Specific embodiment
With reference to the accompanying drawings of the specification, the scheme of the embodiment of the present application is described in detail.
In being described below, for illustration and not for limitation, propose such as specific system structure, interface, technology itThe detail of class, so as to provide a thorough understanding of the present application.
The terms " system " and " network " are often used interchangeably herein.The terms "and/or", onlyIt is a kind of incidence relation for describing affiliated partner, indicates may exist three kinds of relationships, for example, A and/or B, can indicates: individuallyThere are A, exist simultaneously A and B, these three situations of individualism B.In addition, character "/" herein, typicallys represent forward-backward correlation pairAs if a kind of relationship of "or".
Block chain technology is the novel distributed data organizer of one kind risen with the digital encryptions such as bit coin currencyMethod and operation mode.Its biggest characteristic is that: decentralization, this enables data to realize distributed collective's maintenance, be greatly improvedData operation, management, maintenance efficiency;It is based on a set of common recognition mechanism between common recognition node, safeguards entire area jointly by competing to calculateBlock chain, any node failure, remaining node remain to work normally.The block chain for carrying asymmetric encryption techniques simultaneously has Gao AnQuan Xing, trackability can effectively prevent leaking data or illegally distort.The application proposition is deposited using block chain technology and distributionThe storage of file to be stored is realized in the combination of storage technology, and file to be stored can be all types of files of ordinary user's upload(such as video file, audio file, text file) is also possible to the financial associated documents of financial institution's upload (such as text of auditingPart, accounting file etc.), it is also possible to the various information text that all kinds of unit mechanisms are issued by own LAN to external wide area networkPart (such as passing through the web page files of its website orientation, the pushing files issued by its public platform) etc..
Block chain network in present specification storage system for ease of understanding, the block chain technology that first the application is usedIt is illustrated.In a concrete application, electronic equipment run the block chain technology with become the block chain network node,The block platform chain architecture is as shown in Figure 1, include represent layer, application layer, service layer and the block chain core of block chainSupporting module.
Wherein, represent layer is for system function to be shown, and then realizes user's interaction, and each document body can pass throughSystem client logs in the interface access application layer that corresponding represent layer is shown and to obtain information resources, including register interface, behaviourMake execution interface, query interface, application management interface, administrator interfaces etc..Application layer is for showing the specific of block chain networkFunction is the important link of file storage, can be divided into user management, permission control, directory management etc. by the difference of function.ClothesBusiness layer is used to that application related functions effectively to be integrated and be managed by distributed server, such as user's registration, userIdentity Management, encryption and decryption service, distributed account book service, intelligent bond service, data management service etc..
Block chain core support module includes data Layer, network layer, common recognition layer and contract layer.Wherein, data Layer is for sealingFill bottom data block and the technologies such as relevant data encryption and timestamp.Also, (such as using irreversible encryption algorithmSHA256 algorithm) file data calculate at least once (as twice), generate unique block chain ID, i.e. Hash (Hash)Value.Specifically, which can be the privately owned chain of block, and to guarantee that the block chain is not full disclosure, the member only registered is savedPoint just may have access to.
Network layer encapsulates P2P networking mode, message propagation protocol and data authentication mechanism of block chain network system etc.Element is made each node status equity and is interconnected with flat topological structure and mutually, possesses distribution, autonomy, openingIt the characteristics such as can free in and out.Each node can participate in verification and the accounting procedure of block data in block chain network, only whenAfter block data passes through the whole network major part node verification, block chain can be just charged to.This decentralization design of block chain guarantees textNumber of packages evidence can not be distorted, can not be forged.
Common recognition layer, encapsulates the method that common recognition is rapidly completed in the topological network of decision-making power high degree of dispersion, to participate in areaThe common recognition mechanism of block chain network.
Contract layer is packaged with the contract code of data storage scheme and access strategy, automatic to execute when the condition in contract code is triggeredRespective transaction, while can provide that corresponding access conditions accesses to corresponding data by treaty content.
Block chain network is collected with a kind of mode of decentralization, be packaged and safeguard protection file to be stored, and toThe relevant information of storage file is anchored on block chain.Specifically, block chain network can use block alliance chain or block chainThe network of privately owned chain is realized.The node of block chain network constantly converts the responsibility undertaken in network system, neverOnly one node control whole network system, i.e., will not only one accounting nodes keep accounts.Each node isA part in network system.The node timing of the block chain such as role of transformation in each minute, can permanently control without nodeAny a part of network system.
In one embodiment, the block encapsulation of the data Layer of block chain core support module can be as shown in Figure 2.The block chainBlock include block head 21 (Header) and block body 22 (Body).The block body 22 is stored at least one pair of execution businessRelevant data carry out the cryptographic Hash that setting Hash operation obtains.The block head 21 can be packaged with current version number 211, previousBlock address 212, the target cryptographic Hash 213 of current block, the solution random number of current block PoW (proof of work) common recognition process214, the information such as Merkle root 215 (Merkle-root) and timestamp 216.Wherein, current version number 211, for indicatingThe relevant release note of software and agreement;The previous block address 212, alternatively referred to as previous block cryptographic Hash, just by the valueEach block can be joined end to end and constitute block chain;The solution random number 214 is that record decrypts answering for the block correlation mathematical problemThe value of case;The Merkle root 215 is calculated by data cryptographic Hash all in block body 22, for examining related data to beIt is no to be present in the block;The timestamp 216 is used to record the time of the block 20 generation.It is understood that the blockStructure can be adjusted according to the difference of the block chain technology of use, such as common recognition process does not use Pow common recognition mechanism, then does not depositIn above-mentioned solution random number.
