计算机科学

计算机科学 ›› 2020, Vol. 47 ›› Issue (3): 298-303.doi: 10.11896/jsjkx.190200298

• 信息安全 • 上一篇    下一篇

基于链上链下相结合的日志安全存储与检索

吕建富1,赖英旭1,2,刘静1   

  1. (北京工业大学信息学部 北京100124)1;
    (信息保障技术重点实验室 北京100072)2
  • 收稿日期:2019-02-15 出版日期:2020-03-15 发布日期:2020-03-30
  • 通讯作者: 赖英旭(laiyingxu@bjut.edu.cn)
  • 基金资助:
    青海省自然科学基金资助项目(2017-ZJ-912);信息保障技术重点实验室基金(614211204031117)

Log Security Storage and Retrieval Based on Combination ofOn-chain and Off-chain

LV Jian-fu1,LAI Ying-xu1,2,LIU Jing1   

  1. (Faculty of Information Technology, Beijing University of Technology, Beijing 100124, China)1;
    (Science and Technology on Information Assurance Laboratory, Beijing 100072, China)2
  • Received:2019-02-15 Online:2020-03-15 Published:2020-03-30
  • About author:LV Jian-fu,born in 1993,postgraduate.His main research interests include cyber security,and blockchain. LAI Ying-xu,born in 1973,Ph.D,professor,Ph.D supervisor.Her main research interests include computer network and cyber security.
  • Supported by:
    This work was supported by Qinghai Provincial Natural Science Foundation (2017-ZJ-912) and Foundation of Science and Technology on Information Assurance Laboratory (614211204031117).

PDF (PC)

1334

摘要: 信息系统中存在着大量的安全设备日志,这些安全设备日志对系统监控、查询、安全审计和故障诊断等都十分重要,因此对其进行安全存储与处理具有重要意义。文中提出了一种基于链上链下相结合的日志安全存储与检索模型,该模型结合区块链与分布式存储技术,实现了去中心化、去信任、数据难以篡改的安全设备日志存储,并对外向安全管理员提供密文检索接口,同时可以利用区块链技术实现数据的完整性校验。安全性分析论证了该模型能够保证安全设备日志的安全可靠存储,同时性能分析证明了该模型具有良好的检索效率。

关键词: 安全存储, 安全设备日志, 密文检索, 区块链, 完整性校验

Abstract: There are a large number of security device logs in the information system.These security device logs are very important for system monitoring,query,security auditing and fault diagnosis.Therefore,it is important to securely store and process the security device logs in the information system.This paper proposed a log security storage and retrieval model based on the combination of on-chain and off-chain.This model combines blockchain and distributed storage technology,achieves security log storage which is decentralized,detrusted, andhard to tamper with data,and provides a ciphertext retrieval interface to security administrators externally.At the same time, it can use blockchain technology to realize data integrity check.The security analysis demonstrates that the model can ensure the secure and reliable storage of security device logs,and the performance analysis proves that the model has good retrieval efficiency.

Key words: Blockchain, Ciphertext retrieval, Integrity check, Secure storage, Security device log

中图分类号: 

  • TP309
[1]KUMAR M,SINGH A K,KUMAR T V S.Secure Log Storage Using Blockchain and Cloud Infrastructure[C]∥2018 9th International Conference on Computing,Communication and Networking Technologies (ICCCNT).Washington D C:IEEE,2018:1-4.
[2]CHONG C N,PENG Z,HARTEL P H.Secure audit logging with tamper-resistant hardware[C]∥IFIP International Information Security Conference.Boston:Springer,2003:73-84.
[3]WANG G,WANG Z,SUN J,et al.An Audit Log Protection Mechanism Based on SecurityChip[C]∥InternationalConfe-rence on Trusted Systems.Cham:Springer,2015:226-233.
[4]HOLT J E.Logcrypt:forward security and public verification for secure audit logs[C]∥Proceedings of the 2006 Australasian Workshops on Grid Computing and E-research.New York:ACM,2006,167:203-211.
[5]YAVUZ A A,NING P.Baf:An efficient publicly verifiable secure audit logging scheme for distributed systems[C]∥2009 Annual Computer Security Applications Conference.Washington D C:IEEE,2009:219-228.
[6]NAKAMOTO S.Bitcoin:A peer-to-peer Electronic Cash System[OL].https://bitcoin.org/bitcoin.pdf.
[7]YUAN Y,WANG F Y.Blockchain:The State of the Art and Future Trends[J].Acta AutomaticaSinica,2016,42(4):481-494.
[8]SHAO Q F,JIN C Q,ZHANG Z,et al,Blockchain:Architecture and Reasearch Progress[J].Chinese Journal of Computer,2018,41(5):969-988.
[9]MINGXIAOD,XIAOFENG M,ZHE Z,et al.Areview on consensus algorithm of blockchain[C]∥2017 IEEE International Conference on Systems,Man,and Cybernetics (SMC).Wa-shington D C:IEEE,2017:2567-2572.
[10]CASTROM,LISKOV B.Practical byzantine fault tolerance and proactive recovery[J].ACM Transactions on Computer Systems,2002,20(4):398-461.
[11]BUTERINV.A next-generation smart contract and decentrali- zed application platform[R].2014.
[12]CACHINC.Architecture of the hyperledger blockchain fabric [C]∥Workshop on Distributed Cryptocurrencies and Consensus Ledgers.2016.
[13]BROWNR G.Introducing r3 cordatm:A distributed ledger designed for financial services[R].R3:Corda,2016.
[14]MCCONAGHYT,MARQUESR,MÖLLERA,et al.Bigchain- DB:A scalable blockchain database[R].GmbH:BigchainDB,2016.
[15]Bigchaindb White Paper.BigchainDB:Ascalableblockchain database[EB/OL].(2017-01-11).https://www.bigchaindb.com/whitepaper/bigchaindb-whitepaper.pdf.
[16]ANDREW M,ARI J,ELAINE S,et al.Permacoin:Repurposing bitcoin work for data preservation [C]∥Proceedings of IEEE Symposium on Security and Privacy.Washington D C:IEEE,2014:475-490.
[17]BINANDA S,SAMIRAN B,SUSHMITA R,et al.Retricoin: Bitcoinbased on compact proofs of retrievability[C]∥Procee-dings of the 17th International Conference on Distributed Computing and Networking.New York:ACM,2016:14:1-10.
[18]RUJ S,RAHMAN M S,BASU A,et al.BlockStore:A Secure Decentralized Storage Framework on Blockchain[C]∥2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA).Washington D C:IEEE,2018:1096-1103.
[19]ALI D,SALIL S,RAJA J.Blockchain in Internet of Things:Challenges and solutions[EB/OL].(2015-11-12).httpsarxiv. org/ftp/arxiv/papers/1608/160-8.05187.pdf.
[20]MUNEEB A,JUDE C,RYAN S,et al.Blockstack:A globalnaming and storage system secured by blockchains[C]∥Proceedings of the 2016 USE-NIX Annual Technical Conference.Denver:USENIX Association,2016:181-194.
[21]JUDEN,MUNEEB A.Extending existing blockchains with virtualchain[EB/OL].(2016-12-13).http://www.zurich.ibm.com/dccl/paper-s/nelson_dccl_slides.pdf.
[22]LIU Y,CHEN H,HU F.A blockchain-based verification for sharing data securely[C]∥2017 International Conference on Progress in Informatics and Computing (PIC).Washington D C:IEEE,2017:249-253.
