CL-BC: A Secure Data Storage Model for Social Networks

While bringing convenience to people, social networks cause various security problems, such as information leakage, which belongs to the security category of data storage. The related research focuses more on the conﬁdentiality design and lacks the discussion of data integrity protection technology. Thus, the electronic data editability invites the risk of data tampering and destruction, making other operations meaningless once the data are inaccurate. A social network-oriented data security storage model, CL-BC, included conceptual design, preliminary framework design, and detailed ﬂow design, to improve the security threats such as overauthorization and illegal execution in data storage. The blockchain technology is combined with the improved Clark–Wilson model to achieve data integrity access control protectionthroughexecutionrulesandauthenticationrules.ThesystemusesthesubalgorithmofDR-BFTforreferencewhendeployingthealgorithmprogramandadoptstheintelligentcontracttocompletethedesignrules.TheexperimentalanalysisshowstheCL-BCmodeladaptstotheactualsecurityenvironment,ensuresthedatastorageintegrityinthesocialnetworkstoredprocess,andhasapplicationvalue.


Introduction
With the development of mobile Internet and social networks, the network has become an information transmission carrier in people's normal life, and the transmitted content is stored in virtual space constantly. A safe storage technology [1], electronic data storage technology, is introduced to improve the easy preservation of data storage management.
ere are usually two forms: (i) manually input the original paper version into electronic files that can be archived by scanning and other means; and (ii) generate files directly from the computer. Electronic technology is controlled by the centralized network, and the increase of operations, such as copying and moving [2], virtualization [3], and disorderly execution [4], makes it easy for data to be read and written illegally by the same network users. Access control technology [5], as one of the important technologies to protect the integrity, evaluates whether the trader has the right to execute the current transaction according to the trader identity, to regulate the access behaviour to the network resource storage. In practice, mandatory access control is usually adopted. Such strategies need to consider both subjects, objects, and their relationships, and models are more reliable than free access control. Common mandatory access control models include Bell-Lapadula [6], Biba [7], Clark-Wilson [8], and Chinese Wall [9].
e Bell-Lapadula model is the first strategy to provide multiple levels of data confidentiality protection, divided by data sensitivity, commonly used in the military field.
e Biba model, also oriented to the military field, protects the integrity of subject and object by assigning levels, and its rules of read and write attributes are opposite to the Bell-Lapadula model. Clark-Wilson is a business-oriented integrity security model, whose implementation is based on a comprehensive transaction processing mechanism. Chinese Wall is a security model applied to multiple organizations, places a "Wall" on the information transmission path with competing subjects, and only allows accessible information flow to pass through. However, most secure access control models operate in a centralized environment and rely on third parties to assign permissions, prone to single point failure or the several dishonest participants collusion to undermine data integrity.
Blockchain technology effectively solves such problems. A distributed structure [10] determines multiple paths between nodes that send and receive information, and information transactions choose the shortest path for transmission. Even if a path fails, information transmission will not be affected, providing a better operating environment for the access control model. In addition, its imtamability, timing, and traceability of blockchain technology guarantee the transaction information integrity stored on the chain. erefore, blockchain technology is often used in the field of data storage.
is article proposes a new integrity data storage model CL-BC, which includes conceptual design, preliminary frame design, and detailed flow design, to build the access control mechanism of distributed integrity data storage model and improve the security threats such as overauthorization and illegal execution in data storage.
e Clark-Wilson model is the new design starting point, detailed rules are formulated, and the coherent process of rules is realized. e PBFT algorithm is combined with parts of DR-BFP to construct smart contracts for trading consensus, and finally, the model performance is evaluated. e rest of the article is structured as follows: Section 2 introduces the basic knowledge of related work. Sections 3 and 4 describe the infrastructure and deployment process of the CL-BC storage model, respectively. Section 5 presents the security analysis and partial results of the experiment evaluation. Section 6 concludes.

