本發明有關於電腦技術領域,特別有關於一種運用區塊鏈技術之節點系統及其運行方法。The present invention relates to the field of computer technology, and in particular, to a node system using block chain technology and an operation method thereof.
有關區塊鏈技術節錄於https://www.mile.cloud/zh- hant/what-is-blockchain/之文章,區塊鏈技術可以說是互聯網時代以來,最具顛覆性的創新技術,依靠複雜的密碼學來加密資料,再透過巧妙的數學分散式演算法,讓互聯網最讓人擔憂的安全信任問題,可以在不需要第三方介入的前提下讓使用者達成共識,以非常低的成本解決了網路上信任與資料價值的難題。An article about blockchain technology is extracted from https://www.mile.cloud/zh- hant / what-is-blockchain /. Blockchain technology can be said to be the most disruptive innovation technology since the Internet era. Encrypt data with complex cryptography, and then use clever mathematical decentralized algorithms to make the Internet's most worrying security and trust problem. It can allow users to reach consensus without the need for third party intervention, at a very low cost. Solve the problems of trust and data value on the Internet.
區塊鏈有幾個最重要的特色,首先就是它的核心宗旨──去中心化,為了強調區塊鏈的共享性,讓使用者可以不依靠額外的管理機構和硬體設施、讓它不需要中心機制,因此每一個區塊鏈上的資料都分別儲存在不同的雲端上,核算和儲存都是分散式的,每個節點都需要自我驗證、傳遞和管理,這個去中心化是區塊鏈最突出也是最核心的本質特色。Blockchain has several most important features. The first is its core purpose-decentralization. In order to emphasize the shared nature of the blockchain, users can rely on additional management institutions and hardware facilities, so that it does not A central mechanism is required, so the data on each blockchain is stored on different clouds, accounting and storage are decentralized, and each node needs to self-verify, transfer, and manage. This decentralization is a block The most prominent and core essence of the chain.
區塊鏈的另一大特色是其「不可竄改性」,區塊鏈中的每一筆資料一旦寫入就不可以再改動,只要資料被驗證完就永久的寫入該區塊中,其中的技術是透過Hashcash演算法,透過一對一的函數來確保資料不會輕易被竄改,這種函數很容易可以被驗證但卻非常難以破解,無法輕易回推出原本的數值,資料也就不能被竄改,每個區塊得出的值也會被放進下一個區塊中,讓區塊鏈之間的資料也都被正確的保障。Another major feature of the blockchain is its "immutable modification". Once each piece of data in the blockchain is written, it cannot be changed. Once the data is verified, it is permanently written into the block. The technology is to use Hashcash algorithm to ensure that the data will not be easily tampered through a one-to-one function. This function can be easily verified but it is very difficult to crack. The original value cannot be easily returned and the data cannot be tampered with. , The value obtained from each block will also be put into the next block, so that the data between the blockchains are also properly protected.
由於區塊鏈技術的龐大運算結構,其可以處理的資料量並不大,再者區塊鏈之結構是固定的,因此在創建時就會有既定的規則來規範使用者以使用區塊鏈之資源,而使用者必須要配合既定的規則,因此例如使用者需修改資料量的大小或者特定的編碼方式,而使資料量的大小符合既定的規則才能在區塊鏈進行運算、驗證及儲存,因此使用者需要對軟體進行修改,並且使用者使用區塊鏈之資源受到限制。Due to the huge computing structure of blockchain technology, the amount of data that it can process is not large. Moreover, the structure of the blockchain is fixed, so when it is created, there will be established rules to regulate users to use the blockchain. Resources, and the user must cooperate with the established rules, so for example, the user needs to modify the size of the data amount or a specific encoding method so that the size of the data amount conforms to the established rules in order to perform calculation, verification and storage on the blockchain. , So users need to modify the software, and users have limited resources to use the blockchain.
區塊鏈中之所謂「節點」採用的硬體為個人電腦,其執行的效能偏低,且各節點中對於網路資源要求並無法太大,所以各節點間連線情況並不佳。The hardware used by the so-called "nodes" in the blockchain is a personal computer, and its performance is low, and the network resource requirements of each node cannot be too large, so the connection between the nodes is not good.
有鑑於上述問題,本發明之目的在於提供一種運用區塊鏈技術之節點系統及其運行方法,其在區塊鏈的節點中之底層採用伺服器之群組,因此可提供大的網路資源要求以提升各節點間連線情況,為伺服器架構之區塊鏈有較強能力處理龐大運算結構而提供使用者較大量的處理資料量,且伺服器中的虛擬機器可提供使用者使用,而對使用者之資料格式、資料量及軟體具有彈性的運用,大大地減少其使用區塊鏈的限制,而可有效的使用區塊鏈的分散、運算、驗證及儲存的功能及特性。In view of the above problems, an object of the present invention is to provide a node system using a blockchain technology and a method for operating the node system. A server group is used at the bottom of the nodes of the blockchain, so it can provide large network resources. Requested to improve the connection between nodes, the server-structured blockchain has a strong ability to handle huge computing structures and provides users with a large amount of processing data, and virtual machines in the server can be used by users. The flexible use of the user's data format, data volume, and software greatly reduces its restrictions on using the blockchain, and can effectively use the blockchain's decentralized, computing, verification, and storage functions and characteristics.
本發明之第一態樣係提供一種運用區塊鏈技術之節點系統,其包括: 一動態網址介面,接收與該節點系統相連結的其他節點系統所發送之一待處理資料; 一第一交換器,接收與複製該動態網址介面傳送之該待處理資料; 一第一鏡像伺服器,接收該第一交換器傳送之已複製之該待處理資料,將該待處理資料分割成為複數個第一分割資料,對該等第一分割資料進行分析以得到一第一分析結果,根據該第一分析結果判斷該待處理資料是否為合法資料,加密及儲存該待處理資料、該等第一分割資料及該第一分析結果; 一代理伺服器,接收該第一交換器傳送之已複製之該待處理資料,將該待處理資料傳送至指定之伺服器; 一第二交換器,接收與複製該代理伺服器傳送之已指定之該待處理資料; 一第二鏡像伺服器,接收該第二交換器傳送之已複製已指定之該待處理資料,將已指定之該待處理資料分割成為複數個第二分割資料,對該等第二分割資料進行分析以得到一第二分析結果,根據該第二分析結果判斷已指定之該待處理資料是否為合法資料,加密及儲存已指定之該待處理資料、該等第二分割資料及該第二分析結果; 一雲端伺服器,接收該第二交換器傳送之已複製已指定之該待處理資料,並將已指定之該待處理資料進行資料處理以產生一已處理資料; 一第三交換器,接收與複製該雲端伺服器傳送之該已處理資料; 一線上資料儲存空間,接收與儲存該第三交換器傳送之已複製之該已處理資料; 一第三鏡像伺服器,接收該第三交換器傳送之已複製之該已處理資料,將該已處理資料分割成為複數個第三分割資料,對該等第三分割資料進行分析以得到一第三分析結果,根據該第三分析結果判斷該已處理資料是否為合法資料,加密及儲存該已處理資料、該等第三分割資料及該第三分析結果; 一第四交換器,接收與複製該第一鏡像伺服器傳送之經加密之該待處理資料、該等第一分割資料及該第一分析結果、該第二鏡像伺服器傳送之經加密之已指定之該待處理資料、該等第二分割資料及該第二分析結果、及該第三鏡像伺服器傳送之經加密之該已處理資料、該等第三分割資料及該第三分析結果; 一處理資料儲存空間,接收與儲存該第四交換器傳送之已複製之經加密之該待處理資料、該等第一分割資料、該第一分析結果、已指定之該待處理資料、該等第二分割資料、該第二分析結果、該已處理資料、該等第三分割資料及該第三分析結果;以及 一靜態網址介面,接收該第四交換器傳送之已複製之經加密之該已處理資料,並將經加密之該已處理資料發送至與該節點系統相連結的其他節點系統。A first aspect of the present invention provides a node system using blockchain technology, which includes: a dynamic website interface that receives a piece of data to be processed sent by other node systems connected to the node system; a first exchange Receiving and copying the to-be-processed data transmitted by the dynamic web address interface; a first mirror server receiving the copied to-be-processed data transmitted by the first switch, and dividing the to-be-processed data into a plurality of first Segment the data, analyze the first segmented data to obtain a first analysis result, determine whether the data to be processed is legitimate data based on the first analysis result, encrypt and store the data to be processed, the first segmented data And the first analysis result; a proxy server receives the copied to-be-processed data transmitted by the first switch, and sends the to-be-processed data to a designated server; a second switch receives and copies the The designated pending data sent by the proxy server; a second mirror server receiving the copied and designated data sent by the second switch To-be-processed data, the designated to-be-processed data is divided into a plurality of second divided data, the second divided data is analyzed to obtain a second analysis result, and the designated designated to-be-processed is determined based on the second analysis result. Whether the processed data is legal data, encrypt and store the designated to-be-processed data, the second segmented data, and the second analysis result; a cloud server that receives the copied and designated data sent by the second exchange Pending data and data processing of the designated pending data to generate a processed data; a third exchanger to receive and copy the processed data transmitted by the cloud server; an online data storage space to receive And the copied processed data transmitted by the third switch is stored; a third mirror server receives the copied processed data sent by the third switch, and divides the processed data into a plurality of first Three-segment data, analyze the third-segment data to obtain a third analysis result, and judge the processed according to the third analysis result Whether the data is legal data, encrypt and store the processed data, the third segmented data, and the third analysis result; a fourth switch receives and copies the encrypted to-be-processed data transmitted by the first mirror server The data, the first segmented data and the first analysis result, the encrypted designated pending data transmitted by the second mirror server, the second segmented data and the second analysis result, and the first The encrypted processed data, the third segmented data, and the third analysis result transmitted by the three mirror servers; a processing data storage space, receiving and storing the copied encrypted data transmitted by the fourth switch Pending data, the first segmented data, the first analysis result, the designated pending data, the second segmented data, the second analysis result, the processed data, the third segmented data, and The third analysis result; and a static web interface, receiving the encrypted encrypted processed data transmitted by the fourth switch, and sending the encrypted processed data to Other nodes in the system coupled to the node system.
本發明之第二態樣係提供一種運用區塊鏈技術之節點系統之運行方法,其包括下列步驟: 由一動態網址介面接收與該節點系統相連結的其他節點系統所發送之一待處理資料; 由一第一交換器接收與複製該動態網址介面傳送之該待處理資料; 由一第一鏡像伺服器接收該第一交換器傳送之已複製之該待處理資料,將該待處理資料分割成為複數個第一分割資料,對該等第一分割資料進行分析以得到一第一分析結果,根據該第一分析結果判斷該待處理資料是否為合法資料,加密及儲存該待處理資料、該等第一分割資料及該第一分析結果; 由一代理伺服器接收該第一交換器傳送之已複製之該待處理資料,將該待處理資料傳送至指定之伺服器; 由一第二交換器接收與複製該代理伺服器傳送之已指定之該待處理資料; 由一第二鏡像伺服器接收該第二交換器傳送之已複製已指定之該待處理資料,將已指定之該待處理資料分割成為複數個第二分割資料,對該等第二分割資料進行分析以得到一第二分析結果,根據該第二分析結果判斷已指定之該待處理資料是否為合法資料,加密及儲存已指定之該待處理資料、該等第二分割資料及該第二分析結果; 由一雲端伺服器接收該第二交換器傳送之已複製已指定之該待處理資料,並將已指定之該待處理資料進行資料處理以產生一已處理資料; 由一第三交換器接收與複製該雲端伺服器傳送之該已處理資料; 由一線上資料儲存空間接收與儲存該第三交換器傳送之已複製之該已處理資料; 由一第三鏡像伺服器接收該第三交換器傳送之已複製之該已處理資料,將該已處理資料分割成為複數個第三分割資料,對該等第三分割資料進行分析以得到一第三分析結果,根據該第三分析結果判斷該已處理資料是否為合法資料,加密及儲存該已處理資料、該等第三分割資料及該第三分析結果; 由一第四交換器接收與複製該第一鏡像伺服器傳送之經加密之該待處理資料、該等第一分割資料及該第一分析結果、該第二鏡像伺服器傳送之經加密之已指定之該待處理資料、該等第二分割資料及該第二分析結果、及該第三鏡像伺服器傳送之經加密之該已處理資料、該等第三分割資料及該第三分析結果; 由一處理資料儲存空間接收與儲存該第四交換器傳送之已複製之經加密之該待處理資料、該等第一分割資料、該第一分析結果、已指定之該待處理資料、該等第二分割資料、該第二分析結果、該已處理資料、該等第三分割資料及該第三分析結果;以及 由一靜態網址介面接收該第四交換器傳送之已複製之經加密之該已處理資料,並將經加密之該已處理資料發送至與該節點系統相連結的其他節點系統。A second aspect of the present invention provides a method for operating a node system using blockchain technology, which includes the following steps: A dynamic website interface receives a pending data sent by other node systems connected to the node system. Receiving and copying the to-be-processed data transmitted by the dynamic URL interface by a first switch; receiving a copied to-be-processed data transmitted by the first switch by a first mirror server, and dividing the to-be-processed data Become a plurality of first segmented data, analyze the first segmented data to obtain a first analysis result, and determine whether the to-be-processed data is legitimate data according to the first analysis result, encrypt and store the to-be-processed data, the Wait for the first segmented data and the first analysis result; receive, by a proxy server, the copied to-be-processed data transmitted by the first switch, and send the to-be-processed data to a designated server; by a second exchange The server receives and copies the designated to-be-processed data transmitted by the proxy server; and a second mirror server receives the second switch transmission Copy the designated to-be-processed data, divide the designated to-be-processed data into a plurality of second divided data, analyze the second divided data to obtain a second analysis result, and according to the second analysis The result determines whether the designated to-be-processed data is legitimate data, encrypts and stores the designated to-be-processed data, the second segmented data, and the second analysis result; and a cloud server receives the second switch to transmit Copy the designated to-be-processed data, and perform data processing on the designated to-be-processed data to generate a processed data; receive and copy the processed data transmitted by the cloud server by a third exchange; An online data storage space receives and stores the copied processed data transmitted by the third switch; a third mirror server receives the copied processed data transmitted by the third switch, and copies the processed data The processing data is divided into a plurality of third divided data, and the third divided data is analyzed to obtain a third analysis result. According to the third divided data, The result judges whether the processed data is legal data, encrypts and stores the processed data, the third segmented data, and the third analysis result; a fourth exchange receives and copies the information transmitted by the first mirror server. The encrypted to-be-processed data, the first segmented data and the first analysis result, the encrypted designated to-be-processed data transmitted by the second mirror server, the second segmented data, and the second analysis The result, and the encrypted processed data, the third segmented data, and the third analysis result transmitted by the third mirror server; the processed data storage space receives and stores the copied data transmitted by the fourth switch The encrypted data to be processed, the first segmented data, the first analysis result, the designated to-be-processed data, the second segmented data, the second analysis result, the processed data, the The third segmented data and the third analysis result; and a static web interface to receive the encrypted encrypted processed data transmitted by the fourth switch, and the encrypted data will be encrypted. Transmitting the processed data to the other nodes in the system coupled to the node of the system.
為使熟習本發明所屬技術領域之一般技藝者能更進一步了解本發明,下文特列舉本發明之較佳實施例,並配合所附圖式,詳細說明本發明的構成內容及所欲達成之功效。In order to make a person skilled in the art who is familiar with the technical field of the present invention further understand the present invention, the preferred embodiments of the present invention are enumerated below, and in conjunction with the accompanying drawings, the constitutional content of the present invention and the desired effects are described in detail .
圖1為本發明之運用區塊鏈技術之節點系統之架構圖。運用區塊鏈技術之硬體架構可以所謂「節點」之硬體系統來構成,在圖1中,以四個節點系統100、200、300、400為範例來說明多個節點實施區塊鏈技術,但本實施例之四個節點系統僅作為說明之用,並非侷限本發明之應用,任何數量之節點皆為本發明之範疇。FIG. 1 is a structural diagram of a node system using blockchain technology of the present invention. The hardware architecture using blockchain technology can be composed of so-called "node" hardware systems. In Figure 1, four node systems 100, 200, 300, and 400 are used as examples to illustrate the implementation of blockchain technology by multiple nodes. However, the four-node system of this embodiment is for illustrative purposes only, and is not limited to the application of the present invention. Any number of nodes are within the scope of the present invention.
四個節點系統100、200、300、400之內部硬體架構係相同,故以第一節點系統100之內部硬體架構為例來說明本發明所達成之功能及功效,如圖2為本發明之節點系統之硬體架構之方塊圖所示。The internal hardware architectures of the four node systems 100, 200, 300, and 400 are the same. Therefore, the internal hardware architecture of the first node system 100 is taken as an example to illustrate the functions and effects achieved by the present invention. Figure 2 shows the present invention. The block diagram of the hardware architecture of the node system is shown.
在圖2中,第一節點系統100包括動態網址(Dynamic IP)介面102、第一至第四交換器104、106、108、110、第一至第三鏡像伺服器112、114、116、代理伺服器118、雲端伺服器120、線上資料儲存空間122、處理資料儲存空間124及靜態網址(Static IP)介面126。In FIG. 2, the first node system 100 includes a dynamic IP address interface 102, first to fourth switches 104, 106, 108, 110, first to third mirror servers 112, 114, 116, and an agent. The server 118, the cloud server 120, the online data storage space 122, the processing data storage space 124, and a static IP (Static IP) interface 126.
動態網址介面102接收與第一節點系統100相連結的其他節點系統(如圖1之第二至第四節點系統200、300、400)所發送之經加密或未加密之一待處理資料、已指定之待處理資料及已處理資料(如在網路上傳送之影像資料、語音資料、數據資料或網路郵件等封包資料)。動態網址介面102將接收之經加密或未加密之待處理資料送至第一交換器104。The dynamic website interface 102 receives encrypted or unencrypted pending data sent by other node systems (such as the second to fourth node systems 200, 300, and 400) connected to the first node system 100. Designated to-be-processed data and processed data (such as image data, voice data, data data, or packet data such as web mail sent over the network). The dynamic URL interface 102 sends the received encrypted or unencrypted pending data to the first switch 104.
第一交換器104接收與複製動態網址介面102傳送之經加密或未加密之待處理資料。第一交換器104將所複製之待處理資料傳送至第一鏡像伺服器112與代理伺服器118。The first switch 104 receives and copies the encrypted or unencrypted pending data transmitted by the dynamic web address interface 102. The first switch 104 transmits the copied to-be-processed data to the first mirror server 112 and the proxy server 118.
第一鏡像伺服器112接收第一交換器104傳送之已複製之待處理資料,當待處理資料為加密資料時,第一鏡像伺服器112將待處理資料先進行解密,之後第一鏡像伺服器112將經解密或未加密之待處理資料分割成為複數個第一分割資料,對該等第一分割資料進行分析(例如分析是否為惡意攻擊程式或駭客入侵等)以得到一第一分析結果,根據該第一分析結果判斷待處理資料是否為合法資料,若第一鏡像伺服器112根據第一分析結果判斷待處理資料為不合法資料,則第一鏡像伺服器112阻隔或丟棄該待處理資料,反之,第一鏡像伺服器112加密及儲存待處理資料、該等第一分割資料及第一分析結果,並將經加密之待處理資料、該等第一分割資料及第一分析結果傳送至第四交換器110。The first mirror server 112 receives the copied to-be-processed data transmitted by the first switch 104. When the to-be-processed data is encrypted data, the first mirror server 112 first decrypts the to-be-processed data, and then the first mirror server 112 divide the decrypted or unencrypted to-be-processed data into a plurality of first segmented data, and analyze the first segmented data (for example, whether it is a malicious attack program or a hacker intrusion) to obtain a first analysis result According to the first analysis result to determine whether the data to be processed is legal data. If the first mirror server 112 determines that the data to be processed is illegal data according to the first analysis result, the first mirror server 112 blocks or discards the data to be processed. Data, on the contrary, the first mirror server 112 encrypts and stores the data to be processed, the first divided data, and the first analysis result, and transmits the encrypted data to be processed, the first divided data, and the first analysis result To fourth switch 110.
在本實施例中,第一鏡像伺服器112對資料進行加密或解密係採用橢圓曲線數位簽章演算法(ECDSA,Elliptic Curve Digital Signature Algorithm)或RSA演算法,兩者都屬於公開金鑰加密演算法(Public Key Cryptography),以下第二及第三鏡像伺服器114、116對資料進行加密或解密皆相同,並省略其說明。In this embodiment, the first mirror server 112 encrypts or decrypts the data using an Elliptic Curve Digital Signature Algorithm (ECDSA) or RSA algorithm, both of which are public key encryption algorithms. (Public Key Cryptography), the following second and third mirror servers 114, 116 are the same for encrypting or decrypting data, and descriptions thereof are omitted.
在進行資料驗證時,第一鏡像伺服器112經由第一交換器104接收動態網址介面102傳送之其他節點系統200、300、400之經加密之待處理資料,並解密其他節點系統200、300、400之待處理資料,第一鏡像伺服器112以雜湊現金(Hashcash)演算法驗證節點系統100與其他節點系統200、300、400之待處理資料。When performing data verification, the first mirror server 112 receives the encrypted to-be-processed data of the other node systems 200, 300, and 400 transmitted by the dynamic website interface 102 through the first switch 104, and decrypts the other node systems 200, 300, and 400. For the unprocessed data at 400, the first mirror server 112 verifies the unprocessed data of the node system 100 and other node systems 200, 300, and 400 using a hash cash algorithm.
第一鏡像伺服器112驗證節點系統100之待處理資料與其他節點系統200、300、400之待處理資料不相同而超過一預定數量(例如超過節點系統200、300、400之數量之一半時),以超過該預定數量之其他節點系統200、300、400之待處理資料還原節點系統100之第一鏡像伺服器112之待處理資料,第一鏡像伺服器112將還原後之待處理資料進行加密並經由第四交換器110儲存在處理資料儲存空間124。The first mirror server 112 verifies that the to-be-processed data of the node system 100 is different from the to-be-processed data of other node systems 200, 300, and 400 and exceeds a predetermined amount (for example, more than half of the number of the node system 200, 300, and 400) To restore the to-be-processed data of the first mirror server 112 of the node system 100 with the to-be-processed data of other node systems 200, 300, 400 exceeding the predetermined number, and the first mirror server 112 encrypts the restored to-be-processed data It is stored in the processing data storage space 124 via the fourth switch 110.
提供代理服務的電腦系統或其它類型的網路終端稱為代理伺服器(Proxy Server)。一個完整的代理請求過程為:用戶端首先與代理伺服器建立連線,接著根據代理伺服器所使用的代理協定,請求對目標伺服器建立連線、或者獲得目標伺服器的指定資源(如:檔案)。Computer systems or other types of network terminals that provide proxy services are called proxy servers. A complete proxy request process is: the client first establishes a connection with the proxy server, and then requests to establish a connection to the target server or obtain the specified resources of the target server (such as: file).
代理伺服器118接收第一交換器104傳送之已複製之待處理資料,並將該待處理資料經由第二交換器106傳送至指定之伺服器(如雲端伺服器120)。The proxy server 118 receives the copied to-be-processed data transmitted by the first switch 104, and transmits the to-be-processed data to the designated server (such as the cloud server 120) via the second switch 106.
