CN109190410A - A kind of log behavior auditing method based on block chain under cloud storage environment - Google Patents
A kind of log behavior auditing method based on block chain under cloud storage environment Download PDFInfo
- Publication number
- CN109190410A CN109190410A CN201811126706.7A CN201811126706A CN109190410A CN 109190410 A CN109190410 A CN 109190410A CN 201811126706 A CN201811126706 A CN 201811126706A CN 109190410 A CN109190410 A CN 109190410A
- Authority
- CN
- China
- Prior art keywords
- user
- data file
- data
- cloud storage
- intelligent contract
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6272—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
本发明公开了一种云存储环境下的基于区块链的日志行为审计方法,该方法流程中所需的各个接口由智能合约编写,保证双方均不可对其行为否认,从而使得区块链网络中的日志记录是完全可信的。当有审计需求时调用智能合约的审计接口,由智能合约对日志记录进行审查后将结果返回给提出请求的用户。本发明通过将云日志存储从云存储提供方转移到区块链,利用区块链的去中心化,去信任化和高可靠性等特点,保证了日志数据的安全性和完整性;利用智能合约使区块链网络提供了日志的读写接口和审计结构,并针对用户和云服务提供方之间的交互设计了数据访问流程,可以保证用户和云存储双方会将日志完整地记录在区块链网络上,且不可对日志记录进行否认和篡改。
The invention discloses a blockchain-based log behavior audit method in a cloud storage environment. All interfaces required in the process of the method are written by smart contracts to ensure that neither party can deny their behaviors, thereby enabling the blockchain network The logging in is completely trusted. When there is an audit requirement, the audit interface of the smart contract is called, and the smart contract reviews the log records and returns the result to the user who made the request. The present invention ensures the security and integrity of log data by transferring cloud log storage from the cloud storage provider to the block chain, and utilizes the features of block chain decentralization, de-trust and high reliability; The contract enables the blockchain network to provide the log reading and writing interface and audit structure, and designs the data access process for the interaction between the user and the cloud service provider, which can ensure that both the user and the cloud storage will completely record the log in the zone. On the blockchain network, the log records cannot be denied or tampered with.
Description
Technical field
The invention belongs to cloud storage security technology area, more particularly, under a kind of cloud storage environment based on block
The log behavior auditing method of chain.
Background technique
User can be allowed to seek help from independence when needing and examining outer bag data using the public auditing service that cloud data store
Auditing by third party person (TPA).TPA possesses professional knowledge not available for user and ability, can represent user's periodical audit
It is stored in the integrality of all data in cloud storage service device, so that the mode of more simple economy is provided for user, to ensure
Its data can be correctly stored in cloud.In addition, other than the risk for the cloud storage service that user can be helped to assess its order,
The auditing result of TPA additionally aids cloud storage provider and improves its service platform based on cloud, it might even be possible to be realized using TPA only
Vertical arbitration purpose.To sum up, public auditing service will play a significant role in this emerging cloud storage field, and having can
The important way for establishing trusting relationship between user and cloud storage provider can be become.
No matter data owner or ordinary user all rely on a trusted third party and authenticate and authorize, but in recent years
Come some leaking datas for repeatedly occurring and the safety problems such as distort and be enough to show: trusted third party be not always it is credible,
They may can betray the security information such as data or the access control of user for interests.On the other hand, user is also possible to dislike
Meaning declares loss of data to ask for great number reparation to service provider.Trust missing between cloud storage platform and user has influenced
To the development of cloud storage technology, need current to solve the problems, such as with some new methods and new technological means.
It is at present in terms of data integrity, to cloud data manipulation behavior auditing mostly to the research of cloud Data Audit
Research it is less, the audit of operation behavior based on log recording is non-for confirmation attribution of liability, retrospect user data and limitation
Method operation etc. all has very great help, and can effectively alleviate the trust problem between user and cloud storage provider.
Summary of the invention
In view of the drawbacks of the prior art, it is an object of the invention to solve prior art cloud Data Audit dependent on third
Side lacks the technical issues of audit to cloud data manipulation behavior.
To achieve the above object, in a first aspect, the embodiment of the invention provides under a kind of cloud storage environment based on block
The log behavior auditing method of chain, method includes the following steps:
S1. data owner and cloud service provider confer an intelligent contract jointly, and the intelligent contract is deployed to
In block chain network, if deployment success, it is transferred to step S2, otherwise, is terminated;
S2. for data owner, after uploading data file to cloud storage service device end, call intelligent contract to block
Chain network adds log recording;
S3. for ordinary user, intelligent contract input is called to want the behaviour carried out to data file on cloud storage service device
Make solicited message, intelligent contract returns to the metadata information of data file described in ordinary user, is transferred to step S4;
S4. ordinary user initiates operation requests simultaneously to cloud storage service device according to operation requests information and metadata information
Log recording is sent, judges that the operation requests are that read operation request or write operation requests are then transferred to if write operation requests
Step S5;If read operation request, then step S6 is transferred to;
S5. cloud storage provider calls intelligent contract to authenticate the log recording, writes described in intelligent contract agreement receiving
After the feedback of operation requests, corresponding write operation is executed according to the write operation requests, and call intelligent contract to block chain
Log recording is added in network;
S6. cloud storage provider calls intelligent contract to authenticate the log recording, agrees to the reading receiving intelligent contract
After the feedback of operation requests, corresponding read operation is executed according to the read operation request, the data file of request is returned to
Ordinary user, and intelligent contract is called to add log recording into block chain network, it is transferred to step S7;
S7. the data file obtained when the data file of cloud storage service device return and before by intelligent contract is inconsistent
When, ordinary user calls intelligent contract to initiate audit request to the data file.
More specifically, the intelligence contract includes multiple interfaces, it is specific as follows:
Upload: data owner will upload to the metadata of the data file of cloud service provider by the interface
Information is recorded to block chain network, and generates the initial access record of the data file, the log note after being signed by private key for user
Record is broadcasted in block chain network, and is packed up in block and is reached common understanding in block chain network;
Getfile: user obtains data file in the address L of cloud storage service device by this interface, and user is in Xiang Yuncun
When storing up the server end long-range read/write requests of sending, need to obtain address and an interim token by the interface;
VerifyRequest: the interface is supplied to cloud storage provider and uses and can only be called by cloud storage provider, when
It when cloud storage provider receives the operation requests of user, calls whether interface polls user has access authority first, simultaneously should
Interface can obtain the accessing request information of user, and be stored in block chain network as log recording;
Grant: ordinary user is arranged to the number oneself deposited on cloud storage service device by the interface in data owner
According to access authority, the interface for give ordinary user authorization, that is, assign the user to the access limit of data file;
Revoke: data owner deposits in cloud storage service to oneself by assigning ordinary user before interface revocation
The access limit of data file on device;
Audit: audit user by the interface track data file life cycle, that is, know the data file when by
Creation and destroy, when by ordinary user access and be performed which operation;
Logging: the interface is used to broadcast ordinary user in block chain network and accesses data file generation access log
Record, and the log recording is stored to the addition of block chain, it is completed jointly by above-mentioned interface.
More specifically, the address L is url.