In a concrete application, which can be made of block layered (Block).Root is meshIt records block (Directory Block).These blocks constitute a miniature chain, store compressed reference on chain(reference).In order to avoid data scale is excessive, the reference in catalogue block (Directory Block) is recording areasThe cryptographic Hash of block (Entry Block).
Catalogue block corresponds to the first layer of this system, is the area for recording the record block integrality (hash value) and provingBlock.Catalogue block be all record blocks as defined in Servers-all be grouped together construction and generate.Therefore, eachServer is owned by all record blocks, all catalogue blocks and all records (Entry).
The second layering for recording block (Entry Block) this corresponding system, is record Entry integrality (hash value)The block of proof.It may require that record block in the application for finding record, it can be from a digital fingerprint search to all possible phasesThe records such as storage, processing, the shared, access of the data of pass.Record block includes the cryptographic Hash of electronical record.Electronical recordCryptographic Hash demonstrates the presence of data simultaneously and finds the key of record in distributed hash table (DHT) network.
Record block (Entry Block) contains whole Entry related with a chain ID.If some Entry isIf being associated with some record block (Entry Block), then it is considered that this Entry and being not present.Such designIt can allow application program easily falsfication, easily identify which Entry is true and reliable.
Referring to Fig. 3, Fig. 3 is the structural schematic diagram of document storage system one embodiment of the application based on block chain.Such asShown in Fig. 3, the document storage system 30 of the present embodiment includes the block chain network 31 that can be in communication with each other and file storage network 32;It wherein, include file management nodes 311, accounting nodes 312 and user node 313 in block chain network 31.
In the present embodiment, file management nodes 311 are the device end corresponding to file to be stored, file management nodes311 have to block chain network 31 and upload file to be stored, are edited to file to be stored, the operating rights such as additions and deletions, wait depositStorage file is submitted from file management nodes 311 to block chain network 31, with the document storage system 30 based on the present embodimentCarry out file storage.Accounting nodes 312 can carry out the book keeping operation of block chain network 31, and each accounting nodes 312 are to remember with competitionThe node of account ability, by file management nodes 311 in block chain network 31 interactive operation and relevant information keep accountsOperation.Further, also reusable is the accounting nodes 312 in block chain network 31 to the file management nodes 311 of the present embodiment, is heldThe relevant book keeping operation operation of row.User node 313 is ordinary user's node 313, and user node 313 can pass through file management nodesIt obtains to be submitted by file management nodes 311 by block chain network 31 after 311 certification and be stored in file storage network 32File to be stored.
In the present embodiment, file management nodes 311 are carried out according to different concrete application scenes according to practical applicationSetting.For example, file management nodes 311 are enterprise's section that economic activity occurs under the application scenarios of audit document storagePoint, correspondingly, file to be stored is enterprise in needs such as financial report, the financial statements for occurring to generate therewith when economic activityAudited to audit document;In the application scenarios, file management nodes 311 can also be auditing bodies node, accordingly toStorage file is the audit text such as audit commenting report, auditor's comments, audit working paper for passing through audit operation and generatingPart.If in the application scenarios of Homepage Publishing, it usually needs storage backup is carried out to the web page files of publication, at this point, file pipeReason node 311 is to correspond to the management of webpage system for having the permissions such as web page editing, update and confirmation publication, accordingly wait storeFile is the web page files issued.It is understood that above two application scenarios are only that the file based on the present embodiment is depositedThe concrete application of method for storing is illustrated, and corresponding file management nodes can be arranged according to actual application demand in practical applications311, it is not limited solely to above two application scenarios.
It further, further include user management node 314 in the block chain network 31 of the present embodiment, for file management sectionPoint 311, user node 313 and accounting nodes 312 carry out identity registration, manage file management nodes 311,313 and of user nodeThe various businesses functions such as identity information, the data sharing strategy of accounting nodes 312.In the present embodiment, user management node 314 canIt is set as corresponding certificate authority (Certificate Authority), file management nodes 311,313 and of user nodeAccounting nodes 312 initiate registration request when block chain network 31 is added, to certificate authority, and certificate authority is based on noteVolume, which requests to provide to corresponding node, can show that the digital certificate of the node identity information, wherein data certificate may include toThe public key and private key of node distribution.After the node of application for registration gets the public key and private key of distribution, private key is stored in certainlyBody is local, by public key broadcasts to block chain network 31.
Above-mentioned file management nodes 311, user node 313, accounting nodes 312 and user management node 314 specifically can be withFor any electronic equipment, such as server, mobile phone, computer, tablet computer etc., in an embodiment, which is areaBlock chain server, user management node 314 are the application server with traffic handing capacity, and can be used as based on block link networkThe deposit system of network 31.It is understood that above-mentioned file management nodes 311, user node 313, accounting nodes 312 and userIt can be in communication with each other between management node 314, file management nodes 311, user node 313 and user management section in the present embodimentPoint 314 is used as block chain node, for example, the light weight accounting nodes 312 of block chain.In addition, the differentiation of above-mentioned node is basisDetermined by the identity informations of the Node registers, thus the corresponding main body of above-mentioned node require it is complete on block platform chain in advanceAt registration, (in an application, which is the privately owned chain of block or block alliance chain, and story first completes body on block platform chainPart registration), and corresponding public key and private key are obtained, after determining that its identity is credible, allow to carry out the following phase for being related to file and storingPass business.
Fig. 3 is further regarded to, the file storage network 32 of the present embodiment includes storage management node 321 and several storagesNode 322.Storage management node 321 is used to carry out the interaction of information and data with block chain network 31, in addition, storage management sectionPoint 321 can execute preset file storage operations to file to be stored, to complete the storage of file to be stored.File stores networkEach memory node 322 in 32 is used equally for storage file to be stored.In the present embodiment, storage management node 321 and storage322 reusable of node, user can be selected in several memory nodes 322 according to actual needs a memory node 322 asStorage management node 321;For example, selecting the communication efficiency highest with file management nodes 311 from several memory nodes 322One memory node 322 of (for example, with the communication path of file management nodes 311 is most short, traffic rate is most high) is as depositingStore up management node 321.
Further, block chain network 31 can be disposed in the local area network where enterprise units in the present embodiment, correspondingly, literaryPart management node 311, user node 313, accounting nodes 312 and user management node 314 are in the local area network of enterprise unitsElectronic equipment.For example, block chain network 31 can be disposed in the local area network of certain enterprise units, correspondingly, file management nodes311 can be the corresponding node of important department (such as financial accounting department, Homepage Publishing department) of the enterprise units, user node 313It can be the node of other departments of enterprises.In addition, file storage network 32 can be disposed in identical local area network, this eight-legged essayPart storage system 30 is using the enterprise as the internal file storage system 30 of core, correspondingly, the file of storage is not easy to be looked forward toPortion's other users out of trade obtain, in addition, having high requirement to equipment such as the servers of enterprise.In other embodiments, literaryPart storage network 32 also can be disposed in wide area network;At this point, can be arranged between block chain network 31 and file storage network 32Isolating device, to improve the safety of block chain network 31.
Referring to Fig. 4, Fig. 4 is the flow diagram of file memory method first embodiment of the application based on block chain.The file memory method of the present embodiment can be applied to document storage system shown in Fig. 3, as shown in figure 4, the file of the present embodimentStorage method may include following steps:
In step s 11, the file management nodes of block chain network are sent to the storage management node of file storage networkFile to be stored.
File management nodes are the device end corresponding to file to be stored, and user is being obtained by file management nodesAfter file to be stored, file to be stored is sent to the storage management node of the storage network of the file except block chain network.WithAfterwards, storage management node can carry out associated storage operation to file to be stored and store net storing file to be stored to fileIn network.
Wherein, for example interspace file system (InterPlanetary of distributed file system can be used in storage management nodeFile System, IPFS) distributed storage mode, file to be stored is stored respectively in not in the form of multiple data blocksSame memory node.Specifically, file to be stored is divided into multiple data blocks by storage management node, the multiple data being divided intoBlock is stored respectively in multiple memory nodes into file storage network;File to be stored is generated according to multiple data blocks of divisionStorage index in file storage network, and the storage of generation index is sent back into file management nodes.In the present embodiment, oftenA memory node, which can choose, stores its interested file content, such as: user can be specified in advance by storage management nodeThe file content or memory node of specific memory node storage specific structure or unstructured data can be according to files to be storedFile content sensitivity carry out selective storage.
The storage generated in the present embodiment by storage management node, which is indexed, constitutes each of file to be stored for being directed towardMemory node of the data block in file storage network is which storage is knowable each data block be stored in based on storage indexIn node, and then obtain required data block respectively from multiple memory nodes.
The storage index of the present embodiment is that storage management node is generated based on the content of each data block marked off.ToolBody, storage management node is carried out Hash calculation to each data block respectively, is obtained based on the content for marking off multiple data blocksData block cryptographic Hash corresponding to each data block.Further, each data block when storage management node is according to division data blockStripe sequence by obtained data block cryptographic Hash form a cryptographic Hash array (each data block cryptographic Hash in cryptographic Hash arrayCorrespond respectively to the data block marked off, data block cryptographic Hash puts in order the group for being each data block in file to be storedAt sequence).Further, storage management node carries out Hash calculation to the cryptographic Hash array and obtains final hash value, final HashValue can be understood to correspond to the file cryptographic Hash of file to be stored.Storage management node can be based on cryptographic Hash array as a result,Storage index is generated with the file cryptographic Hash of file to be stored.
Wherein, storage management node, can be based on each data block when executing above-mentioned storage operation to file to be storedData block cryptographic Hash deletes the identical data block of content in multiple data blocks, so that the identical data block of content will not be repeated and depositStorage, but store in index and still remain with corresponding data block cryptographic Hash;It can reduce the storage pressure of file storage network as a result,Power, and guaranteed complete file content can be obtained when obtaining file to be stored.
Storage management node can be drawn when carrying out data block division to file to be stored by certain data block capacityPoint, for example, settable maximum capacity 256KB, i.e., press its content order for file to be stored, every 256KB divides a dataBlock, until file to be stored is divided completely, therefore the size of the last one data block may small 256KB.
