjected to the treaty statement and the corresponding second data traceability model to the blockchain.
S605, the second client node acquires the file identification of the second shared file data.
It should be noted that step S505 only needs to be executed after step S601.
And S606, the second client node stores the file identifier of the second shared file data and the second key in a key-value pair form in a preset data watermark set non-relational database.
In the embodiment of the invention, a second digital watermark is generated through the traceability information of second shared file data, the second digital watermark is encrypted through a first key, so that the encrypted second digital watermark is embedded into the second shared file data, the second shared file data embedded with the encrypted second digital watermark is uploaded to a block chain for storage, when the shared file data on the block chain is stolen, the digital watermark on the stolen shared file data can be decrypted through a corresponding key, so that the traceability information of the shared file data is obtained, namely, the source of the stolen file can be positioned, and the security of the shared file data in a private cloud environment is further ensured. Similarly, the steganography technology has certain robustness, and a complete digital watermark can be extracted from the damaged file.
In some embodiments of the present invention, before step S401, a method provided in embodiments of the present invention further includes:
a CA (certificate authority) authentication center of the block chain receives a block chain adding application from a client to be added; the CA authentication center authenticates the client to be added, and the client to be added which passes the authentication is used as a client node of the block chain; and the CA authentication center distributes a corresponding key pair for the client node, and stores a private key in the key pair to the client node.
In the embodiment of the present invention, based on a CA mechanism based on a federation chain R3 Corda, a client that needs to perform an uplink operation first passes authentication and authorization, so as to allocate a corresponding key pair to the authenticated client, and enable the authenticated client to obtain a digital certificate and a key. Each transaction by the client node then requires authentication.
According to the private cloud file data guaranteeing method based on the block chain, the first client node is used for uplink storage of first shared file data needing file sharing and a corresponding first data traceability model, when the client node operates the uplink first shared file data, corresponding second file sharing data and a corresponding second data traceability model are generated, and the second file sharing data and the corresponding second data traceability model are uploaded to the block chain for storage, so that source storage, process evidence storage and result evidence storage of file data operation are achieved, and the situations that data stealing, counterfeiting and tampering easily occur in a private cloud file sharing scene are effectively avoided.
Based on the private cloud file data guaranteeing method based on the block chain provided by the embodiment of the present invention, an embodiment of the present invention further provides a computer-readable storage medium, where one or more programs are stored, and the one or more programs may be executed by one or more processors to implement the steps in the private cloud file data guaranteeing method based on the block chain as described in any one of the above.
Based on the private cloud file data securing method based on the block chain provided by the embodiment of the present invention, as shown in fig. 7, the embodiment of the present invention further provides a terminal, which includes at least one processor (processor) 30; a display screen 31; and a memory (memory) 32, which may also include a Communications Interface (Communications Interface) 33 and a bus 34. The processor 30, the display 31, the memory 32 and the communication interface 33 can communicate with each other through the bus 34. The display screen 31 is configured to display a user guidance interface preset in the initial setting mode. The communication interface 33 may transmit information. The processor 30 may call logic instructions in the memory 32 to perform the block chain based private cloud file data assurance method in the above embodiment.
Furthermore, the logic instructions in the memory 32 may be implemented in software functional units and stored in a computer readable storage medium when sold or used as a stand-alone product.
The memory 32, which is a computer-readable storage medium, may be configured to store a software program, a computer-executable program, such as program instructions or modules corresponding to the methods in the embodiments of the present disclosure. The processor 30 executes the functional application and data processing by executing the software program, instructions or modules stored in the memory 32, i.e. implements the method in the above-described embodiments.
The memory 32 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Further, the memory 32 may include high speed random access memory and may also include non-volatile memory. For example, a variety of media that can store program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk, may also be transient storage media.
In addition, the specific processes loaded and executed by the instruction processors in the storage medium and the terminal are described in detail in the method, and are not stated herein.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of another identical element in a process, method, article, or apparatus that comprises the element.
Of course, it will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by instructing relevant hardware (such as a processor, a controller, etc.) through a computer program, and the program can be stored in a computer readable storage medium, and when executed, the program can include the processes of the embodiments of the methods described above. The computer readable storage medium may be a memory, a magnetic disk, an optical disk, etc.
It will be understood that the invention is not limited to the examples described above, but that modifications and variations will occur to those skilled in the art in light of the above teachings, and that all such modifications and variations are considered to be within the scope of the invention as defined by the appended claims.
Claims (10)
1. A private cloud file data guarantee method based on a block chain is characterized by comprising the following steps:
a first client node of the block chain uploads first shared file data and a first data traceability model corresponding to the first shared file data to the block chain;
a second client node of the block chain performs data operation on first shared file data stored on the block chain to generate corresponding second shared file data, and uploads the second shared file data and a corresponding second data traceability model to the block chain;
wherein the blockchain comprises: a client node, the client node corresponding to a private cloud user; the client node includes: the first client node, the second client node.
2. The method of claim 1, wherein uploading, by a first client node of the blockchain, a first shared file data and a first data sourcing model corresponding to the first shared file data to the blockchain, specifically comprises:
the first client node acquires the traceability information of the first shared file data and generates a corresponding first digital watermark according to the traceability information of the first shared file data; and
generating a first key corresponding to the first shared file data according to a preset symmetric encryption system;
encrypting the first digital watermark according to the first key, and embedding the encrypted first digital watermark into the first shared file data through steganography technology to obtain embedded first shared file data;
and the first client node uploads the embedded first shared file data and the corresponding first data traceability model to the block chain.