More specifically, step S2 is specific as follows:
S201. data owner is that each data file to be uploaded creates a number fid, and by the data file
It is uploaded to cloud storage provider;
S202. data owner calls the Upload interface of intelligent contract to record the metadata information of data file to area
Block chain network;
S203. data owner sends the log recording (uid, fid, type, H (X0), OPM, ts, sign) after signature
Give cloud storage provider;
S204. cloud storage provider audit log records the correctness of each field, if all correct, calls intelligent conjunction
Log recording is added in block chain network by Logging interface about, otherwise, terminates process;
Wherein, uid is user's unique identification number of remote access data, and fid is the unique of accessed data file
Mark, type are action type of the user to data file, and H (X0) is by preoperative data cryptographic Hash;Ts is current time
Stamp;Sign is the signature that the user of current accessed data generates access record using its private key;OPM is that open data are traced to the source
Model.
More specifically, the operation requests information is (type, fid), wherein type is operation of the user to data file
Type, type have tri- kinds of Create, Read, Write, respectively indicate and upload data, read data and write data;Fid is accessed
Data file unique identification;The metadata information of the data file includes ground of the data file on cloud storage service device
Location L, data file are by preoperative cryptographic Hash and token token.
More specifically, the read operation request be (read, L, H (X0), token), the write operation requests be (write,
L,H(Xn),token);Log recording described in step S4 by access record (uid, fid, type, H (X0), H (Xn), OPM,
Ts, sign) private key signature generation;
Wherein, uid is user's unique identification number of remote access data, and fid is the unique of accessed data file
Mark, type are action type of the user to data file, and H (X0) is by preoperative data cryptographic Hash;H (Xn) is to be operated
Data cryptographic Hash afterwards;Ts is current time stamp;Sign is that the user of current accessed data gives birth to access record using its private key
At signature;OPM is that open data are traced to the source model.
More specifically, step S5 is specific as follows:
S501. after cloud storage provider receives the request of ordinary user, audit log records the correctness of each field,
If all correct, it is transferred to step S502, otherwise, terminates process;
S502. the VerifyRequest interface of intelligent contract is called to verify the identity of ordinary user, in intelligent conjunction
The about access control policy of internal queries corresponding data file agrees to the request if user identity is eligible, and is transferred to step
Rapid S503 refuses the request of user if not meeting, and terminates process;
S503. cloud storage provider is after receiving intelligent contract and agreeing to the feedback of the write operation requests, according to user's
Request executes corresponding write operation;
S504. the log recording is added in block chain network by intelligent contract.
More specifically, step S6 is specific as follows:
S601. after cloud storage provider receives the request of user, audit log records the correctness of each field, if
It is all correct, then it is transferred to step S602, otherwise, terminates process;
S602. the VerifyRequest interface of intelligent contract is called to verify the identity of the user, in intelligent contract
The access control policy of internal queries corresponding data file agrees to the request, and be transferred to step if user identity is eligible
Otherwise S603 refuses the request of user, and terminate process;
S603. cloud storage provider is after receiving intelligent contract and agreeing to the feedback of the read operation request, according to user's
Request executes corresponding read operation, and the data file of request is returned to ordinary user;
S604. the log recording is added in block chain network by intelligent contract, is transferred to step S7.
More specifically, step S7 is specific as follows:
Ordinary user first calculates its hash value after the data file for receiving the transmission of cloud storage service device, then with before
The newest hash value H (X0) of the data file obtained by intelligent contract is compared, and if they are the same, then proves the data file read
It is correctly, otherwise, to illustrate that data file is tampered or is not newest version, user can call the Audit of intelligent contract
Interface initiates audit request to the data file.
Second aspect, the embodiment of the invention provides a kind of computer readable storage medium, the computer-readable storage mediums
Computer program is stored in matter, which realizes log behavior described in above-mentioned first aspect when being executed by processor
Auditing method.
In general, through the invention it is contemplated above technical scheme is compared with the prior art, have below beneficial to effect
Fruit:
1. the present invention is transferred to block chain by storing cloud log from cloud storage provider, center is gone to using block chain
The features such as changing, going trustization and high reliability, ensure that the safety and integrality of daily record data.
2. the present invention makes block chain network provide the read-write interface and audit structure of log using intelligent contract, and is directed to
Interaction design between user and cloud service provider data access process, it is ensured that user and cloud storage both sides can be by days
Will is fully recorded in block chain network, and can not log recording be denied and be distorted.
Detailed description of the invention
Fig. 1 is the log behavior audit model signal based on block chain under a kind of cloud storage environment provided by the invention
Figure;
Fig. 2 is the log behavior auditing method process based on block chain under a kind of cloud storage environment provided by the invention
Figure;
Fig. 3 is the flow chart of step S2 provided by the invention;
Fig. 4 is the flow chart provided by the invention that the data for being stored in cloud storage service device are carried out with long-range write operation;
Fig. 5 is the flow chart provided by the invention that the data for being stored in cloud storage service device are carried out with long-range read operation.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
Fig. 1 is the log behavior audit model signal based on block chain under a kind of cloud storage environment provided by the invention
Figure.As shown in Figure 1, the log behavior audit model includes consisting of part:
Cloud storage user: being made of data owner and ordinary user's these two types, can be individual or tissue.Data are gathered around The person of havingData can be uploaded to cloud storage provider, while broadcast this upload operation in block chain network and being remembered by block chain
Record the lower operation log;Ordinary userThen mainly cloud data are written and read, while being broadcasted in block chain network
And record its operation note.
Cloud storage provider: according to the demand of user, the resource virtualized is with memory resource pool by cloud storage provider
Mode be supplied to user and freely use.User can upload data to cloud data server and carry out remote read-write behaviour to data
Make, while cloud storage provider is added block chain network and verifies together with user to log recording.
Block chain network: user and cloud storage provider are as the entire block chain network of node composition, each node equality
Ground receives the information of the operation note of user node broadcast, enters block for information package is recorded by digging mine algorithm.Entire block chain
Network stores operation behavior log as a distributed data base.
Auditing by third party person: possessing professional knowledge not available for user and ability, can represent user's periodical audit and deposit
The integrality for storing up all data in cloud storage service device, so that the mode of more simple economy is provided for user, to ensure it
Data can be correctly stored in cloud.
Log recording cannot be denied to make cloud storage user and cloud storage provider both sides, at record one
The confirmation for needing to obtain both sides when log, the present invention provides the log behaviors based on block chain under a kind of cloud storage environment to examine
Meter method, each interface needed for this method process are write by intelligent contract, guarantee that both sides can not deny its behavior, from
And the log recording in block chain network is made to be completely believable.
Fig. 2 is the log behavior auditing method process based on block chain under a kind of cloud storage environment provided by the invention
Figure.As shown in Fig. 2, method includes the following steps:
S1. data owner and cloud service provider confer an intelligent contract jointly, and the intelligent contract is deployed to
In block chain network, if deployment success, it is transferred to step S2, otherwise, is terminated;
S2. for data owner, after uploading data file to cloud storage service device end, call intelligent contract to block
Chain network adds log recording;
S3. for ordinary user, intelligent contract input is called to want the behaviour carried out to data file on cloud storage service device
Make solicited message, intelligent contract returns to the metadata information of data file described in ordinary user, is transferred to step S4;
S4. ordinary user initiates operation requests simultaneously to cloud storage service device according to operation requests information and metadata information
Log recording is sent, judges that the operation requests are that read operation request or write operation requests are then transferred to if write operation requests
Step S5;If read operation request, then step S6 is transferred to;
S5. cloud storage provider calls intelligent contract to authenticate the log recording, writes described in intelligent contract agreement receiving
After the feedback of operation requests, corresponding write operation is executed according to the write operation requests, and call intelligent contract to block chain
Log recording is added in network;
S6. cloud storage provider calls intelligent contract to authenticate the log recording, agrees to the reading receiving intelligent contract
After the feedback of operation requests, corresponding read operation is executed according to the read operation request, the data file of request is returned to
Ordinary user, and intelligent contract is called to add log recording into block chain network, it is transferred to step S7;
S7. the data file obtained when the data file of cloud storage service device return and before by intelligent contract is inconsistent
When, ordinary user calls intelligent contract to initiate audit request to the data file.
Step S1. data owner and cloud service provider confer an intelligent contract jointly, by the intelligent contract portion
In administration to block chain network, if deployment success, it is transferred to step S2, otherwise, is terminated.
Firstly, system is initialized, an intelligent contract rule is conferred by user and cloud service provider jointly,
Then this contract is deployed in block chain network, the process of contract deployment is to initiate one to receive the transaction that address is 0, the friendship
Easy data field can include the contract code for being compiled into bytecode.The transaction is broadcasted in block chain network, by node
It receives and is packaged into block, a unique contract address can be obtained at this time, we can pass through this call by location contract.Due to
Transaction comprising contract code is packed up in block, and reaches common understanding in the whole network, thus contract code cannot be tampered, we
It can trust that this section of code is bound to go to run according to the rule that we are worked out.The process can be provided to user terminal and cloud service
Side returns to intelligent contract address.
Intelligent contract includes multiple interfaces, and user, cloud storage provider and evidence obtaining investigation side with lower interface by being realized
Log recording and audit work:
Upload: data owner will upload to the metadata of the data file of cloud service provider by the interface
Information is recorded to block chain network, and generates the initial access record of the data file, the log note after being signed by private key for user
Record is broadcasted in block chain network, and is packed up in block and is reached common understanding in block chain network.
Log recording is considered transaction data and is packaged into block.
Getfile: user obtains data file in the address L of cloud storage service device by this interface, and user is in Xiang Yuncun
When storing up the server end long-range read/write requests of sending, need to obtain address and an interim token by the interface.
Preferably, the address L is url.Intelligent contract will record this behavior as one after receiving the request and ask in advance
Log is asked, is audited for subsequent to user's operation behavior, while token can prevent user from directly calling using last
The url that Getfile interface obtains files a request to cloud storage service device.
VerifyRequest: the interface is supplied to cloud storage provider and uses and can only be called by cloud storage provider, when
It when cloud storage provider receives the operation requests of user, calls whether interface polls user has access authority first, simultaneously should
Interface can obtain the accessing request information of user, and be stored in block chain network as log recording.
Grant: ordinary user is arranged to the number oneself deposited on cloud storage service device by the interface in data owner
According to access authority, the interface for give ordinary user authorization, that is, assign the user to the access limit of data file.
Revoke: data owner deposits in cloud storage service to oneself by assigning ordinary user before interface revocation
The access limit of data file on device.
Audit: audit user by the interface track data file life cycle, that is, know the data file when by
Creation and destroy, when by ordinary user access and be performed which operation.
Logging: the interface is used to broadcast ordinary user in block chain network and accesses data file generation access log
Record, and the log recording is stored to the addition of block chain, it is completed jointly by above-mentioned interface.
Step S2. is for data owner, after uploading data file to cloud storage service device end, call intelligent contract to
Block chain network adds log recording.
Create access operation of the step S2 corresponding data owner to data.After contract deployment success, system is i.e.
Initialization is completed.Next, can all call the Upload interface of intelligent contract after data owner uploads data to cloud
It uploads file metadata and a log recording is written, calling the process of intelligent contract is to broadcast one in block chain network
The process of transaction, this transaction receive address as intelligent contract address, contain the parameter of sender's offer in data field,
Transaction simultaneously includes the signature of sender and can be by other node verification.
When transaction will execute this intelligent contract by the reception of other nodes and save corresponding state variable, quilt of then trading
Be packaged into block, and reach common understanding in the whole network, this intelligent postrun state of contract is just confirmed by the whole network, therefore file metadata and
Log recording can be written into block chain and can not be tampered.
Data owner can also be paper formulation access control policy by Grant interface and Revoke interface.When this
In the broadcast of block chain network, receiving node can verify the signature of transaction and only data owner can formulate plan for transaction
Slightly, otherwise this time calling can be considered as invalid operation.
Fig. 3 is the flow chart of step S2 provided by the invention.As shown in figure 3, step S2 is specific as follows:
S201. data owner is that each data file to be uploaded creates a number fid, and by the data file
It is uploaded to cloud storage provider;
S202. data owner calls the Upload interface of intelligent contract to record the metadata information of data file to area
Block chain network.
S203. data owner sends the log recording (uid, fid, type, H (X0), OPM, ts, sign) after signature
Give cloud storage provider.
Subsidiary user's signature may insure that user can not deny this operation behavior on log recording.
S204. cloud storage provider audit log records the correctness of each field, if all correct, calls intelligent conjunction
Log recording is added in block chain network by Logging interface about, otherwise, terminates process;
Wherein, uid is user's unique identification number of remote access data, and fid is the unique of accessed data file
Mark, type are action type of the user to data file, and H (X0) is by preoperative data cryptographic Hash;Ts is current time
Stamp;Sign is the signature that the user of current accessed data generates access record using its private key;OPM is that open data are traced to the source
Model.
For example, checking whether user uid is correct, and whether action type corresponds to, then verifies the validity of user's signature, finally
Whether the cryptographic Hash for calculating data file is identical as H (X0), if being all that correctly, can call the Logging of intelligent contract
Log recording is written in block chain network interface.
Step S3. calls intelligent contract input to want to carry out data file on cloud storage service device ordinary user
Operation requests information, intelligent contract returns to the metadata information of data file described in ordinary user, is transferred to step S4;
Specifically, the operation requests information is (type, fid), wherein type is operation class of the user to data file
Type, type have tri- kinds of Create, Read, Write, respectively indicate and upload data, read data and write data;Fid is accessed
The unique identification of data file.The metadata information of the data file includes address of the data file on cloud storage service device
L, data file is by preoperative cryptographic Hash and token token.File owners are further comprised to specified by file simultaneously
Access control policy is realized using an accesses control list in the present system.
Step S4. ordinary user initiates operation to cloud storage service device and asks according to operation requests information and metadata information
Log recording is sought and sent, judges that the operation requests are read operation request or write operation requests, if write operation requests, then
It is transferred to step S5;If read operation request, then step S6 is transferred to.
Specifically, read operation request be (read, L, H (X0), token), write operation requests be (write, L, H (Xn),
token);Log recording described in step S4 is private by access record (uid, fid, type, H (X0), H (Xn), OPM, ts, sign)
Key signature generates;
Wherein, uid is user's unique identification number of remote access data, and fid is the unique of accessed data file
Mark, type are action type of the user to data file, and H (X0) is by preoperative data cryptographic Hash;H (Xn) is to be operated
Data cryptographic Hash afterwards;Ts is current time stamp;Sign is that the user of current accessed data gives birth to access record using its private key
At signature;OPM is that open data are traced to the source model.
Step S5. cloud storage provider calls intelligent contract to authenticate the log recording, agrees to institute receiving intelligent contract
After the feedback for stating write operation requests, corresponding write operation is executed according to the write operation requests, and call intelligent contract to area
Log recording is added in block chain network.
Fig. 4 is the flow chart provided by the invention that the data for being stored in cloud storage service device are carried out with long-range write operation.Such as
Shown in Fig. 4, step S5 is specific as follows:
S501. after cloud storage provider receives the request of ordinary user, audit log records the correctness of each field,
If all correct, it is transferred to step S502, otherwise, terminates process;
S502. the VerifyRequest interface of intelligent contract is called to verify the identity of ordinary user, in intelligent conjunction
The about access control policy of internal queries corresponding data file agrees to the request if user identity is eligible, and is transferred to step
Rapid S503 refuses the request of user if not meeting, and terminates process;
S503. cloud storage provider is after receiving intelligent contract and agreeing to the feedback of the write operation requests, according to user's
Request executes corresponding write operation;
S504. the log recording is added in block chain network by intelligent contract.
Step S6. cloud storage provider calls intelligent contract to authenticate the log recording, agrees to institute receiving intelligent contract
After the feedback for stating read operation request, corresponding read operation is executed according to the read operation request, the data file of request is returned
Back to ordinary user, and intelligent contract is called to add log recording into block chain network, is transferred to step S7.
Fig. 5 is the flow chart provided by the invention that the data for being stored in cloud storage service device are carried out with long-range read operation.Such as
Shown in Fig. 5, step S6 is specific as follows:
S601. after cloud storage provider receives the request of user, audit log records the correctness of each field, if
It is all correct, then it is transferred to step S602, otherwise, terminates process;
S602. the VerifyRequest interface of intelligent contract is called to verify the identity of the user, in intelligent contract
The access control policy of internal queries corresponding data file agrees to the request, and be transferred to step if user identity is eligible
Otherwise S603 refuses the request of user, and terminate process;
S603. cloud storage provider is after receiving intelligent contract and agreeing to the feedback of the read operation request, according to user's
Request executes corresponding read operation, and the data file of request is returned to ordinary user;
S604. the log recording is added in block chain network by intelligent contract, is transferred to step S7.
Step S7. works as the data file that cloud storage service device returns and passes through the data file of intelligent contract acquisition before not
When consistent, ordinary user calls intelligent contract to initiate audit request to the data file.
Ordinary user first calculates its hash value after the data for receiving the transmission of cloud storage service device, then with pass through before
The newest hash value H (X0) of data that intelligent contract obtains is compared, if they are the same, then prove the data read be it is correct, it is no
Then, illustrate that data are tampered or are not newest versions, at this point, user can call the Audit interface of intelligent contract to this
Data file initiates audit request.
Only can just be concerned about whether data are destroyed or malice is distorted when reading data, there is no this to need when writing data
It asks, but intelligent contract is also provided with interface, user can carry out integrality audit to data by the interface at any time.
It can be based on the extraction and analysis to log recording to the audit of data operation behavior.Call intelligence first when there is audit demand
The audit interface of contract, returns result to the user to file a request after being examined by intelligent contract log recording.
The present invention provides three audit functions, and it is open to all users to can be used as public audit interface Audit.It can
To be called by auditing by third party person, it is also possible to other any users.These three audit functions are respectively: obtaining file Life Cycle
Phase, inquiry illegal user and verifying file integrality.
It obtains file life cycle one data file is provided and be deleted all operation notes experienced from uploading to.
Which user inquiry illegal user, which is provided with, attempts to carry out illegal operation, so as to take one to these users
A little punitive measures or the in time permission of revocation malicious user.By comparing the Getfile request issued and VerifyRequest
Whether the request of sending is consistent, and illustrates that user has initiated illegal request if the request of the two operation is inconsistent, should
User is illegal user.
Verifying file integrality be supplied to user's checking its obtain file whether be tampered with.By by the Kazakhstan of data
Uncommon value is compared with the data cryptographic Hash in state-of-the-art record, if it is inconsistent, illustrating that the integrality of data is destroyed.
More than, the only preferable specific embodiment of the application, but the protection scope of the application is not limited thereto, and it is any
Within the technical scope of the present application, any changes or substitutions that can be easily thought of by those familiar with the art, all answers
Cover within the scope of protection of this application.Therefore, the protection scope of the application should be subject to the protection scope in claims.
Claims (10)
1. the log behavior auditing method based on block chain under a kind of cloud storage environment, which is characterized in that this method include with
Lower step:
S1. data owner and cloud service provider confer an intelligent contract jointly, and the intelligent contract is deployed to block
In chain network, if deployment success, it is transferred to step S2, otherwise, is terminated;
S2. for data owner, after uploading data file to cloud storage service device end, call intelligent contract to block link network
Network adds log recording;
S3. for ordinary user, intelligent contract input is called to want to ask the operation that data file on cloud storage service device carries out
Information is sought, intelligent contract returns to the metadata information of data file described in ordinary user, is transferred to step S4;
S4. ordinary user initiates operation requests to cloud storage service device and sends according to operation requests information and metadata information
Log recording judges that the operation requests are that read operation request or write operation requests if write operation requests are then transferred to step
S5;If read operation request, then step S6 is transferred to;
S5. cloud storage provider calls intelligent contract to authenticate the log recording, agrees to the write operation receiving intelligent contract
After the feedback of request, corresponding write operation is executed according to the write operation requests, and call intelligent contract to block chain network
Middle addition log recording;
S6. cloud storage provider calls intelligent contract to authenticate the log recording, agrees to the read operation receiving intelligent contract
After the feedback of request, corresponding read operation is executed according to the read operation request, the data file of request is returned to commonly
User, and intelligent contract is called to add log recording into block chain network, it is transferred to step S7;
S7. the data file obtained when the data file of cloud storage service device return and before by intelligent contract is inconsistent, general
Intelligent contract is called to initiate audit request to the data file in general family.
2. log behavior auditing method as described in claim 1, which is characterized in that the intelligence contract includes multiple interfaces,
It is specific as follows:
Upload: data owner will upload to the metadata information of the data file of cloud service provider by the interface
It records to block chain network, and generates the initial access record of the data file, the log recording after being signed by private key for user exists
Block chain network is broadcasted, and is packed up in block and is reached common understanding in block chain network;
Getfile: user obtains data file in the address L of cloud storage service device by this interface, and user takes to cloud storage
When the device end long-range read/write requests of sending of being engaged in, need to obtain address and an interim token by the interface;
VerifyRequest: the interface is supplied to cloud storage provider and uses and can only be called by cloud storage provider, when cloud is deposited
When storage provider receives the operation requests of user, call whether interface polls user has access authority, while the interface first
The accessing request information of user can be obtained, and is stored in block chain network as log recording;
Grant: ordinary user is arranged to the data oneself deposited on cloud storage service device by the interface in data owner
Access authority, the interface are used to authorize to ordinary user, that is, assign the user to the access limit of data file;
Revoke: data owner is by assigning ordinary user to oneself depositing on cloud storage service device before interface revocation
Data file access limit;
Audit: audit user tracks the life cycle of data file by the interface, that is, knows when the data file is created
It is operated with destroying, when which accessing and was performed by ordinary user;
Logging: the interface is used to broadcast ordinary user in block chain network and accesses data file generation access log record,
And the log recording is stored to the addition of block chain, it is completed jointly by above-mentioned interface.
3. log behavior auditing method as claimed in claim 2, which is characterized in that the address L is url.
4. log behavior auditing method as claimed in claim 2, which is characterized in that step S2 is specific as follows:
S201. data owner is that each data file to be uploaded creates a number fid, and the data file is uploaded
To cloud storage provider;
S202. data owner calls the Upload interface of intelligent contract to record the metadata information of data file to block chain
Network;
S203. the log recording (uid, fid, type, H (X0), OPM, ts, sign) after signature is sent to cloud by data owner
Store provider;
S204. cloud storage provider audit log records the correctness of each field, if all correct, calls intelligent contract
Log recording is added in block chain network by Logging interface, otherwise, terminates process;
Wherein, uid is user's unique identification number of remote access data, and fid is the unique identification of accessed data file,
Type is action type of the user to data file, and H (X0) is by preoperative data cryptographic Hash;Ts is current time stamp;
Sign is the signature that the user of current accessed data generates access record using its private key;OPM is that open data are traced to the source mould
Type.
