基于区块链的堡垒机日志分析系统设计与实现  

作　　者：代雅琳 张爱清[1] 余斌 周桐 DAI Yalin;ZHANG Aiqing;YU Bin;ZHOU Tong(School of Physical and Electronic Information,Anhui Normal University,Wuhu 241000;Network and Information Center,Hefei Institutes of Physical Science,Chinese Academy of Sciences,Hefei 230031;Graduate School,University of Science and Technology of China,Hefei 230026;Hefei Institute of Technology Innovation,Chinese Academy of Science,Hefei 230011)

机构地区：[1]安徽师范大学物理与电子信息学院,芜湖241000 [2]中国科学院合肥物质科学研究院信息中心,合肥230031 [3]中国科学技术大学研究生院科学岛分院,合肥230026 [4]中国科学技术学院合肥技术创新工程院,合肥230011

出　　处：《计算机与数字工程》2024年第8期2294-2299,2354,共7页Computer & Digital Engineering

基　　金：安徽省自然科学基金优秀青年科学基金项目(编号:2108085Y22);高等学校区块链技术创新应用计划(编号:202qkl18)资助。

摘　　要：现有的堡垒机运维和审计过程中存在操作日志被篡改、管理员权利过大、中心化身份认证和资源不受控制等问题,论文设计并实现一套基于区块链的堡垒机日志分析系统,利用智能合约和星际文件系统,将堡垒机的管理、运维、审计等操作日志数据锚定在区块链上,形成可追溯、不可篡改的记录。结合智能合约、数据上链存证等技术,为用户提供运维审计流程的完整信息记录,也为个体公司或者司法机构提供数据无失真的证据保留和追责方法。系统实现及分析结果表明,该系统为现有不同类型的堡垒机系统提供辅助应用,具有不可篡改、可信度高、可溯源等特点,为堡垒机的管理和运维提供了新的思路和技术支持。The existing bastion machine has the problems such as the operation logs being tampered with in the operation and audit process,the administrator has too much power,centralized identity authentication and the resources are not under control.A blockchain-based bastion machine log analysis system is designed and implemented.The logs for management,operation,and audit of the fortress is anchored on the block chain by using smart contract and on-chain storage technology.It forms a traceable and tamper-free record.Through the combination of smart contract,digital signature,and other technologies,it provides users with completed information records of the operation and maintenance audit process.It also provides individual companies or judicial institutions with evidence retention and accountability methods for data distortion.According to the system implementation and analysis results,this system can provide auxiliary applications for different customized versions of the existing fortress fighter system.It has the characteristics of immutability,high reliability,and traceability.It also provides new ideas and technical support for the management,operation,and maintenance for fortress fighter.

关 键 词：区块链 堡垒机 智能合约 星际文件系统 日志分析 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]