技术领域Technical Field
本发明涉及计算机技术领域,尤其涉及一种基于区块链的离线审计方法、电子装置及可读存储介质。The present invention relates to the field of computer technology, and in particular to an offline audit method, an electronic device and a readable storage medium based on blockchain.
背景技术Background Art
在需要对区块链中数据进行审计时,由于区块链数据都存在于区块链环境中,现有技术中一般是使审计机构参与到区块链网络中,作为区块链的一个物理节点或者逻辑节点,审计机构需要窒息所有被审计的区块链相关信息,存在较大的管理成本,成本太高。而如果简单直接地将区块链的数据转移到区块链外部,提供给审计机构,则对于区块链参与方来说存在数据泄漏的风险,数据安全存在风险。When it is necessary to audit the data in the blockchain, since the blockchain data exists in the blockchain environment, the existing technology generally involves the auditing agency in the blockchain network. As a physical node or logical node of the blockchain, the auditing agency needs to suffocate all the audited blockchain-related information, which has a large management cost and is too expensive. If the blockchain data is simply and directly transferred to the outside of the blockchain and provided to the auditing agency, there is a risk of data leakage for the blockchain participants and data security is at risk.
发明内容Summary of the invention
本发明的目的在于提供一种基于区块链的离线审计方法、电子装置及可读存储介质,旨在保证数据安全且成本较低的进行区块链数据离线审计。The purpose of the present invention is to provide an offline audit method, electronic device and readable storage medium based on blockchain, aiming to ensure data security and conduct offline audit of blockchain data at a low cost.
为实现上述目的,本发明提供一种基于区块链的离线审计方法,所述基于区块链的离线审计方法包括:To achieve the above object, the present invention provides an offline audit method based on blockchain, and the offline audit method based on blockchain includes:
在收到审计机构对区块链网络中数据的审计请求后,在所述区块链网络中创建一个临时节点,并按预设禁止规则禁止所述区块链网络中在预设时间段内产生预设类型消息;After receiving an audit request from an auditing agency for data in a blockchain network, a temporary node is created in the blockchain network, and preset prohibition rules are used to prohibit the generation of preset type messages in the blockchain network within a preset time period;
在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点中;Synchronizing the blockchain data to be audited in the blockchain network to the temporary node within the preset time period;
利用预先获取的所述审计机构的CA证书对所述临时节点中的区块链数据进行加密操作;Using the pre-acquired CA certificate of the auditing agency to encrypt the blockchain data in the temporary node;
将加密后的区块链数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。The encrypted blockchain data is sent to the auditing agency so that the auditing agency can decrypt the blockchain data and then conduct an audit.
优选地,所述预设禁止规则包括:Preferably, the preset prohibition rules include:
阻塞所述区块链网络,或者限制所述区块链网络中密钥的下发,或者限制所述区块链网络中的背书流程。Block the blockchain network, or restrict the issuance of keys in the blockchain network, or restrict the endorsement process in the blockchain network.
优选地,在所述在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点中的步骤之后,所述基于区块链的离线审计方法还包括:Preferably, after the step of synchronizing the blockchain data to be audited in the blockchain network to the temporary node within the preset time period, the blockchain-based offline audit method further includes:
解除禁止所述区块链网络中在预设时间段内产生预设类型消息,并按预设阻止规则阻止所述临时节点产生新的数据。The prohibition on generating messages of preset types in the blockchain network within a preset time period is lifted, and the temporary node is prevented from generating new data according to preset blocking rules.
优选地,所述预设阻止规则包括:Preferably, the preset blocking rules include:
限制所述临时节点磁盘的写入操作权限,或者,限制所述临时节点对所述区块链网络的访问权限。Restrict the write operation permission of the temporary node disk, or restrict the access permission of the temporary node to the blockchain network.
优选地,所述在收到审计机构对区块链网络中数据的审计请求后,在所述区块链网络中创建一个临时节点,并按预设禁止规则禁止所述区块链网络中在预设时间段内产生预设类型消息的步骤之前,所述基于区块链的离线审计方法还包括:Preferably, after receiving an audit request from an auditing agency for data in a blockchain network, before creating a temporary node in the blockchain network and prohibiting the blockchain network from generating messages of a preset type within a preset time period according to a preset prohibition rule, the blockchain-based offline audit method further includes:
接收所述审计机构发送的CA证书,并对收到的CA证书进行认证,在认证通过后将所述审计机构发送的CA证书保存至所述区块链网络中。Receive the CA certificate sent by the auditing agency, authenticate the received CA certificate, and save the CA certificate sent by the auditing agency in the blockchain network after the authentication is passed.
优选地,在所述将加密后的区块链数据发送至所述审计机构的步骤之后,所述基于区块链的离线审计方法还包括:Preferably, after the step of sending the encrypted blockchain data to the auditing agency, the blockchain-based offline auditing method further comprises:
删除所述区块链网络中的所述临时节点。Deleting the temporary node in the blockchain network.
此外,为实现上述目的,本发明还提供一种电子装置,所述电子装置包括存储器、处理器,所述存储器上存储有可在所述处理器上运行的基于区块链的离线审计系统,所述基于区块链的离线审计系统被所述处理器执行时实现如下步骤:In addition, to achieve the above-mentioned purpose, the present invention further provides an electronic device, the electronic device comprising a memory and a processor, the memory storing an offline audit system based on blockchain that can be run on the processor, and the offline audit system based on blockchain implements the following steps when executed by the processor:
在收到审计机构对区块链网络中数据的审计请求后,在所述区块链网络中创建一个临时节点,并按预设禁止规则禁止所述区块链网络中在预设时间段内产生预设类型消息;After receiving an audit request from an auditing agency for data in a blockchain network, a temporary node is created in the blockchain network, and preset prohibition rules are used to prohibit the generation of preset type messages in the blockchain network within a preset time period;
在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点中;Synchronizing the blockchain data to be audited in the blockchain network to the temporary node within the preset time period;
利用预先获取的所述审计机构的CA证书对所述临时节点中的区块链数据进行加密操作;Using the pre-acquired CA certificate of the auditing agency to encrypt the blockchain data in the temporary node;
将加密后的区块链数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。The encrypted blockchain data is sent to the auditing agency so that the auditing agency can decrypt the blockchain data and then conduct an audit.
优选地,所述预设禁止规则包括:Preferably, the preset prohibition rules include:
阻塞所述区块链网络,或者限制所述区块链网络中密钥的下发,或者限制所述区块链网络中的背书流程。Block the blockchain network, or restrict the issuance of keys in the blockchain network, or restrict the endorsement process in the blockchain network.
优选地,在所述在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点中的步骤之后,还包括:Preferably, after the step of synchronizing the blockchain data to be audited in the blockchain network to the temporary node within the preset time period, it also includes:
解除禁止所述区块链网络中在预设时间段内产生预设类型消息,并按预设阻止规则阻止所述临时节点产生新的数据。The prohibition on generating messages of preset types in the blockchain network within a preset time period is lifted, and the temporary node is prevented from generating new data according to preset blocking rules.
进一步地,为实现上述目的,本发明还提供一种计算机可读存储介质,所述计算机可读存储介质存储有基于区块链的离线审计系统,所述基于区块链的离线审计系统可被至少一个处理器执行,以使所述至少一个处理器执行如上述的基于区块链的离线审计方法的步骤。Furthermore, to achieve the above-mentioned purpose, the present invention also provides a computer-readable storage medium, which stores a blockchain-based offline audit system, and the blockchain-based offline audit system can be executed by at least one processor so that the at least one processor performs the steps of the above-mentioned blockchain-based offline audit method.
本发明提出的基于区块链的离线审计方法、电子装置及可读存储介质,通过在区块链网络中创建一个临时节点,按预设禁止规则禁止所述区块链网络中在预设时间段内产生预设类型消息;在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点中;利用预先获取的所述审计机构的CA证书对所述临时节点中的区块链数据进行加密操作;将加密后的区块链数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。由于能通过创建临时节点来禁止区块链网络中在数据同步时产生新的消息,无需使审计机构参与到区块链网络中,降低了管理成本。而且,利用预先获取的所述审计机构的CA证书对待审计的区块链数据进行加密后再发送至审计机构,只有审计机构自身可以解密获取到待审计的区块链数据内容,没有数据泄漏的风险,保证了区块链数据安全。The offline audit method, electronic device and readable storage medium based on blockchain proposed in the present invention, by creating a temporary node in the blockchain network, prohibiting the generation of preset type messages in the blockchain network within a preset time period according to preset prohibition rules; synchronizing the blockchain data to be audited in the blockchain network to the temporary node within the preset time period; using the CA certificate of the audit agency obtained in advance to encrypt the blockchain data in the temporary node; sending the encrypted blockchain data to the audit agency, so that the audit agency can decrypt the blockchain data and then audit it. Since the generation of new messages in the blockchain network during data synchronization can be prohibited by creating a temporary node, there is no need for the audit agency to participate in the blockchain network, which reduces management costs. Moreover, the blockchain data to be audited is encrypted using the CA certificate of the audit agency obtained in advance and then sent to the audit agency. Only the audit agency itself can decrypt and obtain the content of the blockchain data to be audited, without the risk of data leakage, ensuring the security of blockchain data.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
图1为本发明基于区块链的离线审计系统10较佳实施例的运行环境示意图;FIG1 is a schematic diagram of the operating environment of a preferred embodiment of an offline audit system 10 based on blockchain of the present invention;
图2为本发明基于区块链的离线审计方法一实施例的流程示意图。FIG2 is a flow chart of an embodiment of an offline audit method based on blockchain of the present invention.
具体实施方式DETAILED DESCRIPTION
为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅用以解释本发明,并不用于限定本发明。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the purpose, technical solutions and advantages of the present invention more clearly understood, the present invention is further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present invention and are not intended to limit the present invention. Based on the embodiments of the present invention, all other embodiments obtained by ordinary technicians in this field without making creative work are within the scope of protection of the present invention.
需要说明的是,在本发明中涉及“第一”、“第二”等的描述仅用于描述目的,而不能理解为指示或暗示其相对重要性或者隐含指明所指示的技术特征的数量。由此,限定有“第一”、“第二”的特征可以明示或者隐含地包括至少一个该特征。另外,各个实施例之间的技术方案可以相互结合,但是必须是以本领域普通技术人员能够实现为基础,当技术方案的结合出现相互矛盾或无法实现时应当认为这种技术方案的结合不存在,也不在本发明要求的保护范围之内。It should be noted that the descriptions of "first", "second", etc. in the present invention are only used for descriptive purposes and cannot be understood as indicating or implying their relative importance or implicitly indicating the number of the indicated technical features. Therefore, the features defined as "first" and "second" may explicitly or implicitly include at least one of the features. In addition, the technical solutions between the various embodiments can be combined with each other, but they must be based on the ability of ordinary technicians in the field to implement them. When the combination of technical solutions is contradictory or cannot be implemented, it should be deemed that such a combination of technical solutions does not exist and is not within the scope of protection required by the present invention.
本发明提供一种基于区块链的离线审计系统。请参阅图1,是本发明基于区块链的离线审计系统10较佳实施例的运行环境示意图。The present invention provides an offline audit system based on blockchain. Please refer to Figure 1, which is a schematic diagram of the operating environment of a preferred embodiment of an offline audit system 10 based on blockchain of the present invention.
在本实施例中,所述的基于区块链的离线审计系统10安装并运行于电子装置1中。该电子装置1可包括,但不仅限于,存储器11、处理器12及显示器13。图1仅示出了具有组件11-13的电子装置1,但是应理解的是,并不要求实施所有示出的组件,可以替代的实施更多或者更少的组件。In this embodiment, the blockchain-based offline audit system 10 is installed and runs in an electronic device 1. The electronic device 1 may include, but is not limited to, a memory 11, a processor 12, and a display 13. FIG. 1 only shows an electronic device 1 having components 11-13, but it should be understood that it is not required to implement all the components shown, and more or fewer components may be implemented instead.
所述存储器11为至少一种类型的可读计算机存储介质,所述存储器11在一些实施例中可以是所述电子装置1的内部存储单元,例如该电子装置1的硬盘或内存。所述存储器11在另一些实施例中也可以是所述电子装置1的外部存储设备,例如所述电子装置1上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。进一步地,所述存储器11还可以既包括所述电子装置1的内部存储单元也包括外部存储设备。所述存储器11用于存储安装于所述电子装置1的应用软件及各类数据,例如所述基于区块链的离线审计系统10的程序代码等。所述存储器11还可以用于暂时地存储已经输出或者将要输出的数据。The memory 11 is at least one type of computer-readable storage medium. In some embodiments, the memory 11 may be an internal storage unit of the electronic device 1, such as a hard disk or memory of the electronic device 1. In other embodiments, the memory 11 may also be an external storage device of the electronic device 1, such as a plug-in hard disk, a smart memory card (Smart Media Card, SMC), a secure digital (Secure Digital, SD) card, a flash card (Flash Card), etc. equipped on the electronic device 1. Further, the memory 11 may also include both an internal storage unit of the electronic device 1 and an external storage device. The memory 11 is used to store application software and various types of data installed in the electronic device 1, such as the program code of the offline audit system 10 based on blockchain, etc. The memory 11 can also be used to temporarily store data that has been output or is to be output.
所述处理器12在一些实施例中可以是一中央处理器(Central Processing Unit,CPU),微处理器或其他数据处理芯片,用于运行所述存储器11中存储的程序代码或处理数据,例如执行所述基于区块链的离线审计系统10等。In some embodiments, the processor 12 may be a central processing unit (CPU), a microprocessor or other data processing chip, used to run the program code or process data stored in the memory 11, such as executing the blockchain-based offline audit system 10.
所述显示器13在一些实施例中可以是LED显示器、液晶显示器、触控式液晶显示器以及OLED(Organic Light-Emitting Diode,有机发光二极管)触摸器等。所述显示器13用于显示在所述电子装置1中处理的信息以及用于显示可视化的用户界面,例如创建的临时节点信息、待审计的区块链数据等。所述电子装置1的部件11-13通过系统总线相互通信。In some embodiments, the display 13 may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, etc. The display 13 is used to display information processed in the electronic device 1 and to display a visual user interface, such as created temporary node information, blockchain data to be audited, etc. The components 11-13 of the electronic device 1 communicate with each other via a system bus.
基于区块链的离线审计系统10包括至少一个存储在所述存储器11中的计算机可读指令,该至少一个计算机可读指令可被所述处理器12执行,以实现本申请各实施例。The blockchain-based offline audit system 10 includes at least one computer-readable instruction stored in the memory 11, and the at least one computer-readable instruction can be executed by the processor 12 to implement various embodiments of the present application.
其中,上述基于区块链的离线审计系统10被所述处理器12执行时实现如下步骤:The blockchain-based offline audit system 10 implements the following steps when executed by the processor 12:
步骤S1,在收到审计机构对区块链网络中数据的审计请求后,在所述区块链网络中创建一个临时节点,并按预设禁止规则禁止所述区块链网络中在预设时间段内产生预设类型消息;Step S1, after receiving an audit request from an auditing agency for data in a blockchain network, creating a temporary node in the blockchain network, and prohibiting the generation of preset type messages in the blockchain network within a preset time period according to preset prohibition rules;
步骤S2,在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点中;Step S2, synchronizing the blockchain data to be audited in the blockchain network to the temporary node within the preset time period;
步骤S3,利用预先获取的所述审计机构的CA证书对所述临时节点中的区块链数据进行加密操作;Step S3, using the pre-acquired CA certificate of the auditing agency to encrypt the blockchain data in the temporary node;
步骤S4,将加密后的区块链数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。Step S4, sending the encrypted blockchain data to the auditing agency, so that the auditing agency can decrypt the blockchain data and then conduct an audit.
本实施例中,基于区块链的离线审计系统接收审计机构发出的对区块链网络中数据的审计请求,例如,接收用户通过手机、平板电脑、自助终端设备等终端发送的审计请求,如接收审计机构用户在手机、平板电脑、自助终端设备等终端中预先安装的客户端上发送来的审计请求,或接收审计机构用户在手机、平板电脑、自助终端设备等终端中的浏览器系统上发送来的审计请求。In this embodiment, the blockchain-based offline audit system receives audit requests for data in the blockchain network issued by the audit agency, for example, receives audit requests sent by users through terminals such as mobile phones, tablet computers, and self-service terminal devices, such as receiving audit requests sent by users of the audit agency on clients pre-installed in terminals such as mobile phones, tablet computers, and self-service terminal devices, or receiving audit requests sent by users of the audit agency on browser systems in terminals such as mobile phones, tablet computers, and self-service terminal devices.
本实施例中提供一种基于PKI(Public Key Infrastructure)公钥基础设施加密体系的区块链离线审计功能。首先,请求对区块链网络进行审计的审计机构将自己的CA证书(公钥)发送至该区块链网络,或由区块链网络向审计机构索要该机构的CA证书(公钥),以备后续使用。其中,CA证书为审计机构从认证机构(CA)即数字证书的申请及签发机关处申请获取的,在PKI中,为了确保用户的身份及其所持有密钥的正确匹配,公开密钥系统需要一个值得信赖而且独立的第三方机构充当认证中心(Certification Authority,CA),来确认公钥拥有人的真正身份。这个数字证书包含了用户身份的部分信息及用户所持有的公钥。认证中心利用本身的私钥为数字证书加上数字签名。任何想发放自己公钥的用户,可以去认证中心申请自己的证书。认证中心在鉴定真实身份后,颁发包含用户公钥的数字证书。其他用户只要能验证证书是真实的,并且信任颁发证书的认证中心,就可以确认用户的公钥。In this embodiment, a blockchain offline audit function based on the PKI (Public Key Infrastructure) public key infrastructure encryption system is provided. First, the auditing agency requesting to audit the blockchain network sends its own CA certificate (public key) to the blockchain network, or the blockchain network asks the auditing agency for the agency's CA certificate (public key) for subsequent use. Among them, the CA certificate is obtained by the auditing agency from the certification agency (CA), that is, the application and issuance authority of the digital certificate. In PKI, in order to ensure the correct match between the user's identity and the key held by the user, the public key system requires a trustworthy and independent third-party agency to act as a certification center (CA) to confirm the true identity of the public key owner. This digital certificate contains part of the user's identity information and the public key held by the user. The certification center uses its own private key to add a digital signature to the digital certificate. Any user who wants to issue his own public key can go to the certification center to apply for his own certificate. After identifying the true identity, the certification center issues a digital certificate containing the user's public key. As long as other users can verify that the certificate is authentic and trust the certification center that issues the certificate, they can confirm the user's public key.
所述区块链网络获取到审计机构的CA证书(公钥)后,需要通过证书链技术,对下发的证书进行认证,认证通过以后才接收。即在CA认证中心确认该CA证书确实为该审计机构对应的CA证书(公钥),则认证通过,将与所述审计机构对应的CA证书保存至所述区块链网络中,以备后续使用。After the blockchain network obtains the CA certificate (public key) of the auditing agency, it needs to authenticate the issued certificate through the certificate chain technology, and will only receive it after the authentication is passed. That is, if the CA authentication center confirms that the CA certificate is indeed the CA certificate (public key) corresponding to the auditing agency, the authentication is passed, and the CA certificate corresponding to the auditing agency is saved in the blockchain network for subsequent use.
在收到审计机构对区块链网络中数据的审计请求后,在所述区块链网络中创建一个临时节点,按预设禁止规则禁止所述区块链网络中在预设时间段内产生预设类型消息,并在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点中。具体的,当审计机构需要审计区块链网络中某一条区块链数据时,申请由区块链网络创建一个临时节点。此时,区块链在一段时间内禁止产生预设类型消息,所述预设类型消息可以为交易信息、查询信息等,在一种可选的实施方式中,所述预设类型消息为所有类型的消息,即区块链在一段时间内禁止产生任何消息。After receiving an audit request from an auditing agency for data in a blockchain network, a temporary node is created in the blockchain network, and the generation of preset type messages in the blockchain network is prohibited within a preset time period according to preset prohibition rules, and the blockchain data to be audited in the blockchain network is synchronized to the temporary node within the preset time period. Specifically, when the auditing agency needs to audit a piece of blockchain data in the blockchain network, it applies to create a temporary node by the blockchain network. At this time, the blockchain is prohibited from generating preset type messages within a period of time. The preset type messages can be transaction information, query information, etc. In an optional implementation, the preset type messages are all types of messages, that is, the blockchain is prohibited from generating any messages within a period of time.
在预设禁止规则禁止所述区块链网络中在预设时间段内产生预设类型消息时,所述预设禁止规则包括但不限于以下几种禁止方式:1、阻塞所述区块链网络;2、控制所述区块链网络中密钥下发过程,从而控制各种需要利用密钥来完成的流程;3、控制所述区块链网络中的背书流程。禁止所述区块链网络中在预设时间段内产生预设类型消息的目的是明确同步数据的完成时间。在禁止区块链网络中产生任何消息的这段时间内,区块链将会把待审计的区块链数据或者整个区块链网络的数据同步到新创建的临时节点中。When the preset prohibition rules prohibit the generation of preset type messages in the blockchain network within the preset time period, the preset prohibition rules include but are not limited to the following prohibition methods: 1. Blocking the blockchain network; 2. Controlling the key issuance process in the blockchain network, thereby controlling various processes that need to be completed using keys; 3. Controlling the endorsement process in the blockchain network. The purpose of prohibiting the generation of preset type messages in the blockchain network within the preset time period is to clarify the completion time of synchronized data. During the period when any message is prohibited in the blockchain network, the blockchain will synchronize the blockchain data to be audited or the data of the entire blockchain network to the newly created temporary node.
在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点后,利用预先获取的所述审计机构的CA证书对所述临时节点中的区块链数据进行加密操作。并将加密后的所述区块链数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。在一种可选的实施方式中,由于区块链产生的每一个区块数据,都是进行了加密的,以保证在区块链外部无法读取区块链内部的数据,区块链内部会保存所有的加密密钥。因此,如果要做离线的审计,需要同时提交区块数据,以及密钥数据。本实施例中可通过预先得到的审计机构的CA证书(公钥)对所述临时节点中的区块链数据以及区块链密钥数据均进行加密,并将加密后的所述区块链数据及区块链密钥数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。例如,可采用预先设定好的加密算法进行加密操作,本实施例中加密算法采用的是非对称加密算法,非对称加密算法需要两个密钥:公开密钥(publickey)和私有密钥(privatekey)。公开密钥与私有密钥是一对,如果用公开密钥对数据进行加密,只有用对应的私有密钥才能解密;如果用私有密钥对数据进行加密,那么只有用对应的公开密钥才能解密。在利用预先得到的审计机构的CA证书(公钥)对区块数据和密钥数据进行加密后,只能用与该加密公钥对应的私钥进行解密,且只有该审计机构可以去从CA中心根据加密公钥即CA证书(公钥)申请到加密私钥进行解密。保证了区块链数据的安全。本实施例中的非对称加密算法包括RSA、Elgamal、背包算法、Rabin、D-H、ECC(椭圆曲线加密算法)等。After synchronizing the blockchain data to be audited in the blockchain network to the temporary node within the preset time period, the blockchain data in the temporary node is encrypted using the CA certificate of the auditing agency obtained in advance. And the encrypted blockchain data is sent to the auditing agency for the auditing agency to decrypt the blockchain data and then audit. In an optional implementation, since each block data generated by the blockchain is encrypted to ensure that the data inside the blockchain cannot be read outside the blockchain, all encryption keys will be saved inside the blockchain. Therefore, if an offline audit is to be performed, the block data and the key data need to be submitted at the same time. In this embodiment, the blockchain data and the blockchain key data in the temporary node can be encrypted by the CA certificate (public key) of the auditing agency obtained in advance, and the encrypted blockchain data and the blockchain key data are sent to the auditing agency for the auditing agency to decrypt the blockchain data and then audit. For example, a pre-set encryption algorithm can be used for encryption. In this embodiment, the encryption algorithm used is an asymmetric encryption algorithm, which requires two keys: a public key and a private key. The public key and the private key are a pair. If the data is encrypted with the public key, it can only be decrypted with the corresponding private key; if the data is encrypted with the private key, it can only be decrypted with the corresponding public key. After the block data and key data are encrypted using the CA certificate (public key) of the auditing agency obtained in advance, they can only be decrypted with the private key corresponding to the encrypted public key, and only the auditing agency can apply for the encrypted private key from the CA center based on the encrypted public key, that is, the CA certificate (public key). The security of blockchain data is guaranteed. The asymmetric encryption algorithms in this embodiment include RSA, Elgamal, backpack algorithm, Rabin, D-H, ECC (elliptic curve cryptography), etc.
将加密后的区块链数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。例如,加密后通过网络、拷贝等方式,将数据一并提交给审计机构。提交完成以后,通知区块链网络,区块链网络删除该临时节点,回收资源。审计机构得到加密后的密钥数据和区块数据后,在审计时,可通过自己从CA中心申请到的CA证书(私钥)对数据解密,得到待审计的区块链数据,以进行审计操作。The encrypted blockchain data is sent to the auditing agency, so that the auditing agency can decrypt the blockchain data and then conduct an audit. For example, after encryption, the data is submitted to the auditing agency through the network, copying, etc. After the submission is completed, the blockchain network is notified, and the blockchain network deletes the temporary node and recycles the resources. After the auditing agency obtains the encrypted key data and block data, during the audit, it can decrypt the data through the CA certificate (private key) applied for from the CA center, and obtain the blockchain data to be audited for auditing operations.
本实施例通过在区块链网络中创建一个临时节点,按预设禁止规则禁止所述区块链网络中在预设时间段内产生预设类型消息;在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点中;利用预先获取的所述审计机构的CA证书对所述临时节点中的区块链数据进行加密操作;将加密后的区块链数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。由于能通过创建临时节点来禁止区块链网络中在数据同步时产生新的消息,无需使审计机构参与到区块链网络中,降低了管理成本。而且,利用预先获取的所述审计机构的CA证书对待审计的区块链数据进行加密后再发送至审计机构,只有审计机构自身可以解密获取到待审计的区块链数据内容,没有数据泄漏的风险,保证了区块链数据安全。This embodiment creates a temporary node in the blockchain network, prohibits the generation of preset type messages in the blockchain network within a preset time period according to preset prohibition rules; synchronizes the blockchain data to be audited in the blockchain network to the temporary node within the preset time period; uses the pre-acquired CA certificate of the auditing agency to encrypt the blockchain data in the temporary node; and sends the encrypted blockchain data to the auditing agency for the auditing agency to decrypt the blockchain data and then audit. Since the generation of new messages in the blockchain network during data synchronization can be prohibited by creating a temporary node, there is no need for the auditing agency to participate in the blockchain network, which reduces management costs. Moreover, the blockchain data to be audited is encrypted using the pre-acquired CA certificate of the auditing agency and then sent to the auditing agency. Only the auditing agency itself can decrypt and obtain the content of the blockchain data to be audited, without the risk of data leakage, ensuring the security of blockchain data.
在一可选的实施例中,在上述图1的实施例的基础上,所述基于区块链的离线审计系统10被所述处理器12执行实现所述步骤S2之后,还实现如下步骤:In an optional embodiment, based on the embodiment of FIG. 1 above, after the blockchain-based offline audit system 10 is executed by the processor 12 to implement step S2, the following steps are further implemented:
解除禁止所述区块链网络中在预设时间段内产生预设类型消息,并按预设阻止规则阻止所述临时节点产生新的数据。The prohibition on generating messages of preset types in the blockchain network within a preset time period is lifted, and the temporary node is prevented from generating new data according to preset blocking rules.
本实施例中,在将所述区块链网络中待审计的区块链数据同步至所述临时节点之后,解除禁止所述区块链网络中在预设时间段内产生任何消息,使区块链可以继续工作,从而最大限度减小审计对区块链网络正常工作的影响。并且,同时按预设阻止规则阻止所述临时节点产生新的数据,以避免所述临时节点妨碍区块链网络的正常工作。所述预设阻止规则包括但不限于以下阻止方式:限制所述临时节点磁盘的写入操作权限,或者限制所述临时节点对所述区块链网络的访问权限等。In this embodiment, after the blockchain data to be audited in the blockchain network is synchronized to the temporary node, the prohibition on generating any message in the blockchain network within the preset time period is lifted, so that the blockchain can continue to work, thereby minimizing the impact of the audit on the normal operation of the blockchain network. In addition, the temporary node is prevented from generating new data according to the preset blocking rules to avoid the temporary node from interfering with the normal operation of the blockchain network. The preset blocking rules include but are not limited to the following blocking methods: restricting the write operation permission of the temporary node disk, or restricting the access rights of the temporary node to the blockchain network, etc.
如图2所示,图2为本发明基于区块链的离线审计方法一实施例的流程示意图,该基于区块链的离线审计方法包括以下步骤:As shown in FIG. 2 , FIG. 2 is a flow chart of an embodiment of an offline audit method based on blockchain of the present invention. The offline audit method based on blockchain includes the following steps:
步骤S10,在收到审计机构对区块链网络中数据的审计请求后,在所述区块链网络中创建一个临时节点,并按预设禁止规则禁止所述区块链网络中在预设时间段内产生预设类型消息;Step S10, after receiving an audit request from an auditing agency for data in a blockchain network, creating a temporary node in the blockchain network, and prohibiting the blockchain network from generating messages of a preset type within a preset time period according to preset prohibition rules;
步骤S20,在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点中;Step S20, synchronizing the blockchain data to be audited in the blockchain network to the temporary node within the preset time period;
步骤S30,利用预先获取的所述审计机构的CA证书对所述临时节点中的区块链数据进行加密操作;Step S30, using the pre-acquired CA certificate of the auditing agency to encrypt the blockchain data in the temporary node;
步骤S40,将加密后的区块链数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。Step S40, sending the encrypted blockchain data to the auditing agency, so that the auditing agency can decrypt the blockchain data and then conduct an audit.
本实施例中,基于区块链的离线审计系统接收审计机构发出的对区块链网络中数据的审计请求,例如,接收用户通过手机、平板电脑、自助终端设备等终端发送的审计请求,如接收审计机构用户在手机、平板电脑、自助终端设备等终端中预先安装的客户端上发送来的审计请求,或接收审计机构用户在手机、平板电脑、自助终端设备等终端中的浏览器系统上发送来的审计请求。In this embodiment, the blockchain-based offline audit system receives audit requests for data in the blockchain network issued by the audit agency, for example, receives audit requests sent by users through terminals such as mobile phones, tablet computers, and self-service terminal devices, such as receiving audit requests sent by users of the audit agency on clients pre-installed in terminals such as mobile phones, tablet computers, and self-service terminal devices, or receiving audit requests sent by users of the audit agency on browser systems in terminals such as mobile phones, tablet computers, and self-service terminal devices.
本实施例中提供一种基于PKI(Public Key Infrastructure)公钥基础设施加密体系的区块链离线审计功能。首先,请求对区块链网络进行审计的审计机构将自己的CA证书(公钥)发送至该区块链网络,或由区块链网络向审计机构索要该机构的CA证书(公钥),以备后续使用。其中,CA证书为审计机构从认证机构(CA)即数字证书的申请及签发机关处申请获取的,在PKI中,为了确保用户的身份及其所持有密钥的正确匹配,公开密钥系统需要一个值得信赖而且独立的第三方机构充当认证中心(Certification Authority,CA),来确认公钥拥有人的真正身份。这个数字证书包含了用户身份的部分信息及用户所持有的公钥。认证中心利用本身的私钥为数字证书加上数字签名。任何想发放自己公钥的用户,可以去认证中心申请自己的证书。认证中心在鉴定真实身份后,颁发包含用户公钥的数字证书。其他用户只要能验证证书是真实的,并且信任颁发证书的认证中心,就可以确认用户的公钥。In this embodiment, a blockchain offline audit function based on the PKI (Public Key Infrastructure) public key infrastructure encryption system is provided. First, the auditing agency requesting to audit the blockchain network sends its CA certificate (public key) to the blockchain network, or the blockchain network asks the auditing agency for the agency's CA certificate (public key) for subsequent use. Among them, the CA certificate is obtained by the auditing agency from the certification agency (CA), that is, the application and issuance authority of the digital certificate. In PKI, in order to ensure the correct match between the user's identity and the key held by the user, the public key system requires a trustworthy and independent third-party agency to act as a certification center (CA) to confirm the true identity of the public key owner. This digital certificate contains part of the user's identity information and the public key held by the user. The certification center uses its own private key to add a digital signature to the digital certificate. Any user who wants to issue his own public key can go to the certification center to apply for his own certificate. After identifying the true identity, the certification center issues a digital certificate containing the user's public key. As long as other users can verify that the certificate is authentic and trust the certification center that issues the certificate, they can confirm the user's public key.
所述区块链网络获取到审计机构的CA证书(公钥)后,需要通过证书链技术,对下发的证书进行认证,认证通过以后才接收。即在CA认证中心确认该CA证书确实为该审计机构对应的CA证书(公钥),则认证通过,将与所述审计机构对应的CA证书保存至所述区块链网络中,以备后续使用。After the blockchain network obtains the CA certificate (public key) of the auditing agency, it needs to authenticate the issued certificate through the certificate chain technology, and will only receive it after the authentication is passed. That is, if the CA authentication center confirms that the CA certificate is indeed the CA certificate (public key) corresponding to the auditing agency, the authentication is passed, and the CA certificate corresponding to the auditing agency is saved in the blockchain network for subsequent use.
在收到审计机构对区块链网络中数据的审计请求后,在所述区块链网络中创建一个临时节点,按预设禁止规则禁止所述区块链网络中在预设时间段内产生预设类型消息,并在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点中。具体的,当审计机构需要审计区块链网络中某一条区块链数据时,申请由区块链网络创建一个临时节点。此时,区块链在一段时间内禁止产生预设类型消息,所述预设类型消息可以为交易信息、查询信息等,在一种可选的实施方式中,所述预设类型消息为所有类型的消息,即区块链在一段时间内禁止产生任何消息。After receiving an audit request from an auditing agency for data in a blockchain network, a temporary node is created in the blockchain network, and the generation of preset type messages in the blockchain network is prohibited within a preset time period according to preset prohibition rules, and the blockchain data to be audited in the blockchain network is synchronized to the temporary node within the preset time period. Specifically, when the auditing agency needs to audit a piece of blockchain data in the blockchain network, it applies to create a temporary node by the blockchain network. At this time, the blockchain is prohibited from generating preset type messages within a period of time. The preset type messages can be transaction information, query information, etc. In an optional implementation, the preset type messages are all types of messages, that is, the blockchain is prohibited from generating any messages within a period of time.
在预设禁止规则禁止所述区块链网络中在预设时间段内产生预设类型消息时,所述预设禁止规则包括但不限于以下几种禁止方式:1、阻塞所述区块链网络;2、控制所述区块链网络中密钥下发过程,从而控制各种需要利用密钥来完成的流程;3、控制所述区块链网络中的背书流程。禁止所述区块链网络中在预设时间段内产生预设类型消息的目的是明确同步数据的完成时间。在禁止区块链网络中产生任何消息的这段时间内,区块链将会把待审计的区块链数据或者整个区块链网络的数据同步到新创建的临时节点中。When the preset prohibition rules prohibit the generation of preset type messages in the blockchain network within the preset time period, the preset prohibition rules include but are not limited to the following prohibition methods: 1. Blocking the blockchain network; 2. Controlling the key issuance process in the blockchain network, thereby controlling various processes that need to be completed using keys; 3. Controlling the endorsement process in the blockchain network. The purpose of prohibiting the generation of preset type messages in the blockchain network within the preset time period is to clarify the completion time of synchronized data. During the period when any message is prohibited in the blockchain network, the blockchain will synchronize the blockchain data to be audited or the data of the entire blockchain network to the newly created temporary node.
在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点后,利用预先获取的所述审计机构的CA证书对所述临时节点中的区块链数据进行加密操作。并将加密后的所述区块链数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。在一种可选的实施方式中,由于区块链产生的每一个区块数据,都是进行了加密的,以保证在区块链外部无法读取区块链内部的数据,区块链内部会保存所有的加密密钥。因此,如果要做离线的审计,需要同时提交区块数据,以及密钥数据。本实施例中可通过预先得到的审计机构的CA证书(公钥)对所述临时节点中的区块链数据以及区块链密钥数据均进行加密,并将加密后的所述区块链数据及区块链密钥数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。例如,可采用预先设定好的加密算法进行加密操作,本实施例中加密算法采用的是非对称加密算法,非对称加密算法需要两个密钥:公开密钥(publickey)和私有密钥(privatekey)。公开密钥与私有密钥是一对,如果用公开密钥对数据进行加密,只有用对应的私有密钥才能解密;如果用私有密钥对数据进行加密,那么只有用对应的公开密钥才能解密。在利用预先得到的审计机构的CA证书(公钥)对区块数据和密钥数据进行加密后,只能用与该加密公钥对应的私钥进行解密,且只有该审计机构可以去从CA中心根据加密公钥即CA证书(公钥)申请到加密私钥进行解密。保证了区块链数据的安全。本实施例中的非对称加密算法包括RSA、Elgamal、背包算法、Rabin、D-H、ECC(椭圆曲线加密算法)等。After synchronizing the blockchain data to be audited in the blockchain network to the temporary node within the preset time period, the blockchain data in the temporary node is encrypted using the CA certificate of the auditing agency obtained in advance. And the encrypted blockchain data is sent to the auditing agency for the auditing agency to decrypt the blockchain data and then audit. In an optional implementation, since each block data generated by the blockchain is encrypted to ensure that the data inside the blockchain cannot be read outside the blockchain, all encryption keys will be saved inside the blockchain. Therefore, if an offline audit is to be performed, the block data and the key data need to be submitted at the same time. In this embodiment, the blockchain data and the blockchain key data in the temporary node can be encrypted by the CA certificate (public key) of the auditing agency obtained in advance, and the encrypted blockchain data and the blockchain key data are sent to the auditing agency for the auditing agency to decrypt the blockchain data and then audit. For example, a pre-set encryption algorithm can be used for encryption. In this embodiment, the encryption algorithm used is an asymmetric encryption algorithm, which requires two keys: a public key and a private key. The public key and the private key are a pair. If the data is encrypted with the public key, it can only be decrypted with the corresponding private key; if the data is encrypted with the private key, it can only be decrypted with the corresponding public key. After the block data and key data are encrypted using the CA certificate (public key) of the auditing agency obtained in advance, they can only be decrypted with the private key corresponding to the encrypted public key, and only the auditing agency can apply for the encrypted private key from the CA center based on the encrypted public key, that is, the CA certificate (public key). The security of blockchain data is guaranteed. The asymmetric encryption algorithms in this embodiment include RSA, Elgamal, backpack algorithm, Rabin, D-H, ECC (elliptic curve cryptography), etc.
将加密后的区块链数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。例如,加密后通过网络、拷贝等方式,将数据一并提交给审计机构。提交完成以后,通知区块链网络,区块链网络删除该临时节点,回收资源。审计机构得到加密后的密钥数据和区块数据后,在审计时,可通过自己从CA中心申请到的CA证书(私钥)对数据解密,得到待审计的区块链数据,以进行审计操作。The encrypted blockchain data is sent to the auditing agency, so that the auditing agency can decrypt the blockchain data and then conduct an audit. For example, after encryption, the data is submitted to the auditing agency through the network, copying, etc. After the submission is completed, the blockchain network is notified, and the blockchain network deletes the temporary node and recycles the resources. After the auditing agency obtains the encrypted key data and block data, during the audit, it can decrypt the data through the CA certificate (private key) applied for from the CA center to obtain the blockchain data to be audited for auditing operations.
本实施例通过在区块链网络中创建一个临时节点,按预设禁止规则禁止所述区块链网络中在预设时间段内产生预设类型消息;在所述预设时间段内将所述区块链网络中待审计的区块链数据同步至所述临时节点中;利用预先获取的所述审计机构的CA证书对所述临时节点中的区块链数据进行加密操作;将加密后的区块链数据发送至所述审计机构,以供所述审计机构解密出所述区块链数据后进行审计。由于能通过创建临时节点来禁止区块链网络中在数据同步时产生新的消息,无需使审计机构参与到区块链网络中,降低了管理成本。而且,利用预先获取的所述审计机构的CA证书对待审计的区块链数据进行加密后再发送至审计机构,只有审计机构自身可以解密获取到待审计的区块链数据内容,没有数据泄漏的风险,保证了区块链数据安全。This embodiment creates a temporary node in the blockchain network, prohibits the generation of preset type messages in the blockchain network within a preset time period according to preset prohibition rules; synchronizes the blockchain data to be audited in the blockchain network to the temporary node within the preset time period; uses the pre-acquired CA certificate of the auditing agency to encrypt the blockchain data in the temporary node; and sends the encrypted blockchain data to the auditing agency for the auditing agency to decrypt the blockchain data and then audit. Since the generation of new messages in the blockchain network during data synchronization can be prohibited by creating a temporary node, there is no need for the auditing agency to participate in the blockchain network, which reduces management costs. Moreover, the blockchain data to be audited is encrypted using the pre-acquired CA certificate of the auditing agency and then sent to the auditing agency. Only the auditing agency itself can decrypt and obtain the content of the blockchain data to be audited, without the risk of data leakage, ensuring the security of blockchain data.
在一可选的实施例中,在上述实施例的基础上,在所述步骤S20之后,该方法还包括如下步骤:In an optional embodiment, based on the above embodiment, after step S20, the method further includes the following steps:
解除禁止所述区块链网络中在预设时间段内产生预设类型消息,并按预设阻止规则阻止所述临时节点产生新的数据。The prohibition on generating messages of preset types in the blockchain network within a preset time period is lifted, and the temporary node is prevented from generating new data according to preset blocking rules.
本实施例中,在将所述区块链网络中待审计的区块链数据同步至所述临时节点之后,解除禁止所述区块链网络中在预设时间段内产生任何消息,使区块链可以继续工作,从而最大限度减小审计对区块链网络正常工作的影响。并且,同时按预设阻止规则阻止所述临时节点产生新的数据,以避免所述临时节点妨碍区块链网络的正常工作。所述预设阻止规则包括但不限于以下阻止方式:限制所述临时节点磁盘的写入操作权限,或者限制所述临时节点对所述区块链网络的访问权限等。In this embodiment, after the blockchain data to be audited in the blockchain network is synchronized to the temporary node, the prohibition on generating any message in the blockchain network within the preset time period is lifted, so that the blockchain can continue to work, thereby minimizing the impact of the audit on the normal operation of the blockchain network. In addition, the temporary node is prevented from generating new data according to the preset blocking rules to avoid the temporary node from interfering with the normal operation of the blockchain network. The preset blocking rules include but are not limited to the following blocking methods: restricting the write operation permission of the temporary node disk, or restricting the access rights of the temporary node to the blockchain network, etc.
此外,本发明还提供一种计算机可读存储介质,所述计算机可读存储介质存储有基于区块链的离线审计系统,所述基于区块链的离线审计系统可被至少一个处理器执行,以使所述至少一个处理器执行如上述实施例中的基于区块链的离线审计方法的步骤,该基于区块链的离线审计方法的步骤S10、S20、S30等具体实施过程如上文所述,在此不再赘述。In addition, the present invention also provides a computer-readable storage medium, which stores a blockchain-based offline audit system. The blockchain-based offline audit system can be executed by at least one processor so that the at least one processor performs the steps of the blockchain-based offline audit method in the above embodiment. The specific implementation process of steps S10, S20, S30, etc. of the blockchain-based offline audit method is as described above and will not be repeated here.
需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。It should be noted that, in this article, the terms "include", "comprises" or any other variations thereof are intended to cover non-exclusive inclusion, so that a process, method, article or device including a series of elements includes not only those elements, but also other elements not explicitly listed, or also includes elements inherent to such process, method, article or device. In the absence of further restrictions, an element defined by the sentence "comprises a ..." does not exclude the existence of other identical elements in the process, method, article or device including the element.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件来实现,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,空调器,或者网络设备等)执行本发明各个实施例所述的方法。Through the description of the above implementation methods, those skilled in the art can clearly understand that the above-mentioned embodiment methods can be implemented by means of software plus a necessary general hardware platform, and of course can also be implemented by hardware, but in many cases the former is a better implementation method. Based on such an understanding, the technical solution of the present invention, or the part that contributes to the prior art, can be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, a magnetic disk, or an optical disk), and includes a number of instructions for enabling a terminal device (which can be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to execute the methods described in each embodiment of the present invention.
以上参照附图说明了本发明的优选实施例,并非因此局限本发明的权利范围。上述本发明实施例序号仅仅为了描述,不代表实施例的优劣。另外,虽然在流程图中示出了逻辑顺序,但是在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤。The preferred embodiments of the present invention are described above with reference to the accompanying drawings, but the scope of the present invention is not limited thereto. The serial numbers of the embodiments of the present invention are only for description and do not represent the advantages and disadvantages of the embodiments. In addition, although the logical order is shown in the flow chart, in some cases, the steps shown or described may be performed in a different order than that shown here.
本领域技术人员不脱离本发明的范围和实质,可以有多种变型方案实现本发明,比如作为一个实施例的特征可用于另一实施例而得到又一实施例。凡在运用本发明的技术构思之内所作的任何修改、等同替换和改进,均应在本发明的权利范围之内。Those skilled in the art may implement the present invention in a variety of variations without departing from the scope and essence of the present invention, such as using a feature of one embodiment to obtain another embodiment. Any modification, equivalent substitution and improvement made within the technical concept of the present invention shall be within the scope of the present invention.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910042024.6ACN109815747B (en) | 2019-01-17 | 2019-01-17 | Offline audit method, electronic device and readable storage medium based on blockchain |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910042024.6ACN109815747B (en) | 2019-01-17 | 2019-01-17 | Offline audit method, electronic device and readable storage medium based on blockchain |
| Publication Number | Publication Date |
|---|---|
| CN109815747A CN109815747A (en) | 2019-05-28 |
| CN109815747Btrue CN109815747B (en) | 2024-09-06 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910042024.6AActiveCN109815747B (en) | 2019-01-17 | 2019-01-17 | Offline audit method, electronic device and readable storage medium based on blockchain |
| Country | Link |
|---|---|
| CN (1) | CN109815747B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110458558A (en)* | 2019-07-04 | 2019-11-15 | 重庆金融资产交易所有限责任公司 | Data encryption method, device and computer equipment based on block chain |
| CN111275406B (en)* | 2020-02-13 | 2023-07-28 | 布比(北京)网络技术有限公司 | Blockchain transaction contract auditing method, device, computer equipment and storage medium |
| CN111431880B (en)* | 2020-03-18 | 2022-03-25 | 联想(北京)有限公司 | Information processing method and device |
| CN113506090B (en)* | 2021-07-13 | 2024-01-23 | 远光软件股份有限公司 | Audit data processing method and device, storage medium and electronic equipment |
| CN114301715A (en)* | 2022-01-29 | 2022-04-08 | 杭州趣链科技有限公司 | Consortium chain data security audit method, device, computer equipment and storage medium |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109064324A (en)* | 2018-06-15 | 2018-12-21 | 重庆金融资产交易所有限责任公司 | Method of commerce, electronic device and readable storage medium storing program for executing based on alliance's chain |
| CN109166040A (en)* | 2018-08-23 | 2019-01-08 | 北京京东金融科技控股有限公司 | Transaction auditing method, device, equipment and storage medium based on block chain |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11488147B2 (en)* | 2015-07-14 | 2022-11-01 | Fmr Llc | Computationally efficient transfer processing and auditing apparatuses, methods and systems |
| JP6358658B2 (en)* | 2015-11-09 | 2018-07-18 | 日本電信電話株式会社 | Block chain generation device, block chain generation method, block chain verification device, block chain verification method and program |
| US10204341B2 (en)* | 2016-05-24 | 2019-02-12 | Mastercard International Incorporated | Method and system for an efficient consensus mechanism for permissioned blockchains using bloom filters and audit guarantees |
| US10262140B2 (en)* | 2016-09-29 | 2019-04-16 | Intel Corporation | Methods and apparatus to facilitate blockchain-based boot tracking |
| CN108737348A (en)* | 2017-04-21 | 2018-11-02 | 中国科学院信息工程研究所 | A kind of internet of things equipment access control method of the intelligent contract based on block chain |
| CN108171489A (en)* | 2017-12-18 | 2018-06-15 | 深圳前海微众银行股份有限公司 | Data liquidation method, system and computer readable storage medium |
| CN108737396A (en)* | 2018-05-08 | 2018-11-02 | 深圳源广安智能科技有限公司 | A kind of system for realizing that clinical data is shared, saved from damage by block chain |
| CN108600272B (en)* | 2018-05-10 | 2020-08-04 | 阿里巴巴集团控股有限公司 | Block chain data processing method, device, processing equipment and system |
| CN108833514A (en)* | 2018-06-01 | 2018-11-16 | 众安信息技术服务有限公司 | Audit log processing method, device and Log Audit System based on block chain |
| CN109033855B (en)* | 2018-07-18 | 2020-02-11 | 腾讯科技(深圳)有限公司 | Data transmission method and device based on block chain and storage medium |
| CN109189859B (en)* | 2018-09-20 | 2020-10-16 | 百度在线网络技术(北京)有限公司 | Node initialization method and device in block chain network |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109064324A (en)* | 2018-06-15 | 2018-12-21 | 重庆金融资产交易所有限责任公司 | Method of commerce, electronic device and readable storage medium storing program for executing based on alliance's chain |
| CN109166040A (en)* | 2018-08-23 | 2019-01-08 | 北京京东金融科技控股有限公司 | Transaction auditing method, device, equipment and storage medium based on block chain |
| Publication number | Publication date |
|---|---|
| CN109815747A (en) | 2019-05-28 |
| Publication | Publication Date | Title |
|---|---|---|
| CN109815747B (en) | Offline audit method, electronic device and readable storage medium based on blockchain | |
| US10116645B1 (en) | Controlling use of encryption keys | |
| US7568114B1 (en) | Secure transaction processor | |
| CN108737106B (en) | User authentication method and device on block chain system, terminal equipment and storage medium | |
| JP2023502346A (en) | Quantum secure networking | |
| CN101212293B (en) | A method and system for identity authentication | |
| US20140096213A1 (en) | Method and system for distributed credential usage for android based and other restricted environment devices | |
| CN111680324A (en) | Certificate verification method, management method and issuing method for block chain | |
| WO2019127278A1 (en) | Safe access blockchain method, apparatus, system, storage medium, and electronic device | |
| WO2018112946A1 (en) | Registration and authorization method, device and system | |
| US10003467B1 (en) | Controlling digital certificate use | |
| CN109639427A (en) | A kind of method and apparatus that data are sent | |
| WO2020042822A1 (en) | Cryptographic operation method, method for creating work key, and cryptographic service platform and device | |
| JP2016158270A (en) | Validation of inclusion of platform within data center | |
| US11082236B2 (en) | Method for providing secure digital signatures | |
| WO2020042798A1 (en) | Cryptographic operation and working key creation method and cryptographic service platform and device | |
| JP2011082662A (en) | Communication device, and method and program for processing information | |
| CN115037480B (en) | Device authentication and verification method, device, equipment and storage medium | |
| CN106452764A (en) | Method for automatically updating identification private key and password system | |
| WO2020173019A1 (en) | Access certificate verification method and device, computer equipment and storage medium | |
| US20240193255A1 (en) | Systems and methods of protecting secrets in use with containerized applications | |
| US20240348592A1 (en) | Apparatus and method for managing credentials | |
| CN115801232A (en) | Private key protection method, device, equipment and storage medium | |
| CN111600903A (en) | Communication method, system, equipment and readable storage medium | |
| CN113901424A (en) | Method and device for selective disclosure of digital identity attributes |
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right | Effective date of registration:20240918 Address after:Room E162, Room 301 to 353, No.1 Kehua Street, Tianhe District, Guangzhou City, Guangdong Province, 510640 (Office only) Patentee after:Guangzhou binju Technology Co.,Ltd. Country or region after:China Address before:400010 38 / F, 39 / F, unit 1, 99 Wuyi Road, Yuzhong District, Chongqing Patentee before:CHONGQING FINANCIAL ASSETS EXCHANGE Co.,Ltd. Country or region before:China | |
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right | Effective date of registration:20250605 Address after:230000 Anhui Province, Hefei City, Shushan District, Zhongqiao Center, Building 1, Room 2202 at the intersection of Qianshan Road and Xiuning Road Patentee after:Anhui Newfox Technology Co.,Ltd. Country or region after:China Address before:Room E162, Room 301 to 353, No.1 Kehua Street, Tianhe District, Guangzhou City, Guangdong Province, 510640 (Office only) Patentee before:Guangzhou binju Technology Co.,Ltd. Country or region before:China |