[23]LIU B,YU X L,CHEN S,et al.Blockchain based data integrity service framework for IoT data[C]∥2017 IEEE International Conference on Web Services(ICWS).Washington D C:IEEE,2017:468-475.
[24]THEODOULI A,ARAKLIOTIS S,MOSCHOU K,et al.On the design of a Blockchain-based system to facilitate Healthcare Data Sharing[C]∥2018 17th IEEE International Conference On Trust,Security And Privacy in Computing and Communications.Washington D C:IEEE,2018:1374-1379.
[25]ALOMAR A,BHUIYAN M Z A,BASU A,et al.Privacy- friendly platform for healthcare data in cloud based on blockchain environment[J].Future Generation Computer Systems,2019,95(6):511-521.
[1] 王子凯, 朱健, 张伯钧, 胡凯.
区块链与智能合约并行方法研究与实现
Research and Implementation of Parallel Method in Blockchain and Smart Contract
计算机科学, 2022, 49(9): 312-317. https://doi.org/10.11896/jsjkx.210800102
[2] 傅丽玉, 陆歌皓, 吴义明, 罗娅玲.
区块链技术的研究及其发展综述
Overview of Research and Development of Blockchain Technology
计算机科学, 2022, 49(6A): 447-461. https://doi.org/10.11896/jsjkx.210600214
[3] 高健博, 张家硕, 李青山, 陈钟.
RegLang:一种面向监管的智能合约编程语言
RegLang:A Smart Contract Programming Language for Regulation
计算机科学, 2022, 49(6A): 462-468. https://doi.org/10.11896/jsjkx.210700016
[4] 毛典辉, 黄晖煜, 赵爽.
符合监管合规性的自动合成新闻检测方法研究
Study on Automatic Synthetic News Detection Method Complying with Regulatory Compliance
计算机科学, 2022, 49(6A): 523-530. https://doi.org/10.11896/jsjkx.210300083
[5] 李博, 向海昀, 张宇翔, 廖浩德.
面向食品溯源场景的PBFT优化算法应用研究
Application Research of PBFT Optimization Algorithm for Food Traceability Scenarios
计算机科学, 2022, 49(6A): 723-728. https://doi.org/10.11896/jsjkx.210800018
[6] 周航, 姜河, 赵琰, 解相朋.
适用于各单元共识交易的电力区块链系统优化调度研究
Study on Optimal Scheduling of Power Blockchain System for Consensus Transaction ofEach Unit
计算机科学, 2022, 49(6A): 771-776. https://doi.org/10.11896/jsjkx.210600241
[7] 王思明, 谭北海, 余荣.
面向6G可信可靠智能的区块链分片与激励机制
Blockchain Sharding and Incentive Mechanism for 6G Dependable Intelligence
计算机科学, 2022, 49(6): 32-38. https://doi.org/10.11896/jsjkx.220400004
[8] 孙浩, 毛瀚宇, 张岩峰, 于戈, 徐石成, 何光宇.
区块链跨链技术发展及应用
Development and Application of Blockchain Cross-chain Technology
计算机科学, 2022, 49(5): 287-295. https://doi.org/10.11896/jsjkx.210800132
[9] 阳真, 黄松, 郑长友.
基于区块链与改进CP-ABE的众测知识产权保护技术研究
Study on Crowdsourced Testing Intellectual Property Protection Technology Based on Blockchain and Improved CP-ABE
计算机科学, 2022, 49(5): 325-332. https://doi.org/10.11896/jsjkx.210900075
[10] 任畅, 赵洪, 蒋华.
一种量子安全拜占庭容错共识机制
Quantum Secured-Byzantine Fault Tolerance Blockchain Consensus Mechanism
计算机科学, 2022, 49(5): 333-340. https://doi.org/10.11896/jsjkx.210400154
[11] 冯了了, 丁滟, 刘坤林, 马科林, 常俊胜.
区块链BFT共识算法研究进展
Research Advance on BFT Consensus Algorithms
计算机科学, 2022, 49(4): 329-339. https://doi.org/10.11896/jsjkx.210700011
[12] 杨昕宇, 彭长根, 杨辉, 丁红发.
基于演化博弈的理性拜占庭容错共识算法
Rational PBFT Consensus Algorithm with Evolutionary Game
计算机科学, 2022, 49(3): 360-370. https://doi.org/10.11896/jsjkx.210900110
[13] 王鑫, 周泽宝, 余芸, 陈禹旭, 任昊文, 蒋一波, 孙凌云.
一种面向电能量数据的联邦学习可靠性激励机制
Reliable Incentive Mechanism for Federated Learning of Electric Metering Data
计算机科学, 2022, 49(3): 31-38. https://doi.org/10.11896/jsjkx.210700195
[14] 张潆藜, 马佳利, 刘子昂, 刘新, 周睿.
以太坊Solidity智能合约漏洞检测方法综述
Overview of Vulnerability Detection Methods for Ethereum Solidity Smart Contracts
计算机科学, 2022, 49(3): 52-61. https://doi.org/10.11896/jsjkx.210700004
[15] 范家幸, 王志伟.
基于门限环签名的分级匿名表决方案
Hierarchical Anonymous Voting Scheme Based on Threshold Ring Signature
计算机科学, 2022, 49(1): 321-327. https://doi.org/10.11896/jsjkx.201000032
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发