3. The method according to claim 2, wherein after the first client node obtains the traceability information of the first shared file data, the method further comprises:
the first client node acquires a file identifier of the first shared file data;
and the first client node stores the file identifier of the first shared file data and the first key in a key-value pair form in a preset data watermark set non-relational database.
4. The method of claim 1, wherein uploading the second shared file data and the corresponding second data traceability model to the blockchain comprises:
the second client node acquires the source tracing information of the second shared file data and generates a corresponding second digital watermark according to the source tracing information of the second shared file data; and
generating a second secret key corresponding to the second shared file data according to a preset symmetric encryption system;
encrypting the second digital watermark according to the second key, and embedding the encrypted second digital watermark into the second shared file data through a steganography technology to obtain embedded second shared file data;
and the second client node uploads the embedded second shared file data and the second data traceability model acquired by the corresponding client node to the block chain.
5. The method according to claim 4, wherein after the second client node obtains the tracing information of the second shared file data, the method further comprises:
the second client node acquires the file identifier of the second shared file data;
and the second client node stores the file identifier and the second key of the second shared file data in a key-value pair form in a preset data watermark set non-relational database.
6. The method of claim 1, wherein before the first client node of the blockchain uploads the first shared file data and the first data sourcing model corresponding to the first shared file data to the blockchain, the method further comprises:
the CA authentication center of the block chain receives a block chain adding application from a client to be added;
the CA authentication center of the block chain authenticates the client to be added, and the client to be added which passes the authentication is used as a client node of the block chain;
and the CA authentication center of the block chain distributes a corresponding key pair for the client node, and stores a private key in the key pair to the client node.
7. The method of claim 2, wherein the uploading, by the first client node, the embedded first shared file data and the corresponding first data tracing model to the blockchain comprises:
the first client node makes a treaty statement on the embedded first shared file data and the corresponding first data tracing model through a uplink file contract;
the first client node uploads the embedded first shared file data and the corresponding first data traceability model subjected to the treaty statement to the blockchain.
8. The method of claim 4, wherein the uploading, by the second client node, the embedded second shared file data and the corresponding second data provenance model to the blockchain comprises:
the second client node performs a treaty statement on the second shared file data and the corresponding second data tracing model through a file sharing contract;
and the second client node uploads the second shared file data subjected to the treaty statement and the corresponding second data traceability model to the block chain.
9. A computer-readable storage medium storing one or more programs, the one or more programs being executable by one or more processors to implement the steps of the block chain-based private cloud file data assurance method according to any one of claims 1 to 8.
10. A terminal, comprising: a processor and a memory; the memory has stored thereon a computer readable program executable by the processor; the processor, when executing the computer readable program, implements the steps in the block chain-based private cloud file data assurance method according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211282396.4A CN115665177A (en) | 2022-10-19 | 2022-10-19 | Block chain-based private cloud file guarantee method, storage medium and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211282396.4A CN115665177A (en) | 2022-10-19 | 2022-10-19 | Block chain-based private cloud file guarantee method, storage medium and terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115665177A true CN115665177A (en) | 2023-01-31 |
Family
ID=84990319
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211282396.4A Pending CN115665177A (en) | 2022-10-19 | 2022-10-19 | Block chain-based private cloud file guarantee method, storage medium and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115665177A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117971795A (en) * | 2024-02-05 | 2024-05-03 | 陕西巨微图书文化传播有限公司 | Multi-level associated file retrieving and storing method |
-
2022
- 2022-10-19 CN CN202211282396.4A patent/CN115665177A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117971795A (en) * | 2024-02-05 | 2024-05-03 | 陕西巨微图书文化传播有限公司 | Multi-level associated file retrieving and storing method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3610606B1 (en) | Managing sensitive data elements in a blockchain network | |
| US10692054B2 (en) | Document tracking on distributed ledger | |
| TWI725793B (en) | System and method for mapping decentralized identifiers to real-world entities | |
| CN111164594B (en) | System and method for mapping a de-centralized identity to a real entity | |
| EP3669522B1 (en) | Managing cybersecurity vulnerabilities using blockchain networks | |
| US11868509B2 (en) | Method and arrangement for detecting digital content tampering | |
| AU2019204712A1 (en) | Managing sensitive data elements in a blockchain network | |
| CN109274652B (en) | Identity information verification system, method and device and computer storage medium | |
| EP3673640B1 (en) | Processing data elements stored in blockchain networks | |
| EP3543891B1 (en) | A computer implemented method and a system for tracking of certified documents lifecycle and computer programs thereof | |
| CN111881206A (en) | Multi-layer image coding for data blocks | |
| JP2012518330A (en) | Reliable cloud computing and cloud service framework | |
| JP2012530391A (en) | Secure private backup storage and processing for trusted computing and data services | |
| US20210166247A1 (en) | Asset ownership transfer and verification management | |
| US11327946B2 (en) | Hybrid centralized and decentralized enterprise system | |
| CN116438776A (en) | Key reclamation through pseudo-random function in blockchain networks | |
| CN115665177A (en) | Block chain-based private cloud file guarantee method, storage medium and terminal | |
| CN116264860A (en) | Threshold encryption of broadcast content | |
| US20240242284A1 (en) | Steganographic asset validation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |