CN109639715B - Method, device and equipment for avoiding double-flower attack and computer readable storage medium - Google Patents

Method, device and equipment for avoiding double-flower attack and computer readable storage medium Download PDF

Info

Publication number
CN109639715B
CN109639715B CN201910006208.7A CN201910006208A CN109639715B CN 109639715 B CN109639715 B CN 109639715B CN 201910006208 A CN201910006208 A CN 201910006208A CN 109639715 B CN109639715 B CN 109639715B
Authority
CN
China
Prior art keywords
node
operator
user
user node
alliance chain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910006208.7A
Other languages
Chinese (zh)
Other versions
CN109639715A (en
Inventor
田新雪
马书惠
肖征荣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN201910006208.7A priority Critical patent/CN109639715B/en
Publication of CN109639715A publication Critical patent/CN109639715A/en
Application granted granted Critical
Publication of CN109639715B publication Critical patent/CN109639715B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/10Architectures or entities
    • H04L65/1016IP multimedia subsystem [IMS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support
    • H04W8/28Number portability ; Network address portability

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention provides a method, a device, equipment and a computer readable storage medium for avoiding double flower attacks, wherein the method comprises the following steps: a user node acquires an operator list corresponding to a alliance chain; the user node determines the operator to be transferred from the operator list; and the user node sends broadcast information according to the operator to be transferred, wherein the broadcast information comprises the operator identifier to be transferred, the identifier corresponding to the user node and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain. Therefore, the security of the alliance chain can be guaranteed, and the security of the user account can be further guaranteed.

Description

Method, device and equipment for avoiding double-flower attack and computer readable storage medium
Technical Field
The present invention relates to the field of blockchains, and in particular, to a method, an apparatus, a device, and a computer-readable storage medium for avoiding double flower attacks.
Background
The number portability and network switching can also be called number portability and number switching, and particularly, a mobile phone user with the number of one mobile operator can switch to the network of other operators to enjoy the telecommunication operation service of other operators. The number portability network can reduce the cost of the user network portability and bring convenience to consumers on one hand, and on the other hand, the number portability network can optimize the market structure, realize effective competition through the control measures of the market and improve the welfare of the consumers.
However, after the number portability is implemented, due to management problems, user data information cannot be synchronized in time, and therefore, a hacker user may pretend to be a newly-added operator and own the jumbo mining machine to enter the block chain, so that the entire network is easily credited, and a double-flower attack is initiated or disturbed, and the operation of the whole system is affected. Furthermore, a malicious user may even be able to forge a completely new blockchain ledger, causing a completely confusing state for newly added operator nodes.
Disclosure of Invention
The invention provides a method, a device and equipment for avoiding double-flower attack and a computer readable storage medium, which are used for solving the technical problem that after number portability is implemented, because of the management problem, user data information cannot be synchronized in time, so that a malicious user carries out double-flower attack.
A first aspect of the present invention provides a method for avoiding double blossom attacks, comprising:
a user node acquires an operator list corresponding to a alliance chain;
the user node determines the operator to be transferred from the operator list;
and the user node sends broadcast information according to the operator to be transferred, wherein the broadcast information comprises the operator identifier to be transferred, the identifier corresponding to the user node and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain.
Another aspect of the present invention is to provide an apparatus for avoiding double flower attacks, comprising:
the acquiring module is used for acquiring an operator list corresponding to the alliance chain;
the determining module is used for determining the operator to be transferred from the operator list;
and the sending module is used for sending broadcast information according to the operator to be transferred, wherein the broadcast information comprises the identifier of the operator to be transferred, the identifier corresponding to the user node and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain.
Yet another aspect of the present invention is to provide an apparatus for avoiding double flower attacks, comprising: a memory, a processor;
a memory; a memory for storing the processor-executable instructions;
wherein the processor is configured to perform the method of avoiding double flower attacks as described above by the processor.
Yet another aspect of the present invention is to provide a computer-readable storage medium having stored therein computer-executable instructions for implementing the method of avoiding double flower attacks as described above when executed by a processor.
The method, the device, the equipment and the computer readable storage medium for avoiding the double-flower attack provided by the invention acquire the operator list corresponding to the alliance chain through the user node; the user node determines the operator to be transferred from the operator list; and the user node sends broadcast information according to the operator to be transferred, wherein the broadcast information comprises the operator identifier to be transferred, the identifier corresponding to the user node and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain. Therefore, the security of the alliance chain can be guaranteed, and the security of the user account can be further guaranteed.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art according to the drawings.
Fig. 1 is a schematic structural diagram of a communication system according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a method for avoiding double blossom attacks according to an embodiment of the present invention;
fig. 3 is a schematic flow chart of a method for avoiding double blossom attacks according to a second embodiment of the present invention;
fig. 4 is a schematic flow chart of a method for avoiding double blossom attacks according to a fourth embodiment of the present invention;
fig. 5 is a schematic structural diagram of an apparatus for avoiding double flower attack according to a fourth embodiment of the present invention;
fig. 6 is a schematic structural diagram of a device for avoiding double flower attack according to a fifth embodiment of the present invention.
With the foregoing drawings in mind, certain embodiments of the disclosure have been shown and described in more detail below. These drawings and written description are not intended to limit the scope of the disclosed concepts in any way, but rather to illustrate the concepts of the disclosure to those skilled in the art by reference to specific embodiments.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.
The method for avoiding the double-flower attack provided by the invention can be applied to the communication system shown in figure 1. As shown in fig. 1, the communication system includes: access network device 11, terminal device 12, and server 13. It should be noted that the communication System shown in fig. 1 may be applicable to different network formats, for example, may be applicable to Global System for Mobile communication (GSM), Code Division Multiple Access (CDMA), Wideband Code Division Multiple Access (WCDMA), Time Division-Synchronous Code Division Multiple Access (TD-SCDMA), Long Term Evolution (Long Term Evolution, LTE), and future 5G network formats. Optionally, the communication system may be a system in a scenario of high-reliability and Low-Latency Communications (URLLC) transmission in a 5G communication system.
Therefore, optionally, the access Network device 11 may be a Base Station (BTS) and/or a Base Station Controller in GSM or CDMA, a Base Station (NodeB, NB) and/or a Radio Network Controller (RNC) in WCDMA, an evolved Node B (eNB or eNodeB) in LTE, or a relay Station or an access point, or a Base Station (gbb) in a future 5G Network, and the present invention is not limited thereto.