5. log behavior auditing method as claimed in claim 2, which is characterized in that the operation requests information be (type,
Fid), wherein type is action type of the user to data file, and type has tri- kinds of Create, Read, Write, respectively indicates
Data are uploaded, data is read and writes data;Fid is the unique identification of accessed data file;The metadata of the data file
Information includes address L of the data file on cloud storage service device, data file by preoperative cryptographic Hash and token
token。
6. log behavior auditing method as claimed in claim 5, which is characterized in that read operation request be (read, L, H (X0),
Token), write operation requests are (write, L, H (Xn), token);Log recording described in step S4 by access record (uid,
Fid, type, H (X0), H (Xn), OPM, ts, sign) private key signature generation;
Wherein, uid is user's unique identification number of remote access data, and fid is the unique identification of accessed data file,
Type is action type of the user to data file, and H (X0) is by preoperative data cryptographic Hash;H (Xn) is after being operated
Data cryptographic Hash;Ts is current time stamp;Sign is that the user of current accessed data generates access record using its private key
Signature;OPM is that open data are traced to the source model.
7. log behavior auditing method as claimed in claim 2, which is characterized in that step S5 is specific as follows:
S501. after cloud storage provider receives the request of ordinary user, audit log records the correctness of each field, if
It is all correct, then it is transferred to step S502, otherwise, terminates process;
S502. the VerifyRequest interface of intelligent contract is called to verify the identity of ordinary user, in intelligent contract
The access control policy of portion's inquiry corresponding data file agrees to the request, and be transferred to step if user identity is eligible
S503 refuses the request of user if not meeting, and terminates process;
S503. cloud storage provider is after receiving intelligent contract and agreeing to the feedback of the write operation requests, according to the request of user
Execute corresponding write operation;
S504. the log recording is added in block chain network by intelligent contract.
8. log behavior auditing method as claimed in claim 2, which is characterized in that step S6 is specific as follows:
S601. after cloud storage provider receives the request of user, audit log records the correctness of each field, if all just
Really, then it is transferred to step S602, otherwise, terminates process;
S602. the VerifyRequest interface of intelligent contract is called to verify the identity of the user, inside intelligent contract
The access control policy of inquiry corresponding data file agrees to the request, and be transferred to step if user identity is eligible
Otherwise S603 refuses the request of user, and terminate process;
S603. cloud storage provider is after receiving intelligent contract and agreeing to the feedback of the read operation request, according to the request of user
Corresponding read operation is executed, and the data file of request is returned into ordinary user;
S604. the log recording is added in block chain network by intelligent contract, is transferred to step S7.
9. log behavior auditing method as claimed in claim 2, which is characterized in that step S7 is specific as follows:
Ordinary user first calculates its hash value after the data file for receiving the transmission of cloud storage service device, then with pass through before
The newest hash value H (X0) of data file that intelligent contract obtains is compared, and if they are the same, then proves that the data file read is just
It is true, otherwise, illustrate that data file is tampered or is not newest version, user can call the Audit interface of intelligent contract
Audit request is initiated to the data file.
10. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has computer journey
Sequence, the computer program realize log behavior auditing party as described in any one of claim 1 to 9 when being executed by processor
Method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811126706.7A CN109190410B (en) | 2018-09-26 | 2018-09-26 | Log behavior auditing method based on block chain in cloud storage environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811126706.7A CN109190410B (en) | 2018-09-26 | 2018-09-26 | Log behavior auditing method based on block chain in cloud storage environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109190410A true CN109190410A (en) | 2019-01-11 |
| CN109190410B CN109190410B (en) | 2020-05-19 |
Family
ID=64907256
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811126706.7A Active CN109190410B (en) | 2018-09-26 | 2018-09-26 | Log behavior auditing method based on block chain in cloud storage environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109190410B (en) |
Cited By (59)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109815203A (en) * | 2019-02-12 | 2019-05-28 | 山东超越数控电子股份有限公司 | A kind of log audit method and system based on block chain |
| CN109829334A (en) * | 2019-01-30 | 2019-05-31 | 复旦大学 | Data box configuration, use and bookkeeping methods and its operation system based on block chain |
| CN109862103A (en) * | 2019-02-26 | 2019-06-07 | 上海南潮信息科技有限公司 | File data secure sharing method and device based on block chain |
| CN109903046A (en) * | 2019-02-02 | 2019-06-18 | 中国互联网络信息中心 | User data management and device based on block chain |
| CN109902074A (en) * | 2019-04-17 | 2019-06-18 | 江苏全链通信息科技有限公司 | Log storing method and system based on data center |
| CN109977089A (en) * | 2019-03-13 | 2019-07-05 | 深圳壹账通智能科技有限公司 | Blog management method, device, computer equipment and computer readable storage medium |
| CN110048828A (en) * | 2019-04-17 | 2019-07-23 | 江苏全链通信息科技有限公司 | Log storing method and system based on data center |
| CN110138733A (en) * | 2019-04-03 | 2019-08-16 | 华南理工大学 | Object storage system based on block chain is credible to deposit card and access right control method |
| CN110263584A (en) * | 2019-06-19 | 2019-09-20 | 华中科技大学 | A kind of data integrity auditing method and system based on block chain |
| CN110365766A (en) * | 2019-07-12 | 2019-10-22 | 全链通有限公司 | Cloud storage method, equipment and computer readable storage medium based on block chain |
| CN110417909A (en) * | 2019-08-07 | 2019-11-05 | 中国联合网络通信集团有限公司 | Wireless network remote login method and system |
| CN110414270A (en) * | 2019-08-01 | 2019-11-05 | 谈建中 | A kind of personal data protection system and method based on block chain |
| CN110430248A (en) * | 2019-07-23 | 2019-11-08 | 平安科技(深圳)有限公司 | Block chain building method, apparatus, medium and electronic equipment based on cloud service |
| CN110457875A (en) * | 2019-07-31 | 2019-11-15 | 阿里巴巴集团控股有限公司 | Data grant method and device based on block chain |
| CN110457898A (en) * | 2019-07-29 | 2019-11-15 | 阿里巴巴集团控股有限公司 | Operation note storage method, device and equipment based on credible performing environment |
| CN110473094A (en) * | 2019-07-31 | 2019-11-19 | 阿里巴巴集团控股有限公司 | Data grant method and device based on block chain |
| CN110473096A (en) * | 2019-07-31 | 2019-11-19 | 阿里巴巴集团控股有限公司 | Data grant method and device based on intelligent contract |
| CN110677407A (en) * | 2019-09-26 | 2020-01-10 | 北京笔新互联网科技有限公司 | Safety control method of lightweight block chain platform |
| CN110798478A (en) * | 2019-11-06 | 2020-02-14 | 中国联合网络通信集团有限公司 | Data processing method and device |
| CN110941674A (en) * | 2019-11-26 | 2020-03-31 | 北京海益同展信息科技有限公司 | Block chain-based compliance audit method, device, system and storage medium |
| CN111092745A (en) * | 2019-10-12 | 2020-05-01 | 深圳壹账通智能科技有限公司 | Log processing method and device based on block chain, computer equipment and storage medium |
| CN111131191A (en) * | 2019-12-10 | 2020-05-08 | 山东超越数控电子股份有限公司 | Method and system for auditing cloud storage service operation and cloud storage system |
| CN111177096A (en) * | 2019-12-11 | 2020-05-19 | 招银云创(深圳)信息技术有限公司 | Log management method and device, computer equipment and storage medium |
| CN111241104A (en) * | 2020-01-14 | 2020-06-05 | 腾讯科技(深圳)有限公司 | Operation auditing method and device, electronic equipment and computer-readable storage medium |
| CN111339550A (en) * | 2020-02-01 | 2020-06-26 | 成都理工大学 | Comment information credibility method based on block chain technology |
| CN111428207A (en) * | 2020-04-23 | 2020-07-17 | 重庆邮电大学 | Digital copyright registration and transaction method based on blockchain technology |
| CN111448565A (en) * | 2020-02-14 | 2020-07-24 | 支付宝(杭州)信息技术有限公司 | Data authorization based on decentralized identity |
| CN111611614A (en) * | 2020-04-29 | 2020-09-01 | 南京财经大学 | Blockchain-based anti-malicious auditor cloud storage public audit method and system |
| US10783054B2 (en) | 2019-07-29 | 2020-09-22 | Alibaba Group Holding Limited | Method, apparatus, and device for storing operation record based on trusted execution environment |
| CN111698278A (en) * | 2020-04-10 | 2020-09-22 | 湖南大学 | Multi-cloud data storage method based on block chain |
| CN111797142A (en) * | 2020-07-06 | 2020-10-20 | 北京荷月科技有限公司 | Method and system for auditing data on link |
| CN111949651A (en) * | 2019-05-17 | 2020-11-17 | 国际商业机器公司 | track data transfers |
| CN111950020A (en) * | 2020-07-20 | 2020-11-17 | 北京思特奇信息技术股份有限公司 | Block chain based data sharing system, method, computing device and storage medium |
| CN112134698A (en) * | 2020-09-10 | 2020-12-25 | 江苏大学 | Block chain-based vehicle-to-vehicle rapid communication authentication method and system for Internet of vehicles |
| CN112134869A (en) * | 2020-09-16 | 2020-12-25 | 北方工业大学 | A blockchain-based cloud service review system and review method |
| CN112306983A (en) * | 2020-11-18 | 2021-02-02 | 武汉德尔达科技有限公司 | Ship electronic turbine log system and data protection method |
| CN112307233A (en) * | 2020-10-30 | 2021-02-02 | 圆通速递有限公司 | Repeated image deleting method and system in cloud storage based on block chain |
| CN112417496A (en) * | 2020-10-28 | 2021-02-26 | 北京八分量信息科技有限公司 | Method for realizing white list based on intelligent contract based on deep learning |
| CN112434040A (en) * | 2020-11-30 | 2021-03-02 | 泰康保险集团股份有限公司 | Data storage method, data acquisition method, device, system and equipment |
| US10936581B2 (en) | 2019-08-30 | 2021-03-02 | Advanced New Technologies Co., Ltd. | Blockchain transaction processing method and apparatus |
| WO2021036170A1 (en) * | 2019-08-30 | 2021-03-04 | 创新先进技术有限公司 | Blockchain transaction processing method and apparatus |
| CN112448946A (en) * | 2020-11-09 | 2021-03-05 | 北京工业大学 | Log auditing method and device based on block chain |
| CN112527825A (en) * | 2019-09-19 | 2021-03-19 | 上海哔哩哔哩科技有限公司 | Data storage method and device and computer equipment |
| CN112564985A (en) * | 2020-12-24 | 2021-03-26 | 南京联成科技发展股份有限公司 | Safe operation and maintenance management method based on block chain |
| WO2021057165A1 (en) * | 2019-09-25 | 2021-04-01 | 支付宝(杭州)信息技术有限公司 | Method for concurrently executing transactions in blockchain, and device |
| US11057189B2 (en) | 2019-07-31 | 2021-07-06 | Advanced New Technologies Co., Ltd. | Providing data authorization based on blockchain |
| CN113094754A (en) * | 2021-05-08 | 2021-07-09 | 重庆银行股份有限公司 | Big data platform data modification system and modification, response, cache and verification method |
| WO2021154157A1 (en) * | 2020-01-31 | 2021-08-05 | Agency For Science, Technology And Research | Blockchain-based data exchange |
| CN113285812A (en) * | 2021-07-26 | 2021-08-20 | 西南石油大学 | Cloud storage self-auditing method based on SGX and Ether house block chain |
| CN113382073A (en) * | 2021-06-08 | 2021-09-10 | 重庆邮电大学 | Monitoring system and method for edge nodes in cloud edge-side industrial control system |
| CN113486082A (en) * | 2021-06-28 | 2021-10-08 | 电子科技大学 | Outsourcing data access control system based on block chain |
| CN113836237A (en) * | 2021-09-30 | 2021-12-24 | 北京中经惠众科技有限公司 | Method and device for auditing data operation of database |
| CN114020726A (en) * | 2021-11-26 | 2022-02-08 | 中国电力科学研究院有限公司 | Log audit method, system, device and medium based on multivariate log data analysis |
| US11251963B2 (en) | 2019-07-31 | 2022-02-15 | Advanced New Technologies Co., Ltd. | Blockchain-based data authorization method and apparatus |
| US11252166B2 (en) | 2019-07-31 | 2022-02-15 | Advanced New Technologies Co., Ltd. | Providing data authorization based on blockchain |
| CN114119219A (en) * | 2021-11-02 | 2022-03-01 | 浙江网商银行股份有限公司 | Detection method and device for risk monitoring coverage |
| CN114207615A (en) * | 2019-04-26 | 2022-03-18 | 摩根大通国家银行 | System and method for maintaining immutable data access logs with privacy |
| US11310051B2 (en) | 2020-01-15 | 2022-04-19 | Advanced New Technologies Co., Ltd. | Blockchain-based data authorization method and apparatus |
| US11768821B1 (en) | 2022-03-23 | 2023-09-26 | International Business Machines Corporation | Blockchain based multi vendor change monitoring system |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110084069B (en) * | 2019-04-17 | 2021-05-11 | 江苏全链通信息科技有限公司 | Server log monitoring method and system based on block chain |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106650478A (en) * | 2016-12-28 | 2017-05-10 | 上海优刻得信息科技有限公司 | Data operation management device and method |
| US20170163733A1 (en) * | 2015-12-02 | 2017-06-08 | Olea Networks, Inc. | System and method for data management structure using auditable delta records in a distributed environment |
| CN107707410A (en) * | 2017-10-26 | 2018-02-16 | 上海点融信息科技有限责任公司 | Configure method, information processor and the readable storage medium storing program for executing of system audit service |
| CN108446407A (en) * | 2018-04-12 | 2018-08-24 | 北京百度网讯科技有限公司 | Database audit method based on block chain and device |
-
2018
- 2018-09-26 CN CN201811126706.7A patent/CN109190410B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170163733A1 (en) * | 2015-12-02 | 2017-06-08 | Olea Networks, Inc. | System and method for data management structure using auditable delta records in a distributed environment |
| CN106650478A (en) * | 2016-12-28 | 2017-05-10 | 上海优刻得信息科技有限公司 | Data operation management device and method |
| CN107707410A (en) * | 2017-10-26 | 2018-02-16 | 上海点融信息科技有限责任公司 | Configure method, information processor and the readable storage medium storing program for executing of system audit service |
| CN108446407A (en) * | 2018-04-12 | 2018-08-24 | 北京百度网讯科技有限公司 | Database audit method based on block chain and device |
Cited By (80)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109829334A (en) * | 2019-01-30 | 2019-05-31 | 复旦大学 | Data box configuration, use and bookkeeping methods and its operation system based on block chain |
| CN109829334B (en) * | 2019-01-30 | 2022-12-20 | 复旦大学 | Block chain-based data box configuration, use and billing method and its operating system |
| CN109903046A (en) * | 2019-02-02 | 2019-06-18 | 中国互联网络信息中心 | User data management and device based on block chain |
| CN109815203A (en) * | 2019-02-12 | 2019-05-28 | 山东超越数控电子股份有限公司 | A kind of log audit method and system based on block chain |
| CN109862103A (en) * | 2019-02-26 | 2019-06-07 | 上海南潮信息科技有限公司 | File data secure sharing method and device based on block chain |
| CN109977089A (en) * | 2019-03-13 | 2019-07-05 | 深圳壹账通智能科技有限公司 | Blog management method, device, computer equipment and computer readable storage medium |
| CN110138733A (en) * | 2019-04-03 | 2019-08-16 | 华南理工大学 | Object storage system based on block chain is credible to deposit card and access right control method |
| CN109902074A (en) * | 2019-04-17 | 2019-06-18 | 江苏全链通信息科技有限公司 | Log storing method and system based on data center |
| CN110048828A (en) * | 2019-04-17 | 2019-07-23 | 江苏全链通信息科技有限公司 | Log storing method and system based on data center |
| CN114207615A (en) * | 2019-04-26 | 2022-03-18 | 摩根大通国家银行 | System and method for maintaining immutable data access logs with privacy |
| CN111949651A (en) * | 2019-05-17 | 2020-11-17 | 国际商业机器公司 | track data transfers |
| CN111949651B (en) * | 2019-05-17 | 2024-12-17 | 国际商业机器公司 | Tracking data transmissions |
| CN110263584A (en) * | 2019-06-19 | 2019-09-20 | 华中科技大学 | A kind of data integrity auditing method and system based on block chain |
| CN110365766A (en) * | 2019-07-12 | 2019-10-22 | 全链通有限公司 | Cloud storage method, equipment and computer readable storage medium based on block chain |
| CN110430248B (en) * | 2019-07-23 | 2022-03-25 | 平安科技(深圳)有限公司 | Block chain construction method, device, medium and electronic equipment based on cloud service |
| CN110430248A (en) * | 2019-07-23 | 2019-11-08 | 平安科技(深圳)有限公司 | Block chain building method, apparatus, medium and electronic equipment based on cloud service |
| CN110457898A (en) * | 2019-07-29 | 2019-11-15 | 阿里巴巴集团控股有限公司 | Operation note storage method, device and equipment based on credible performing environment |
| US10783054B2 (en) | 2019-07-29 | 2020-09-22 | Alibaba Group Holding Limited | Method, apparatus, and device for storing operation record based on trusted execution environment |
| US11251963B2 (en) | 2019-07-31 | 2022-02-15 | Advanced New Technologies Co., Ltd. | Blockchain-based data authorization method and apparatus |
| CN110473094A (en) * | 2019-07-31 | 2019-11-19 | 阿里巴巴集团控股有限公司 | Data grant method and device based on block chain |
| US11398914B2 (en) | 2019-07-31 | 2022-07-26 | Advanced New Technologies Co., Ltd. | Blockchain-based data authorization method and apparatus |
| CN110457875A (en) * | 2019-07-31 | 2019-11-15 | 阿里巴巴集团控股有限公司 | Data grant method and device based on block chain |
| US11252166B2 (en) | 2019-07-31 | 2022-02-15 | Advanced New Technologies Co., Ltd. | Providing data authorization based on blockchain |
| CN110473096A (en) * | 2019-07-31 | 2019-11-19 | 阿里巴巴集团控股有限公司 | Data grant method and device based on intelligent contract |
| US11057189B2 (en) | 2019-07-31 | 2021-07-06 | Advanced New Technologies Co., Ltd. | Providing data authorization based on blockchain |
| US11831656B2 (en) | 2019-07-31 | 2023-11-28 | Advanced New Technologies Co., Ltd. | Providing data authorization based on blockchain |
| CN110473094B (en) * | 2019-07-31 | 2021-05-18 | 创新先进技术有限公司 | Data authorization method and device based on block chain |
| CN110414270B (en) * | 2019-08-01 | 2022-12-06 | 谈建中 | Personal data protection system and method based on block chain |
| CN110414270A (en) * | 2019-08-01 | 2019-11-05 | 谈建中 | A kind of personal data protection system and method based on block chain |
| CN110417909B (en) * | 2019-08-07 | 2022-04-08 | 中国联合网络通信集团有限公司 | Wireless network remote login method and system |
| CN110417909A (en) * | 2019-08-07 | 2019-11-05 | 中国联合网络通信集团有限公司 | Wireless network remote login method and system |
| WO2021036170A1 (en) * | 2019-08-30 | 2021-03-04 | 创新先进技术有限公司 | Blockchain transaction processing method and apparatus |
| US10936581B2 (en) | 2019-08-30 | 2021-03-02 | Advanced New Technologies Co., Ltd. | Blockchain transaction processing method and apparatus |
| CN112527825A (en) * | 2019-09-19 | 2021-03-19 | 上海哔哩哔哩科技有限公司 | Data storage method and device and computer equipment |
| WO2021057165A1 (en) * | 2019-09-25 | 2021-04-01 | 支付宝(杭州)信息技术有限公司 | Method for concurrently executing transactions in blockchain, and device |
| CN110677407A (en) * | 2019-09-26 | 2020-01-10 | 北京笔新互联网科技有限公司 | Safety control method of lightweight block chain platform |
| CN111092745A (en) * | 2019-10-12 | 2020-05-01 | 深圳壹账通智能科技有限公司 | Log processing method and device based on block chain, computer equipment and storage medium |
| WO2021068488A1 (en) * | 2019-10-12 | 2021-04-15 | 深圳壹账通智能科技有限公司 | Blockchain-based log processing method and apparatus, computer device, and storage medium |
| CN110798478A (en) * | 2019-11-06 | 2020-02-14 | 中国联合网络通信集团有限公司 | Data processing method and device |
| CN110798478B (en) * | 2019-11-06 | 2022-04-15 | 中国联合网络通信集团有限公司 | Data processing method and device |
| CN110941674A (en) * | 2019-11-26 | 2020-03-31 | 北京海益同展信息科技有限公司 | Block chain-based compliance audit method, device, system and storage medium |
| CN111131191A (en) * | 2019-12-10 | 2020-05-08 | 山东超越数控电子股份有限公司 | Method and system for auditing cloud storage service operation and cloud storage system |
| CN111177096A (en) * | 2019-12-11 | 2020-05-19 | 招银云创(深圳)信息技术有限公司 | Log management method and device, computer equipment and storage medium |
| CN111241104A (en) * | 2020-01-14 | 2020-06-05 | 腾讯科技(深圳)有限公司 | Operation auditing method and device, electronic equipment and computer-readable storage medium |
| US11310051B2 (en) | 2020-01-15 | 2022-04-19 | Advanced New Technologies Co., Ltd. | Blockchain-based data authorization method and apparatus |
| WO2021154157A1 (en) * | 2020-01-31 | 2021-08-05 | Agency For Science, Technology And Research | Blockchain-based data exchange |
| CN111339550B (en) * | 2020-02-01 | 2023-08-29 | 温州理工学院 | Comment information credibility method based on blockchain technology |
| CN111339550A (en) * | 2020-02-01 | 2020-06-26 | 成都理工大学 | Comment information credibility method based on block chain technology |
| CN111448565B (en) * | 2020-02-14 | 2024-04-05 | 支付宝(杭州)信息技术有限公司 | Data authorization based on decentralised identification |
| CN111448565A (en) * | 2020-02-14 | 2020-07-24 | 支付宝(杭州)信息技术有限公司 | Data authorization based on decentralized identity |
| CN111698278A (en) * | 2020-04-10 | 2020-09-22 | 湖南大学 | Multi-cloud data storage method based on block chain |
| CN111428207A (en) * | 2020-04-23 | 2020-07-17 | 重庆邮电大学 | Digital copyright registration and transaction method based on blockchain technology |
| CN111428207B (en) * | 2020-04-23 | 2023-11-14 | 重庆邮电大学 | Digital copyright registration and transaction method based on blockchain technology |
| CN111611614B (en) * | 2020-04-29 | 2023-09-08 | 南京财经大学 | Blockchain-based anti-malicious auditor cloud storage public audit method and system |
| CN111611614A (en) * | 2020-04-29 | 2020-09-01 | 南京财经大学 | Blockchain-based anti-malicious auditor cloud storage public audit method and system |
| CN111797142A (en) * | 2020-07-06 | 2020-10-20 | 北京荷月科技有限公司 | Method and system for auditing data on link |
| CN111950020B (en) * | 2020-07-20 | 2024-04-19 | 北京思特奇信息技术股份有限公司 | Block chain-based data sharing system, method, computing device and storage medium |
| CN111950020A (en) * | 2020-07-20 | 2020-11-17 | 北京思特奇信息技术股份有限公司 | Block chain based data sharing system, method, computing device and storage medium |
| CN112134698A (en) * | 2020-09-10 | 2020-12-25 | 江苏大学 | Block chain-based vehicle-to-vehicle rapid communication authentication method and system for Internet of vehicles |
| CN112134869A (en) * | 2020-09-16 | 2020-12-25 | 北方工业大学 | A blockchain-based cloud service review system and review method |
| CN112417496A (en) * | 2020-10-28 | 2021-02-26 | 北京八分量信息科技有限公司 | Method for realizing white list based on intelligent contract based on deep learning |
| CN112307233A (en) * | 2020-10-30 | 2021-02-02 | 圆通速递有限公司 | Repeated image deleting method and system in cloud storage based on block chain |
| CN112448946A (en) * | 2020-11-09 | 2021-03-05 | 北京工业大学 | Log auditing method and device based on block chain |
| CN112448946B (en) * | 2020-11-09 | 2024-03-19 | 北京工业大学 | Log auditing method and device based on block chain |
| CN112306983A (en) * | 2020-11-18 | 2021-02-02 | 武汉德尔达科技有限公司 | Ship electronic turbine log system and data protection method |
| CN112306983B (en) * | 2020-11-18 | 2024-04-09 | 武汉德尔达科技有限公司 | Ship electronic turbine log system and data protection method |
| CN112434040A (en) * | 2020-11-30 | 2021-03-02 | 泰康保险集团股份有限公司 | Data storage method, data acquisition method, device, system and equipment |
| CN112434040B (en) * | 2020-11-30 | 2023-09-22 | 泰康保险集团股份有限公司 | Data storage method, data acquisition method, device, system and equipment |
| CN112564985A (en) * | 2020-12-24 | 2021-03-26 | 南京联成科技发展股份有限公司 | Safe operation and maintenance management method based on block chain |
| CN113094754B (en) * | 2021-05-08 | 2022-11-01 | 重庆银行股份有限公司 | Big data platform data modification system and modification, response, cache and verification method |
| CN113094754A (en) * | 2021-05-08 | 2021-07-09 | 重庆银行股份有限公司 | Big data platform data modification system and modification, response, cache and verification method |
| CN113382073A (en) * | 2021-06-08 | 2021-09-10 | 重庆邮电大学 | Monitoring system and method for edge nodes in cloud edge-side industrial control system |
| CN113486082A (en) * | 2021-06-28 | 2021-10-08 | 电子科技大学 | Outsourcing data access control system based on block chain |
| CN113486082B (en) * | 2021-06-28 | 2023-03-28 | 电子科技大学 | Outsourcing data access control system based on block chain |
| CN113285812A (en) * | 2021-07-26 | 2021-08-20 | 西南石油大学 | Cloud storage self-auditing method based on SGX and Ether house block chain |
| CN113836237A (en) * | 2021-09-30 | 2021-12-24 | 北京中经惠众科技有限公司 | Method and device for auditing data operation of database |
| CN114119219A (en) * | 2021-11-02 | 2022-03-01 | 浙江网商银行股份有限公司 | Detection method and device for risk monitoring coverage |
| CN114020726A (en) * | 2021-11-26 | 2022-02-08 | 中国电力科学研究院有限公司 | Log audit method, system, device and medium based on multivariate log data analysis |
| CN114020726B (en) * | 2021-11-26 | 2024-09-10 | 中国电力科学研究院有限公司 | Log audit method, system, device and medium based on multivariate log data analysis |
| US11768821B1 (en) | 2022-03-23 | 2023-09-26 | International Business Machines Corporation | Blockchain based multi vendor change monitoring system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109190410B (en) | 2020-05-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109190410A (en) | A kind of log behavior auditing method based on block chain under cloud storage environment | |
| Ocheja et al. | Managing lifelong learning records through blockchain | |
| CN112559627B (en) | Method for sharing electronic medical record data in cooperation with each other on chain and under chain based on alliance chain | |
| CN110060162B (en) | Data authorization and query method and device based on block chain | |
| CN108632268B (en) | Authentication method and device for block chain access, storage medium and electronic device | |
| CN108023894B (en) | Visa information system based on block chain and processing method thereof | |
| US20210042748A1 (en) | Blockchain-based secure resource management | |
| US20180219687A1 (en) | Secure sharing | |
| CN108462568A (en) | A kind of secure file storage and sharing method based on block chain | |
| CN110049066A (en) | A kind of resource access authorization method based on digital signature and block chain | |
| CN113742782A (en) | Block chain access authority control method based on privacy protection and block chain system | |
| CN108960825A (en) | Electric endorsement method and device, electronic equipment based on block chain | |
| CN107579958A (en) | Data management method, device and system | |
| KR20180108566A (en) | SYSTEM AND METHOD FOR MANAGING DIGITAL IDENTITY | |
| CN103535007B (en) | The administrative authentication of distributed network | |
| CN109600366A (en) | The method and device of protection user data privacy based on block chain | |
| CN109242404B (en) | Resume information management method, resume information management device, computer equipment and readable storage medium | |
| Razali et al. | Secure blockchain-based data-sharing model and adoption among intelligence communities. | |
| WO2020000769A1 (en) | Block chain-based medical insurance claim settlement method, system and computer device | |
| CN109446259B (en) | Data processing method and device, processor and storage medium | |
| CN115396113A (en) | Blockchain-based medical data processing method, device, and computer equipment | |
| CN105450750A (en) | Secure interaction method for intelligent terminal | |
| CN113221191B (en) | Block chain-based data evidence storage method, device, equipment and storage medium | |
| WO2020208214A1 (en) | Systems and processes for management of digital or physical assets via distributed ledger | |
| CN112699406B (en) | Medical imaging data security management method and system based on blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |