| Blockchain provides a distributed ledger to record transactions with the advantages of decentralization,high autonomy,and traceability of transactions,and has been extended from the financial field to various fields such as e-government,cloud service,Internet of Things,and supply chain.Usually,in order to ensure the secure writing and access of transactions,scenarios such as medical data sharing and cloud service provider collaboration will use permission blockchain to build a closed consortium to achieve secure transactions,collaboration and sharing.However,these scenarios eventually need to provide services to users outside the permission blockchain,so it is important to solve the problem of secure data interaction between the closed consortium based on the permission blockchain and external users.To address the above issue,this paper proposes a data transmission mechanism based on public-private blockchain interoperability,taking a closed consortium of cloud service providers built by a private blockchain as an example.In this paper,we first study and build a decentralized cloud service business model,consider the security challenges in the data link,and propose using the public blockchain as a decentralized open interface to ensure secure data transmission by achieving public-private blockchain interoperability.Among them,this paper designs a user request propagation mechanism to ensure the security and activity of the decentralized interface and to solve the Byzantine Generals Problem faced by the closed consortium.In addition,to ensure the verifiability of response,this paper proposes GoCosi,a disordered signature collection protocol based on gossip propagation,which enables the client to verify the validity of the closed consortium response while tolerating the single point of failure in the consortium and improving the security of the response link.Based on the above business model and data transmission mechanism,this paper designs and implements a Proof of Concept(PoC)system to verify the feasibility of the data transmission mechanism.In the PoC system,users can access the list of Virtual Machine(VM)resources provided by the consortium and request the allocation of VM resources to the consortium by submitting resource configurations without joining the private blockchain network.This paper describes in detail the use case,architecture and technical implementation of the system,and illustrates the system workflow in detail with presentations.Finally,this paper analyzes the performance of the blockchain and the disordered signature collector based on GoCosi used in the PoC system.The results show that our system can operate with acceptable latency and low computational overhead of the components,and that GoCosi is more fault-tolerant than other signature collection algorithms,which improves the overall link security and proves that the data transmission mechanism is feasible. |
PDF Full Text Request