分布式账本技术的发展历程研究综述

物联网、人工智能、大数据等众多领域缺乏量身定制的安全隐私技术保障,基于分布式账本技术(DLT)的系统作为一种分散的数据管理方法可以很好地满足其安全需求,因此基于分布式账本技术的系统层出不穷。为了帮助后续的研究者更全面快速地了解分布式账本技术,梳理了近年来基于分布式账本的研究成果,分别从数据结构、技术原理、共识机制和性能等多个角度对区块链进行深入分析,并且基于当前研究现状详细比较分析了分布式账本技术的一些最新进展,如哈希图(Hashgraph)、全链(Holochain)和初链(Truechain)等。最后总结了该领域未来的发展前景。     

基于区块链的去中心化物品共享交易服务系统

随着共享经济的发展，对于高可信的分布式交易管理具有迫切的需求，然而，传统的中心化信息系统难以满足。区块链技术提供了一种共享账本机制，为构建可信的分布式交易管理奠定了基础。以支持智能合约的区块链2.0平台——以太坊平台作为基础框架，深入研究基于区块链技术的去中心化共享物品交易服务系统的运行机制与实现技术。设计了基于以太坊的去中心化物品共享交易服务系统框架，提出了基于智能合约机制的交易管理处理流程，详细描述了包括用户接口在内的系统实现技术，并对该系统在交易处理上的性能进行了实验测试。实验结果表明，基于以太坊的交易服务系统在保证交易数据可信性的基础上，平均交易处理速度为每秒21.7条，有索引查询速度为每秒117.6条，具有较高的运行效率。     

区块链与可信数据管理:问题与方法

作为支撑比特币实现无中心高可信的账本管理的技术,区块链在金融领域得到了广泛关注.区块链实现了不完全可信环境中的可信数据管理,具有去中心化、防篡改、不可抵赖、强一致和完整性等特性,同时也具有高延迟和低吞吐率的性能问题.在互联网技术发展,新型应用层出不穷的大背景下,借鉴区块链在数字加密货币应用中的成功经验,探索可信数据管理的理论、技术,并设计、实现系统,是学术界所面临的重要问题.本文从可信数据管理角度,介绍区块链相关的技术和研究进展,包括分布式共识、智能合约、数据溯源等,并分析应用对可信数据管理所提的需求和研究挑战.     

区块链在水利行业政府网站防篡改中的应用研究

水利行业各级政府网站所发布的信息应该及时、准确、权威,信息一旦被篡改,将会严重影响国家安全,损坏水利政府部门公信力和形象,传统防篡改系统存在默认信任特定节点,底稿存储不可靠等问题。为更好地保障水利行业政府网站信息安全,降低入侵风险,通过研究区块链的分布式记账原理和可信去中心化特点,提出一种基于区块链和分布式存储的新型防篡改系统。利用区块链的去中心化的信任机制和分布式存储的安全性,新型防篡改系统能够消除单点薄弱环节,可靠存储底稿文件,不需信任特定节点。测试结果表明：与传统防篡改系统相比,新型防篡改系统能够更好地满足水利行业政府网站在防篡改领域的需求,保证水利行业政府网站发布的内容得到有效保护,保护水利行业政府网站免遭篡改的侵害。     

基于DAG的分布式账本共识机制研究

自2008年比特币出现以来,研究学者相继提出了多种分布式账本技术,其中,区块链是当前分布式账本最主要的实现形式之一.但当前区块链中存在一个核心问题:可扩展性瓶颈.具体而言,区块链的吞吐量严重不足,且其交易确认也较为缓慢,这些因素极大地限制了它的实际应用.在此背景下,基于DAG(有向无环图)的分布式账本因其具有高并发特性,有望突破传统区块链中的性能瓶颈,从而受到了学术界和产业界越来越多的关注和研究.在基于DAG的分布式账本中,最为核心和关键的技术是其共识机制,为此,对该关键技术进行了系统深入的研究.首次从共识形态出发将现有基于DAG的分布式账本分为以下3类:基于主干链的DAG账本;基于平行链的DAG账本;基于朴素DAG的账本.在此基础上,对不同类型的共识机制本质原理及特性进行了深入阐述,并从不同层面对它们进行了详细的对比分析.最后,指出基于DAG的共识机制研究中存在的问题与挑战,并给出进一步的研究方向.     

一种弱中心化的银行可信数据管理方案

针对传统银行系统的中心化数据存储模式高效便捷但不透明、而新兴的去中心化的应用系统公开透明但共识机制低效的问题,提出了一种面向银行系统的总分双链的弱中心化可信数据管理方案。该模式的核心思想是应用区块链技术打造彼此交叉且相互印证的总分双链的数据存储结构,并利用分户账回溯定位技术,结合大量轻客户端基于密码学技术的分布式监督为个体提供交易验证的可能,从而实现数据的中心化可信存储与管理。它将中心化的数据存储与去中心化的数据验证相结合,从而兼有中心化管理的高效性和分布式机制的透明性,其本质上是一种民主监督下的中心模式,在满足银行独立,完全掌控数据的同时能够自证清白,并兼顾隐私与监督之间的平衡。     

基于Ethereum的房地产供应链系统设计与实现

以太坊区块链技术是当今互联网时代的一项具有创新性、革命性的综合型分布式数据库账本技术,具有去中介化、自治性、数据不可篡改、可追溯、可编程等特点。分析了传统房地产供应链存在的不足,运用新兴的区块链技术,设计了基于以太坊智能合约的房地产供应链系统。给出了该系统的系统模型,包括系统流程和系统架构两部分。具体说明了系统所涉及到的四个功能模块。展示了系统的工作流程,并讨论了区块链+房地产供应链存在的问题。对区块链应用于房地产供应链领域进行总结,旨在为未来更好地将区块链应用于房地产供应链提供参考。     

区块链关键技术的研究进展

区块链是一种将时序数据以链式结构组合而成、以密码学机制保证交易数据不可篡改的分布式账本,是一种新型分布式计算模式与去中心化基础构架。区块链技术具有去中心化、建立信任关系、集体维护、交易公平和透明、不可篡改、可溯源等特征,已成为工业界和学术界的研究热点。介绍了区块链的组成元素,详细阐述了区块链的基本原理、智能合约、共识机制等关键技术,结合金融、物联网、供应链、医疗系统应用场景,讨论了其利用区块链技术的优化方向。总结了区块链技术在安全、效率、隐私保护等方面存在的不足,给出了相应的应对措施。提出了改进共识机制、匿名性和系统吞吐量的有效方法,为区块链技术的进一步发展和完善提供有益的借鉴和指导。     

基于区块链技术的公益时间银行系统

在现有的时间银行系统中，时间币的发行功能和结算功能完全集中到一个中心节点上。这种极度中心化的功能结构，不仅存在容易发生中心节点单点失效、数据容易被篡改等信息安全问题，还存在着时间币的发行和流通缺乏透明度以及时间币的结算依赖中心化的结算机构等问题。针对这些问题，提出了一种基于区块链技术的解决方法。首先，将时间币的发行功能和结算功能从中心节点上分离出来；然后，利用具有分布式去中心化、集体维护和不可篡改等特性的区块链技术，将分离出来的发行功能逐步去中心化，将分离出来的结算功能去中心化，形成公益时间链（PWTB）；最终，PWTB利用区块链技术以去中心化的方式将时间银行系统由单个节点维护账本变成由集体维护一个分布式的共享账本，使时间币的发行和流通公开透明，时间币的结算不依赖某个中心化的节点。安全分析表明所设计的PWTB能够实现安全的信息传输与存储，以及数据的共享。     

A Secure Framework for Blockchain Transactions Protection

One of the most extensively used technologies for improving the security of IoT devices is blockchain technology. It is a new technology that can be utilized to boost the security. It is a decentralized peer-to-peer network with no central authority. Multiple nodes on the network mine or verify the data recorded on the Blockchain. It is a distributed ledger that may be used to keep track of transactions between several parties. No one can tamper with the data on the blockchain since it is unchangeable. Because the blocks are connected by hashes, the transaction data is safe. It is managed by a system that is based on the consensus of network users rather than a central authority. The immutability and tamper-proof nature of blockchain security is based on asymmetric cryptography and hashing. Furthermore, Blockchain has an immutable and tamper-proof smart contract, which is a logic that enforces the Blockchain’s laws. There is a conflict between the privacy protection needs of cyber-security threat intelligent (CTI) sharing and the necessity to establish a comprehensive attack chain during blockchain transactions. This paper presents a blockchain-based data sharing paradigm that protects the privacy of CTI sharing parties while also preventing unlawful sharing and ensuring the benefit of legitimate sharing parties. It builds a full attack chain using encrypted threat intelligence and exploits the blockchain’s backtracking capacity to finish the decryption of the threat source in the attack chain. Smart contracts are also used to send automatic early warning replies to possible attack targets. Simulation tests are used to verify the feasibility and efficacy of the suggested model.     

