计算机工程与应用 ›› 2023, Vol. 59 ›› Issue (12): 242-257.DOI: 10.3778/j.issn.1002-8331.2210-0243

• 网络、通信与安全 • 上一篇    下一篇

融合区块链智能合约的日志安全保护模型

刘逸帆,万剑雄,高昊昱,杨艳艳   

  1. 1.内蒙古工业大学 数据科学与应用学院,呼和浩特 010080
    2.内蒙古自治区基于大数据的软件服务工程技术研究中心,呼和浩特 010080
    3.教育部大规模储能技术工程研究中心,呼和浩特 010080
    4.海南大学 网络空间安全学院,海口 570228
    5.牛津(海南)区块链研究院有限公司,海南 澄迈 571924
  • 出版日期:2023-06-15 发布日期:2023-06-15

Log Security Protection Model Incorporating Blockchain Smart Contracts

LIU Yifan, WAN Jianxiong, GAO Haoyu, YANG Yanyan   

  1. 1.College of Data Science and Application, Inner Mongolia University of Technology, Hohhot 010080, China
    2.Inner Mongolia Autonomous Region Engineering & Technology Research Center of Big Data Based Software Service, Hohhot 010080, China
    3.Engineering Research Center of Large-Scale Energy Storage Technologies, Ministry of Education, Hohhot 010080, China
    4.School of Cyberspace Security, Hainan University, Haikou 570228, China
    5.Oxford-Hainan Blockchain Research Institute, Chengmai, Hainan 571924, China
  • Online:2023-06-15 Published:2023-06-15

摘要: 区块链技术因其不可篡改和可追溯性等特点,在数据完整性保护方面具有很大优势。在数据量较大的日志数据保护场景中,数据的真实性、完整性、机密性都有很高要求,而现有方法并不能兼顾。因此,设计了一种基于区块链智能合约的日志安全保护模型,提出日志数据微观保护环境(micro log data protect environment,MiLDPE)和日志数据宏观保护环境(macro log data protect environment,MaLDPE)的概念。MiLDPE是用硬件SGX技术实现可信计算的区块链节点,其确保日志数据仅能在产生它的节点上审计。MaLDPE是一个多MiLDPE节点组成的去中心化区块链集群,由一组智能合约实现日志数据访问控制,并通过随机节点选择算法保障日志数据的完整性和机密性。通过大量实验研究,证实该模型性能达到了预期要求。

关键词: 日志数据保护, 区块链, 智能合约, SGX, 可信计算

Abstract: Blockchain is a promising technology for data integrity protection due to its non-tampering and traceability. Current works cannot well balance the authenticity, integrity and confidentiality for the large-scale log data protection. To address this issue, a log data security protection model based on smart contract, including micro log data protect environment(MiLDPE) and macro log data protect environment(MaLDPE), is proposed. MiLDPE is the blockchain node associated with the hardware level trusted computing SGX technology to guarantee that the log data can only be audited on the node that generated it. MaLDPE is a cluster of MiLDPE nodes where the log data access is controlled by a group of smart contracts and the log data integrity and confidentiality is ensured by a random node selection algorithm. Finally, the performance of proposed model is demonstrated and verified through numerical experiments.

Key words: log data protection, blockchain, smart contract, SGX, trust computing