The terminal device 12 may be a wireless terminal or a wired terminal. A wireless terminal may refer to a device that provides voice and/or other traffic data connectivity to a user, a handheld device having wireless connection capability, or other processing device connected to a wireless modem. A wireless terminal, which may be a mobile terminal such as a mobile telephone (or "cellular" telephone) and a computer having a mobile terminal, for example, a portable, pocket, hand-held, computer-included, or vehicle-mounted mobile device, may communicate with one or more core Network devices via a Radio Access Network (RAN), and may exchange language and/or data with the RAN. For another example, the Wireless terminal may also be a Personal Communication Service (PCS) phone, a cordless phone, a Session Initiation Protocol (SIP) phone, a Wireless Local Loop (WLL) station, a Personal Digital Assistant (PDA), and other devices. A wireless Terminal may also be referred to as a system, a Subscriber Unit (Subscriber Unit), a Subscriber Station (Subscriber Station), a Mobile Station (Mobile), a Remote Station (Remote Station), a Remote Terminal (Remote Terminal), an Access Terminal (Access Terminal), a User Terminal (User Terminal), a User Agent (User Agent), and a User Device or User Equipment (User Equipment), which are not limited herein. Optionally, the terminal device 12 may also be a smart watch, a tablet computer, or the like. Alternatively, the terminal device 12 and the server 13 may be nodes in a blockchain network. In addition, the blockchain network may further include other nodes, such as node 15 and node 14, and the terminal device 12, the server 13, the node 15, and the node 14 may specifically form a peer-to-peer network.
Fig. 2 is a schematic flow chart of a method for avoiding double flower attack according to an embodiment of the present invention, as shown in fig. 1, the method includes:
step 201, the user node obtains an operator list corresponding to the alliance chain.
The execution subject of this embodiment is a user node, and the user node belongs to a preset federation chain. And the alliance chain only aims at members of a certain specific group and limited third parties, a plurality of preselected nodes are internally designated as bookers, the generation of each block is jointly determined by all the preselected nodes, other access nodes can participate in transactions, but the billing process is not asked, and other third parties can carry out limited query through an API opened by the block chain. It should be noted that the federation chain includes at least two operator nodes and an founding node, for example, the operator nodes may be a link node, a mobile node, a telecommunication node, and the like, the founding node may be a conus node, the conus node serves as an originator of the federation chain, the conus node issues an founding node of the federation chain in the federation chain by sending a broadcast message, the founding node includes an identifier of the conus node, a public key, and identity information of the founding person, and the broadcast message is signed by a private key of the conus node and then broadcast to the federation chain network to become a first block of the federation chain, i.e., an founding block. The trust department node generates a created block, writes the hash value of the parent block in the created block into the public key of the local block fast link originator, or generates a hash code by the public key of the local block fast link originator through SHA256 algorithm and puts the hash code into the hash value of the parent block in the block header. The block height, the head hash, the Merkle root, the timestamp, the difficulty value, and the random number in the created block head are written in the following manner: in a created block, the basic information of three local existing operators is recorded into a block main body, a Merkle tree of all transaction information in the block is generated in the block main body, the value of a Merkle tree root is stored in a block header, the current time is stored in a timestamp field, and the difficulty is set to be an appropriate difficulty preset by a public chain initiator. Basic information of three operators existing in the block at present is written in the block body. The broadcast message is signed by using a private key of the industrial and information department node and then is broadcast to a block chain network, and the created block is the first block of the block chain. The industry and trust department node locally stores an operator list of the present alliance chain, and the list comprises the identification and public key information of all operators in the current alliance chain.
Optionally, when the user wants to implement number portability, the operator to be ported needs to be determined first. Therefore, the user node can obtain the operator list of the local storage local alliance chain of the business and communication department node, so that the basic information of all current operators is determined according to the operator list, and the selection of the network transfer operators is further realized. Specifically, the user node may send a request for querying the operator list of the local federation chain to the department of industry and the latest operator list sent by the department of industry and the credit node, where the operator list is sent after the department of industry and the credit node is signed by a private key.
Step 202, the user node determines the operator to be transferred from the operator list.
In this embodiment, after the user node obtains the operator list of the local storage of the federation chain in the carrier node, the user may determine the current operator to be transferred according to the basic information of the operator in the operator list.
Step 203, the user node sends broadcast information according to the operator to be transferred, where the broadcast information includes the identifier of the operator to be transferred, the identifier corresponding to the user node, and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain.
In this embodiment, after the user node determines the operator to be transferred from the operator list, in order to ensure that the user data information is synchronized timely and prevent a malicious user from performing a double-pattern attack, the user node may initiate broadcast information according to the operator to be transferred, where the information to be transferred includes an identifier of the operator to be transferred, an identifier corresponding to the user node, and public key information. Note that the broadcast information is signed by a private key of the user node and then transmitted. Correspondingly, the service department node and all the operator nodes in the block chain network are used as mining nodes of the block chain, and after receiving the broadcast information, the broadcast information can be written into a new block and then synchronized to all the nodes in the block chain for storage. In addition, after receiving the broadcast information, the operator node may update its own user list according to the broadcast information. Specifically, if the user is not the user of the user, the user may be deleted from the user list of the user, and the existing service model of the user may be suspended and the operation of accounting may be performed. In addition, the operator node further needs to initiate broadcast information according to the deletion operation, where the broadcast information may specifically be: user identification of user A, information that user A has released contract with itself, identification of operator node and public key. It should be noted that, when broadcasting the message, the operator node signs the message with its own private key and broadcasts the message to the blockchain network.
In the method for avoiding the double-flower attack provided by the embodiment, the operator list corresponding to the alliance chain is obtained through the user node; the user node determines the operator to be transferred from the operator list; and the user node sends broadcast information according to the operator to be transferred, wherein the broadcast information comprises the operator identifier to be transferred, the identifier corresponding to the user node and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain. Therefore, the security of the alliance chain can be guaranteed, and the security of the user account can be further guaranteed.
Fig. 3 is a schematic flow chart of a method for avoiding double flower attack according to a second embodiment of the present invention, and based on the second embodiment, as shown in fig. 3, the method includes:
301, a user node acquires an operator list corresponding to a alliance chain;
step 302, the user node determines the operator to be transferred from the operator list;
step 303, the user node sends broadcast information according to the operator to be transferred, where the broadcast information includes the identifier of the operator to be transferred, the identifier corresponding to the user node, and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain;
step 304, the user node receives the service information sent by the operator to be transferred;
and 305, selecting service data from the service information by the user node according to a selection instruction of the user.
In this embodiment, a user node obtains an operator list corresponding to a federation chain; the user node determines the operator to be transferred from the operator list; after the user node sends the broadcast information according to the operator to be transferred, if the operator node detects that the user has released the cooperative relationship with the previous operator and wants to transfer to the local flag, the user node records the information such as the user identifier and sends the service information in the user node to the user node, wherein the information is sent after being signed by the private key of the operator node. Correspondingly, the user can receive the service information sent by the operator to be forwarded, select one or more service data from the service information according to the selection instruction of the user, and establish a contract with the operator node according to the service data to realize number portability.
In the method for avoiding the double-flower attack provided by the embodiment, the service information sent by the network operator to be transferred is received through the user node; and the user node selects the service data from the service information according to the selection instruction of the user. Therefore, the online autonomous operation of number portability of the user can be realized, and the network portability efficiency is improved.
Further, on the basis of any of the above embodiments, the method further includes:
a user node acquires an operator list corresponding to a alliance chain;
the user node determines the operator to be transferred from the operator list;
the user node sends broadcast information according to the operator to be transferred, wherein the broadcast information comprises the operator identifier to be transferred, an identifier corresponding to the user node and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain;
the user node receives the service information sent by the operator of the network to be transferred;
the user node selects service data from the service information according to a selection instruction of a user;
the user node and the operator node sign an intelligent contract about the service data; sending the intelligent contract to the operator node through a private key of the user node;
and the user node receives the intelligent contract after the operator node signs the secondary signature through the operator private key to complete the signing of the service data.
In this embodiment, a user node obtains an operator list corresponding to a federation chain; the user node determines the operator to be transferred from the operator list; after the user node sends the broadcast information according to the operator to be transferred, if the operator node detects that the user has released the cooperative relationship with the previous operator and wants to transfer to the local flag, the user node records the information such as the user identifier and sends the service information in the user node to the user node, wherein the information is sent after being signed by the private key of the operator node. Correspondingly, the user can receive the service information sent by the operator to be forwarded, select one or more service data from the service information according to the selection instruction of the user, and establish a contract with the operator node according to the service data to realize number portability. Specifically, the user node and the operator node may establish an intelligent contract according to the service data, and send the intelligent contract to the operator node through a private key of the user node. Correspondingly, after receiving the intelligent contract, the operator node inquires that the intelligent contract has no problem, and then the private key of the operator node can be used for carrying out secondary signature on the contract and sending the contract to the user node, so that the intelligent contract is signed. The user node can go to the entity business hall to exchange a new mobile phone card with the original number, wherein the mobile phone card can be any type of card such as an SIM card, a USIM card and the like, and the invention is not limited again.
In the method for avoiding the double-flower attack provided by the embodiment, the user node and the operator node sign an intelligent contract about the service data; sending the intelligent contract to the operator node through a private key of the user node; and the user node receives the intelligent contract after the operator node signs the secondary signature through the operator private key to complete the signing of the service data. Therefore, the online autonomous operation of number portability of the user can be realized, and the network portability efficiency is improved.
Fig. 4 is a schematic flow chart of a method for avoiding double flower attack according to a fourth embodiment of the present invention, where on the basis of any of the foregoing embodiments, as shown in fig. 4, the method further includes:
step 401, a user node determines a created node in the alliance chain;
step 402, determining a founder node in the alliance chain from the founder nodes by the user nodes;
step 403, the user node sends an application request to the originator node, where the application request includes a block chain identifier of the user node, public key information, and operator information to which the user node belongs, so that the originator node determines, according to the application request, whether the user node has an authority to join the federation chain, and performs corresponding processing according to a determination result;
step 404, the user node obtains an operator list corresponding to the alliance chain;
step 405, the user node determines the operator to be transferred from the operator list;
step 406, the user node sends broadcast information according to the operator to be transferred, where the broadcast information includes the identifier of the operator to be transferred, the identifier corresponding to the user node, and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain.
In an embodiment, the federation chain only aims at members of a certain specific group and limited third parties, a plurality of preselected nodes are internally designated as bookers, the generation of each block is jointly determined by all the preselected nodes, other access nodes can participate in transactions, but the billing process is not asked, and other third parties can make limited queries through an API opened by the blockchain. Therefore, if any user node wants to become a member of the federation chain, when the user node first intervenes in the federation chain, the user node needs to broadcast joining information of the user node to the federation chain, wherein the joining information includes identity information, user identification, public key information and the like of the user node, and the joining information is encrypted by a private key and then broadcast to the federation chain. The method comprises the steps of determining a founding node in a alliance chain, storing a founding block in a local place after the founding node is determined, determining an address of an originator of the alliance chain from the founding node, and sending an application request to the originator node, so that the originator node can judge whether a user node has the authority of joining the alliance chain according to the application request. Correspondingly, if the user node is judged to have the right, the user node can be added into the alliance chain, and if not, the user node is not allowed to be added into the alliance chain.
Correspondingly, if any operator node wants to become a member of the federation chain, when the operator node first intervenes in the federation chain, the operator node needs to broadcast joining information to the federation chain, wherein the joining information includes identity information of the operator node, an identifier of the operator to which the operator node belongs, public key information and the like, and the joining information is encrypted by a private key and then broadcast to the federation chain. Determining a created node in a federation chain, after determining the created node, storing the created block in the local, determining an address of an originator of the federation chain from the created node, and sending an application request to the originator node, wherein the application request includes block chain identification of an operator node, public key information, and affiliated operator information of the operator node, and the affiliated operator information includes company name of the operator, legal representative information, registered capital, registered address, enterprise registration number, establishment time and other information, so that the originator node can judge whether the operator node has the authority to join the federation chain according to the application request. Correspondingly, if the operator node is judged to have the right, the operator node can be added into an operator node list locally stored in the created node, and if not, the operator node is not allowed to be added into the alliance chain.
In the method for avoiding the double-flower attack provided by this embodiment, the founding node in the alliance chain is determined by the user node; the user node determines an originator node in the alliance chain from the creation nodes; the method comprises the steps that a user node sends an application request to an originator node, wherein the application request comprises a block chain identifier of the user node, public key information and operator information to which the user node belongs, so that the originator node judges whether the user node has the authority of joining the alliance chain or not according to the application request, and corresponding processing is carried out according to a judgment result, therefore, the information safety in the alliance chain can be guaranteed, and the information safety of users is guaranteed.
Further, on the basis of any of the above embodiments, the method further includes:
the user node inquires the creation node of the alliance chain from the adjacent node;
the user node receives the created-to-be-verified nodes fed back by the adjacent nodes, and takes the created-to-be-verified nodes with the highest occurrence frequency as created nodes in the alliance chain;
the user node determines an originator node in the alliance chain from the creation nodes;
a user node sends an application request to the originator node, wherein the application request comprises a block chain identifier of the user node, public key information and operator information to which the user node belongs, so that the originator node judges whether the user node has the authority to join the alliance chain according to the application request and performs corresponding processing according to a judgment result;
a user node acquires an operator list corresponding to a alliance chain;
the user node determines the operator to be transferred from the operator list;
and the user node sends broadcast information according to the operator to be transferred, wherein the broadcast information comprises the operator identifier to be transferred, the identifier corresponding to the user node and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain.
In this embodiment, the user node may query the created nodes of the federation chain to its neighboring nodes, and the number of the neighboring nodes may be set by the user or may be default for the system. Since most of the block chains are good on the premise of the assumption of the existence of the block chains, the user node receives the created nodes to be verified fed back by the adjacent nodes, and takes the created nodes to be verified with the highest occurrence frequency as created nodes in the alliance chain. The user node determines an originator node in the alliance chain from the creation nodes; a user node sends an application request to the originator node, wherein the application request comprises a block chain identifier of the user node, public key information and operator information to which the user node belongs, so that the originator node judges whether the user node has the authority to join the alliance chain according to the application request and performs corresponding processing according to a judgment result; a user node acquires an operator list corresponding to a alliance chain; the user node determines the operator to be transferred from the operator list; and the user node sends broadcast information according to the operator to be transferred, wherein the broadcast information comprises the operator identifier to be transferred, the identifier corresponding to the user node and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain.
In the short message sending method based on the block chain provided by this embodiment, the user node queries the created nodes of the alliance chain from the neighboring nodes; and the user node receives the created nodes to be verified fed back by the adjacent nodes, and takes the created nodes to be verified with the highest occurrence frequency as created nodes in the alliance chain, so that the information safety in the alliance chain can be ensured, and the information safety of the user is guaranteed.
Fig. 5 is a schematic structural diagram of a device for avoiding double flower attack according to a fourth embodiment of the present invention, and as shown in fig. 5, the device includes:
an obtaining module 51, configured to obtain an operator list corresponding to the federation chain.
A determining module 52, configured to determine an operator to be transferred from the operator list.
And the sending module 53 is configured to send broadcast information according to the to-be-transferred-network operator, where the broadcast information includes the to-be-transferred-network operator identifier, an identifier corresponding to the user node, and public key information, so that each operator node in the federation chain updates a user list according to the broadcast information, and a mine digging node in the federation chain writes the broadcast information into an account book of the federation chain.
In the apparatus for avoiding double-flower attack provided in this embodiment, an operator list corresponding to a federation chain is obtained through a user node; the user node determines the operator to be transferred from the operator list; and the user node sends broadcast information according to the operator to be transferred, wherein the broadcast information comprises the operator identifier to be transferred, the identifier corresponding to the user node and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain. Therefore, the security of the alliance chain can be guaranteed, and the security of the user account can be further guaranteed.
Optionally, the apparatus further comprises:
the receiving module is used for receiving the service information sent by the operator of the network to be transferred;
and the selection module is used for selecting the service data from the service information according to a selection instruction of a user.
Optionally, the apparatus further comprises:
the created-generation node determining module is used for determining created-generation nodes in the alliance chain;
the originator node determining module is used for determining originator nodes in the alliance chain from the originator nodes;
and the application request sending module is used for sending an application request to the originator node, wherein the application request comprises the block chain identifier and the public key information of the user node and the affiliated operator information of the user node, so that the originator node judges whether the user node has the authority of joining the alliance chain according to the application request and takes corresponding processing according to the judgment result.
Optionally, the creating node determining module includes:
the inquiry unit is used for inquiring the created nodes of the alliance chain from the adjacent nodes;
and the receiving unit is used for receiving the created nodes to be verified fed back by the adjacent nodes and taking the created nodes to be verified with the highest frequency of occurrence as created nodes in the alliance chain.
Optionally, the apparatus further comprises:
the signing module is used for signing an intelligent contract related to the service data with the operator node; sending the intelligent contract to the operator node through a private key of the user node;
and the signature module is used for receiving the intelligent contract after the operator node carries out secondary signature through an operator private key to complete signing of the service data.
Fig. 6 is a schematic structural diagram of a device for avoiding double flower attack according to a fifth embodiment of the present invention, and as shown in fig. 6, the device for avoiding double flower attack includes: a memory 61, a processor 62;
a memory 61; a memory 61 for storing instructions executable by the processor 62;
wherein the processor 62 is configured to execute the method of avoiding double flower attacks as described above by the processor 62.
Yet another embodiment of the present invention provides a computer-readable storage medium having stored therein computer-executable instructions for implementing the method for avoiding double flower attacks as described above when executed by a processor.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working process of the apparatus described above may refer to the corresponding process in the foregoing method embodiment, and is not described herein again.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
The integrated unit implemented in the form of a software functional unit may be stored in a computer readable storage medium. The software functional unit is stored in a storage medium and includes several instructions to enable a computer device (which may be a personal computer, a server, or a network device) or a processor (processor) to execute some steps of the methods according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
It is obvious to those skilled in the art that, for convenience and simplicity of description, the foregoing division of the functional modules is merely used as an example, and in practical applications, the above function distribution may be performed by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules to perform all or part of the above described functions. For the specific working process of the device described above, reference may be made to the corresponding process in the foregoing method embodiment, which is not described herein again.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (10)

1. A method of avoiding a double flower attack, comprising:
a user node acquires an operator list corresponding to a alliance chain;
the user node determines the operator to be transferred from the operator list;
and the user node sends broadcast information according to the operator to be transferred, wherein the broadcast information comprises the operator identifier to be transferred, the identifier corresponding to the user node and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain.
2. The method of claim 1, wherein after the user node sends the broadcast information according to the operator to be forwarded, the method further comprises:
the user node receives the service information sent by the operator of the network to be transferred;
and the user node selects the service data from the service information according to the selection instruction of the user.
3. The method of claim 1, wherein before the user node obtains the list of operators corresponding to the federation chain, the method further comprises:
determining a creation node in the alliance chain by the user node;
the user node determines an originator node in the alliance chain from the creation nodes;
and the user node sends an application request to the originator node, wherein the application request comprises the block chain identifier and the public key information of the user node and the operator information of the user node, so that the originator node judges whether the user node has the authority to join the alliance chain according to the application request and performs corresponding processing according to the judgment result.
4. The method of claim 3, wherein the user node determines a founder node in the federation chain, comprising:
the user node inquires the creation node of the alliance chain from the adjacent node;
and the user node receives the created nodes to be verified fed back by the adjacent nodes, and takes the created nodes to be verified with the highest frequency as created nodes in the alliance chain.
5. The method of claim 2, wherein after the user node selects the service data from the service information according to the selection instruction of the user, the method further comprises:
the user node and the operator node sign an intelligent contract about the service data; sending the intelligent contract to the operator node through a private key of the user node;
and the user node receives the intelligent contract after the operator node signs the secondary signature through the operator private key to complete the signing of the service data.
6. An apparatus for avoiding double flower attacks, comprising:
the acquiring module is used for acquiring an operator list corresponding to the alliance chain;
the determining module is used for determining the operator to be transferred from the operator list;
and the sending module is used for sending broadcast information according to the operator to be transferred, wherein the broadcast information comprises the operator identifier to be transferred, an identifier corresponding to the user node and public key information, so that each operator node in the alliance chain updates a user list according to the broadcast information, and the mining node in the alliance chain writes the broadcast information into an account book of the alliance chain.
7. The apparatus of claim 6, further comprising:
the receiving module is used for receiving the service information sent by the operator of the network to be transferred;
and the selection module is used for selecting the service data from the service information according to a selection instruction of a user.
8. The apparatus of claim 6, further comprising:
the created-generation node determining module is used for determining created-generation nodes in the alliance chain;
the originator node determining module is used for determining originator nodes in the alliance chain from the originator nodes;
and the application request sending module is used for sending an application request to the originator node, wherein the application request comprises the block chain identifier and the public key information of the user node and the affiliated operator information of the user node, so that the originator node judges whether the user node has the authority of joining the alliance chain according to the application request and takes corresponding processing according to the judgment result.
9. An apparatus for avoiding double flower attacks, comprising: a memory, a processor;
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of avoiding double flower attacks according to any one of claims 1-5 by the processor.
10. A computer-readable storage medium having stored thereon computer-executable instructions for implementing the method of avoiding double flower attacks as claimed in any one of claims 1-5 when executed by a processor.
CN201910006208.7A 2019-01-04 2019-01-04 Method, device and equipment for avoiding double-flower attack and computer readable storage medium Active CN109639715B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910006208.7A CN109639715B (en) 2019-01-04 2019-01-04 Method, device and equipment for avoiding double-flower attack and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910006208.7A CN109639715B (en) 2019-01-04 2019-01-04 Method, device and equipment for avoiding double-flower attack and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN109639715A CN109639715A (en) 2019-04-16
CN109639715B true CN109639715B (en) 2021-05-18