区块链隐私保护研究与实践综述

基于区块链的分布式账本，集成了非对称加密体系、P2P网络、共识算法、智能合约等多种技术，保证事务记录的一致性和不可篡改性.但是，区块链技术中的账本共享机制也带来了隐私威胁，用户身份、账户地址、交易内容等信息的隐私保护成为研究的关注点.讨论了区块链系统中的隐私威胁；着重分析了地址混淆、信息隐藏、通道隔离等3类隐私保护机制，详细介绍各类机制的原理、模型、特征及实现技术；最后探讨了实际应用中，区块链隐私保护技术在系统性能和可扩展性方面的挑战和发展方向.     

基于身份密码系统和区块链的跨域认证协议

随着信息网络技术的快速发展和网络规模的持续扩张,网络环境中提供的海量数据和多样服务的丰富性和持久性都得到了前所未有的提升.处于不同网络管理域中的用户与信息服务实体之间频繁交互,在身份认证、权限管理、信任迁移等方面面临一系列安全问题和挑战.本文针对异构网络环境中用户访问不同信任域网络服务时的跨域身份认证问题,基于IBC身...     

Blockchain and Artificial Intelligence Applications to Defeat COVID-19 Pandemic

The rapid emergence of novel virus named SARS-CoV2 and unchecked dissemination of this virus around the world ever since its outbreak in 2020, provide critical research criteria to assess the vulnerabilities of our current health system. The paper addresses our preparedness for the management of such acute health emergencies and the need to enhance awareness, about public health and healthcare mechanisms. In view of this unprecedented health crisis, distributed ledger and AI technology can be seen as one of the promising alternatives for fighting against such epidemics at the early stages, and with the higher efficacy. At the implementation level, blockchain integration, early detection and avoidance of an outbreak, identity protection and safety, and a secure drug supply chain can be realized. At the opposite end of the continuum, artificial intelligence methods are used to detect corona effects until they become too serious, avoiding costly drug processing. The paper explores the application of blockchain and artificial intelligence in order to fight with COVID-19 epidemic scenarios. This paper analyzes all possible newly emerging cases that are employing these two technologies for combating a pandemic like COVID-19 along with major challenges which cover all technological and motivational factors. This paper has also discusses the potential challenges and whether further production is required to establish a health monitoring system.     

企业级区块链技术综述

在传统跨机构交易的企业应用中,各个机构都是独立记录己方的交易数据,机构间数据的差异会引起争议,通常需要人工对账或中介机构来解决,因而增加了结算时间和交易费用.区块链技术实现了交易数据在写入前共识验证、写入后不可篡改的分布式记账,可信地保证了多机构间的数据一致性,避免了人工对账和中介机构.区块链是一种去中心化、不可篡改、可追溯、可信的、多方共享的分布式数据库,企业级区块链是节点加入需经许可的适用于企业级应用的区块链技术.结合Hyperledger Fabric,Corda和Quorum等企业级区块链平台,提出了企业级区块链的系统架构;从交易流程、区块链网络、共识机制、区块链数据、智能合约、隐私保护几方面阐述了企业级区块链的原理与技术;针对企业级区块链的现状,总结了当前的研究挑战与未来的发展趋势.     

基于区块链的汽车供应链产品追溯系统

区块链作为新兴的分布式数据库技术,具有公开透明、不可篡改和易于追溯等特征,与供应链产品溯源具有良好的契合度。针对汽车供应链面临的缺乏信任、溯源难度大及信息共享效率低等问题,运用区块链技术,设计了基于区块链的汽车供应链产品追溯系统。选用以太坊作为系统的开发平台,设计了授权管理、信息录入、溯源转移和链上查询等功能模块,根据功能需求设计了智能合约,增加了对敏感数据的处理环节。系统中配置了原材料供应商、零部件供应商、整车厂以及分销商4个参与主体,提供了监管部门与消费者的溯源接口。通过实例对溯源系统进行展示。研究表明：区块链溯源系统与传统的溯源方式相比,产品数据的安全性和溯源效率等方面具有明显优势。     

Decentralized data access control over consortium blockchains

Blockchain is an emerging data management technology that enables people in a collaborative network to establish trusted connections with the other participants. Recently consortium blockchains have raised interest in a broader blockchain technology discussion. Instead of a fully public, autonomous network, consortium blockchain supports a network where participants can be limited to a subset of users and data access strictly controlled. Access control policies should be defined by the respective data owner and applied throughout the network without requiring a centralized data administrator. As a result, decentralized data access control (DDAC) emerges as a fundamental challenge for such systems. However, we show from a trust model for consortium collaborative networks that current consortium blockchain systems provide limited support for DDAC. Further, the distributed, replicated nature of blockchain makes it even more challenging to control data access, especially read access, compared with traditional DBMSes. We investigate possible strategies to protect data from being read by unauthorized users in consortium blockchain systems using combinations of ledger partitioning and encryption strategies. A general framework is proposed to help inexperienced users determine appropriate strategies under different application scenarios. The framework was implemented on top of Hyperledger Fabric to evaluate feasibility. Experimental results along with a real-world case study contrasted the performance of different strategies under various conditions and the practicality of the proposed framework.     

ShadowEth: Private Smart Contract on Public Blockchain

Blockchain is becoming popular as a distributed and reliable ledger which allows distrustful parties to transact safely without trusting third parties. Emerging blockchain systems like Ethereum support smart contracts where miners can run arbitrary user-defined programs. However, one of the biggest concerns about the blockchain and the smart contract is privacy, since all the transactions on the chain are exposed to the public. In this paper, we present ShadowEth, a system that leverages hardware enclave to ensure the confidentiality of smart contracts while keeping the integrity and availability based on existing public blockchains like Ethereum. ShadowEth establishes a confidential and secure platform protected by trusted execution environment (TEE) off the public blockchain for the execution and storage of private contracts. It only puts the process of verification on the blockchain. We provide a design of our system including a protocol of the cryptographic communication and verification and show the applicability and feasibility of ShadowEth by various case studies. We implement a prototype using the Intel SGX on the Ethereum network and analyze the security and availability of the system.     

轻量级区块链技术综述

传统的区块链技术为了保证交易账本的全网共识和不可篡改性,要求矿工节点具有强大的计算能力和足够的存储空间,这就限制了资源受限的设备加入区块链.近几年,区块链技术已经拓展到金融经济、医疗健康、物联网、供应链等多个领域,但是这些应用场景存在大量算力弱、存储容量低的设备,这给区块链的应用带来了巨大挑战.为此轻量级的区块链技术应运而生.从轻量级计算和轻量级存储两方面出发,总结当前轻量级区块链的研究现状,对比分析各个方案的优缺点.最后展望未来轻量级区块链的发展.     

Blockchain-based application for the traceability of complex assembly structures

Production processes are becoming increasingly complex and decentralized, spanning across multiple manufacturing areas, factories, and even countries. Thereby is the development of a holistic and data-continuous traceability system, which provides transparency of records for the entire manufacturing flow from raw materials to the final product, one of the main challenges. While some solutions already address traceability issues in supply chain management and manufacturing, customized and volatile industries, in which each product features a unique configuration, are still lacking appropriate models and proofs of concept. In this research, we develop a decentralized blockchain application called TokenTrail, which focuses on the specific traceability requirements of multi-hierarchical assembly structures. The proposed blockchain architecture is based on a consortium Ethereum network and a Proof of Authority consensus, which delivers a trusted and shared database within an economic processing framework. To overcome the challenges of managing liaison transformations, we develop an assembly token manager based on the semi-fungible ERC 1155 token, which enables a direct representation of complex assembly processes and structures containing unique parts and batches within one smart contract. A user-friendly front-end application simplifies the querying of the recorded traceability data and visualizes existing dependencies.     

基于区块链的物联网认证机制综述

随着物联网(Internet of Things, IoT)技术的高速发展,各类智能设备数量激增,身份认证成为保障IoT安全的首要需求.区块链作为一种分布式账本技术,提供了去信任的协作环境和安全的数据管理平台,使用区块链技术驱动IoT认证成为学术界和工业界关注的热点.基于云计算和云边协同两种架构分析IoT身份认证机制设计的主要需求,总结区块链技术应用于IoT场景面临的挑战;梳理现有IoT身份认证机制的工作,并将其归结为基于密钥的认证、基于证书的认证和基于身份的认证;分析应用区块链技术的IoT认证工作,并根据认证对象和附加属性对相关文献进行归纳和总结.从形式化和非形式化两个方向总结基于区块链的IoT认证机制的安全性分析方法.最后展望了未来研究方向.