Clark-Wilson Model.
e Clark-Wilson model was put forward by Clark et al. [11] for the commercial environment. It proposed for the first time that different from the confidentiality importance in the military field, the prevention of fraud and error is the primary goal in such an environment, and these goals need to be achieved through integrity rather than privacy. e model proposes two core mechanisms for maintaining integrity: well-structured transaction and responsibilities separation. e former means users only perform transactions in a restrictive way. e latter allocates different stages of the same transaction to different users to avoid collusion and better maintain the data validity.
Some scholars do research on this basis. For example, Haraty et al. [12] implemented the protection policy using a combination of the Clark-Wilson model and role-based access control model and tested the model validity with Alloy language and profiler. Ramkumar [13] proposed a BSCI integrity framework for large-scale information systems, which transformed the problem of how to eliminate faults in complex software and protect the complex platforms integrity into verifying the FSM model correctness and ensuring simple process integrity in the system. Tsegaye et al. [14] proposed a model combining RBAC, ABAC, and Clark-Wilson to improve the information security in medical care. e three models complement each other to better maintain the security of electronic health records. Avorgbedor et al. [15] designed the I4 model based on the Clark-Wilson model to improve the implementation plan from the aspects of integrity, audit, authorization, and access control, and customize specific rules for identifying, verifying, and evaluating data integrity threats in the privacy environment to improve Facebook's frequent privacy exposure.
In short, the Clark-Wilson model, as an integrity access control model, has been introduced into various research fields. In terms of completeness, the model implements integrity access control policies through authentication rules and execution rules. Authentication rules introduce application integrity definition, and execution rules are independent of application security functions. Based on this, the resources integrity protection can be better realized, so we choose the Clark-Wilson model as the basic framework. However, the existing model is centralized and has the risk of collusion.
erefore, blockchain technology is selected to remedy the inherent shortcomings of the Clark-Wilson model. [16] is an account, ledger, and independent database that participants on the chain jointly read, write, and store. It uses a chain structure to link effective data blocks, cryptography to ensure the data security in decentralized sharing, and peer-to-peer network and consensus mechanism to generate and update data, and uses smart contract to operate data to maintain the resources integrity.

Blockchain Technology. Blockchain
e blockchain significant advantages, such as distributed storage [17], time-series data and tamper-resistant unforgeable, decentralization, and smart contracts automatic execution, and relying on distributed consensus agreement [18], satisfy trading integrity verification and improve the traditional data storage mode's low electronic degree, easy data loss, easy tampering, and inefficient legal service process. Blockchain technology is commonly used in different storage scenarios, such as in the field of cryptocurrency [19], medical care [20], agricultural product traceability [21], digital copyright [22], and legal [23]. e scholars have consistently put the confidentiality, integrity, and availability of data security in the blockchain system [24] at the top of the list. However, most scholars focus on the study of data security confidentiality [25,26], ignoring that data integrity is more important in the business field.
Zhu et al. [27] use blockchain to protect data integrity, focusing on assessing security from the perspective of controllability, privacy protection, and unforgeability. Khan et al. [28] use blockchain ledgers to record metadata that can be used to distinguish between real and fake videos in surveillance recordings. However, the device can only send certain frames for authentication. Mercan et al. [29] proposed a cloud Internet of ings data integrity check scheme based on blockchain technology and homomorphic hash, which utilizes executer signature and hash computing to maintain data integrity. However, it is only applicable to video and has limitations.
Relevant studies are still lacking, especially the research on the combination of blockchain technology and Clark-Wilson model. e integrity protection model proposed in this article improves the problems of fraud and error, uses blockchain technology combined with mandatory access control mechanism to prevent malicious modification by unauthorized users and improper use by authorized users, and ensures the resources execution by authorized users, to realize the data storage system integrity protection.

CL-BC Storage Model Architecture
3.1. Overview of the CL-BC Model. CL-BC is a security model for ensuring data integrity based on a distributed structure. is model was first proposed by our team, a security policy based on the characteristics of blockchain with modified attributes based on the Clark-Wilson model. Its architecture consists of three parts: data layer, integrity control layer, and transaction transmission layer from bottom to top, respectively, as shown in Figure 1. e data layer covers the raw data formed in the computer, and all resources generated during the transaction, the target of security model protection. We can think of this layer as a huge database, but it contains a wider range of categories, such as logs, images, and compressed packages. In this model, data of various categories are usually simply divided into CDIs and UDIs (see 3.2.1 for a relevant introduction). In the transaction transport layer, a transaction agreed upon by each node is packaged and broadcast in the blockchain network in a specified order to update the state of the world.
In CL-BC, combined with the actual evidence storage situation, usually multiple users operate a platform for different types of data at the same time. erefore, an integrity control layer can contain many integrity control domains to improve the actual operation efficiency. Different integrity control domains are isolated from each other so that operations of each do not affect others, which controls the length of the chain and enables the isolation of different businesses in the operating environment, reducing the data leakage risk. With smart contracts, operations are performed strictly according to predefined integrity rules.

CL-BC Integrity Policy.
Facing the data storage, it is essential to (i) prevent information from being maliciously tampered with by unauthorized users, (ii) prevent misoperation by the authorized users, and (iii) prevent information on the system platform from being inconsistent with real-world information. To that end, it is easier to enforce integrity than privacy. e strategy of the CL-BC model is introduced next from the following three aspects: basic elements, integrity core mechanism, and specific rules.

Basic Elements.
First, define the elements of the model: (1) Subject and Object. A basic concept in epistemology. e active and creative is called Subject S, and the objective is called Object O. e same thing can be divided into different categories under different limiting conditions. For example, a man can be both S and O. In this section, S is defined as the performer who changes the state of a transaction, that is, a user or a process; O is defined as the resource in the operation being performed, that is, a data item or a dataset. (2) Data Items. e smallest unit used to record data. In this article, data items are divided into two categories: I) restricted data items (CDIs) c k , to provide integrity protection and control; (ii) unrestricted data items (UDIs) u k , containing all unrestricted content except CDIs. Different permissions are assigned to object data items according to their categories. (ii) an unrestricted dataset is determined by U � {u 1 ,. . ., u k } and can contain contents such as users' virtual nicknames. In the same system, the attribute of G satisfies can be regarded as a two-dimensional function, and the variables are time and data items. For example, at t a G (g can be u k or c k ) has a state of α k t in the information system. It can be expressed specifically as where T represents the standard time of the National Time Center, t≤ T. represents a subject to perform β trading operation on an object, satisfying the attribute β (α k t )-> α k t+1 . β contains IVPs and TPs, which are described next. (6) Integrity Verification Procedures (IVPs). IVPs⊂β, (i) α k t of the g satisfying each moment t is verified always valid. (ii) Also it is used to verify the validity of g forming a new data item g ′ in dynamic β, that is, to verify whether the transaction process of all data Security and Communication Networks (7) Translation Program (TPs). TPs ⊂β, (i) the relation of (β(k), O) in CR_2 is observed, and the β(k) that satisfies the g is unique at the same time; (ii) and the states before α k t− and after α k t+ of g are valid. (8) Security Model P T . P is a set of security functions to maintain the security of A T model, expressed as P (A T , IVPs, TPs, g, t). Ensure its security according to authentication rules and execution rules (see Section 3.2.3).

Security
Attribute. e security attribute of this model is realized according to the security program guarantee of the Clark-Wilson model, expanded according to the actual application, thus forming the CL-BC model. e core model is to reach agreement both internally and externally to maintain the system state A T , around the following attributes: Attr.1. Integrity Ensure the α k t of static g item g at each t is always valid and ensure that g forms a new valid g' in a restricted way in the dynamic β, with properties guaranteed by CR_1, CR_2, CR_5, ER_1, ER_4. Attr.2. Access control e control ability ling S to resource O is provided by CR_3, ER_2, ER_3, and ER_4. Attr.3. Audit Ensure the g in the execution of any β change process, and the validity of the system α k t , that is, maintain the validity of β (α k t )-> α k t+ , guaranteed by CR_1, CR_4. Attr.4. Accountability Ensure the unique mapping of the S with corresponding β; that is, the number of β times performed by the g at t can only be 0 or 1. When β is traced, S can be precisely located. It is guaranteed by rules ER_2 and ER_3.

Transformation Process Rules
CR_1 (authentication): c k must be valid at any time.
e system has IVPs and integrates various risk indicators to ensure the c k is in a valid state when verifying α k t . c k authenticated is static data at different times and belongs to a noun. For example, it is effective to query the current real-name information of a subject. CR_2 (consensus): it is necessary to ensure the data transaction process α k t− -> α k t+ is valid. During the whole process of the TPs, the system ensures the transition of valid data c k from the state α k t− of time t-to the α k t+ of t+ is agreed upon. At this point, reach a consensus that the dynamic data of c k in the α k t− -> α k t+ state belong to a verb and exist a specific relationship between transaction β k and object O: For example, when β is stored account information, O is the account data saved on the network after consensus reached. CR_3 (authorization): ensures only the TPs can change the α k t of c k . Meanwhile, the P T needs to comply with the least privilege principle [30] and the responsibilities separation principle. e responsibilities separation is to satisfy the (S, (β k , O)) rule described in ER_2. CR_4 (backup): agreed transaction α k t− -> α k t+ ensured to be traceable. State change α k t− -> α k t+ backed up and recorded in a separate C in time, and the c k at each moment used to restore the scene when the transaction or state is queried (use the timestamp to record the time node, and the Merkel tree to verify the restoration correctness).  CR_5 (UDI rule): guarantees the status of u k is correct. e α k t of u k is authenticated and, when reaches the restricted threshold, converted to c k in time through the limited TPs, that is, TPs (u k )-> c k . Otherwise rejected. ER_1 (well-structured transactions): ensures specific integrity attributes are executed within a specific t to maintain internal consistency of the system. e relation of (β k , O) in CR_2 is observed to ensure the β k of g executed at the same time is unique and the g verified to be valid α k t can be operated on the platform. ER_2 (responsibilities separation): implements an access control policy for S. Associating β k with S follows the (S, (β k , O)) relation, clear user S performs an operation β k on data O and still complies with ER_1, meaning g is guaranteed to perform unique β k . In addition, TP and IVP operations of the g are performed using different S to maintain the system external consistency. ER_3 (identity authentication): before performing each TPs, the real identity of S should be clear. Verify the identity of S that performs β to give S permission to the next step, thereby controlling α k t changes to the g. For instance, the entity that controls the stored content cannot participate in the authentication process. ER 4 (initial authorization): grants S the permission to perform β. Initialize the authorization association before the system runs, and S cannot perform any β operation without authorization. e (S, (β k , O)) relation in ER_2 can be defined or modified if and only if S has the verification authority and does not have the ability to perform the operation; that is, S can prove the correctness of β but cannot perform the TPs. e (S, (β k , O)) relation in ER_2 can be defined or modified, only when S meets the authentication permission without the operation function, and in other words, only S proves the correctness of β but cannot perform TPs.

Encryption Protocol.
In cryptography, the commonly used hash function H provides integrity guarantee by mapping any binary input into a fixed length, compressed version of the code, and the output is called hash value (see the specific implementation principles and common standards in [31]  Embedding the hash function value into a Merkle tree is a common way for blockchains to protect data integrity. As shown in Figure 2, a Merkle tree has I levels and j columns and at most 2 i leaves L 0 ,. . ., L N−1 , at most i 0 2 i � 2N − 1. Layer I has 2i nodes, which are (j, 0) . . ., (j, 2 i − 1). e hash value of each leaf node is e path hash value is y * (i, j) � (y(i + 1, 2j, y)(i + 1, 2j + 1)).
Most nodes store part of the tree structure, not the entire content, meet the condition of verifying the integrity state by the value of the root hash y * (0, 0) , and greatly save the storage space. If an S only knows the value of N (3,6) filled with yellow dotted line box, it only needs to request the complementary node N (3,7) value from other nodes, calculate by using hash function, combine with the complementary node of the grey solid wire box on the upper layer, finally calculate the root node value, and compare it with the real value, to independently verify whether the other node is honest.

CL-BC Components.
Due to the access control mode of nodes, blockchain is divided into unlicensed blockchain and licensed blockchain. Nodes can join and exit unrestricted and trade through mining, and free nodes mine to generate transactions, which can be recorded on the blockchain when more than half of the nodes validate the transaction. e latter includes the consortium chain and private chain, and adds an authorization mechanism. Only authenticated nodes can join the network to participate in subsequent transactions, which is more suitable for application scenarios with high requirements on security and integrity. is article uses the licensed blockchain as the infrastructure and then describes the blockchain part of the CL-BC model, including transactions and smart contracts.

Transaction Structure.
To maintain the complete and continuous execution of rule 3.2.3, that is, to ensure each transaction is recorded in the system in a complete and correct order, this article implements the integrity process from transaction β to packaged block with the transaction pool. Transaction pool is used in a nonpermissive chain, equivalent to a temporary cache to store transactions to be executed. A permissive chain, like a read-write set generated by an endorsement node to execute a proposal simulation, contains transactions not formally recorded on the blockchain. Once the consensus is reached and recorded on the blockchain, the β is removed from the trading pool. is article takes the license chain as an example, and its structure is shown in Figure 3.

Transaction Process.
e rules described in Section 3.2.3 are assembled to form a simple CL-BC structure and integrity protection implementation process, and the specific process is shown in Figure 4. Each step can be instantiated in the model as follows: (i) Steps 1-3 to verify the current state α k t . (ii) When the conditions to continue trading β are met, a fork option corresponds to two types of data items: G∈ c k , the data audit operation and resource query operation in the corresponding instance. However, g∈ u k follows the CR_5 rule, tps (u k )-> c k or rejected, corresponding to the data store operation. (iii) After knowing the following operations, first assign identity permission to S applying for the transaction. ER_3 verifies the identity authenticity of S, ER_4 resets the permission of the operation to be performed, ER_2 controls the specific permission provisions and associates the specific transaction β k with the executor S, and follows (S, β k , O); it is clear that S performs β k on one O. Even on the same occasion, different stages of program execution correspond to different transactions β and S permissions. A practical case, as shown in Table 1, explains that the reason permission needs to be constantly reassigned and also better realizes the function of responsibilities separation; that is, the S of storage and audit cannot be the same one. e row represents principal S, columns express transaction β, and Y/N indicates whether it has permission to perform the current operation.
(iv) Start execution β, ensuring a S executes a particular program O. (v) Revalidate to ensure internal consistency.   (vi) CR_4 records the β process and stores in C to ensure the agreed transaction α k t− -> α k t+ can be traced.

Smart Contract Format.
Smart contract was first put forward by Nick Szabo [33]. Many kinds of contract terms (such as liens, bonds, and defining property rights) are embedded in the hardware and software that we deal with at first, gradually forming an automated "transaction agreement that executes contract terms by computer." Its design conditions should meet four basic principles: (i) observability, Ability to supervise, the contract itself and its implementation can be observed by the relevant organization; (ii) objective verifiability, Actions that have been performed or breached can be examined in subsequent investigation records; (iii) relativity, e execution of contract content has relative scope, and the limitation is different in different situations; Even in the same transaction process, different process stages of the user with different permissions to carry out the execution principal qualification; and (iv) enforceability, Minimize the number of steps required during execution. Smart contract technology can reduce administrative costs and human risk, and accelerate business progress. In practical applications, smart contract technology is realized based on blockchain technology (see [34] for specific methods, latest development, and related platforms).
In this article, smart contract is the carrier of integrity control, and CL-BC logic rules are written in it by computer language. Contracts are defined, deployed, and invoked for different execution operations. e contract is mainly defined as follows: Initiate (): used to initialize data g and configure execution permissions. StoEvidence (): the β Store executed by the filter S is stored in the blockchain, and relevant records in the transaction pool are deleted when the transaction records meeting the conditions are in the blockchain. Auth (): the validation management phase of the β Store returns the RESP value to StoEvidence () after successfully passing the validation phase.

The Deployment Process
is section describes the core transaction β of the CL-BC model in the data storage application. e key process in the deployment process is as follows:

Authorization Initialization.
In the initialization phase, the default access region Acc x is first generated, and then, the system manager m ∈ S, as a trusted subject, adds the g to the region and deploys smart contract to initialize the Acc x authorization. Perform the following steps: (i) m selects the access domain identifier ID and chooses the g ∈ G to join the region. (ii) Grant corresponding permissions to S, namely, associated g and S. (iii) Generate a public key pair in each access control domain for signature and verification. (iv) m places the compiled smart contract in Acc x and configures a fixed Add for the process to call. (v) As described in Algorithm 1, an authorized Genesis Block is generated through the initialization program, responsible for the behaviour control of S, where m sig is derived from the private key generated by m: sig Acc x , ID Acc , m , y * (0, 0) , ACL, Add, Stamp PK m , (6) where the access control list (ACL) is similar to the second-order array in Table 1, and limited S can execute O through the β. Stamp proves that the transaction existed before the signature at time t.
In Algorithm 1, the content classification of G is defined as U and C, and then the (S, (β k , O) rules followed in CR_2 and ER_3 are written to the ACL to complete the authorization proposal InitAuth () of the current transaction (lines 1-4). Next, through the consensus protocol implementation, internal consensus decision results are obtained (5-10), following the principle of responding nodes exceeding (f +1)/3f + 1 in PBFT (f refers to the maximum of faulty nodes) [35]. If the agreement passes, the Genesis Block is generated and the world status is updated (11-15); otherwise, the transaction fails.

Storage Management.
After the system is initialized, start β. e process is as follows: (i) S downloads Acc x private key and also generates a signature private key with identity representative. (ii) S sends a transaction request ASK to Acc x , and private key PK S signature is attached to the request to facilitate the verification of real identity: e information Info S of S and the storage deal β Store coordinate with the system to judge whether S has the qualification to execute the current transaction.
(iii) Verify identity information to determine whether the β Store can be successfully executed, as shown in Algorithm 2. First, verify the identity of S. If it is true, β Store will be temporarily placed in the trading pool (1-3). en, Algorithm 3 is called to obtain the authentication response Resp of the transaction request ASK. Only the result is correct, the world state is updated, and the verified β Store in the transaction pool is deleted (5)(6)(7)(8)(9). Otherwise, close the deal (10-12).

Verification Management.
is section screens transactions from {β} in the trading pool can be successfully linked, drawing on the consensus idea of Fan et al. [36]: (i) Package and encapsulate the disorderly trading β i within the time zone t 1 to t 2 in the trading pool into blocks. (ii) Verify the sorted transaction {β Sorted } instead of the content Info β to get the response at lines 6-10 in Algorithm 2. e verification process is shown in Algorithm 3. First, verification node calculates the hash value of the root node (1-3). Noting that when facing the same O, the verification node and the commit storage node cannot overlap. When the number of failed nodes is within the allowed range and the count of obtaining the same value y(str) from other nodes reaches n-f, it indicates the β is valid, and {β Sorted } is valid (6)(7). Otherwise, the integrity verification results are judged by verifying the root hash of the Merkle tree (8)(9)(10)(11)(12)(13)(14). When the response node reaches f +1, download and decrypt the private key for β Store ; the hash value of H(t || β Store ) will be obtained and the root value of y * (0, 0) will be calculated.

Experimental Result.
e simulation was carried out on a laptop equipped with 2.30 GHz Inter Core i7 CPU and 8.00 GB memory, and ubuntu18.04 was configured on Windows WSL2. Virtual nodes are deployed through a Docker container [38], which are mainly divided into Peer and Orderer. Open a main console as a client for β Store and uploading the actual contents Info β . Peer node verifies transaction validity; Orderer as a sort node and a transaction node, sorts and blocks β, verifies sorted {β Sorted }, and broadcasts {β Sorted } determined to be valid.
Since the time to execute a trade is related to system performance, we only consider the time comparison between different operations in the same environment. Take 50 operations and calculate the average value.
e system automatically responds every 3s. Figure 5 shows the system response time when there is no operation under this configuration, with an average value of 68.45 μs and times as the reference time. en, we simulated four different types of operations in groups, recorded the time required to determine the type of operation each time, and took the mean value to draw the result as shown in Figure 6. e abscissa represents different operation types, and the ordinate represents time cost.
In this model, maintaining data integrity is mainly reflected in (i) preventing unauthorized users from accessing data items, (ii) preventing unauthorized users from improperly modifying data items, and (iii) maintaining the feasibility of normal operation by authorized users, where (i) corresponds to "unreadable" in Figure 6, (ii) corresponds to "nonwritable," and (iii) corresponds to "readable" and "writable." In Figure 6, the three bars on the left are close in height, whereas the bar on the right is much higher than the former.
is is because of write operations on the blockchain, more operations described in 3.3.1 need to be performed, resulting in a longer response time. e response time of the system to reject malicious operation is even shorter than part of the normal operation time, so the integrity protection efficiency is high. e effectiveness of the proposed CL-BC model is proved by the application of blockchain. e feasibility and controllability of the model are verified by setting different operation parameters.

Security Analysis.
e data storage system in a secure access control environment to prevent β from being maliciously or accidently destroyed. Considered evaluation metrics include confidentiality, integrity, and availability. Confidentiality guarantee only opens permissions for authorized users, and integrity guarantee does not have permission to change data, and availability ensures that the needs of authorized users are met.
(i) In this model, we have the following: (1) e irreversible preimage of the hash function guarantees the unidirectional data encryption of the system, namely, Info β �>H(Info β )∩ H(Info β ) ≠> Info β .
(2) e prefix of H(T|| Info β ), the problem of friendliness, ensures S is difficult to map the function without knowing the original text.
Proof. Info β cannot predict the hash value, although the pre-encryption information is known. Measured in femtosecond "ps," the smallest time unit in Verilog. One-minute time difference produces 6 * 1016 prefixes and makes guessing hashes more difficult.
(ii) Smart contract technology and cryptography technology jointly maintain the system integrity: (1) e anticollision property of hash function makes it easy to verify the β integrity in this system.
Proof. e output H(Info β ) is different even if the input variable changes slightly, so when β 1 ≠ β 2 , it is almost impossible to find two different variable values that satisfy H(β 1 ) � H(β 2 ). e output value is usually a fixed value, the range of β is large, and H(β) is small in a limited range. At this time, MD5 is still selected to output 128 bits, and a round of hashing output needs 2 128 times. e mining machine with 73TH/s computing power needs 2 128 ÷ 2 * 10 21 ≈ 10 18 years and has not calculated the prefix time, so it is almost impossible to forge a transaction with the same hash value in the limited time. Easy to tell if the data are complete by looking at the output hash value.
(2) Merkel root judges the integrity of transactions in the system. Proof. Described in 3.2.4 and in line 8-14 of Algorithm 3 in 4.3, only the root hash value y * (0,0) or the value of a node and its complementary node can be calculated, and then, the output value of the transaction can be compared with it.
(3) e improved PBFT algorithm to verify the integrity of β more efficiently.
Proof. In the process of verifying β, the conventional PBFT algorithm meets the (f + 1)/3f + 1 principle followed by the number of failed nodes; that is, all the responses are compared for n times to reach a conclusion. When the nodes   (iii) To improve the data storage system model, various CL-BC integrity protection rules are formulated in 3.2.3, and a coherent execution process for implementing these rules is introduced in 3.3.2. e complete transaction structure is described in 3.3.1, and the smart contract deployed according to the rules and transaction structure (see Section 4) is mandatory to automate the operation, effectively prevent all kinds of hardware and software failures and human failures, and better maintain the availability of the system.

Comparison with Existing Schemes.
e storage model is extremely concerned with the private information control; however, a more important goal in this domain is to maintain data integrity to ensure transactions are authentic and valid.
e Cl-BC model is an integrity-based access control security model and has the advantages of dispersibility, auditability, and immutability. By comparing with existing studies, the results are shown in Table 2. Compared with other schemes, the biggest advantage of CL-BC is that it has a distributed structure and can resist collusion attacks [39], to avoid the deception occurrence driven by private interests of traders, crucial to the maintenance of data integrity.

Conclusion
In this article, we propose a security data storage model CL-BC for social network to protect data integrity. We carry out conceptual design from the basic elements, security attributes, relevant rules, and encryption parts of the model, and plan the optimal data storage architecture and design detailed processes at each stage. Part of the DR-BFP algorithm is used to design and deploy blockchain smart contracts to improve data integrity. e experimental results and security analysis show that the model is better in integrity protection and has better verification function.

Data Availability
is research and proposed methodology were simulated, and all data are included already in the paper. So, there is no need for extra data.

Conflicts of Interest
e authors declare that there are no conflicts of interest regarding the publication of this article.