Since each data block cryptographic Hash is that the content based on respective data blocks obtains, and file cryptographic Hash is inherentlyIt is also based on what the content of file to be stored obtained;Therefore the storage index obtained based on data block cryptographic Hash and file cryptographic HashIt is the index that data block addressing is carried out based on file content.It, can be based on storage index when user needs to obtain file to be storedIn file cryptographic Hash and data block cryptographic Hash get corresponding data block, and then obtain file to be stored.
The storage operation that above-mentioned storage management node executes combines the storage mode of IPFS, by file to be stored with multiple numbersDifferent memory nodes are stored respectively according to the form of block.But it is understood that in other embodiments, storage management nodeOther distributed document storage modes can be used to realize to the storage to file to be stored.
Document storage system shown in Fig. 3 is further regarded to, in one embodiment, file management nodes may include fileSubmit node and file distribution node.Wherein, file submit node correspond to file to be stored main equipment, for obtain orFile to be stored is formed, and sends file to be stored to file distribution node;File distribution node can be regarded as respective file and mentionThe equipment for handing over node to be confirmed stores network for receiving the file to be stored for submitting node from file, and with fileStorage management node carries out information data interaction, and file to be stored is stored in the storage of the file except block chain network to realizeIn network.In the present embodiment, file is submitted can carry out two-way body between node and file sending node by block chain networkPart certification.As shown in figure 5, step S11 may include following steps:
In step S111, the file of block chain network submits node to carry out that corresponding number is calculated to file to be storedWord fingerprint;Digital finger-print is stored in block chain network, and sends file to be stored to file distribution node.
In the present embodiment, file submits node when sending file to be stored to file distribution node, to file to be storedHash calculation is carried out, obtains the digital finger-print corresponding to file to be stored, and utilize its own private key encryption digital finger-print.IntoOne step, file submit node that encrypted digital finger-print is uploaded to block chain network;Other sections in block chain network as a result,Point can get the digital finger-print that the private key encryption of node is submitted by file, and then submit the identity of node to carry out fileCertification, while the authenticity of file to be stored can also be authenticated.
In step S112, file distribution node obtains digital finger-print, judges that file submission node is using digital finger-printIt is no to pass through authentication.
In the present embodiment, file distribution node is arranged to the function section for submitting the identity of node to be authenticated filePoint, to ensure that file submits the identity reality of node and the accuracy of file to be stored.Specifically, file distribution node is from areaThe public key that digital finger-print and file after file submits the private key encryption of node submit node, judgement are obtained in block chain networkSubmit whether the public key of node can decrypt encrypted digital finger-print using file, if so, determination refers to for encrypting numberThe private key of line and the public key of decryption digital finger-print correspond to the node of common identity, that is, can determine that file submits node to pass through identityCertification.
Further, file distribution node can confirm the digital finger-print after decryption, whether to judge file to be storedIt is modified in transmission process.Specifically, file submit node can to it is received from file submit node wait storeFile carries out Hash calculation and obtains a cryptographic Hash, and the cryptographic Hash being calculated is compared with the digital finger-print that decryption obtains,Judge whether the two is identical, if so, determining that file to be stored is not modified, otherwise, it is determined that file to be stored is modified.ThisIn embodiment, if file distribution node determines that file submits node by authentication, and file to be stored is not modified, then afterIt is continuous to execute step 113;Otherwise, terminate process, while its judging result feedback back into file is submitted node by file distribution node.
In step S113, file distribution node to file storage network storage management node transmit and receive wait depositStore up file.
Further, file to be stored can be sent to the storage management node of file storage network by file distribution node,So that storage management node executes the storage recorded in above-mentioned steps S11 to file to be stored and operates.
In step s 12, file management nodes receive the storage index from storage management node, by storage index storageIn block chain network.
The file management nodes of block chain network, i.e., will storage after receiving the storage index of storage management node transmissionIndex is stored in block chain network, that is, completes the Stored Procedure to file to be stored.Further, based on shown in above-mentioned Fig. 5Step S111 to step S113 step process, the received file to be stored of storage management node is from file distribution node, i.e., the information exchange node between block chain network and file storage network is the file distribution node and text of block chain networkThe storage management node of part storage network;The corresponding storage index that storage management node generates as a result, is also to be sent to filePublisher node, in other words, storage index are received and stored by file distribution node into block chain network.
The side that the file memory method of the present embodiment stores the file to be stored generated in block chain network in a distributed mannerFormula is stored in the storage network of the file except block chain network, and then reaches the amount of storage reduced in block chain network, mitigates areaThe purpose of the operation burden of block chain network, that is, ensure that the speed of service and stability of block chain network.
Further, referring to Fig. 6, Fig. 6 is the process of file memory method second embodiment of the application based on block chainSchematic diagram.The file memory method of the present embodiment is similarly applied to document storage system shown in Fig. 3, and the present embodiment is to be based onFig. 4 is extended to file memory method first embodiment shown in fig. 5, as shown in fig. 6, the file storage side of the present embodimentIt may also include the steps of: after method step S12 shown in Fig. 4
In step s 13, when file management nodes receive file access pattern corresponding with file to be stored instruction, based on textPart restores instruction and sends storage index to the storage management node of file storage network.
In the present embodiment, when needing to obtain the file to be stored having been stored in file storage network, that is, it can triggerCorresponding file access pattern instruction.File management nodes get file access pattern instruction after, can response file restore instruction and fromStorage index corresponding with file to be stored is obtained in block chain network, and then storage index is sent to file storage networkStorage management node.
Storage management node receive storage index after, can response file acquisition instruction, according to storage index in wrapThe data block cryptographic Hash contained obtains corresponding data block from corresponding memory node, and the data block got sends back into fileManagement node.
The present embodiment file management nodes include that file submits node and file distribution node, receive file access pattern as a result,The specific node of instruction can be different under different application scenarios, and file access pattern instruction can submit node to receive by file, thenIt is sent to file distribution node, is sent from file distribution node and is instructed based on file access pattern to the storage management of file storage networkNode sends storage index;In addition, file distribution node directly can also be sent to for file access pattern instruction, by file distribution nodeIt sends and instructs the storage management node to file storage network to send storage index based on file access pattern.
In step S14, file management nodes receive multiple data blocks from storage management node, utilize multiple dataBlock recombinates to obtain file to be stored.
It, can be according to each data block after file management nodes receive multiple data blocks of storage management node transmissionThe sequence of cryptographic Hash recombinates multiple data blocks, and then restores file to be stored.In the present embodiment, receives and come from storage tubeThe multiple data blocks for managing node are file distribution node;Received by file distribution node from the multiple of storage management nodeData block recombinates to obtain file to be stored using multiple data blocks.
In other embodiments, since file to be stored is to carry out distributed storage with multiple data blocks after dividing's;Therefore, the partial content in file to be stored can also be only obtained when obtaining file to be stored.Specifically, user can pass throughThe data block cryptographic Hash for wanting the partial content obtained retrieves this partial content, and storage management node can be only as a result,It obtains and sends the data block for corresponding to this partial content that user specifies to file distribution node, as a result, file distribution nodeWhat is obtained after recombinating to the data block of this partial content is the partial content for the file to be stored that user specifies.
The present embodiment combination block chain technology and for example interspace file system of distributed file system, by file to be stored withThe formal distribution formula of multiple data blocks is stored in file storage network, while storage index being stored in block chain network.So that could be obtained by block chain network after user need to carry out the operations such as authentication, transaction common recognition by block chain networkStorage index is mentioned with obtaining all or part of the content of file to be stored from file storage network based on block chain technologyThe high storage security of file to be stored.
Further, referring to Fig. 7, Fig. 7 is the process of file memory method 3rd embodiment of the application based on block chainSchematic diagram.The file memory method of the present embodiment is similarly applied to document storage system shown in Fig. 3, and the present embodiment is to be based onFig. 4 is extended to file memory method first embodiment shown in fig. 5, as shown in fig. 7, the file storage side of the present embodimentIt may also include the steps of: after method step S12 shown in Fig. 4
In step S15, when file management nodes determine that file to be stored is updated, updated text to be stored is obtainedPart sends updated file to be stored to storage management node.
The present embodiment completes above-mentioned Fig. 4 to file memory method first embodiment shown in fig. 5, completes file to be storedStorage after, user can still modify to file to be stored by file management nodes, the updates such as editor operation again, in turnForm updated file to be stored.
The file management nodes of the present embodiment may include that above-mentioned file submits node and file distribution node, i.e. user is logicalCrossing file submits node to form updated file to be stored, and updated file to be stored is sent to file distribution node.Further, updated file to be stored is sent to the storage management node of file storage network by file distribution node, so thatStorage management node is based on updated file to be stored and executes storage operation, completes file Stored Procedure.
In the present embodiment, storage management node receives updated file to be stored, the file to be stored after may be updatedIt is stored, and updates corresponding storage index.Specifically, storage management node is by same data block division mode to updateFile to be stored afterwards carries out data block division, and calculates the data block cryptographic Hash of each data block, thus can pass through dataBetween block cryptographic Hash comparison (comparison between data block cryptographic Hash being calculated including this and this be calculatedThe comparison of the data block cryptographic Hash recorded in data block cryptographic Hash and storage index) it is parsed from updated file to be storedDuplicate contents in the file content of update relative to original file to be stored, and the file content of update, Jin ErkeContent identical with original file to be stored in updated file to be stored is deleted, and by updated wait depositThe duplicate contents for storing up the update part of file are deleted, and are stored to partial content remaining after deletion, and are based on thisPartial content is calculated corresponding data block cryptographic Hash and is updated to storage index, obtains updated storage index.
In step s 16, file management nodes receive the updated storage index from storage management node, will updateStorage index afterwards is stored in block chain network.
File management nodes can receive the updated storage index sent by storage management node, and then will correspond toThe updated storage index of updated file to be stored is stored in block chain network.It is received in the present embodiment updatedThe node of storage index is file distribution node.
The file memory method of the present embodiment is operated based on above-mentioned storage, can only internally after file to be stored is updatedHold different parts to be stored, and the data block cryptographic Hash being calculated based on this partial content updates storage index;WithoutThe part of identical content can be carried out repeating storage, improve file memory rate, while also can reduce file storage networkStore pressure.
It is understood that file memory method second embodiment shown in fig. 6 is to obtain stored file to be storedEmbodiment of the method, file memory method 3rd embodiment shown in Fig. 7 is the embodiment of the method to the file to be stored of update.In other words, Fig. 6 and file memory method second embodiment shown in Fig. 7 and 3rd embodiment are based on different file demandsThe different embodiments proposed in the case where (obtain file to be stored or update file to be stored), do not conflict between the two,An execution can be selected according to actual needs.
Further, referring to Fig. 8, Fig. 8 is the structure of webpage tamper resistant systems one embodiment of the application based on block chainSchematic diagram.The webpage tamper resistant systems 40 of the present embodiment are as shown in 8 figures comprising the block chain network 41 and text that can be in communication with each otherPart stores network 42.Wherein, the block chain network 41 of the present embodiment and file storage network 42 can respectively with file shown in Fig. 3Block chain network 31 and file the storage network 32 of storage system are identical.
In conjunction with webpage related system equipment it is found that file management nodes 411 are to correspond to the enterprise for carrying out web page files publicationThe webpage content management system 411 of industry unit, and file management nodes 411 include that file submits node 411a and file distribution sectionPoint 411b.It is the webpage content management control clothes corresponded in webpage content management system 411 that file, which submits node 411a, as a result,Be engaged in device 411a, and file distribution node 411b is the Homepage Publishing server 411b corresponded in webpage content management system 411.
In addition, the webpage tamper resistant systems 40 of the present embodiment further include monitoring node 43, wherein monitoring node 43 corresponds toThe server in station 43 for carrying out Homepage Publishing, specifically, configuring corresponding monitoring modular in server in station 43.Station servicesThe web page files that device 43 is used to issue it are monitored.In one embodiment, server in station 43 may also include webpageSynchronous service module, attack protection module and web monitor module;Wherein, synchronizing web pages service module is for receiving management of webpage clothesThe legal web page files that business device is sent, update the web page contents on server in station 43;Attack protection module is mainly to webpageAccess is protected;Web monitor module is used to configure the website of server where all web page monitoreds, and to choosingThe program directory selected in the website after website is configured.
Based on above-mentioned webpage tamper resistant systems 40, when carrying out web page files publication, user passes through in block chain network 41Webpage content management control server 411a formed the page web page files;Further, webpage content management control serviceThe web page files of the page are sent to Homepage Publishing server 411b by device 411a.Homepage Publishing server 411b receives webpageAfter file, the correlation step of the publication process of corresponding web page files is on the one hand executed based on web page files;On the other hand it executesThe correlation step of the Stored Procedure of the original document of web page files stores its original text while issuing to web page filesPart.
After completing the publication of web page files and the storage of its original document, the server in station 43 configured with monitoring modular isIt can be monitored to whether the web page files of publication are tampered.When monitoring node 43 monitors that web page files are tampered, to netPage publisher server 411b sends corresponding file access pattern instruction, to report that web page files are tampered.Homepage Publishing serverAfter 411b receives file access pattern instruction, corresponding file acquisition instruction is sent to storage management node, so that storage management sectionPoint obtains the multiple data blocks for corresponding to original document from file storage network 42.Homepage Publishing server 411b is i.e. acceptableMultiple data blocks corresponding to original document from storage management node are recombinated, and then obtain corresponding web page filesOriginal document;It, can be based on the original document again after Homepage Publishing server 411b restores the original document of web page filesCarry out the publication of web page files.
Further, the block chain network 41 of the present embodiment is arranged in local area network, and file storage network 42 is arranged in wide areaIn net, wherein settable isolating device 47 between block chain network 41 and file storage network 42.In addition, the net of the present embodimentIn page tamper resistant systems, interchanger 45 and firewall 46 are additionally provided between block chain network 41 and file storage network 42;ExtensivelyThe user of domain net can access to web page files by the user terminal 49 in wide area network, user terminal 49 and server in station 43 itBetween be also equipped with firewall 46.
The present embodiment organically combines web page distribution system and document storage system shown in Fig. 3, to the net of publicationThe original document of page file is stored, and realizes the carrying out safety backup of original document.Monitoring node 43 is disposed in conjunction with block chain technology,Enable monitoring node 43 that the realization of block chain technology is combined to carry out distorting monitoring to announced web page files, based on block chain technologyThe characteristics of can not distorting, improves monitoring precision and real-time that whether webpage is tampered.
Referring to Fig. 9, Fig. 9 is the flow diagram of web page files storage method embodiment of the application based on block chain.The web page files storage method of the present embodiment is applied to webpage tamper resistant systems shown in Fig. 8, as shown in figure 9, the present embodimentWeb page files storage method may include following steps:
In the step s 21, the file of block chain network submits node to send the web page files to be formed to file distribution node,And the original document mark of web page files is calculated in the content based on web page files, and original document mark is stored in block chainNetwork.
It is webpage content management control server that the file of block chain network, which submits node, and file distribution node is netPage publisher server.User executed by the webpage content management control server in block chain network the editor of webpage, audit,It the work such as signs and issues, forms the web page files of the page.In Homepage Publishing process, webpage content management control server is not bornIt blames the web page files formed to issue outward, therefore, webpage content management control server is sent to Homepage Publishing serverThe web page files of formation.
Further, the content of the webpage content management control server also web page files based on formation calculates in the present embodimentFile identification of the web page files when not issuing is obtained, this document is enabled to be identified as original document mark, original document mark is depositedIt is stored in block chain network.Specifically, the content based on the web page files that do not issue, which carries out Hash calculation, obtains the number of web page filesWord fingerprint identifies the digital finger-print as the original document for corresponding to web page files, digital finger-print is stored in block link networkNetwork.
In step S22, file distribution node receives the web page files that node is submitted from file, the webpage that will do not issuedFile sends original document as its original document, to the storage management node of file storage network.
After Homepage Publishing server receives web page files, corresponding publication catalogue on the one hand is generated based on web page files,And web page files and publication catalogue are sent to server in station, so that server in station can complete net based on the web page filesThe external publication work of page file.On the other hand, Homepage Publishing server is using the web page files that do not issue as its original document,The original document is sent to the storage management node of file storage network.
In one embodiment, Homepage Publishing server is sending web page files to server in station and storage management nodeIt before, can also be based on block chain network to the identity of both sides between webpage content management control server and Homepage Publishing serverAuthenticated, when both sides determine other side by authentication after, Homepage Publishing server just execute to server in station withThe process of storage management node transmission web page files.
Further, storage management node can hold original document after the original document based on the web page files receivedThe corresponding storage operation of row.The storage operation that storage management node executes in the present embodiment can be deposited with file shown in fig. 4 to fig. 6The storage operation recorded in method for storing is identical, and details are not described herein again.
In step S23, file distribution node receives the storage index from storage management node, by storage index storageIn block chain network.
Storage index is stored in by Homepage Publishing server after receiving the storage index of storage management node transmissionIn block chain network, that is, complete the Stored Procedure to the original document of web page files.
The web page files storage method embodiment of the present embodiment is by above-mentioned Fig. 4 to file memory method first shown in Fig. 7Webpage tamper resistant systems of the embodiment to 3rd embodiment as shown in connection with fig. 8, realize and combine while carrying out Homepage PublishingBlock chain technology and distributed storage technology enable the safety in the form of multiple data blocks of the original document of web page files higherStorage backup.
Further, referring to Fig. 10, Figure 10 is the stream of webpage integrity assurance one embodiment of the application based on block chainJourney schematic diagram.The webpage integrity assurance of the present embodiment can be applied to webpage tamper resistant systems shown in Fig. 8, specifically, this realityIt is executed after the web page files storage method embodiment that the webpage integrity assurance for applying example can be shown in Fig. 9, for publicationWeb page files carry out anti-tamper monitoring and recovery.As shown in Figure 10, the webpage integrity assurance of the present embodiment may include walking as followsIt is rapid:
In step S31, when the web page files that the file management nodes of block chain network determine that it is issued are tampered, toThe storage management node that file stores network sends the file acquisition instruction for corresponding to the original document of web page files.
After the storage of the publication and its original document of completing web page files, the server in station configured with monitoring modular is madeFor the monitoring node of web page files, it is monitored to whether the web page files of publication are tampered.When monitoring node monitors webpageWhen file is tampered, corresponding file access pattern instruction is sent to Homepage Publishing server, to report that web page files are tampered.WebpagePublisher server receives the web page files that file access pattern instruction can determine that it is issued and is tampered.
Further, Homepage Publishing server sends corresponding file acquisition instruction to storage management node, so that storage tubeIt manages node and obtains the multiple data blocks for corresponding to original document from file storage network.Specifically, Homepage Publishing server is rungIt answers file access pattern to instruct, obtains corresponding storage index from block chain network based on the file identification information of web page files.It depositsStorage index has been directed toward the multiple data blocks for constituting original document.Homepage Publishing server can store network to file as a result,Storage management node sends corresponding storage index and file acquisition instruction.In one embodiment, storage index and file obtainInstruction fetch can be packaged into a packet and be sent, and also can be used as individual information command and sent.
It will be appreciated that respective site information is carried when web page files are issued by a certain server in station,Even if the content of web page files is tampered, but its site information be it is relatively fixed constant, therefore, in the present embodiment by webpage textThe site information of part can be determined specifically as file identification information with enabling Homepage Publishing server be based on file identification informationIt is which web page files is tampered, and then obtains the storage index of the original document of the web page files.
Storage management node can corresponding document acquisition instruction, according to storage index from multiple depositing in file storage networkThe multiple data blocks for obtaining at node and corresponding to original document are stored up, and send the multiple data obtained to Homepage Publishing serverBlock.
Server in station specifically includes following content to whether web page files are tampered to be monitored in the present embodiment:
Server in station is in real time or periodic obtain (can pass through crawler by the file content of the web page files of its publicationThe web page contents acquiring technology such as technology, the present embodiment are not particularly limited), the net after publication is calculated based on this document contentThe file publishing of page file identifies, and obtains from block chain network and correspond to original text of the identical web page files before publicationPart mark;Further, file publishing mark and original document mark are compared, judge whether the two is consistent.If the two oneIt causes, then can determine that web page files are not tampered with, server in station then continues to be monitored web page files;If the two is inconsistent,It then can determine that the web page files of publication may be tampered, server in station sends file access pattern to Homepage Publishing server and refers toIt enables.
In one embodiment, Homepage Publishing server can also be to after receiving the instruction of the file access pattern from server in stationServer in station sends corresponding prompt information, and then server in station is enabled to show that the prompt is believed on the page of web page filesBreath, so that prompt accesses the user of the web page files before completing web page files and restoring.In addition, Homepage Publishing server can alsoThe access path of web page files is blocked, so that preventing visit of the user to web page files before completing web page files and restoringIt asks.
In step s 32, file management nodes receive multiple data blocks from storage management node, and utilize multiple numbersIt recombinates to obtain original document according to block.
Homepage Publishing server can receive multiple data blocks from storage management node, and then using multiple data blocksThe original document for being recombinated and being backed up.It will be appreciated that the content of the original document restored at this time with issue beforeThe content of web page files is identical.In the present embodiment, recombination form and figure of the Homepage Publishing server to original document in step S32The file management nodes of step S14 shown in 6 are identical to the recombination form of file to be stored, and for details, reference can be made to saying for step S14Bright, details are not described herein again.
In step S33, file management nodes are based on original document and carry out Homepage Publishing again.
Homepage Publishing server restore web page files original document after, can based on the original document after recovery again intoRow Homepage Publishing can reach the purpose of instauration net page file since the file content for carrying out Homepage Publishing twice is identical.
The present embodiment organically combines block chain technology, distributed storage technology and Homepage Publishing technology, in turnRealization monitors web page files in real time, and whether its content of accurate judgement is tampered, and quickly carries out the purpose of webpage recovery;It enablesThe process of Homepage Publishing has mark that can follow, and improves the safety of Homepage Publishing, and it is accurate to promote the monitoring whether web page files are tamperedProperty, and then enhance the working performance of entire Homepage Publishing and tamper resistant systems.
Further, Figure 11 is please referred to, Figure 11 is the structural schematic diagram of one embodiment of the application electronic equipment.Such as Figure 11 instituteShow, the electronic equipment 110 of the present embodiment can submit node 311a/411a, file distribution for Fig. 3 or file shown in fig. 8Node 311b/411b, user node 313 or accounting nodes 312, and or monitoring node shown in fig. 8 43.Electronic equipment 110It can be specially to submit node 311a/411a, file distribution node 311b/411b, user node 313, accounting nodes 312 with fileOr the terminals such as the corresponding computer of monitoring node 43, mobile phone, tablet computer, server.The electronic equipment 110 of the present embodiment is fileWhen submitting node 311a/411a, file distribution node 311b/411b, user node 313 or accounting nodes 312, wherein being deployed withBlock platform chain architecture as shown in Figure 1 can be added in block chain network as the node in block chain network.
Further, the electronic equipment 110 of the present embodiment may include the processor 1101 by being located inside electronic equipment 110With memory 1102, processor 1101 is connected with memory 1102 by bus.The memory 1102 is stored with processor 1101Executable computer instruction, processor 1101 execute the computer instruction to realize above-mentioned Fig. 4 to shown in Fig. 7 based on blockAny one or more embodiments in the file memory method first embodiment and 3rd embodiment of chain and shown in Fig. 9Web page files storage method embodiment based on block chain, and or the webpage integrity assurance reality shown in Fig. 10 based on block chainApply example.
Further, Figure 12 is please referred to, Figure 12 is the structural schematic diagram of one embodiment of the application storage medium.Such as Figure 12 instituteShow, the computer instruction 1201 that can be performed is stored in the storage medium 120 in the present embodiment, the computer instruction 1201It is performed and can be realized above-mentioned Fig. 4 to the file memory method first embodiment and third implementation shown in Fig. 7 based on block chainAny one or more embodiments and the web page files storage method embodiment shown in Fig. 9 based on block chain in example, againOr the webpage integrity assurance embodiment shown in Fig. 10 based on block chain.
In the present embodiment, which can be the memory module of intelligent terminal, flash memory device (such as movementHard disk, USB flash disk etc.), network cloud disk, application memory platform or server etc. have the medium of store function.In addition, the storage medium120 can also be the storage device or accounting nodes 312, text of 313 counterpart terminal of above-mentioned Fig. 3 or user node shown in fig. 8The corresponding server of part management node 311/411;Fig. 3 or file shown in fig. 8 storage network 32 in any one depositStore up node;It again or is memory 1102 shown in Figure 11.
Above scheme can realize it is following the utility model has the advantages that
(1) it establishes complete web page operation authentication, page monitoring, real-time recovery, block the whole processes such as early warning integratedSafe web page protection system enhances safety from webpage source of generation.
(2) each block chain node is owned by the Hash backup of the original web page of identical web page files, even if individual sectionsData corruption event occurs for point, will not influence whole system webpage and restore and update.
(3) webpage it is any it is small distort the great variety that can all lead to its corresponding cryptographic Hash, and by block chain peer-to-peer networkNetwork real-time monitoring comes out, automatic execute issues blocking and alarm, and then guarantee that the web page contents issued every time are genuine and believable.
(4) cryptographic Hash of each of webpage more new version can be stored and be associated with corresponding web page management operator, intoOne step operates web page editing and carries out security protection.
(5) original web page of web page files, which is once generated and issued, deposits card in it on block chain, then can not distort and is eachHolding the operations such as update, additions and deletions, publication all can have mark that can follow.
(6) extensive using the realization second grade of intelligent contract, automatic webpage in real time when detecting that webpage is doubtful and being maliciously tamperedIt is multiple.
(7) digital finger-print of the original web page of card web page files is deposited using block chain, and utilizes IPFS distributed textPart system stores web page contents;Both the high-grade demand of safe web page protection had been met, it is ensured that webpage can not be distorted, another fixedDegree reduces storage resource and broadband consumes, and whole system safety, performance, response speed etc. is finally made to reach satisfactoryLevel.
In above description, for illustration and not for limitation, propose such as specific system structure, interface, technology itThe detail of class, so as to provide a thorough understanding of the present application.However, it will be clear to one skilled in the art that there is no these specificThe application also may be implemented in the other embodiment of details.In other situations, omit to well-known device, circuit withAnd the detailed description of method, so as not to obscure the description of the present application with unnecessary details.