CN111209596A - Block chain-based industrial internet identification analysis access control method - Google Patents
Block chain-based industrial internet identification analysis access control method Download PDFInfo
- Publication number
- CN111209596A CN111209596A CN202010316420.6A CN202010316420A CN111209596A CN 111209596 A CN111209596 A CN 111209596A CN 202010316420 A CN202010316420 A CN 202010316420A CN 111209596 A CN111209596 A CN 111209596A
- Authority
- CN
- China
- Prior art keywords
- identifier
- accessed
- hash value
- mapping information
- block chain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Abstract
The invention discloses an industrial internet identification analysis access control method based on a block chain, which stores relevant information of each identification in an industrial internet in a target block chain in advance and comprises the following steps: under the condition that an analysis request of a user for an identifier to be accessed is received, verifying whether the user has an access right according to an intelligent contract; if so, acquiring mapping information of the identifier to be accessed, and calculating a hash value to be accessed of the mapping information; comparing the hash value to be accessed with the hash value stored on the target block chain; and if the comparison is successful, sending the mapping information of the identifier to be accessed to the user. According to the method, each identifier is stored in the target block chain, the credibility of the identifier resource is ensured, and whether the user has the access right or not is verified according to the intelligent contract; if so, comparing the hash value to be accessed with the hash value stored on the target block chain; if the comparison is successful, the mapping information of the identifier to be accessed is sent to the user, so that the distortion of the analysis result is avoided.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to an industrial internet identification analysis access control method based on a block chain.
Background
The industrial internet identification analysis system is used as a central nerve of the industrial internet, is an important component of an industrial internet network architecture, provides coding, registration and analysis services for physical resources such as industrial equipment, machines, materials, parts and products, and virtual resources such as algorithms, processes and the like, so that unique positioning and information query are carried out on the machines and articles, and is a premise and basis for realizing accurate butt joint of a global supply chain system and an enterprise production system, product full-life-cycle management and intelligent service. China actively lays out the constructions of label analysis global root nodes, auxiliary root nodes, national top level nodes, secondary nodes and the like, the number of industrial internet labels can reach hundreds of billions, concurrent analysis requests can reach tens of millions of levels, and the label analysis system with large levels has very high requirements on safety guarantee capability. The safety of the identification analysis is the key for guaranteeing the safety of the industrial internet.
The industrial internet identification data contains a large amount of sensitive privacy information, and the data has security risks of data leakage, illegal access, unauthorized copy, transmission and the like in the storage and use processes; the identification analysis server, the cache and the proxy server are all possible to be tampered to return wrong identification analysis results; the attacker can abuse the identification registration, illegal registration, fake identification management and agency mechanism, and cause the safety risks of identification resource loss of trust, identification analysis result distortion and the like.
Disclosure of Invention
In view of the above, the invention provides a block chain-based industrial internet identification analysis access control method, which is used for solving the problems that the existing industrial internet identification data contains a large amount of sensitive privacy information, and the data has security risks of data leakage, illegal access, unauthorized copy, propagation and the like in the storage and use processes; the identification analysis server, the cache and the proxy server are all possible to be tampered to return wrong identification analysis results; the attacker can abuse the identification registration, illegal registration, fake identification management and agency mechanism, and the problems of safety risks such as identification resource loss of trust, identification analysis result distortion and the like are caused. The specific scheme is as follows:
an industrial internet identification analysis access control method based on a block chain stores relevant information of each identification in an industrial internet in a target block chain in advance, and comprises the following steps:
under the condition that an analysis request of a user for an identifier to be accessed is received, verifying whether the user has an access right according to an intelligent contract;
if so, acquiring mapping information of the identifier to be accessed, and calculating a hash value to be accessed of the mapping information;
comparing the hash value to be accessed with the hash value stored on the target block chain;
and if the comparison is successful, sending the mapping information of the identifier to be accessed to the user.
The above method, optionally, further includes:
and if the comparison fails, marking the identifier to be accessed.
The above method, optionally, further includes:
if not, rejecting the analysis request and informing the user.
The method optionally stores each identifier in the industrial internet in the target block chain in advance, and includes:
acquiring mapping information of each identifier, wherein the identifiers and the mapping information have an association relation;
aiming at each identifier, respectively calculating the hash value of the identifier and the mapping information corresponding to the identifier;
storing each hash value in the target blockchain.
Optionally, in the method, the comparing the hash value to be accessed with the hash value stored in the target block chain includes:
searching whether the identifier to be accessed exists in a history analysis record set or not, wherein the history analysis record set stores history identifiers to be accessed aiming at the industrial Internet and history mapping information of the history identifiers to be accessed;
if not, determining a target identifier in the target block chain according to the identifier to be accessed;
and judging whether the hash value to be accessed is the same as the target hash value of the target identifier.
The above method, optionally, further includes:
if yes, obtaining the historical analysis record of the identifier to be accessed in the historical analysis record set;
and acquiring mapping information corresponding to the identifier to be accessed from the history analysis record.
An industrial internet identification analysis access control device based on a block chain stores each identification in an industrial internet in a target block chain in advance, comprising:
the verification module is used for verifying whether the user has the access right according to the intelligent contract under the condition of receiving an analysis request of the user for the identifier to be accessed;
the obtaining and calculating module is used for obtaining the mapping information of the identifier to be accessed and calculating the hash value to be accessed of the mapping information if the identifier to be accessed is found to be the same as the identifier to be accessed;
the comparison module is used for comparing the hash value to be accessed with the hash value stored on the target block chain;
and the sending module is used for sending the mapping information of the identifier to be accessed to the user if the comparison is successful.
Optionally, the above apparatus, where the control apparatus stores each identifier in the industrial internet in the target block chain in advance, includes:
the first acquisition unit is used for acquiring mapping information of each identifier, wherein the identifiers and the mapping information have an association relation;
the calculating unit is used for respectively calculating the mark and the hash value of the mapping information corresponding to the mark aiming at each mark;
and the storage unit is used for storing each hash value in the target block chain.
The above apparatus, optionally, the comparing module includes:
the searching unit is used for searching whether the identifier to be accessed exists in a history analysis record set or not, wherein the history analysis record set stores history identifier to be accessed aiming at the industrial Internet and history mapping information of the history identifier to be accessed;
a determining unit, configured to determine, if the target block chain is not accessed, a target identifier in the target block chain according to the identifier to be accessed;
and the judging unit is used for judging whether the hash value to be accessed is the same as the target hash value of the target identifier.
The above apparatus, optionally, further comprises:
a second obtaining unit, configured to obtain, if yes, a historical analysis record of the identifier to be accessed in the historical analysis record set;
and the third acquisition unit is used for acquiring mapping information corresponding to the identifier to be accessed from the history analysis record.
Compared with the prior art, the invention has the following advantages:
the invention discloses an industrial internet identification analysis access control method based on a block chain, which stores relevant information of each identification in an industrial internet in a target block chain in advance and comprises the following steps: under the condition that an analysis request of a user for an identifier to be accessed is received, verifying whether the user has an access right according to an intelligent contract; if so, acquiring mapping information of the identifier to be accessed, and calculating a hash value to be accessed of the mapping information; comparing the hash value to be accessed with the hash value stored on the target block chain; and if the comparison is successful, sending the mapping information of the identifier to be accessed to the user. According to the method, each identifier is stored in the target block chain, the credibility of the identifier resource is ensured, and whether the user has the access right or not is verified according to the intelligent contract; if so, comparing the hash value to be accessed with the hash value stored on the target block chain; if the comparison is successful, the mapping information of the identifier to be accessed is sent to the user, so that the distortion of the analysis result is avoided.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a flow chart of an identifier storage process disclosed in an embodiment of the present application;
fig. 2 is a flowchart of an industrial internet identifier resolution access control method based on a block chain according to an embodiment of the present application;
fig. 3 is a schematic diagram illustrating an execution process of an industrial internet identifier resolution access control method based on a block chain according to an embodiment of the present application;
fig. 4 is a block diagram of a block chain-based industrial internet identifier resolution access control device according to an embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
The invention discloses an access control method for resolving industrial internet identification based on a block chain, which is applied to the access control process of resolving the industrial internet identification, wherein an industrial internet identification resolving system is an important component of an industrial internet network, is a neural hub for supporting interconnection and intercommunication of the industrial internet and has the function similar to a domain name resolution system (DNS) in the internet field. The core of the industrial internet identification analysis system comprises identification codes, an identification analysis system, identification data services and the like. The national industrial internet identification analysis system comprises elements such as international root nodes, national top-level root nodes, secondary nodes, recursive nodes and the like.
In the embodiment of the invention, the industrial internet node code, the entity identification code and the hash value of the mapping information corresponding to the entity identification code are uplink-stored, so that the problems that the identification code is illegally registered, the identification data is illegally tampered and the like are solved, and the credibility of identification resources is ensured; the method solves the problems of illegal access, distortion of analysis results and the like by chaining identification analysis access control strategies, verifying access authority by using an intelligent contract to further control the analysis process and comparing the hash value of mapping information obtained by analysis with the hash value stored on the chain; by storing the identification analysis result on the block chain, the problems that identification data is difficult to trace and the like are solved, data source traceability is realized, data share records are realized, the benefits of an identification resource provider are protected, the identification data safety management capability is enhanced, the identification analysis safety monitoring and protection capability is greatly improved, each identification in the industrial internet is stored in the target block chain in advance by the control method, the execution flow of the storage process is shown in figure 1, and the control method comprises the following steps:
s101, acquiring mapping information of each identifier, wherein the identifiers and the mapping information have an association relation;
in the embodiment of the invention, each identification in the industrial internet is recorded in advance, and the recording process is as follows, the national top level node records the secondary node code; and the secondary node links the enterprise node code with a recording process as follows: the secondary node applies for a secondary node code from the national top node, and submits a secondary node application form and a business license; after the national top level node is approved, the secondary node code is issued, the secondary node code, the application form and the business license are stored in the block chain, and the whole network broadcasting is carried out; the enterprise node applies for an enterprise node code from the secondary node, and submits an enterprise node application form and a business license; and after the secondary node is approved, the enterprise node code is issued, the enterprise node code, the application form and the business license are stored in the block chain, and the whole network is broadcasted.
After the recording is finished, storing, wherein the storage process is as follows, the national top level node stores the certificate, the national top level node distributes a secondary node code to the secondary node and records the code on a block chain; the secondary node stores the certificate, distributes enterprise node codes to the enterprise nodes by the secondary node and records the codes on the block chain; the enterprise node stores the certificate, the enterprise node allocates an identification code for the entity of the enterprise node, and links the identification code and the hash value of the mapping information corresponding to the identification code to store the certificate, wherein each identification corresponds to one piece of mapping information, the mapping information can be an article, a telephone number and the like, and the corresponding relation between the identification and the mapping information is stored and can be stored in the target block chain or data at a designated position. Examples of stored procedures are: a national top level node (for example, 86. in China) allocates a secondary node code (for example, 86.1.) to a secondary node which passes the audit, and a chain is established for storing the certificate in the audit process; the secondary node distributes enterprise node codes (such as 86.1.123456 /) for the enterprise nodes passing the verification, and links a chain certificate in the verification process; the enterprise node allocates an identifier (for example, 86.1.123456/1) to the physical or logical entity, and performs uplink storage on the identifier and the hash value of the mapping information corresponding to the identifier.
S102, aiming at each identifier, respectively calculating the hash value of the identifier and the mapping information corresponding to the identifier;
in the embodiment of the invention, a hash algorithm is adopted to calculate the hash value of the identifier and the mapping information corresponding to the identifier.
S103, storing each hash value in the target block chain.
In the embodiment of the invention, the identifier or the identifier and the hash value corresponding to the identifier and the hash value of the mapping information corresponding to the identifier are stored in the target block chain and are broadcasted in the whole network. Preferably, the identifier resolution access control strategy is uplink stored and broadcast over the network. The access control strategy is a main strategy for network security protection and protection, and the task of the access control strategy is to ensure that network resources are not illegally used and illegally accessed. Various network security policies must cooperate with each other to really play a role in protection, and an access control policy is one of the most important core policies for ensuring network security. The access control policy includes 7 aspects of content, such as a network access control policy, an operation authority control policy, a directory security control policy, an attribute security control policy, a network server security control policy, network monitoring, a lock control policy, a firewall control policy, and the like, where the access control policy may be any combination of the 7 aspects, and a specific existence form of the access control policy is not limited in the embodiment of the present invention.
In the embodiment of the present invention, an execution flow diagram of the access control method is shown in fig. 2, and includes the steps of:
s201, under the condition that an analysis request of a user for an identifier to be accessed is received, verifying whether the user has an access right according to an intelligent contract;
in the embodiment of the invention, under the condition of receiving an analysis request of a user for an identifier to be accessed, whether the user has access authority is verified according to an intelligent contract, wherein the analysis request can be used for submitting the identifier analysis request to a national top level node or a second level node or an enterprise node for the user and broadcasting the identifier analysis request in the whole network. The intelligent contracts are a set of commitments (promises) defined in a digital form, and comprise protocols on which contract participants can execute the commitments, and once a relevant event is triggered, the nodes execute the codes and further update general ledgers, and the verification process is as follows: firstly, an enterprise node generates an access control strategy for each identifier and writes the access control strategy into a target block chain intelligent contract, and when the intelligent contract receives an identifier resource analysis request of an identifier analysis user, the intelligent contract decides whether to grant access authority according to the access control strategy, wherein the access control strategy can be user name and password verification, fingerprint verification or face verification and the like.
S202, obtaining mapping information of the identifier to be accessed, and calculating a hash value to be accessed of the mapping information;
in the embodiment of the invention, if the access control policy in the intelligent contract agrees to grant the access right of the identifier analysis user, the access right is returned to the identifier analysis user, when the access request is received, the identifier to be accessed contained in the analysis request is obtained, and the obtaining mode can be at the specified position of the analysis request or the position adjacent to a certain marker bit, and the obtaining method is not limited in the embodiment of the invention. And acquiring mapping information corresponding to the identifier to be accessed from a database in the target block chain or at the designated position, and calculating a hash value of the mapping information according to a hash algorithm.
And if the access control strategy in the intelligent contract does not agree with the access authority granted to the identification analysis user, rejecting the analysis access request and informing the user that the access authority is not available, and finally, chaining and storing the analysis state. And the identification supervision department supervises the uplink information such as the nodes, the identification codes and the like.
S203, comparing the hash value to be accessed with the hash value stored in the target block chain;
in the embodiment of the present invention, preferably, for a history parsing request, a history to-be-accessed identifier in the history parsing request and mapping information corresponding to the history to-be-accessed identifier are stored in a history parsing record set as a history parsing record, and when an parsing request of a user to-be-accessed identifier is received, first, whether the to-be-accessed identifier exists in the history parsing record set is searched, and if not, a target identifier that is the same as the to-be-accessed identifier is searched in the target block chain according to the to-be-accessed identifier, a target hash value of the target identifier is obtained, the to-be-accessed hash value is compared with the target hash value of the target identifier, and whether the to-be-accessed hash value is the same as the target hash value of the target identifier is determined.
And S204, if the comparison is successful, sending the mapping information of the identifier to be accessed to the user.
In the embodiment of the invention, if the hash value to be accessed is the same as the target hash value, the comparison is judged to be successful, and the mapping information corresponding to the identifier to be accessed can be sent to the user. If the hash value to be accessed is not the same as the target hash value, it is indicated that the analysis is abnormal, and the abnormal condition may be that the identifier to be accessed, the mapping information of the identifier to be accessed is tampered or other abnormal conditions.
Further, for example, taking the identifier to be accessed as 86.1.12345/1, for example, first a user sends an identifier parsing request, and after receiving the request, the cache/recursive parsing service node directly finds the parsed information through the cache if the previously parsed identifier is encoded and stored in the cache, otherwise, the identifier parsing access control process is recursively parsed from the root node: the analysis service node sends the identification to the root node, the root node judges the identification to be Chinese through 86, the identification analysis task is distributed to an auxiliary root node (namely the national root node), and relevant information is fed back to the analysis service node; the analysis service node finds a corresponding country top level node according to the received feedback information, the country top level node determines the industry to which the identification code belongs according to 86.1, and feeds back related information of the industry node (a second level node) to the analysis service node; the secondary node determines the enterprise to which the identification code belongs according to 86.1.12345/and feeds back the related information of the enterprise node to the position of the analysis service node; the enterprise node feeds back the 86.1.12345/1 analysis information to the analysis service node; and finally, feeding back to the analysis user.
The invention discloses an industrial internet identification analysis access control method based on a block chain, which stores relevant information of each identification in an industrial internet in a target block chain in advance and comprises the following steps: under the condition that an analysis request of a user for an identifier to be accessed is received, verifying whether the user has an access right according to an intelligent contract; if so, acquiring mapping information of the identifier to be accessed, and calculating a hash value to be accessed of the mapping information; comparing the hash value to be accessed with the hash value stored on the target block chain; and if the comparison is successful, sending the mapping information of the identifier to be accessed to the user. According to the method, each identifier is stored in the target block chain, the credibility of the identifier resource is ensured, and whether the user has the access right or not is verified according to the intelligent contract; if so, comparing the hash value to be accessed with the hash value stored on the target block chain; if the comparison is successful, the mapping information of the identifier to be accessed is sent to the user, so that the distortion of the analysis result is avoided.
In the embodiment of the present invention, a schematic diagram of a target block chain platform constructed based on the above method is shown in fig. 3, and the execution process is as follows:
(1) the national top node stores the certificate, the national top node distributes a secondary node code to a secondary node and records the code on a block chain;
(2) the secondary node stores the certificate, distributes enterprise node codes to the enterprise nodes by the secondary node and records the codes on the block chain;
(3) storing certificates for the enterprise nodes, wherein the enterprise nodes distribute identifiers for the entities of the enterprise nodes, chain-link the identifiers and the hash values of the mapping information corresponding to the identifiers to store the certificates, and chain-link the identifier analysis access control strategies to store the certificates;
(4) the method comprises the steps of identification analysis, wherein a user submits an identification analysis request to a national top level node or a second level node or an enterprise node, the node stores the analysis request in a chaining mode, then an intelligent contract for identification analysis access control is executed, namely the access authority of the user is verified through a block chain, if the user passes the verification, the access authority of the user is granted, the analysis process is executed, the hash value of mapping information obtained through analysis is compared with the hash value stored on the chain, if the hash value of the mapping information obtained through analysis is the same as the hash value stored on the chain, the analysis is successful (marked as state 0), the mapping information obtained through analysis is returned to the user, and if the mapping information is abnormal (marked; if the verification is not passed, the analysis process is not executed (marked as state 2), the user is informed of no access right, and finally the analysis state is uplink-stored.
Furthermore, the relevant supervision departments of the identification system and the national top level node can trace all the secondary node codes, enterprise node codes, entity identification codes and analysis conditions thereof through the target block chain; the secondary node can trace the identification code registration and analysis conditions of all the subordinate enterprise nodes; the enterprise node can trace all the identification codes and the analysis conditions thereof and maintain the ownership of the identification of the enterprise node.
In the embodiment of the invention, each industrial Internet identification node (comprising a national top level node, a secondary node and an enterprise node) is used as one node of a alliance chain to construct the industrial Internet identification alliance chain; establishing a block chain identity management mechanism and providing member management capability of an access block chain; the monitoring department establishes a block chain monitoring and management module to provide the monitoring capability of the running state and the analysis process of the block chain, and the uppermost layer is a block chain industrial internet identification analysis platform to provide the capability of identification node filing, identification resource storage certificate, identification analysis authority control and identification analysis tracing.
Based on the above method for controlling parsing and accessing of the industrial internet identifier based on the block chain, in an embodiment of the present invention, there is further provided a device for controlling parsing and accessing of the industrial internet identifier based on the block chain, where the control device stores each identifier in the industrial internet in a target block chain in advance, and a block diagram of a structure of the control device is shown in fig. 4, and the method includes:
a verification module 301, an acquisition and computation module 302, a comparison module 303 and a sending module 304.
Wherein the content of the first and second substances,
the verification module 301 is configured to verify whether the user has an access right according to an intelligent contract when receiving an analysis request of the user for the identifier to be accessed;
the obtaining and calculating module 302 is configured to, if yes, obtain mapping information of the identifier to be accessed, and calculate a hash value to be accessed of the mapping information;
the comparison module 303 is configured to compare the hash value to be accessed with the hash value stored in the target block chain;
the sending module 304 is configured to send the mapping information of the identifier to be accessed to the user if the comparison is successful.
The invention discloses an industrial internet identification analysis access control device based on a block chain, which stores relevant information of each identification in an industrial internet in a target block chain in advance, and comprises the following steps: under the condition that an analysis request of a user for an identifier to be accessed is received, verifying whether the user has an access right according to an intelligent contract; if so, acquiring mapping information of the identifier to be accessed, and calculating a hash value to be accessed of the mapping information; comparing the hash value to be accessed with the hash value stored on the target block chain; and if the comparison is successful, sending the mapping information of the identifier to be accessed to the user. The device stores each identifier in the target block chain, ensures the credibility of the identifier resource, and verifies whether the user has the access right according to the intelligent contract; if so, comparing the hash value to be accessed with the hash value stored on the target block chain; if the comparison is successful, the mapping information of the identifier to be accessed is sent to the user, so that the distortion of the analysis result is avoided.
In the embodiment of the present invention, the storing, in the control device, each identifier in the industrial internet in the target block chain in advance includes:
a first acquisition unit 305, a calculation unit 306, and a storage unit 307.
The first obtaining unit 305 is configured to obtain mapping information of each identifier, where there is an association relationship between an identifier and the mapping information;
the calculating unit 306 is configured to calculate, for each identifier, a hash value of the identifier and mapping information corresponding to the identifier;
the storage unit 307 is configured to store each hash value in the target block chain.
In an embodiment of the present invention, the comparing module 303 includes:
a search unit 308, a determination unit 309 and a judgment unit 310.
Wherein the content of the first and second substances,
the searching unit 308 is configured to search whether the identifier to be accessed exists in a history analysis record set, where the history analysis record set stores history identifiers to be accessed for the industrial internet and history mapping information of the history identifiers to be accessed;
the determining unit 309, configured to determine, if not, a target identifier in the target block chain according to the identifier to be accessed;
the determining unit 310 is configured to determine whether the hash value to be accessed is the same as the target hash value of the target identifier.
In an embodiment of the present invention, the comparing module 303 further includes:
a second acquisition unit 311 and a third acquisition unit 312.
Wherein the content of the first and second substances,
the second obtaining unit 311 is configured to, if yes, obtain a historical analysis record of the identifier to be accessed in the historical analysis record set;
the third obtaining unit 312 is configured to obtain mapping information corresponding to the identifier to be accessed from the history parsing record.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functions of the units may be implemented in the same software and/or hardware or in a plurality of software and/or hardware when implementing the invention.
From the above description of the embodiments, it is clear to those skilled in the art that the present invention can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which may be stored in a storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments.
The above detailed description is made on the block chain-based industrial internet identification resolution access control method provided by the present invention, and a specific example is applied in the present document to explain the principle and the implementation of the present invention, and the description of the above embodiment is only used to help understanding the method of the present invention and the core idea thereof; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. The method for analyzing and accessing the industrial Internet identification based on the block chain is characterized in that the relevant information of each identification in the industrial Internet is stored in a target block chain in advance, and comprises the following steps:
under the condition that an analysis request of a user for an identifier to be accessed is received, verifying whether the user has an access right according to an intelligent contract;
if so, acquiring mapping information of the identifier to be accessed, and calculating a hash value to be accessed of the mapping information;
comparing the hash value to be accessed with the hash value stored on the target block chain;
and if the comparison is successful, sending the mapping information of the identifier to be accessed to the user.
2. The method of claim 1, further comprising:
and if the comparison fails, marking the identifier to be accessed.
3. The method of claim 1, further comprising:
if not, rejecting the analysis request and informing the user.
4. The method of claim 1, wherein pre-storing each identifier in the industrial internet in the target block chain comprises:
acquiring mapping information of each identifier, wherein the identifiers and the mapping information have an association relation;
aiming at each identifier, respectively calculating the hash value of the identifier and the mapping information corresponding to the identifier;
storing each hash value in the target blockchain.
5. The method of claim 1, wherein comparing the hash value to be accessed to the hash values stored on the target blockchain comprises:
searching whether the identifier to be accessed exists in a history analysis record set or not, wherein the history analysis record set stores history identifiers to be accessed aiming at the industrial Internet and history mapping information of the history identifiers to be accessed;
if not, determining a target identifier in the target block chain according to the identifier to be accessed;
and judging whether the hash value to be accessed is the same as the target hash value of the target identifier.
6. The method of claim 5, further comprising:
if yes, obtaining the historical analysis record of the identifier to be accessed in the historical analysis record set;
and acquiring mapping information corresponding to the identifier to be accessed from the history analysis record.
7. The utility model provides an industry internet sign analysis access control device based on blockchain which characterized in that stores each sign in industry internet in target blockchain in advance, includes:
the verification module is used for verifying whether the user has the access right according to the intelligent contract under the condition of receiving an analysis request of the user for the identifier to be accessed;
the obtaining and calculating module is used for obtaining the mapping information of the identifier to be accessed and calculating the hash value to be accessed of the mapping information if the identifier to be accessed is found to be the same as the identifier to be accessed;
the comparison module is used for comparing the hash value to be accessed with the hash value stored on the target block chain;
and the sending module is used for sending the mapping information of the identifier to be accessed to the user if the comparison is successful.
8. The apparatus according to claim 7, wherein the control apparatus stores respective identifiers in the industrial internet in the target block chain in advance, and comprises:
the first acquisition unit is used for acquiring mapping information of each identifier, wherein the identifiers and the mapping information have an association relation;
the calculating unit is used for respectively calculating the mark and the hash value of the mapping information corresponding to the mark aiming at each mark;
and the storage unit is used for storing each hash value in the target block chain.
9. The apparatus of claim 7, wherein the alignment module comprises:
the searching unit is used for searching whether the identifier to be accessed exists in a history analysis record set or not, wherein the history analysis record set stores history identifier to be accessed aiming at the industrial Internet and history mapping information of the history identifier to be accessed;
a determining unit, configured to determine, if the target block chain is not accessed, a target identifier in the target block chain according to the identifier to be accessed;
and the judging unit is used for judging whether the hash value to be accessed is the same as the target hash value of the target identifier.
10. The apparatus of claim 9, further comprising:
a second obtaining unit, configured to obtain, if yes, a historical analysis record of the identifier to be accessed in the historical analysis record set;
and the third acquisition unit is used for acquiring mapping information corresponding to the identifier to be accessed from the history analysis record.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010316420.6A CN111209596A (en) | 2020-04-21 | 2020-04-21 | Block chain-based industrial internet identification analysis access control method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010316420.6A CN111209596A (en) | 2020-04-21 | 2020-04-21 | Block chain-based industrial internet identification analysis access control method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111209596A true CN111209596A (en) | 2020-05-29 |
Family
ID=70788846
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010316420.6A Pending CN111209596A (en) | 2020-04-21 | 2020-04-21 | Block chain-based industrial internet identification analysis access control method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111209596A (en) |
Cited By (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112003872A (en) * | 2020-08-31 | 2020-11-27 | 中国信息通信研究院 | Method and device for detecting and calling secondary node capability of industrial internet identifier |
| CN112085417A (en) * | 2020-09-24 | 2020-12-15 | 北京工业大学 | Industrial Internet identification distribution and data management method based on block chain |
| CN112153047A (en) * | 2020-09-24 | 2020-12-29 | 国网区块链科技(北京)有限公司 | Block chain-based network security operation and maintenance and defense method and system |
| CN112163870A (en) * | 2020-09-30 | 2021-01-01 | 中国联合网络通信集团有限公司 | Block chain-based information management method, analysis node and rework platform |
| CN112217916A (en) * | 2020-09-29 | 2021-01-12 | 南京优速网络科技有限公司 | Novel caching method and system for industrial internet identification resolution recursive server |
| CN112417055A (en) * | 2020-12-10 | 2021-02-26 | 孔令超 | Method for mapping intelligent contracts of block chains to real contracts |
| CN112491960A (en) * | 2020-10-30 | 2021-03-12 | 中国科学院计算机网络信息中心 | SCM (Single chip microcomputer) -oriented industrial internet identifier registration and analysis method, identifier connection platform and system |
| CN112685721A (en) * | 2020-12-23 | 2021-04-20 | 深圳供电局有限公司 | Electric energy meter authority authentication method and device, computer equipment and storage medium |
| CN112966028A (en) * | 2021-03-26 | 2021-06-15 | 全球能源互联网研究院有限公司 | Data traceability system, method and device based on industrial internet identification |
| CN113032823A (en) * | 2021-02-26 | 2021-06-25 | 加和(北京)信息科技有限公司 | Method and device for generating equipment ID |
| CN113094426A (en) * | 2021-03-10 | 2021-07-09 | 贾晓丰 | Block chain-based interactive data access method and device |
| CN113487201A (en) * | 2021-07-14 | 2021-10-08 | 海南马良师傅网络科技有限公司 | Instrument relocation task distribution system |
| CN113704792A (en) * | 2021-09-01 | 2021-11-26 | 江苏省未来网络创新研究院 | Identification data access authority control method based on industrial internet identification coding specification |
