A trusted storage method and device based on blue light storage

By constructing a twin operating space in the Blu-ray storage system for trusted verification and grafting point isolation, the shortcomings of Blu-ray storage in data trusted verification and access control are solved, thus realizing the security and trustworthiness of data storage.

CN122241778APending Publication Date: 2026-06-19BEIJING ZHONGLING QITIAN INFORMATION TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
BEIJING ZHONGLING QITIAN INFORMATION TECH CO LTD
Filing Date
2026-03-23
Publication Date
2026-06-19

Smart Images

  • Figure CN122241778A_ABST
    Figure CN122241778A_ABST
Patent Text Reader

Abstract

This invention discloses a trusted storage method and apparatus based on Blu-ray storage, relating to the field of data storage security technology. The method involves determining the data to be stored and sending it to a management server for scheduling. The Blu-ray storage disk is set as the target object for scheduling. A twin operation space is constructed between the management server and the target object. When the scheduled data to be stored is confirmed to be sent to the target object, storage-related operations are performed in the twin operation space, and the storage-related operations are verified for trustworthiness. Several grafting points are set in the twin operation space. Data that fails the trustworthiness verification is marked as untrustworthy data and isolated at the grafting points. The data to be stored after all untrustworthy data has been isolated is used as the final stored data and stored in the target object. All operations on the target object are subject to access control. This invention overcomes the shortcomings of Blu-ray storage in data trustworthiness verification, access control, and full lifecycle tracking.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of data storage security technology, specifically to a trusted storage method and apparatus based on Blu-ray storage. Background Technology

[0002] Blu-ray storage, as an optical storage technology, has natural advantages such as shorter wavelength, higher storage density, longer lifespan, resistance to electromagnetic interference, and physical immutability. Its WORM characteristic perfectly meets the requirements for anti-tampering.

[0003] However, simple Blu-ray storage solutions focus primarily on long-term data backup and archiving, with an emphasis on capacity expansion and cost optimization. For example, they utilize the physical characteristics of optical discs and RAID technology to improve reliability, and achieve performance balance and cost optimization through media fusion and hierarchical storage management. However, they are inadequate in areas such as data trust verification, access control, and full lifecycle traceability, and cannot form a complete trusted storage system.

[0004] Therefore, how to fully utilize the inherent advantages of Blu-ray storage and build a reliable storage solution has become an urgent technical problem to be solved. Summary of the Invention

[0005] The purpose of this invention is to provide a reliable storage method and apparatus based on Blu-ray storage to address the shortcomings in the prior art.

[0006] To achieve the above objectives, the present invention provides the following technical solution: a trusted storage method based on Blu-ray storage, comprising the following steps: Step S1: Determine the data to be stored, transfer the data to the management server for scheduling, set the target object for scheduling, the target object is the Blu-ray storage disk, and build a twin operation space between the management server and the target object; Step S2: When it is confirmed that the data to be stored is scheduled to the target object, the target object and the management server perform storage-related operations in the twin operation space, and perform trusted verification on the storage-related operations; Step S3: Set up several grafting points in the twin operation space, mark the data that has not passed the trusted verification as untrusted data, and isolate the untrusted data at each grafting point; Step S4: Take the data to be stored after all the data of the breach of trust has been isolated as the final storage data, store the final storage data in the target object, and perform permission tracking for all operations on the target object.

[0007] In a preferred embodiment, the process of determining the data to be stored and transferring the data to the management server for scheduling includes: Define all the data that needs to be stored on the Blu-ray storage disk as the data to be stored; Deploy a management and control server, which is used to receive, cache, schedule and distribute data. The management and control server adopts a multi-level caching architecture. Set the location of the data to be stored as the communication start point and the location of the management server as the communication end point. Build a corresponding information transmission channel between the communication start point and the communication end point, and send the data to be stored to the location of the management server through the information transmission channel. Set the scheduling cycle of the management server, set the target object for the scheduling, the target object is the Blu-ray storage disk, and schedule the data to be stored to several areas within the Blu-ray storage disk, with each area corresponding to different data access permissions.

[0008] In a preferred embodiment, the process of establishing a twin operating space between the management server and the target object includes: A server operation port is created based on the management server, and a disk operation port is created for the Blu-ray storage disk. The disk areas with different data access permissions corresponding to the Blu-ray storage disk are used as disk operation objects of the disk operation port. A twin space is created based on digital twin technology. A twin operation point is constructed for each of the server operation port and disk operation port based on digital twin technology. Each twin operation point is mapped to the twin space, and the twin space is transformed into a twin operation space.

[0009] In a preferred embodiment, when it is confirmed that the data to be stored is scheduled to the target object, the process of performing storage-related operations between the target object and the management server in the twin operating space includes: Set the storage information of the target object, and based on the storage information, determine all data to be stored that needs to be scheduled to the target object; The control server sends a storage request from the twin operation point on the twin operation space, and the data to be stored carries the storage request to access the twin operation space, creating several twin storage areas in the twin operation space through the twin operation point for several disk areas of the target object. The twin operation point that issues the storage request is taken as the starting point of the path, and several twin storage areas within the twin operation space are taken as path connection points. An access chain path is constructed based on the starting point and path connection points. Storage-related operations are performed on the access chain path, including data integrity verification, data writing to storage, and post-write consistency verification.

[0010] In a preferred embodiment, the process of performing trusted verification of storage-related operations includes: The access chain path used to perform storage-related operations is divided into several verification points. The division position of each verification point is set at the location of the path connection point. A trusted verification is performed once for each verification point. The trusted verification is performed based on preset process standard rules. Data integrity verification, data writing to storage, and post-write consistency verification each correspond to a standard rule for a process. If the actual execution process of a certain type of storage-related operation does not conform to the corresponding standard rule for the process, the storage-related operation of that type is determined to be in an untrusted state. If, at a certain verification point, at least one category among all categories is in an untrusted state, the trusted verification at that verification point is deemed to have failed; otherwise, the trusted verification at that verification point is deemed to have succeeded.

[0011] In a preferred embodiment, the process of setting several grafting points in the twin operating space, identifying the stored data that failed the trusted verification as untrusted data, and isolating the untrusted data at each grafting point includes: Set several twin storage areas in the twin operation space as access points, set all the data to be stored as access data, perform access operations on several access points through access data, connect several access points to build a write path, set each access point on the write path as a grafting point, and obtain the node access intent of the access data at the grafting point. The data access operation is performed independently at each grafting point on the write path. Node access intent includes both benevolent and malicious access. At each grafting point, the node access intent based on the access data is processed to protect the transmission of access data packets or isolate untrustworthy data.

[0012] In a preferred embodiment, the operations related to the grafting point include: Several free grafting points are distributed in the twin operation space. Each grafting point can be moved out on the write path at its own location. When the management server uploads its own data to be stored to the twin operation space based on its corresponding twin operation point, it selects whether to perform a grafting on the data to be stored at each grafting point. If the data to be stored at the grafting point is not guided by the access point, the corresponding access data will continue to be accessed in good faith along the original write path and perform the access operation to the next grafting point on the write path. If the access data at the grafting point is successfully induced by the inducement point, it indicates that there is unauthorized data content in the current access data. The unauthorized data content is marked as untrusted data, the grafting point is removed from the write path, the untrusted data corresponding to the current grafting point is isolated to the twin operation space, and the access data after the untrusted data at the current grafting point is isolated continues to be transmitted along the write path to execute the access operation for the next grafting point.

[0013] In a preferred embodiment, the data to be stored after all the data on breaches of trust has been isolated is taken as the final stored data, and the final stored data is stored in the target object. The process of tracing the permissions of all operations on the target object includes: Once all the untrusted data included in the data to be stored has been isolated, the corresponding access data packets generated in the data to be stored are integrated, and then the data to be stored is confirmed as the final stored data. The stored data is transferred to the twin operation point mapped to the target object in the twin operation space. The corresponding twin operation point confirms the final storage request to the target object. After receiving the storage request, the target object stores the final stored data accordingly. All operations on the target object are recorded, and access information for each different permission range of the target object is obtained as the traceability information corresponding to the target object. Based on the traceability information, any operation of the target object is traced.

[0014] The present invention also provides a trusted storage device based on Blu-ray storage, the device comprising: The management server module determines the data to be stored, transmits the data to the management server for scheduling, sets the target object for scheduling (the Blu-ray storage disk), and constructs a twin operation space between the management server and the target object. The trusted verification module, when confirming that the corresponding data to be stored is scheduled to the target object, performs storage-related operations between the target object and the management server in the twin operation space, and performs trusted verification on the storage-related operations. The storage data processing module sets up several grafting points in the twin operation space, identifies the storage-related data that has not passed the trust verification as untrusted data, and isolates the untrusted data at each grafting point; The storage and access control module takes the data to be stored after all the data of the breach of trust has been isolated as the final storage data, stores the final storage data in the target object, and performs access control for all operations on the target object.

[0015] The technical effects and advantages provided by the present invention in the above technical solution are as follows: 1. This invention addresses the technical deficiencies of traditional Blu-ray storage in terms of data trust verification, access control, and full lifecycle traceability through its technical design, which includes managing server scheduling of data to be stored, constructing a twin operating space, performing trusted verification of storage-related operations, isolating untrustworthy data at the grafting point, and tracing all operating permissions.

[0016] 2. This invention utilizes a twin operating space to carry out storage-related operations, achieving isolated processing of storage behavior from the physical Blu-ray storage disk. This avoids the uncontrollable risks associated with directly operating physical devices, ensuring the compliance and reliability of the storage process and improving the security level of data storage. Specifically, by setting up grafting points in the twin operating space, untrustworthy data that has not passed the trust verification is accurately isolated. Malicious data can be intercepted before the data is officially written to the Blu-ray storage disk, ensuring the reliability of the final stored data. Attached Figure Description

[0017] To more clearly illustrate the technical solutions in the embodiments of this application or the prior art, the drawings used in the embodiments will be briefly introduced below. Obviously, the drawings described below are only some embodiments recorded in this invention. For those skilled in the art, other drawings can be obtained based on these drawings.

[0018] Figure 1 This is a flowchart of a trusted storage method based on Blu-ray storage according to the present invention.

[0019] Figure 2 This is a schematic diagram illustrating the operation of processing the grafting point according to the present invention.

[0020] Figure 3 This is a schematic diagram of a trusted storage device based on Blu-ray storage according to the present invention. Detailed Implementation

[0021] To make the objectives, technical solutions, and advantages of the embodiments of the present invention clearer, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0022] Example 1, please refer to Figure 1 As shown in this embodiment, a trusted storage method based on Blu-ray storage includes the following steps: Step S1: Determine the data to be stored, transfer the data to the management server for scheduling, set the target object for scheduling, the target object is the Blu-ray storage disk, and build a twin operation space between the management server and the target object; Step S2: When it is confirmed that the data to be stored is scheduled to the target object, the target object and the management server perform storage-related operations in the twin operation space, and perform trusted verification on the storage-related operations; Step S3: Storage-related operations are performed based on the creation of a write path. Several grafting points are set on the write path. Parts of storage-related data that have not passed the trusted verification are marked as untrusted data, and the untrusted data is isolated at each grafting point. Step S4: Take the data to be stored after all the data of the breach of trust has been isolated as the final storage data, store the final storage data in the target object, and perform permission tracking for all operations on the target object.

[0023] It should be further explained that, in the specific implementation process, the process of identifying the data to be stored, transferring the data to the management server for scheduling, setting the corresponding target object for scheduling (the target object being the Blu-ray storage disk), and constructing a twin operating space between the management server and the target object includes: Define all the data that needs to be stored on the Blu-ray storage disk as the data to be stored; Among them, all the data to be stored is cold data that is accessed infrequently but needs to be stored for a long time, such as electronic archives, medical images, and scientific research observation data. This type of data requires a higher level of reliability. A management server is deployed, which is used to perform data reception, caching, scheduling and distribution. The management server adopts a multi-level caching architecture, which specifically includes L1Cache, L2Cache and HostBuffer. The multi-level caching architecture is used to solve the buffer underload problem and ensure the continuity of data writing. It supports standard protocols such as S3, NFS, CIFS, FIP and HTTPS. Set the location of the data to be stored as the communication start point and the location of the management server as the communication end point. Build a corresponding information transmission channel between the communication start point and the communication end point, and send the data to be stored to the location of the management server through the information transmission channel. Set the scheduling cycle corresponding to the management server, and set the target object for the execution of the scheduling. The target object is the Blu-ray storage disk. Specifically, the data to be stored is scheduled to several disk areas corresponding to the Blu-ray storage disk, and each disk area corresponds to different data access permissions. If a portion of the data to be stored of a certain type accesses a disk area that has not been assigned the corresponding data access permission, an abnormal access record will be created accordingly. If the data to be stored completes the correct access to the disk area that has been assigned the corresponding permission, no operation will be performed.

[0024] Create a server operation port based on the management server and obtain the port address Add1 corresponding to the server operation port. Create a disk operation port for the Blu-ray storage disk. Take the disk area with different data access permissions within the Blu-ray storage disk as a disk operation object of the disk operation port. Each disk operation object corresponds to a disk address. The port address of the disk operation port is denoted as Add2, and the disk address of each disk area under the Blu-ray storage disk is denoted as Add2-add, where add is a real number greater than 0, representing the disk number corresponding to each disk area in the Blu-ray storage disk. A twin space is created based on digital twin technology. A twin operation point is constructed for each of the server operation port and disk operation port based on digital twin technology. Each twin operation point is mapped to the twin space, thereby transforming the twin space into a twin operation space between the control server and the target object. The twin operation points are used to process the twin operation space. In this system, a virtual machine is deployed at the location of the twin space, and a virtual machine is deployed at the respective locations of the control server and the target object. The virtual machine processes the twin space and the twin operation points. The virtual machine at the location of the twin space directly drives the construction of the twin space. The communication point between the virtual machine of the control server and the target object and the virtual machine corresponding to the twin space serves as the construction location of the twin operation points.

[0025] It should be further explained that, in the specific implementation process, when it is confirmed that the data to be stored corresponding to the scheduling is to be sent to the target object, the process of performing storage-related operations between the target object and the management server in the twin operation space includes: Set the disk area, storage duration, and storage format of the data to be stored on the Blu-ray storage disk as the storage information of the target object, and determine all the data to be stored that needs to be scheduled to the target object based on the storage information; The management server's twin operation point in the twin operation space issues a storage request based on its own twin operation point, and the data to be stored carries the storage request to access the twin operation space, creating several twin storage areas in the twin operation space corresponding to several disk areas of the target object through the twin operation point; The twin operation point that issues the storage request is taken as the starting point of the path, and several twin storage areas within the twin operation space are taken as path connection points. An access chain path is constructed based on the starting point and path connection points. Storage-related operations are performed on the access chain path. These operations include data integrity verification, data writing to storage, and post-write consistency verification. The specific execution content of these storage-related operations is as follows: The data to be stored is pre-determined with a corresponding integrity check code through SM3 hash calculation. When the data to be stored is tampered with on the access chain path, the corresponding integrity check code changes. The twin operation point corresponding to the management server controls the robotic arm pre-deployed above the Blu-ray storage disk through a preset intelligent scheduling strategy (selecting FIFO or SSF strategy according to data access frequency). This robotic arm is used to select Blu-ray disc cartridges and optical drive groups in the idle Blu-ray storage disk and write the data to be stored and its associated integrity check code into the Blu-ray storage disk. The writing process adopts DAO (Disk One-Time Write) mode to ensure the continuity and stability of data writing. For data that requires redundancy protection, the corresponding data is stored to different Blu-ray storage disks according to the preset RAID strategy, and a Blu-ray storage disk is generated and burned for verification. After the data writing is completed, the written data is read, the SM3 hash is recalculated, and the newly generated integrity check code is compared with the original integrity check code. If they match, the data writing is accurate, and a successful write log is recorded. If they do not match, the write is considered to have failed, and a rewrite is triggered. If multiple write failures occur, an alarm is triggered and a fault log is recorded.

[0026] It should be further explained that, in the specific implementation process, the process of performing trusted verification on storage-related operations includes: The access chain path used to perform storage-related operations is divided into several verification points. The location of each verification point is set based on the location of the path connection point. A trusted verification is performed once for each verification point. The trusted verification is performed based on preset process standard rules. Among them, the data integrity verification, data writing to storage and post-write consistency verification included in storage-related operations each correspond to a process standard rule. If the actual execution process of a certain category of storage-related operations does not conform to the corresponding process standard rule, the storage-related operations of the corresponding category are determined to be in an untrusted state. If, at a certain verification point, at least one category among all categories is in an untrusted state, the trusted verification at that verification point is deemed to have failed; otherwise, the trusted verification at that verification point is deemed to have succeeded.

[0027] It should be noted that the specific details of trusted verification for the three categories of storage-related operations—data integrity verification, data writing to storage, and post-write consistency verification—are as follows: Trusted verification corresponding to data integrity verification: Filter all path connection points on the access chain path used for receiving data -> calculating hash -> associating storage as corresponding verification points. Set each path connection point with the functions of receiving data, calculating hash, and associating storage as verification point V1, verification point V2, and verification point V3 in sequence. Verification point V1 is used to verify whether the transmission protocol is an authorized protocol, whether the data packet structure conforms to the preset format, and the validity of the digital signature. Verification point V2 is used to verify whether the execution environment of the SM3 hash calculation algorithm is isolated, whether the input data is consistent with the received data, and whether the calculation process is abnormally interrupted. Verification point V3 is used to verify whether the binding relationship between the complete check code and metadata (filename, timestamp) is completely written to the corresponding cache of the Blu-ray storage disk. Trusted verification for data writing to storage: All path connection points on the access chain used for executing scheduling decisions -> optical disc selection -> physical writing are selected as corresponding verification points. Path connection points for scheduling decisions are set as verification point W1, those for optical disc selection as verification point W2, and those for physical writing as verification point W3. Verification point W1 verifies the consistency of FIFO policy execution and the correctness of access frequency judgment logic; verification point W2 verifies whether the serial number of the optical disc cartridge selected by the robotic arm is in the authorized list and whether the optical disc surface quality inspection has passed; verification point W3 verifies that the laser power during data writing is within a safe range, the writing speed is within acceptable limits, and the data type matching is within acceptable limits. Trusted verification of post-write consistency: All path connections on the access chain used for data reading -> hash value calculation -> result comparison are selected as corresponding verification points. Path connections for data reading are set as verification point C1, those for hash value calculation as verification point C2, and those for result comparison as verification point C3. Verification point C1 verifies whether the read optical disk sector position matches the written record and whether the number of ECC error corrections during the reading process is abnormal. Verification point C2 verifies whether the recalculated SM3 hash value is completely consistent with the stored complete checksum. Verification point C3 verifies whether the log entry contains all necessary fields, whether the timestamp is continuous, and whether the cryptographic signature is valid.

[0028] It should be further explained that, in the specific implementation process, the process of setting up several grafting points in the twin operating space, identifying the stored data that has not passed the trust verification as untrusted data, and isolating the untrusted data at each grafting point includes: Set several twin storage areas in the twin operation space as access points, set all the data to be stored as access data, perform access operations on several access points through access data, connect several access points to build a write path, set each access point on the write path as a grafting point, and obtain the node access intent of the access data at the grafting point. The data access operation is performed independently at each grafting point on the write path. If the access data at the grafting point conforms to the access permissions allowed at the corresponding location, the node access intent at the corresponding grafting point will be marked as a bona fide access. If the access data at the grafting point does not conform to the access permissions allowed at the corresponding location, or if the access data at the grafting point fails the trusted verification, the node access intent at the corresponding grafting point will be marked as a malicious access. Construct corresponding access data packets for access data from bona fide accesses, and process all access data from malicious accesses into corresponding untrustworthy data; At each grafting point, the node's access intent is considered when accessing the data, and the grafting point is processed to protect the transmission of access data packets or isolate untrusted data. For details on the processing procedures for grafting points, please refer to [link to relevant documentation]. Figure 2 As shown.

[0029] The relevant operational instructions for the grafting point are as follows: Several free grafting points are distributed in the twin operation space. The several free grafting points construct a write path from the grafting point connected to the corresponding twin operation point of the control server to the grafting point connected to the corresponding twin operation point of the target Blu-ray storage disk. Each grafting point can perform grafting at its own location, that is, the grafting point is moved out of the current write path. When the management server uploads its own data to be stored to the twin operation space based on its corresponding twin operation point, it selects whether to perform grafting on the data to be stored at each grafting point. If the data to be stored at the grafting point is not guided by the access point, the corresponding access data will continue to be accessed in good faith along the original write path and perform the access operation to the next grafting point on the write path. If the access data at the grafting point is successfully induced by the inducement point, it means that there is a part of the data content that is not allowed to be accessed in the current access data. The part of the data content that is not allowed to be accessed is identified as untrusted data. The grafting point is removed from the write path, and then the untrusted data of malicious access corresponding to the current grafting point is isolated to the twin operation space. The access data after the untrusted data at the current grafting point is isolated continues to be transmitted along the write path to execute the access operation to the next grafting point. Repeat the above method at the next grafting point, and decide whether to perform grafting at each grafting point until the access data is transferred to the last grafting point on the write path. The access data that has been isolated and all lost data is uploaded through the twin operation point mapped to the twin operation space at the location of the target object, and uploaded to the Blu-ray storage disk to complete the final write. In this system, the grafting point serves as a verification point for the authentication data. Malicious data accessed at the grafting point is deceived by the inducement information corresponding to the inducement point, thus performing an access that does not conform to normal rules. This identifies the data corresponding to the malicious access in the entire access data. Each grafting point carries the malicious access data out of the write path, completing the isolation of the malicious access data and storing it in a certain space area within the twin operation space. The remaining access data continues to be operated along the write path, analyzing each grafting point on the write path in turn, until all data corresponding to access that does not conform to normal rules is isolated and completely isolated in the twin operation space. The twin operation space is physically isolated from the Blu-ray storage disk and the management server, preventing illegal data from being written to the Blu-ray storage disk. Data that meets the requirements continues to be operated along the write path without affecting the normal execution of the write process, ensuring the storage trustworthiness of Blu-ray storage.

[0030] The inducement point is the core triggering mechanism in the twin operation space used to identify malicious access. Its logic of generating inducement information and capturing malicious access data is bound to the malicious identification process of the grafting point. Specifically, the inducement point is a virtual trap pre-deployed in the associated area of ​​each grafting point in the twin operation space. It does not participate in the normal data transmission process and is only used to detect the access intent of the access data. Its deployment position corresponds one-to-one with the grafting point. An inducement point is configured before and after the write path of each grafting point to form a closed-loop detection process of inducement, identification and isolation. The induction point is physically isolated from the twin operating space, Blu-ray storage disk, and control server. It only interacts with the grafting point through a preset detection interface to ensure that the induction information does not interfere with normal data transmission and to prevent itself from being maliciously accessed and tampered with. The inducement information corresponding to the inducement point consists of pseudo-instructions or pseudo-resources simulating normal storage operations. It is generated based on the normal operating rules of Blu-ray storage, while simultaneously embedding deliberately designed permission conflict points or logical vulnerabilities. Specifically, it is generated as follows: based on the standard storage protocols of Blu-ray storage (such as DAO write mode, SM3 hash verification rules, and disk area permission configuration logic), it extracts the operational characteristics of normal data access, including data request format, permission verification fields, and data write instruction structure. On top of these normal operational characteristics, it embeds pseudo-permission fields that do not match the permissions of the area where the current grafting point is located (such as an access identifier simulating administrator permissions, but this identifier is not detected by the system). Authorization), or designing logical trap instructions (such as requesting access to a non-existent disk address, triggering an unauthorized verification skip process), encapsulates the operational characteristics containing conflict points into an inducement package consistent with normal data format. The inducement package does not contain real storage resources, but only retains the key fields that trigger malicious access behavior, ensuring that malicious access data will actively respond to the inducement package; for example, a grafting point corresponds to the "read-only guest" permission area of ​​a Blu-ray storage disk. The inducement information generated by the inducement point will simulate the instruction to modify the data in this area (conflicting with read-only permissions), and carry a forged permission verification pass mark, enticing data with malicious access intentions to try to execute the modification operation; The inducement point accurately identifies and captures malicious access data through proactive inducement, behavior detection, and data tagging. This includes proactively pushing inducement information, detecting the response behavior of the access data, and isolating malicious data. Specifically, when access data arrives at a grafting point, the inducement point simultaneously pushes an inducement packet to the access data. The transmission path of the inducement packet is parallel to the normal data path and does not affect the transmission of normal data. If the access data is a benign access (compliant with current area permissions and passes trusted verification), its built-in compliance verification logic will identify permission conflicts or logical traps in the inducement packet, refuse to respond to the inducement information, and continue transmission along the normal write path. If the access data is a malicious access (attempting unauthorized operation or failing trusted verification), it lacks compliance verification logic or has a design that deliberately bypasses verification. It will proactively respond to the inducement packet and attempt to execute conflicting operations in the inducement packet (such as modifying read-only area data or accessing unauthorized addresses). The inducement point monitors the response status of the access data in real time. When it detects the behavior of responding to the inducement packet, it immediately sends a "malicious access triggered" signal to the corresponding grafting point. Upon receiving the signal, the grafting point suspends the transmission of the accessed data, extracts a portion of the data from the response inducement packet (i.e., the core operation instructions of the malicious access, the unauthorized permission identifier, etc.), and marks it as untrusted data. Subsequently, the grafting point is removed from the write path, and the untrusted data is isolated to an independent isolation area in the twin operation space (physically isolated from the normal storage area). After isolation is completed, the grafting point is returned to its original position.

[0031] It should be further explained that, in the specific implementation process, the data to be stored after all the data on breaches of trust has been isolated is used as the final stored data, and the final stored data is stored in the target object. The process of tracing the permissions of all operations on the target object includes: Once all the untrusted data included in the data to be stored has been isolated, the corresponding access data packets generated in the data to be stored are integrated, and then the data to be stored is confirmed as the final stored data. The stored data is transferred to the twin operation point mapped to the target object in the twin operation space. The corresponding twin operation point confirms the final storage request to the target object. After receiving the storage request, the target object stores the final stored data accordingly. All operations on the target object are recorded, and access information for each different permission range of the target object is obtained as the traceability information corresponding to the target object. Based on the traceability information, any operation of the target object is traced.

[0032] The system records operations on the target object (Blu-ray storage disk) using the SM2 digital signature algorithm (compliant with GB / T32918-2016 standard) for authentication and authorization. It pre-defines three core roles: administrator, operator, and auditor, clearly defining their respective permissions. The administrator holds full permissions for system configuration and permission allocation; the operator can only perform write and read operations on specified data (cannot modify system parameters); and the auditor only has log viewing and export permissions (no data operation permissions). All operations must be verified via a USB-Key with a built-in SM2 chip. Upon successful verification, a timestamped digital signature is generated, ensuring traceability of the operation's identity and implementing a fine-grained permission control design.

[0033] Example 2, please refer to Figure 3 As shown in this embodiment, a trusted storage device based on Blu-ray storage is described, the device comprising: The management server module determines the data to be stored, transmits the data to the management server for scheduling, sets the target object for scheduling (the Blu-ray storage disk), and constructs a twin operation space between the management server and the target object. The trusted verification module, when confirming that the corresponding data to be stored is scheduled to the target object, performs storage-related operations between the target object and the management server in the twin operation space, and performs trusted verification on the storage-related operations. The storage data processing module sets up several grafting points in the twin operation space, identifies the storage-related data that has not passed the trust verification as untrusted data, and isolates the untrusted data at each grafting point; The storage and access control module takes the data to be stored after all the data of the breach of trust has been isolated as the final storage data, stores the final storage data in the target object, and performs access control for all operations on the target object.

[0034] The above description is merely a specific embodiment of this application, but the scope of protection of this application is not limited thereto. Any variations or substitutions that can be easily conceived by those skilled in the art within the scope of the technology disclosed in this application should be included within the scope of protection of this application. Therefore, the scope of protection of this application should be determined by the scope of the claims.

Claims

1. A trusted storage method based on Blu-ray storage, characterized in that, Includes the following steps: Step S1: Determine the data to be stored, transfer the data to the management server for scheduling, set the target object for scheduling, the target object is the Blu-ray storage disk, and build a twin operation space between the management server and the target object; Step S2: When it is confirmed that the data to be stored is scheduled to the target object, the target object and the management server perform storage-related operations in the twin operation space, and perform trusted verification on the storage-related operations; Step S3: Set up several grafting points in the twin operation space, mark the data that has not passed the trusted verification as untrusted data, and isolate the untrusted data at each grafting point; Step S4: Take the data to be stored after all the data of the breach of trust has been isolated as the final storage data, store the final storage data in the target object, and perform permission tracking for all operations on the target object.

2. The trusted storage method based on Blu-ray storage according to claim 1, characterized in that, The process of determining the data to be stored and transferring it to the management server for scheduling includes: Define all the data that needs to be stored on the Blu-ray storage disk as the data to be stored; Deploy a management and control server, which is used to receive, cache, schedule and distribute data. The management and control server adopts a multi-level caching architecture. Set the location of the data to be stored as the communication start point and the location of the management server as the communication end point. Build a corresponding information transmission channel between the communication start point and the communication end point, and send the data to be stored to the location of the management server through the information transmission channel. Set the scheduling cycle of the management server, set the target object for the scheduling, the target object is the Blu-ray storage disk, and schedule the data to be stored to several areas within the Blu-ray storage disk, with each area corresponding to different data access permissions.

3. The trusted storage method based on Blu-ray storage according to claim 2, characterized in that, The process of building a twin operation space between the control server and the target object includes: A server operation port is created based on the management server, and a disk operation port is created for the Blu-ray storage disk. The disk areas with different data access permissions corresponding to the Blu-ray storage disk are used as disk operation objects of the disk operation port. A twin space is created based on digital twin technology. A twin operation point is constructed for each of the server operation port and disk operation port based on digital twin technology. Each twin operation point is mapped to the twin space, and the twin space is transformed into a twin operation space.

4. The trusted storage method based on Blu-ray storage according to claim 3, characterized in that, When it is confirmed that the data to be stored is scheduled to be sent to the target object, the process of performing storage-related operations between the target object and the management server in the twin operation space includes: Set the storage information of the target object, and based on the storage information, determine all data to be stored that needs to be scheduled to the target object; The control server sends a storage request from the twin operation point on the twin operation space, and the data to be stored carries the storage request to access the twin operation space, creating several twin storage areas in the twin operation space through the twin operation point for several disk areas of the target object. The twin operation point that issues the storage request is taken as the starting point of the path, and several twin storage areas within the twin operation space are taken as path connection points. An access chain path is constructed based on the starting point and path connection points. Storage-related operations are performed on the access chain path, including data integrity verification, data writing to storage, and post-write consistency verification.

5. A trusted storage method based on Blu-ray storage according to claim 4, characterized in that, The process of performing trusted verification on storage-related operations includes: The access chain path used to perform storage-related operations is divided into several verification points. The division position of each verification point is set at the location of the path connection point. A trusted verification is performed once for each verification point. The trusted verification is performed based on preset process standard rules. Data integrity verification, data writing to storage, and post-write consistency verification each correspond to a standard rule for a process. If the actual execution process of a certain type of storage-related operation does not conform to the corresponding standard rule for the process, the storage-related operation of that type is determined to be in an untrusted state. If, at a certain verification point, at least one category among all categories is in an untrusted state, the trusted verification at that verification point is deemed to have failed; otherwise, the trusted verification at that verification point is deemed to have succeeded.

6. A trusted storage method based on Blu-ray storage according to claim 5, characterized in that, The process of setting up several grafting points in the twin operating space, identifying the stored data that has not passed the trusted verification as untrusted data, and isolating the untrusted data at each grafting point includes: Set several twin storage areas in the twin operation space as access points, set all the data to be stored as access data, perform access operations on several access points through access data, connect several access points to build a write path, set each access point on the write path as a grafting point, and obtain the node access intent of the access data at the grafting point. The data access operation is performed independently at each grafting point on the write path. Node access intent includes both benevolent and malicious access. At each grafting point, the node access intent based on the access data is processed to protect the transmission of access data packets or isolate untrustworthy data.

7. A trusted storage method based on Blu-ray storage according to claim 6, characterized in that, The procedures related to the grafting point include: Several free grafting points are distributed in the twin operation space. Each grafting point can be moved out on the write path at its own location. When the management server uploads its own data to be stored to the twin operation space based on its corresponding twin operation point, it selects whether to perform a grafting on the data to be stored at each grafting point. If the data to be stored at the grafting point is not guided by the access point, the corresponding access data will continue to be accessed in good faith along the original write path and perform the access operation to the next grafting point on the write path. If the access data at the grafting point is successfully induced by the inducement point, it indicates that there is unauthorized data content in the current access data. The unauthorized data content is marked as untrusted data, the grafting point is removed from the write path, the untrusted data corresponding to the current grafting point is isolated to the twin operation space, and the access data after the untrusted data at the current grafting point is isolated continues to be transmitted along the write path to execute the access operation for the next grafting point.

8. A trusted storage method based on Blu-ray storage according to claim 7, characterized in that, The process of using the data to be stored after all the isolated data of breaches of trust as the final storage data, storing the final storage data in the target object, and tracing the permissions of all operations on the target object includes: Once all the untrusted data included in the data to be stored has been isolated, the corresponding access data packets generated in the data to be stored are integrated, and then the data to be stored is confirmed as the final stored data. The stored data is transferred to the twin operation point mapped to the target object in the twin operation space. The corresponding twin operation point confirms the final storage request to the target object. After receiving the storage request, the target object stores the final stored data accordingly. All operations on the target object are recorded, and access information for each different permission range of the target object is obtained as the traceability information corresponding to the target object. Based on the traceability information, any operation of the target object is traced.

9. A trusted storage device based on Blu-ray storage, used to implement the trusted storage method according to any one of claims 1 to 8, characterized in that, The device includes: The management server module determines the data to be stored, transmits the data to the management server for scheduling, sets the target object for scheduling (the Blu-ray storage disk), and constructs a twin operation space between the management server and the target object. The trusted verification module, when confirming that the corresponding data to be stored is scheduled to the target object, performs storage-related operations between the target object and the management server in the twin operation space, and performs trusted verification on the storage-related operations. The storage data processing module sets up several grafting points in the twin operation space, identifies the storage-related data that has not passed the trust verification as untrusted data, and isolates the untrusted data at each grafting point; The storage and access control module takes the data to be stored after all the data of the breach of trust has been isolated as the final storage data, stores the final storage data in the target object, and performs access control for all operations on the target object.