第二交換器106接收與複製代理伺服器118傳送之已指定之待處理資料。第二交換器106將所複製之已指定之待處理資料至第二鏡像伺服器114與雲端伺服器120。The second switch 106 receives and copies the designated to-be-processed data transmitted by the proxy server 118. The second switch 106 sends the copied designated to-be-processed data to the second mirror server 114 and the cloud server 120.
第二鏡像伺服器114接收第二交換器106傳送之已複製已指定之待處理資料,當已指定之待處理資料為加密資料時,第二鏡像伺服器114將已指定之待處理資料先進行解密,之後第二鏡像伺服器114將經解密或未加密之已指定之待處理資料分割成為複數個第二分割資料,對該等第二分割資料進行分析(例如分析是否為惡意攻擊程式或駭客入侵等)以得到一第二分析結果,根據該第二分析結果判斷已指定之待處理資料是否為合法資料,若第二鏡像伺服器114根據第二分析結果判斷已指定之待處理資料為不合法資料,則第二鏡像伺服器114阻隔或丟棄已指定之待處理資料,反之,第二鏡像伺服器114加密及儲存已指定之待處理資料、該等第二分割資料及第二分析結果,並將經加密之已指定之待處理資料、該等第二分割資料及第二分析結果傳送至第四交換器110。The second mirror server 114 receives the copied and designated to-be-processed data transmitted by the second switch 106. When the designated to-be-processed data is encrypted data, the second mirror server 114 performs the designated-to-be-processed data first After decryption, the second mirror server 114 divides the decrypted or unencrypted designated to-be-processed data into a plurality of second segmented data, and analyzes the second segmented data (for example, whether it is a malicious attack program or a hacker). Customer intrusion, etc.) to obtain a second analysis result, and determine whether the designated to-be-processed data is legal data according to the second analysis result. If the second mirror server 114 determines that the designated-to-be-processed data is based on the second analysis result, Illegal data, the second mirror server 114 blocks or discards the designated to-be-processed data; otherwise, the second mirror server 114 encrypts and stores the designated-to-be-processed data, the second segmented data, and the second analysis result And transmits the encrypted designated to-be-processed data, the second segmented data, and the second analysis result to the fourth switch 110.
在進行資料驗證時,第二鏡像伺服器114經由第二交換器106接收動態網址介面102傳送之其他節點系統200、300、400之經加密之已指定之待處理資料,並解密其他節點系統200、300、400之已指定之待處理資料,第二鏡像伺服器114以雜湊現金演算法驗證節點系統100與其他節點系統200、300、400之已指定之待處理資料。During data verification, the second mirror server 114 receives the encrypted designated designated data to be processed by other node systems 200, 300, and 400 transmitted by the dynamic web interface 102 via the second switch 106, and decrypts the other node systems 200 , 300, 400 of the designated pending data, the second mirror server 114 verifies the designated pending data of the node system 100 and other node systems 200, 300, 400 using a hash cash algorithm.
第二鏡像伺服器114驗證節點系統100之已指定之待處理資料與其他節點系統200、300、400之已指定之待處理資料不相同而超過一預定數量(例如超過節點系統200、300、400之數量之一半時),以超過該預定數量之其他節點系統200、300、400之已指定之待處理資料還原節點系統100之第二鏡像伺服器114之已指定之待處理資料,第二鏡像伺服器114將還原後之已指定之待處理資料進行加密並經由第四交換器110儲存在處理資料儲存空間124。The second mirror server 114 verifies that the designated to-be-processed data of the node system 100 is different from the designated to-be-processed data of other node systems 200, 300, 400 and exceeds a predetermined amount (for example, exceeds the node system 200, 300, 400 Half of the number), restore the designated pending data of the second mirror server 114 of the node system 100 with the designated pending data of other node systems 200, 300, 400 exceeding the predetermined number, the second mirror The server 114 encrypts the restored designated to-be-processed data and stores it in the processing data storage space 124 via the fourth switch 110.
雲端伺服器的設計目的是儲存及管理資料、執行應用程式或傳遞內容或服務,例如串流視訊、網路郵件、辦公室生產力軟體或社交媒體。因此,雲端伺服器120接收第二交換器106傳送之已複製已指定之前述的待處理資料,並將已指定之待處理資料進行資料處理以產生一已處理資料。雲端伺服器120將所產生之已處理資料傳送至第三交換器108。Cloud servers are designed to store and manage data, run applications, or deliver content or services, such as streaming video, webmail, office productivity software, or social media. Therefore, the cloud server 120 receives the copied and specified aforementioned to-be-processed data sent by the second switch 106, and performs data processing on the designated to-be-processed data to generate a processed data. The cloud server 120 transmits the generated processed data to the third switch 108.
第三交換器108接收與複製雲端伺服器120傳送之已處理資料。第三交換器108將已複製之已處理資料傳送至線上資料儲存空間122與第三鏡像伺服器116。The third switch 108 receives and copies the processed data transmitted by the cloud server 120. The third switch 108 transmits the copied processed data to the online data storage space 122 and the third mirror server 116.
例如為資料庫或硬體儲存裝置之線上資料儲存空間122接收與儲存第三交換器108傳送之已複製之已處理資料。For example, the online data storage space 122 of a database or hardware storage device receives and stores the copied processed data transmitted by the third switch 108.
第三鏡像伺服器116接收第三交換器108傳送之已複製之已處理資料,當已處理資料為加密資料時,第三鏡像伺服器116將已處理資料先進行解密,之後第三鏡像伺服器116將經解密或無需解密之已處理資料分割成為複數個第三分割資料,對該等第三分割資料進行分析(例如分析是否為惡意攻擊程式或駭客入侵等)以得到一第三分析結果,根據該第三分析結果判斷已處理資料是否為合法資料,若第三鏡像伺服器116根據第三分析結果判斷已處理資料為不合法資料,則第三鏡像伺服器116阻隔或丟棄已待處理資料,反之,第三鏡像伺服器116加密及儲存已處理資料、該等第三分割資料及第三分析結果,並將經加密之已處理資料、該等第三分割資料及第三分析結果傳送至第四交換器110。The third mirror server 116 receives the copied processed data transmitted by the third switch 108. When the processed data is encrypted data, the third mirror server 116 first decrypts the processed data, and then the third mirror server 116 Divide the processed data that has been decrypted or not decrypted into a plurality of third segmented data, and analyze the third segmented data (such as analyzing whether it is a malicious attack program or a hacker intrusion) to obtain a third analysis result To determine whether the processed data is legal data according to the third analysis result. If the third mirror server 116 determines that the processed data is illegal data according to the third analysis result, the third mirror server 116 blocks or discards the pending data. Data, on the contrary, the third mirror server 116 encrypts and stores the processed data, the third segmented data, and the third analysis result, and transmits the encrypted processed data, the third segmented data, and the third analysis result. To fourth switch 110.
在進行資料驗證時,第三鏡像伺服器116經由第三交換器108接收動態網址介面102傳送之其他節點系統200、300、400之經加密之已處理資料,並解密其他節點系統200、300、400之已處理資料,第三鏡像伺服器116以雜湊現金演算法驗證節點系統100與其他節點系統200、300、400之已處理資料。During data verification, the third mirror server 116 receives the encrypted processed data of other node systems 200, 300, 400 transmitted by the dynamic web interface 102 via the third switch 108, and decrypts the other node systems 200, 300, For the processed data of 400, the third mirror server 116 verifies the processed data of the node system 100 and other node systems 200, 300, and 400 using a hash cash algorithm.
第三鏡像伺服器116驗證節點系統100之已處理資料與其他節點系統200、300、400之已處理資料不相同而超過一預定數量(例如超過節點系統200、300、400之數量之一半時),以超過該預定數量之其他節點系統200、300、400之已處理資料還原節點系統100之第三鏡像伺服器116之已處理資料,第三鏡像伺服器116將還原後之已處理資料進行加密並經由第四交換器110儲存在處理資料儲存空間124。The third mirror server 116 verifies that the processed data of the node system 100 is different from the processed data of other node systems 200, 300, 400 and exceeds a predetermined amount (for example, more than half of the number of the node systems 200, 300, and 400) To restore the processed data of the third mirror server 116 of the node system 100 with the processed data of the other node systems 200, 300, 400 exceeding the predetermined number, and the third mirror server 116 encrypts the restored processed data It is stored in the processing data storage space 124 via the fourth switch 110.
第四交換器110接收與複製第一鏡像伺服器112傳送之經加密之待處理資料、該等第一分割資料及第一分析結果、第二鏡像伺服器114傳送之經加密之已指定之待處理資料、該等第二分割資料及第二分析結果、及第三鏡像伺服器116傳送之經加密之已處理資料、該等第三分割資料及第三分析結果。第四交換器110所接收之前述已複製資料傳送至處理資料儲存空間124,第四交換器110將已複製之經加密之待處理資料、已指定之待處理資料及已處理資料傳送至靜態網址介面126。The fourth switch 110 receives and copies the encrypted to-be-processed data transmitted by the first mirror server 112, the first segmented data and the first analysis result, and the encrypted designated to-be-transmitted data transmitted by the second mirror server 114. The processing data, the second segmented data and the second analysis result, and the encrypted processed data transmitted by the third mirror server 116, the third segmented data, and the third analysis result. The aforementioned copied data received by the fourth switch 110 is transmitted to the processing data storage space 124, and the fourth switch 110 transmits the copied encrypted to-be-processed data, the designated to-be-processed data, and the processed data to the static URL Interface 126.
例如為資料庫或硬體儲存裝置之處理資料儲存空間124接收與儲存第四交換器110傳送之已複製之經加密之待處理資料、該等第一分割資料、第一分析結果、已指定之待處理資料、該等第二分割資料、第二分析結果、已處理資料、該等第三分割資料及第三分析結果。For example, the processing data storage space 124 of the database or hardware storage device receives and stores the copied encrypted to-be-processed data transmitted by the fourth switch 110, the first segmented data, the first analysis result, and the designated Pending data, the second segmented data, the second analysis result, processed data, the third segmented data, and the third analysis result.
靜態網址介面126接收第四交換器110傳送之已複製之經加密之待處理資料、已指定之待處理資料及已處理資料,並將經加密之待處理資料、已指定之待處理資料及已處理資料發送至與第一節點系統100相連結的第二至第四節點系統200、300、400(如圖1所示),以實現區塊鏈技術。The static website interface 126 receives the copied encrypted to-be-processed data, the designated to-be-processed data, and the processed data transmitted by the fourth switch 110, and sends the encrypted to-be-processed data, the designated to-be-processed data, and The processing data is sent to the second to fourth node systems 200, 300, and 400 (shown in FIG. 1) connected to the first node system 100 to implement the blockchain technology.
圖3為本發明之運用區塊鏈技術之節點系統之運行方法之流程圖。在說明圖3之流程步驟時參考圖1及圖2之系統架構。FIG. 3 is a flowchart of a method for operating a node system using blockchain technology according to the present invention. When explaining the process steps of FIG. 3, the system architecture of FIGS. 1 and 2 is referred to.
在圖3中,首先,由動態網址介面102接收與第一節點系統100相連結的其他節點系統(如圖1之第二至第四節點系統200、300、400)所發送之一待處理資料(如在網路上傳送之影像資料、語音資料、數據資料或網路郵件等)(步驟S500)。由動態網址介面102將接收之待處理資料送至第一交換器104。In FIG. 3, first, the dynamic website interface 102 receives one piece of data to be processed sent by other node systems (such as the second to fourth node systems 200, 300, and 400) connected to the first node system 100. (Such as image data, voice data, data data, or network mail transmitted on the network) (step S500). The received to-be-processed data is sent to the first switch 104 by the dynamic website interface 102.
接著,由第一交換器104接收動態網址介面102傳送之待處理資料,並對待處理資料進行複製(步驟S502)。由第一交換器104將所複製之待處理資料傳送至第一鏡像伺服器112與代理伺服器118。Then, the first switch 104 receives the to-be-processed data transmitted by the dynamic web address interface 102, and copies the to-be-processed data (step S502). The copied to-be-processed data is transmitted by the first switch 104 to the first mirror server 112 and the proxy server 118.
由第一鏡像伺服器112接收第一交換器104傳送之已複製之待處理資料,當待處理資料為加密資料時,由第一鏡像伺服器112將待處理資料先進行解密,之後由第一鏡像伺服器112將經解密或無需解密之該待處理資料分割成為複數個第一分割資料,並對該等第一分割資料進行分析(例如分析是否為惡意攻擊程式或駭客入侵等)以得到一第一分析結果,由第一鏡像伺服器112根據該第一分析結果判斷待處理資料是否為合法資料,若第一鏡像伺服器112根據第一分析結果判斷待處理資料為不合法資料,則由第一鏡像伺服器112阻隔或丟棄該待處理資料,反之,由第一鏡像伺服器112加密及儲存待處理資料、該等第一分割資料及第一分析結果(步驟S504),並將經加密之待處理資料、該等第一分割資料及第一分析結果傳送至第四交換器110。The first mirror server 112 receives the copied to-be-processed data transmitted by the first switch 104. When the to-be-processed data is encrypted, the first mirror server 112 first decrypts the to-be-processed data, and then the The image server 112 divides the to-be-processed data that has been decrypted or does not need to be decrypted into a plurality of first segmented data, and analyzes the first segmented data (for example, whether it is a malicious attack program or a hacker intrusion) to obtain A first analysis result, the first mirror server 112 determines whether the data to be processed is legal data according to the first analysis result. If the first mirror server 112 determines that the data to be processed is illegal data according to the first analysis result, then The first image server 112 blocks or discards the data to be processed. Otherwise, the first image server 112 encrypts and stores the data to be processed, the first segmented data, and the first analysis result (step S504). The encrypted to-be-processed data, the first segmented data, and the first analysis result are transmitted to the fourth switch 110.
其次,由代理伺服器118接收第一交換器104傳送之已複製之待處理資料,並將該待處理資料經由第二交換器106傳送至指定之伺服器(如雲端伺服器120)(步驟S506)。Second, the proxy server 118 receives the copied to-be-processed data transmitted by the first switch 104, and transmits the to-be-processed data to the designated server (such as the cloud server 120) via the second switch 106 (step S506) ).
由第二交換器106接收代理伺服器118傳送之已指定之待處理資料,並對已指定之待處理資料進行複製(步驟S508)。由第二交換器106將所複製之已指定之待處理資料至第二鏡像伺服器114與雲端伺服器120。The second exchanger 106 receives the designated to-be-processed data transmitted by the proxy server 118, and copies the designated to-be-processed data (step S508). The copied designated to-be-processed data is sent by the second switch 106 to the second mirror server 114 and the cloud server 120.
由第二鏡像伺服器114接收第二交換器106傳送之已複製已指定之待處理資料,當已指定之待處理資料為加密資料時,由第二鏡像伺服器114將已指定之待處理資料先進行解密,之後由第二鏡像伺服器114將經解密或無需解密之已指定之待處理資料分割成為複數個第二分割資料,並對該等第二分割資料進行分析(例如分析是否為惡意攻擊程式或駭客入侵等)以得到一第二分析結果,由第二鏡像伺服器114根據該第二分析結果判斷已指定之待處理資料是否為合法資料,若第二鏡像伺服器114根據第二分析結果判斷已指定之待處理資料為不合法資料,則第二鏡像伺服器114阻隔或丟棄已指定之待處理資料,反之,第二鏡像伺服器114加密及儲存已指定之待處理資料、該等第二分割資料及第二分析結果(步驟S510),並將經加密之已指定之待處理資料、該等第二分割資料及第二分析結果傳送至第四交換器110。The second mirror server 114 receives the copied and designated to-be-processed data transmitted by the second switch 106. When the designated to-be-processed data is encrypted data, the second mirror server 114 sends the designated-to-be-processed data Decryption is performed first, and then the second mirror server 114 divides the designated to-be-processed data that is decrypted or does not need to be decrypted into a plurality of second segmented data, and analyzes the second segmented data (for example, whether the analysis is malicious Attack programs or hackers, etc.) to obtain a second analysis result, and the second mirror server 114 judges whether the designated to-be-processed data is legitimate data according to the second analysis result. The second analysis result judges that the designated to-be-processed data is illegal data, the second mirror server 114 blocks or discards the designated-to-be-processed data, otherwise, the second mirror server 114 encrypts and stores the designated-to-be-processed data, The second segmented data and the second analysis result (step S510), and the encrypted designated designated to-be-processed data, the second segmented data, and the second A fourth analysis result to the switch 110.
由雲端伺服器120接收第二交換器106傳送之已複製已指定之待處理資料,由雲端伺服器120將已指定之待處理資料進行資料處理或執行以產生一已處理資料(步驟S512)。雲端伺服器120將所產生之已處理資料傳送至第三交換器108。The cloud server 120 receives the copied and designated to-be-processed data transmitted by the second switch 106, and the cloud server 120 performs data processing or execution of the designated to-be-processed data to generate a processed data (step S512). The cloud server 120 transmits the generated processed data to the third switch 108.
由第三交換器108接收雲端伺服器120傳送之已處理資料,並對已處理資料進行複製(步驟S514)。由第三交換器108將已複製之已處理資料傳送至線上資料儲存空間122與第三鏡像伺服器116。The third switch 108 receives the processed data transmitted by the cloud server 120 and copies the processed data (step S514). The copied and processed data is transmitted to the online data storage space 122 and the third mirror server 116 by the third switch 108.
由線上資料儲存空間122接收第三交換器108傳送之已複製之已處理資料,並對已處理資料進行儲存(步驟S516)。The copied data processed by the third switch 108 is received by the online data storage space 122, and the processed data is stored (step S516).
由第三鏡像伺服器116接收第三交換器108傳送之已複製之已處理資料,當已處理資料為加密資料時,由第三鏡像伺服器116將已處理資料先進行解密,之後由第三鏡像伺服器116將經解密或無需解密之已處理資料分割成為複數個第三分割資料,並對該等第三分割資料進行分析(例如分析是否為惡意攻擊程式或駭客入侵等)以得到一第三分析結果,由第三鏡像伺服器116根據該第三分析結果判斷已處理資料是否為合法資料,若第三鏡像伺服器116根據第三分析結果判斷已處理資料為不合法資料,則由第三鏡像伺服器116阻隔或丟棄已待處理資料,反之,由第三鏡像伺服器116加密及儲存已處理資料、該等第三分割資料及第三分析結果(步驟S518),並將經加密之已處理資料、該等第三分割資料及第三分析結果傳送至第四交換器110。The third mirror server 116 receives the copied processed data transmitted by the third switch 108. When the processed data is encrypted data, the third mirror server 116 first decrypts the processed data, and then the third mirror server 116 decrypts the processed data. The image server 116 divides the processed data that has been decrypted or does not need to be decrypted into a plurality of third segmented data, and analyzes the third segmented data (such as analyzing whether it is a malicious attack program or hacking, etc.) to obtain a According to the third analysis result, the third mirror server 116 determines whether the processed data is legal data according to the third analysis result. If the third mirror server 116 determines that the processed data is illegal data according to the third analysis result, then The third mirror server 116 blocks or discards the processed data, otherwise, the third mirror server 116 encrypts and stores the processed data, the third segmented data, and the third analysis result (step S518), and encrypts the processed data. The processed data, the third segmented data, and the third analysis result are transmitted to the fourth switch 110.
由第四交換器110接收第一鏡像伺服器112傳送之經加密之待處理資料、該等第一分割資料及第一分析結果、第二鏡像伺服器114傳送之經加密之已指定之待處理資料、該等第二分割資料及第二分析結果、及第三鏡像伺服器116傳送之經加密之已處理資料、該等第三分割資料及第三分析結果,並對經加密之待處理資料、該等第一分割資料、第一分析結果、已指定之待處理資料、該等第二分割資料、第二分析結果、已處理資料、該等第三分割資料及第三分析結果等進行複製(步驟S520)。由第四交換器110所接收之前述已複製資料傳送至處理資料儲存空間124,由第四交換器110將已複製之經加密之待處理資料、已指定之待處理資料及已處理資料傳送至靜態網址介面126。The fourth switch 110 receives the encrypted to-be-processed data transmitted by the first mirror server 112, the first segmented data and the first analysis result, and the encrypted and designated to-be-processed data transmitted by the second mirror server 114. Data, the second segmented data and the second analysis result, and the encrypted processed data transmitted by the third mirror server 116, the third segmented data and the third analysis result, and the encrypted pending data , The first segmented data, the first analysis result, the designated pending data, the second segmented data, the second analysis result, the processed data, the third segmented data, the third analysis result, etc. are copied (Step S520). The aforementioned copied data received by the fourth switch 110 is transmitted to the processing data storage space 124. The fourth switch 110 transmits the copied encrypted to-be-processed data, the designated to-be-processed data, and the processed data to Static URL interface 126.
由處理資料儲存空間124接收與儲存第四交換器110傳送之已複製之經加密之待處理資料、該等第一分割資料、第一分析結果、已指定之待處理資料、該等第二分割資料、第二分析結果、已處理資料、該等第三分割資料及第三分析結果(步驟S522)。The processed data storage space 124 receives and stores the copied encrypted to-be-processed data transmitted by the fourth switch 110, the first divided data, the first analysis result, the designated to-be-processed data, the second divided The data, the second analysis result, the processed data, the third segmented data, and the third analysis result (step S522).
由靜態網址介面126接收第四交換器110傳送之已複製之經加密之待處理資料、已指定之待處理資料及已處理資料,並將經加密之待處理資料、已指定之待處理資料及已處理資料發送至與第一節點系統100相連結的第二至第四節點系統200、300、400(如圖1所示),以實現區塊鏈技術(步驟S524)。The static URL interface 126 receives the copied encrypted to-be-processed data, the designated to-be-processed data, and the processed data transmitted by the fourth switch 110, and sends the encrypted to-be-processed data, the designated to-be-processed data, and The processed data is sent to the second to fourth node systems 200, 300, and 400 (shown in FIG. 1) connected to the first node system 100 to implement the blockchain technology (step S524).
圖4為本發明之運用區塊鏈技術之節點系統進行資料驗證及還原之流程圖。在說明圖4之流程步驟時參考圖1及圖2之系統架構。FIG. 4 is a flowchart of data verification and restoration by the node system using the blockchain technology of the present invention. When explaining the process steps of FIG. 4, the system architecture of FIGS. 1 and 2 is referred to.
在圖4中,第一至第四節點系統100、200、300、400之每一者之靜態網址介面126會將經加密之待處理資料、已指定之待處理資料及已處理資料發送彼此互連之其他節點系統,第一至第四節點系統100、200、300、400會將所接收到之待處理資料、已指定之待處理資料及已處理資料與其本身之待處理資料、已指定之待處理資料及已處理資料進行驗證,以判斷第一至第四節點系統100、200、300、400本身之待處理資料、已指定之待處理資料及已處理資料是否與超過一預定數量之其他節點系統之待處理資料、已指定之待處理資料相同。In FIG. 4, the static website interface 126 of each of the first to fourth node systems 100, 200, 300, 400 sends encrypted to-be-processed data, designated to-be-processed data, and processed data to each other For other node systems, the first to fourth node systems 100, 200, 300, and 400 will receive the received to-be-processed data, the designated to-be-processed data, and the processed data and its own to-be-processed data, the designated The pending data and processed data are verified to determine whether the first to fourth node systems 100, 200, 300, 400 themselves have pending data, designated pending data, and whether the processed data is more than a predetermined number of other The pending data of the node system and the designated pending data are the same.
以第一節點系統100為例,由動態網址介面102接收與第一節點系統100相連結的其他節點系統200、300、400所發送之經加密之待處理資料、已指定之待處理資料及已處理資料(步驟S600)。Taking the first node system 100 as an example, the dynamic website interface 102 receives encrypted to-be-processed data, designated to-be-processed data, and sent by other node systems 200, 300, and 400 connected to the first-node system 100. The data is processed (step S600).
由第一鏡像伺服器112經由第一交換器104接收動態網址介面102傳送之其他節點系統200、300、400之經加密之待處理資料,並解密其他節點系統200、300、400之待處理資料,由第一鏡像伺服器112以雜湊現金演算法驗證節點系統100與其他節點系統200、300、400之待處理資料(步驟S602)。The first mirror server 112 receives the encrypted to-be-processed data of other node systems 200, 300, and 400 transmitted by the dynamic web interface 102 through the first switch 104, and decrypts the to-be-processed data of other node systems 200, 300, and 400 The first mirror server 112 verifies the pending data of the node system 100 and other node systems 200, 300, and 400 with a hash cash algorithm (step S602).
由第一鏡像伺服器112驗證節點系統100之待處理資料與其他節點系統200、300、400之待處理資料不相同而超過一預定數量(例如超過節點系統200、300、400之數量之一半時),以超過該預定數量之其他節點系統200、300、400之待處理資料還原節點系統100之第一鏡像伺服器112之待處理資料,由第一鏡像伺服器112將還原後之待處理資料進行加密並經由第四交換器110儲存在處理資料儲存空間124。The first mirror server 112 verifies that the to-be-processed data of the node system 100 is different from the to-be-processed data of other node systems 200, 300, and 400 and exceeds a predetermined amount (for example, more than half of the number of node systems 200, 300, and 400) ), Restore the to-be-processed data of the first mirror server 112 of the node system 100 with the to-be-processed data of other node systems 200, 300, 400 exceeding the predetermined number, and the first to-be-processed data is restored by the first mirror server 112 The data is encrypted and stored in the processing data storage space 124 via the fourth switch 110.
由第二鏡像伺服器114經由第二交換器106接收動態網址介面102傳送之其他節點系統200、300、400之經加密之已指定之待處理資料,並解密其他節點系統200、300、400之已指定之待處理資料,由第二鏡像伺服器114以雜湊現金演算法驗證節點系統100與其他節點系統200、300、400之已指定之待處理資料(步驟S604)。The second mirror server 114 receives the encrypted and designated processing data of other node systems 200, 300, and 400 transmitted by the dynamic website interface 102 through the second switch 106, and decrypts the other node systems 200, 300, and 400. The designated to-be-processed data is verified by the second mirror server 114 using the hash cash algorithm to the designated to-be-processed data of the node system 100 and other node systems 200, 300, and 400 (step S604).
由第二鏡像伺服器114驗證節點系統100之已指定之待處理資料與其他節點系統200、300、400之已指定之待處理資料不相同而超過一預定數量(例如超過節點系統200、300、400之數量之一半時),以超過該預定數量之其他節點系統200、300、400之已指定之待處理資料還原節點系統100之第二鏡像伺服器114之已指定之待處理資料,由第二鏡像伺服器114將還原後之已指定之待處理資料進行加密並經由第四交換器110儲存在處理資料儲存空間124。The second mirror server 114 verifies that the designated to-be-processed data of the node system 100 is different from the designated to-be-processed data of other node systems 200, 300, 400 and exceeds a predetermined amount (for example, exceeds the node system 200, 300, 400 (one half of the number of 400), restore the designated unprocessed data of the second mirror server 114 of the node system 100 with the designated unprocessed data of other node systems 200, 300, 400 exceeding the predetermined number, by the first The second mirror server 114 encrypts the designated to-be-processed data after the restoration and stores the processed data in the processing data storage space 124 through the fourth switch 110.
由第三鏡像伺服器116經由第三交換器108接收動態網址介面102傳送之其他節點系統200、300、400之經加密之已處理資料,並解密其他節點系統200、300、400之已處理資料,由第三鏡像伺服器116以雜湊現金演算法驗證節點系統100與其他節點系統200、300、400之已處理資料(步驟S606)。The third mirror server 116 receives the encrypted processed data of other node systems 200, 300, and 400 transmitted by the dynamic website interface 102 through the third exchange 108, and decrypts the processed data of other node systems 200, 300, and 400. The third mirror server 116 verifies the processed data of the node system 100 and other node systems 200, 300, and 400 with a hash cash algorithm (step S606).
由第三鏡像伺服器116驗證節點系統100之已處理資料與其他節點系統200、300、400之已處理資料不相同而超過一預定數量(例如超過節點系統200、300、400之數量之一半時),以超過該預定數量之其他節點系統200、300、400之已處理資料還原節點系統100之第三鏡像伺服器116之已處理資料,由第三鏡像伺服器116將還原後之已處理資料進行加密並經由第四交換器110儲存在處理資料儲存空間124。The third mirror server 116 verifies that the processed data of the node system 100 is different from the processed data of other node systems 200, 300, 400 and exceeds a predetermined amount (for example, more than half of the number of the node system 200, 300, 400) ), The processed data of the third mirror server 116 of the node system 100 is restored with the processed data of the other node systems 200, 300, 400 exceeding the predetermined number, and the restored data is processed by the third mirror server 116 The data is encrypted and stored in the processing data storage space 124 via the fourth switch 110.
節點系統200、300、400驗證本身之待處理資料、已指定之待處理資料及已處理資料之步驟與圖4之流程圖所述之步驟相同,在此省略其說明。The steps for the node systems 200, 300, and 400 to verify the to-be-processed data, the designated to-be-processed data, and the processed data are the same as the steps described in the flowchart of FIG. 4, and descriptions thereof are omitted here.
本發明係提供一種運用區塊鏈技術之節點系統及其運行方法,其特點係在區塊鏈的節點中之底層採用伺服器之群組,因此可提供大的網路資源要求以提升各節點間連線情況,為伺服器架構之區塊鏈有較強能力處理龐大運算結構而提供使用者較大量的處理資料量,且伺服器中的虛擬機器可提供使用者使用,而對使用者之資料格式、資料量及軟體具有彈性的運用,大大地減少其使用區塊鏈的限制,而可有效的使用區塊鏈的分散、運算、驗證及儲存的功能及特性。The present invention provides a node system using a blockchain technology and a method for operating the same. The characteristics of the node system are a group of servers at the bottom of the nodes of the blockchain, so it can provide large network resource requirements to enhance each node. For the connection between servers, the server-structured blockchain has a strong ability to handle huge computing structures and provides users with a large amount of processing data, and the virtual machines in the server can be used by users. The flexible use of data format, data volume, and software greatly reduces its restrictions on using the blockchain, and can effectively use the blockchain's decentralized, computational, verification, and storage functions and characteristics.
雖然本發明已參照較佳具體例及舉例性附圖敘述如上,惟其應不被視為係限制性者。熟悉本技藝者對其形態及具體例之內容做各種修改、省略及變化,均不離開本發明之請求項之所主張範圍。Although the present invention has been described above with reference to preferred specific examples and exemplary drawings, it should not be construed as limiting. Those skilled in the art can make various modifications, omissions, and changes to the contents and specific examples thereof without departing from the claimed scope of the claims of the present invention.
100‧‧‧第一節點系統100‧‧‧First Node System
102‧‧‧動態網址介面102‧‧‧Dynamic URL interface
104‧‧‧第一交換器104‧‧‧first switch
106‧‧‧第二交換器106‧‧‧Second switch
108‧‧‧第三交換器108‧‧‧Third switch
110‧‧‧第四交換器110‧‧‧Fourth exchanger
112‧‧‧第一鏡像伺服器112‧‧‧The first mirror server
114‧‧‧第二鏡像伺服器114‧‧‧Second mirror server
116‧‧‧第三鏡像伺服器116‧‧‧Third mirror server
118‧‧‧代理伺服器118‧‧‧ proxy server
120‧‧‧雲端伺服器120‧‧‧ Cloud Server
122‧‧‧線上資料儲存空間122‧‧‧Online data storage space
124‧‧‧處理資料儲存空間124‧‧‧Processing data storage space
126‧‧‧靜態網址介面126‧‧‧Static URL interface
200‧‧‧第二節點系統200‧‧‧Second Node System
300‧‧‧第三節點系統300‧‧‧ Third Node System
400‧‧‧第四節點系統400‧‧‧Fourth Node System
圖1為本發明之運用區塊鏈技術之節點系統之架構圖; 圖2為本發明之節點系統之硬體架構之方塊圖; 圖3為本發明之運用區塊鏈技術之節點系統之運行方法之流程圖;以及 圖4為本發明之運用區塊鏈技術之節點系統進行資料驗證及還原之流程圖。Figure 1 is the architecture diagram of the node system using the blockchain technology of the present invention; Figure 2 is the block diagram of the hardware architecture of the node system of the present invention; Figure 3 is the operation of the node system using the blockchain technology of the present invention The flowchart of the method; and FIG. 4 is a flowchart of data verification and restoration by the node system using the blockchain technology of the present invention.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW107117448ATWI661706B (en) | 2018-05-23 | 2018-05-23 | Node system using block chain technology and operation method thereof |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW107117448ATWI661706B (en) | 2018-05-23 | 2018-05-23 | Node system using block chain technology and operation method thereof |
| Publication Number | Publication Date |
|---|---|
| TWI661706Btrue TWI661706B (en) | 2019-06-01 |
| TW202005326A TW202005326A (en) | 2020-01-16 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW107117448ATWI661706B (en) | 2018-05-23 | 2018-05-23 | Node system using block chain technology and operation method thereof |
| Country | Link |
|---|---|
| TW (1) | TWI661706B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111373378A (en)* | 2019-11-06 | 2020-07-03 | 支付宝(杭州)信息技术有限公司 | Data security for error correction code based shared blockchain data storage |
| CN111386519A (en)* | 2019-11-13 | 2020-07-07 | 支付宝(杭州)信息技术有限公司 | Dynamic blockchain data storage based on error correction codes |
| CN111406252A (en)* | 2019-11-06 | 2020-07-10 | 支付宝(杭州)信息技术有限公司 | Consensus of error correction code based shared blockchain data storage |
| TWI740575B (en)* | 2019-11-06 | 2021-09-21 | 大陸商支付寶(杭州)信息技術有限公司 | Method, system and device for prioritizing shared blockchain data storage |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020016827A1 (en)* | 1999-11-11 | 2002-02-07 | Mccabe Ron | Flexible remote data mirroring |
| CN101859319A (en)* | 2009-02-12 | 2010-10-13 | 阿森图尔环球服务有限责任公司 | The data system framework of analysis distribution formula data set |
| US20100333116A1 (en)* | 2009-06-30 | 2010-12-30 | Anand Prahlad | Cloud gateway system for managing data storage to cloud storage sites |
| US20120167162A1 (en)* | 2009-01-28 | 2012-06-28 | Raleigh Gregory G | Security, fraud detection, and fraud mitigation in device-assisted services systems |
| US9569771B2 (en)* | 2011-04-29 | 2017-02-14 | Stephen Lesavich | Method and system for storage and retrieval of blockchain blocks using galois fields |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020016827A1 (en)* | 1999-11-11 | 2002-02-07 | Mccabe Ron | Flexible remote data mirroring |
| US20120167162A1 (en)* | 2009-01-28 | 2012-06-28 | Raleigh Gregory G | Security, fraud detection, and fraud mitigation in device-assisted services systems |
| CN101859319A (en)* | 2009-02-12 | 2010-10-13 | 阿森图尔环球服务有限责任公司 | The data system framework of analysis distribution formula data set |
| US20100333116A1 (en)* | 2009-06-30 | 2010-12-30 | Anand Prahlad | Cloud gateway system for managing data storage to cloud storage sites |
| US9569771B2 (en)* | 2011-04-29 | 2017-02-14 | Stephen Lesavich | Method and system for storage and retrieval of blockchain blocks using galois fields |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111373378A (en)* | 2019-11-06 | 2020-07-03 | 支付宝(杭州)信息技术有限公司 | Data security for error correction code based shared blockchain data storage |
| CN111406252A (en)* | 2019-11-06 | 2020-07-10 | 支付宝(杭州)信息技术有限公司 | Consensus of error correction code based shared blockchain data storage |
| TWI740575B (en)* | 2019-11-06 | 2021-09-21 | 大陸商支付寶(杭州)信息技術有限公司 | Method, system and device for prioritizing shared blockchain data storage |
| CN111373378B (en)* | 2019-11-06 | 2022-03-18 | 支付宝(杭州)信息技术有限公司 | Data security for error correction code based shared blockchain data storage |
| CN111406252B (en)* | 2019-11-06 | 2022-04-15 | 支付宝(杭州)信息技术有限公司 | Consensus of error correction code based shared blockchain data storage |
| US11327833B2 (en) | 2019-11-06 | 2022-05-10 | Alipay (Hangzhou) Information Technology Co., Ltd. | Prioritizing shared blockchain data storage |
| CN111386519A (en)* | 2019-11-13 | 2020-07-07 | 支付宝(杭州)信息技术有限公司 | Dynamic blockchain data storage based on error correction codes |
| CN111386519B (en)* | 2019-11-13 | 2022-04-15 | 支付宝(杭州)信息技术有限公司 | Dynamic blockchain data storage based on error correction codes |
| Publication number | Publication date |
|---|---|
| TW202005326A (en) | 2020-01-16 |
| Publication | Publication Date | Title |
|---|---|---|
| CA3058236C (en) | Retrieving public data for blockchain networks using highly available trusted execution environments | |
| Chaudhary et al. | Lattice-based public key cryptosystem for Internet of Things environment: Challenges and solutions | |
| Hota et al. | Capability-based cryptographic data access control in cloud computing | |
| US8732462B2 (en) | Methods and apparatus for secure data sharing | |
| Bhardwaj et al. | Security algorithms for cloud computing | |
| Seth et al. | Secure Cloud Data Storage System Using Hybrid Paillier–Blowfish Algorithm. | |
| TWI661706B (en) | Node system using block chain technology and operation method thereof | |
| CN104113409B (en) | A key management method and system for a SIP video surveillance networking system | |
| US20130028419A1 (en) | System and a method for use in a symmetric key cryptographic communications | |
| WO2013139079A1 (en) | Storage method, system and device | |
| CN108632251B (en) | Trusted Authentication Method and Encryption Algorithm Based on Cloud Computing Data Service | |
| Yuan et al. | Enabling secure and efficient video delivery through encrypted in-network caching | |
| Athena et al. | Survey on public key cryptography scheme for securing data in cloud computing | |
| US7886160B2 (en) | Information processing apparatus and method, and computer program | |
| Pachala et al. | l-PEES-IMP: lightweight proxy re-encryption-based identity management protocol for enhancing privacy over multi-cloud environment | |
| CN118827245A (en) | A decentralized distributed IM system and method | |
| CN119358003A (en) | Method, device and storage medium for secure storage of power grid privileged access credentials | |
| Latif et al. | Machine Learning Empowered Security and Privacy Architecture for IoT Networks with the Integration of Blockchain. | |
| Maffina et al. | An improved and efficient message passing interface for secure communication on distributed clusters | |
| Darwish et al. | Privacy and security of cloud computing: a comprehensive review of techniques and challenges | |
| Xiong et al. | Secure multimedia distribution in cloud computing using re-encryption and fingerprinting | |
| CN111262901B (en) | Many-to-many communication system and operation method thereof | |
| Tukkoji | Secure Data Storage in Cloud Computing Using Code Based McEliece and NTRU Cryptosystems | |
| Shah et al. | Third party public auditing scheme for security in cloud storage | |
| Ahammed et al. | A Novel Approach using Multi Cloud for Securing Cloud Data. |