| CN113743833A (en) * | 2021-11-05 | 2021-12-03 | 中国信息通信研究院 | Production control method and system based on identification analysis |
| CN113760916A (en) * | 2021-09-08 | 2021-12-07 | 国网上海市电力公司 | Material quality tracing method and system based on industrial internet identification and block chain |
| CN113852639A (en) * | 2021-09-29 | 2021-12-28 | 中国电信股份有限公司 | Data processing method and device, electronic equipment and computer readable storage medium |
| CN113905015A (en) * | 2021-10-09 | 2022-01-07 | 中国联合网络通信集团有限公司 | Identification analysis method and identification analysis system |
| CN113938498A (en) * | 2021-09-18 | 2022-01-14 | 北京航空航天大学 | Block chain mode combining identification analysis index cloud and hierarchical peer-to-peer network |
| CN114493627A (en) * | 2021-12-28 | 2022-05-13 | 北京航天智造科技发展有限公司 | Product tracing method and system based on industrial internet identification analysis technology |
| CN114531486A (en) * | 2020-10-30 | 2022-05-24 | 中移物联网有限公司 | Industrial internet data processing method, device, equipment and storage medium |
| CN115658742A (en) * | 2022-11-16 | 2023-01-31 | 武汉亚为电子科技有限公司 | Identification analysis method and system for field-level active identification carrier |
| CN116204693A (en) * | 2023-04-27 | 2023-06-02 | 中国信息通信研究院 | Identification analysis method and device based on industrial Internet, equipment and medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106161674A (en) * | 2016-07-25 | 2016-11-23 | 宁圣金融信息服务(上海)有限公司 | A kind of block chain domain name mapping device |
| CN108833603A (en) * | 2018-05-28 | 2018-11-16 | 北京奇虎科技有限公司 | A kind of method, server and system for realizing domain name mapping based on block chain |
| CN110247894A (en) * | 2019-05-16 | 2019-09-17 | 中国联合网络通信集团有限公司 | The method and device of handle server is forged in a kind of identification |
| CN110995664A (en) * | 2019-11-15 | 2020-04-10 | 国网河南省电力公司信息通信公司 | Block chain-based Internet of things heterogeneous identifier analysis system and method |
-
2020
- 2020-04-21 CN CN202010316420.6A patent/CN111209596A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106161674A (en) * | 2016-07-25 | 2016-11-23 | 宁圣金融信息服务(上海)有限公司 | A kind of block chain domain name mapping device |
| CN108833603A (en) * | 2018-05-28 | 2018-11-16 | 北京奇虎科技有限公司 | A kind of method, server and system for realizing domain name mapping based on block chain |
| CN110247894A (en) * | 2019-05-16 | 2019-09-17 | 中国联合网络通信集团有限公司 | The method and device of handle server is forged in a kind of identification |
| CN110995664A (en) * | 2019-11-15 | 2020-04-10 | 国网河南省电力公司信息通信公司 | Block chain-based Internet of things heterogeneous identifier analysis system and method |
Cited By (36)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112003872B (en) * | 2020-08-31 | 2022-07-08 | 中国信息通信研究院 | Method and device for detecting and calling secondary node capability of industrial internet identifier |
| CN112003872A (en) * | 2020-08-31 | 2020-11-27 | 中国信息通信研究院 | Method and device for detecting and calling secondary node capability of industrial internet identifier |
| CN112085417A (en) * | 2020-09-24 | 2020-12-15 | 北京工业大学 | Industrial Internet identification distribution and data management method based on block chain |
| CN112153047A (en) * | 2020-09-24 | 2020-12-29 | 国网区块链科技(北京)有限公司 | Block chain-based network security operation and maintenance and defense method and system |
| CN112153047B (en) * | 2020-09-24 | 2021-05-18 | 国网区块链科技(北京)有限公司 | Block chain-based network security operation and maintenance and defense method and system |
| CN112217916B (en) * | 2020-09-29 | 2024-02-27 | 南京优速网络科技有限公司 | Novel caching method and system for industrial Internet identification resolution recursion server |
| CN112217916A (en) * | 2020-09-29 | 2021-01-12 | 南京优速网络科技有限公司 | Novel caching method and system for industrial internet identification resolution recursive server |
| CN112163870A (en) * | 2020-09-30 | 2021-01-01 | 中国联合网络通信集团有限公司 | Block chain-based information management method, analysis node and rework platform |
| CN112163870B (en) * | 2020-09-30 | 2023-12-05 | 中国联合网络通信集团有限公司 | Information management method based on block chain, analysis node and rework platform |
| CN112491960A (en) * | 2020-10-30 | 2021-03-12 | 中国科学院计算机网络信息中心 | SCM (Single chip microcomputer) -oriented industrial internet identifier registration and analysis method, identifier connection platform and system |
| CN114531486A (en) * | 2020-10-30 | 2022-05-24 | 中移物联网有限公司 | Industrial internet data processing method, device, equipment and storage medium |
| CN114531486B (en) * | 2020-10-30 | 2023-08-15 | 中移物联网有限公司 | Industrial Internet data processing method, device, equipment and storage medium |
| CN112491960B (en) * | 2020-10-30 | 2023-06-30 | 中国科学院计算机网络信息中心 | SCM-oriented industrial Internet identification registration and analysis method and identification connection platform and system |
| CN112417055A (en) * | 2020-12-10 | 2021-02-26 | 孔令超 | Method for mapping intelligent contracts of block chains to real contracts |
| CN112417055B (en) * | 2020-12-10 | 2024-04-26 | 孔令超 | Method for mapping blockchain intelligent contracts to real contracts |
| CN112685721A (en) * | 2020-12-23 | 2021-04-20 | 深圳供电局有限公司 | Electric energy meter authority authentication method and device, computer equipment and storage medium |
| CN113032823A (en) * | 2021-02-26 | 2021-06-25 | 加和(北京)信息科技有限公司 | Method and device for generating equipment ID |
| CN113032823B (en) * | 2021-02-26 | 2023-08-01 | 加和(北京)信息科技有限公司 | Method and device for generating device ID |
| CN113094426B (en) * | 2021-03-10 | 2024-01-09 | 贾晓丰 | Block chain-based interactive data access method and device |
| CN113094426A (en) * | 2021-03-10 | 2021-07-09 | 贾晓丰 | Block chain-based interactive data access method and device |
| CN112966028A (en) * | 2021-03-26 | 2021-06-15 | 全球能源互联网研究院有限公司 | Data traceability system, method and device based on industrial internet identification |
| CN113487201B (en) * | 2021-07-14 | 2022-11-11 | 海南马良师傅网络科技有限公司 | Instrument relocation task distribution system |
| CN113487201A (en) * | 2021-07-14 | 2021-10-08 | 海南马良师傅网络科技有限公司 | Instrument relocation task distribution system |
| CN113704792A (en) * | 2021-09-01 | 2021-11-26 | 江苏省未来网络创新研究院 | Identification data access authority control method based on industrial internet identification coding specification |
| CN113760916B (en) * | 2021-09-08 | 2024-03-29 | 国网上海市电力公司 | Material quality tracing method and system based on industrial Internet identification and blockchain |
| CN113760916A (en) * | 2021-09-08 | 2021-12-07 | 国网上海市电力公司 | Material quality tracing method and system based on industrial internet identification and block chain |
| CN113938498A (en) * | 2021-09-18 | 2022-01-14 | 北京航空航天大学 | Block chain mode combining identification analysis index cloud and hierarchical peer-to-peer network |
| CN113852639B (en) * | 2021-09-29 | 2023-05-26 | 中国电信股份有限公司 | Data processing method, device, electronic equipment and computer readable storage medium |
| CN113852639A (en) * | 2021-09-29 | 2021-12-28 | 中国电信股份有限公司 | Data processing method and device, electronic equipment and computer readable storage medium |
| CN113905015B (en) * | 2021-10-09 | 2023-06-09 | 中国联合网络通信集团有限公司 | Identification analysis method and identification analysis system |
| CN113905015A (en) * | 2021-10-09 | 2022-01-07 | 中国联合网络通信集团有限公司 | Identification analysis method and identification analysis system |
| CN113743833A (en) * | 2021-11-05 | 2021-12-03 | 中国信息通信研究院 | Production control method and system based on identification analysis |
| CN114493627A (en) * | 2021-12-28 | 2022-05-13 | 北京航天智造科技发展有限公司 | Product tracing method and system based on industrial internet identification analysis technology |
| CN115658742B (en) * | 2022-11-16 | 2023-04-07 | 武汉亚为电子科技有限公司 | Identification analysis method and system for field-level active identification carrier |
| CN115658742A (en) * | 2022-11-16 | 2023-01-31 | 武汉亚为电子科技有限公司 | Identification analysis method and system for field-level active identification carrier |
| CN116204693A (en) * | 2023-04-27 | 2023-06-02 | 中国信息通信研究院 | Identification analysis method and device based on industrial Internet, equipment and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111209596A (en) | Block chain-based industrial internet identification analysis access control method | |
| JP7222036B2 (en) | Model training system and method and storage medium | |
| CN109714174B (en) | Internet of things equipment digital identity management system and method based on block chain | |
| US7185359B2 (en) | Authentication and authorization across autonomous network systems | |
| CN112085417A (en) | Industrial Internet identification distribution and data management method based on block chain | |
| CN103078859B (en) | Operation system right management method, equipment and system | |
| CN111079136B (en) | Fog computing intrusion detection feature sharing system based on block chain technology | |
| US20170201516A1 (en) | Terminal Identification Method, and Method, System and Apparatus of Registering Machine Identification Code | |
| CN110135194B (en) | Block chain-based industrial internet digital object management method | |
| US20020144149A1 (en) | Trust ratings in group credentials | |
| CN109005142B (en) | Website security detection method, device, system, computer equipment and storage medium | |
| CN108616613B (en) | Decentralized root domain name service method and system based on block chain | |
| US20080163191A1 (en) | System and method for file transfer management | |
| CN113660206B (en) | Cross-organization access control method based on alliance chain and multiple signatures | |
| US20110264767A1 (en) | Interactive processing method and apparatus between content-id management servers | |
| CN113934998A (en) | Gateway authentication method, service system authentication method and gateway authentication system | |
| CN114338242A (en) | Cross-domain single sign-on access method and system based on block chain technology | |
| JP4805615B2 (en) | Access control method | |
| CN101325493B (en) | Method and system for authenticating a user | |
| US7007091B2 (en) | Method and apparatus for processing subject name included in personal certificate | |
| CN111917760B (en) | Network collaborative manufacturing cross-domain fusion trust management and control method based on identification analysis | |
| CN113037467B (en) | Video Internet of things equipment key certificate management method, device and system | |
| EP1173950A1 (en) | Method for safe communications | |
| Xiong et al. | BDIM: A Blockchain-Based Decentralized Identity Management Scheme for Large Scale Internet of Things | |
| US11522863B2 (en) | Method and system for managing resource access permissions within a computing environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200529 |