Family

ID=66056705

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910006208.7A Active CN109639715B (en) 2019-01-04 2019-01-04 Method, device and equipment for avoiding double-flower attack and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN109639715B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113222590B (en) * 2020-01-21 2023-10-31 富联精密电子(天津)有限公司 Method, apparatus and computer readable storage medium for preventing double-flower attack
CN111538791B (en) * 2020-05-07 2023-09-22 深圳创客区块链技术有限公司 Block chain multiple-cross-chain mutual protection method, device and storage medium
CN114025345B (en) * 2020-07-16 2024-05-07 中国移动通信有限公司研究院 System, method, equipment and medium for processing number-carrying network transfer

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107995197A (en) * 2017-12-04 2018-05-04 中国电子科技集团公司第三十研究所 A kind of method for realizing across management domain identity and authority information is shared
CN108990048A (en) * 2017-05-31 2018-12-11 华为技术有限公司 The method and apparatus for determining the mark of terminal device
CN109005033A (en) * 2018-09-07 2018-12-14 全链通有限公司 The method for realizing the registration of block chain system of real name based on phone number
CN109041175A (en) * 2018-09-25 2018-12-18 全链通有限公司 Base station connection method, equipment, network and storage medium based on block chain

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10523526B2 (en) * 2016-12-28 2019-12-31 Acronis International Gmbh System and method for managing services and licenses using a blockchain network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108990048A (en) * 2017-05-31 2018-12-11 华为技术有限公司 The method and apparatus for determining the mark of terminal device
CN107995197A (en) * 2017-12-04 2018-05-04 中国电子科技集团公司第三十研究所 A kind of method for realizing across management domain identity and authority information is shared
CN109005033A (en) * 2018-09-07 2018-12-14 全链通有限公司 The method for realizing the registration of block chain system of real name based on phone number
CN109041175A (en) * 2018-09-25 2018-12-18 全链通有限公司 Base station connection method, equipment, network and storage medium based on block chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
区块链将改变运营商运作模式;谢剑超;《通信企业管理》;20170810;全文 *

Also Published As

Publication number Publication date
CN109639715A (en) 2019-04-16

Similar Documents

Publication Publication Date Title
CN109640274B (en) Short message sending method and device based on block chain and computer readable storage medium
US11979942B2 (en) Implementation and communication methods, apparatus and system of virtual subscriber identity module
CN109067724B (en) Block chain data transaction method, device, equipment and storage medium
CN109451446B (en) Number portability method, device and equipment
CN102970362B (en) The method of a kind of high in the clouds data sharing and device
CN109639715B (en) Method, device and equipment for avoiding double-flower attack and computer readable storage medium
CN108712506B (en) Block chain node communication method and device and block chain node
CN109756889B (en) Block chain-based group number portability method and system
CN108810119A (en) block chain processing method, device and block chain node
CN108769142B (en) Transaction information processing method and block generation node
CN110248358A (en) ESIM management method and system based on Internet of Things
CN109525983B (en) Information processing method and device, and storage medium
CN109660984B (en) Number portability method, equipment and computer readable storage medium
CN102740297B (en) Paging method, device and system
CN109673010B (en) Block chain-based number portability method and device and storage medium
CN108810120B (en) Block chain node communication method and device and block chain node
CN111464636B (en) Asset transaction method and system, and storage medium
CN108777710B (en) Inter-node communication method and device of block chain and block chain node
CN108243631B (en) Network access method and equipment
CN109087096B (en) Block chain account checking method, device, equipment and storage medium
CN109756847B (en) Number portability calling method, equipment and computer readable storage medium
CN108848144B (en) Method and device for accessing nodes in block chain and block chain link point
CN102264058B (en) Subscriber identity card control method, device and system
CN102256234A (en) Method and equipment for processing user authentication process
CN108898419B (en) Reward information processing method and device and block link points

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant