CN111327564A - Access method and device for alliance chain - Google Patents
Access method and device for alliance chain Download PDFInfo
- Publication number
- CN111327564A CN111327564A CN201811526390.0A CN201811526390A CN111327564A CN 111327564 A CN111327564 A CN 111327564A CN 201811526390 A CN201811526390 A CN 201811526390A CN 111327564 A CN111327564 A CN 111327564A
- Authority
- CN
- China
- Prior art keywords
- organization
- joined
- information
- alliance chain
- join
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
Abstract
The application discloses an admission method and a device for a alliance chain, wherein the method comprises the following steps: receiving a joining request sent by an organization to be joined, wherein the joining request comprises identity information and an IP address of the organization to be joined, sending the joining request to each trusted third party in a alliance chain, receiving verification information fed back by each trusted third party based on the joining request, judging whether the identity information and the IP address are legal based on the verification information, if so, judging whether the organization to be joined is allowed to join the alliance chain based on a common identification mechanism among organizations in the alliance chain, and if so, joining the organization to be joined to the alliance chain. The technical problem that the security of a alliance chain is low in the existing access method is solved.
Description
Technical Field
The present application relates to the field of block chain technologies, and in particular, to an admission method and an admission device for a federation chain.
Background
With the rapid development of block chain technology, block chains are widely applied to various industries, such as the fields of finance, securities, logistics and the like, and can be divided into public chains, private chains and alliance chains according to different block chains of participants, wherein the public chains can be used and maintained by anyone, information is completely disclosed, the private chains are managed and limited by a centralized manager, only a few people inside can use the private chains, the information is not disclosed, the alliance chains are one block chain maintained by a plurality of organizations, and the organizations or members with access rights can access the information in the alliance chains.
The alliance chain is widely concerned due to the fact that the alliance chain is used and has limited access with authority, related information can be protected, and the alliance chain is applied to the fields of supply chain, banking, tax, logistics and the like. At present, an admission mechanism of a federation chain is mainly dominated by one party, and an organization or a member can be admitted to join the federation chain after one party confirms, namely, the organization can join the federation chain after a trusted third party confirms or the organization in the federation verifies, and the trusted third party or the organization of the federation chain can be attacked maliciously to correct the verification result, so that the maliciousness organization joins the federation chain, and the security of the federation chain is low.
Disclosure of Invention
The application provides an admission method and an admission device for a alliance chain, which are used for solving the technical problem of low security of the alliance chain in the existing admission method.
In a first aspect, the present application provides an admission method for a federation chain, where the method includes: the method comprises the steps that a server receives a joining request sent by an organization to be joined, wherein the joining request comprises identity information and an IP address of the organization to be joined, the joining request is sent to each trustable third party in a alliance chain, verification information fed back by each trustable third party based on the joining request is received, whether the identity information and the IP address are legal is judged based on the verification information, if yes, whether the organization to be joined is allowed to join the alliance chain is judged based on a common identification mechanism among the organizations in the alliance chain, and if yes, the organization to be joined is joined to the alliance chain.
In the scheme provided by the embodiment of the application, whether the identity information and the IP address of the organization to be joined are legal is judged based on the verification information fed back by each trusted third party in the alliance chain, and if the identity information and the IP address of the organization to be joined are legal, whether the organization to be joined is allowed to join the alliance chain is judged based on a common identification mechanism among organizations in the alliance chain. Therefore, whether the organization to be joined can be joined into the alliance chain is determined through the verification of a trusted third party and multiple parties of organizations in the alliance chain, the joining of malicious organizations is avoided, and the safety of the alliance chain is improved.
Optionally, the identity information includes a name of the organization to be joined, a type of the organization to be joined, and a uniform resource locator URL of an application certificate of the organization to be joined.
Optionally, determining whether the identity information and the IP address are legal based on the verification information includes:
judging whether the verification information fed back by each trusted third party comprises preset legal information or not, wherein the preset legal information comprises information that the name of the organization to be joined exists, information that the type of the organization to be joined is matched with the type of the alliance chain, information that the URL of the application certificate of the organization to be joined is valid and information that the IP address of the organization to be joined is legal;
and if so, the identity information and the IP address are legal.
In the scheme provided by the embodiment of the application, whether the preset legal information is contained or not is determined by verifying the verification information fed back by each trusted third party in the alliance chain, and further the legality of the identity information and the IP address to be added into the organization is determined, so that the legality of the identity information and the IP address to be added into the organization is determined by combining the verification information fed back by a plurality of trusted third parties, and the accuracy of the verification result is improved.
Optionally, the consensus mechanism comprises:
determining the number of the organizations of the alliance chain which agree to the organization to be joined based on a voting algorithm, and if the number exceeds a preset threshold value, allowing the organization to be joined to join the alliance chain; or
And if the preset organization in the alliance chain agrees to join the organization to be joined, allowing the organization to be joined to join the alliance chain, wherein the preset organization at least comprises one organization in the alliance chain.
Optionally, joining the to-be-joined organization to the federation chain includes:
receiving a digital certificate and a secret key generated by the trusted third party for the organization to be joined, and feeding back the digital certificate and the secret key to the organization to be joined in a storage form of an encryption card or a U shield;
adding the organization to join to a list of organization members of the federation chain.
In the scheme provided by the embodiment of the application, after the organization to be joined is allowed to join the alliance chain, the server generates the digital certificate and the secret key for the organization to be joined, and the digital certificate and the secret key are stored in the encryption card or the U shield, so that the information leakage of the digital certificate and the secret key is avoided, and the transaction security of the alliance chain is improved.
In a second aspect, the present application provides an admission apparatus for a federation chain, the apparatus comprising:
the system comprises a receiving module, a joining module and a sending module, wherein the receiving module is used for receiving a joining request sent by an organization to be joined, and the joining request comprises identity information and an IP address of the organization to be joined;
the sending module is used for sending the joining request to each trusted third party in a alliance chain and receiving verification information fed back by each trusted third party based on the joining request;
the judging module is used for judging whether the identity information and the IP address are legal or not based on the verification information;
the judging module is further configured to judge whether to allow the organization to be joined to join the federation chain based on a consensus mechanism among the organizations in the federation chain if the identity information and the IP address are legal;
and the processing module is used for adding the organization to be added into the alliance chain if the organization to be added is allowed to be added into the alliance chain.
Optionally, the identity information includes a name of the organization to be joined, a type of the organization to be joined, and a uniform resource locator URL of an application certificate of the organization to be joined.
Optionally, the determining module is specifically configured to:
judging whether the verification information fed back by each trusted third party comprises preset legal information or not, wherein the preset legal information comprises information that the name of the organization to be joined exists, information that the type of the organization to be joined is matched with the type of the alliance chain, information that the URL of the application certificate of the organization to be joined is valid and information that the IP address of the organization to be joined is legal;
and if the preset legal information is included, the identity information and the IP address are legal.
Optionally, the consensus mechanism comprises:
determining the number of the organizations of the alliance chain which agree to the organization to be joined based on a voting algorithm, and if the number exceeds a preset threshold value, allowing the organization to be joined to join the alliance chain; or
And if the preset organization in the alliance chain agrees to join the organization to be joined, allowing the organization to be joined to join the alliance chain, wherein the preset organization at least comprises one organization in the alliance chain.
Optionally, the processing module is specifically configured to:
receiving a digital certificate and a secret key generated by the trusted third party for the organization to be joined, and feeding back the digital certificate and the secret key to the organization to be joined in a storage form of an encryption card or a U shield;
adding the organization to join to a list of organization members of the federation chain.
In a third aspect, the present application provides a server, including:
a memory for storing instructions for execution by at least one processor;
a processor for executing instructions stored in a memory to perform the method of the first aspect.
In a fourth aspect, the present application provides a computer readable storage medium having stored thereon computer instructions which, when run on a computer, cause the computer to perform the method of the first aspect.
Drawings
Fig. 1 is a schematic structural diagram of an alliance chain network system according to an embodiment of the present disclosure;
fig. 2 is a flowchart of an admission method of a federation chain according to an embodiment of the present application;
fig. 3 is a flowchart of a method for verifying identity information and an IP address according to an embodiment of the present disclosure;
fig. 4 is a schematic structural diagram of an admission apparatus of a federation chain according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a server according to an embodiment of the present application.
Detailed Description
In the solutions provided in the embodiments of the present application, the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In order to better understand the technical solutions, the technical solutions of the present application are described in detail below with reference to the drawings and specific embodiments, and it should be understood that the specific features in the embodiments and examples of the present application are detailed descriptions of the technical solutions of the present application, and are not limitations of the technical solutions of the present application, and the technical features in the embodiments and examples of the present application may be combined with each other without conflict.
Fig. 1 is a schematic structural diagram of a federation chain network system, where the federation chain network system includes a monitoring platform 101, a client 102, a trusted third party 103, and a node 104, where the monitoring platform 101 is used to manage organization of federation chains, monitoring of network states, and data auditing, the client 102 includes an administrator client 105 and a common user client 106, and is used to perform data interaction with the monitoring platform 101 or the node 104, the trusted third party 103 is used to verify identity information of an organization joining a federation chain, and the node 104 is used to monitor node states or perform node work deployment and maintenance. It should be understood that the administration platform 101 may include a plurality of servers, and may also include one server, without limitation.
Example one
The admission method of a federation chain provided in the embodiment of the present application is described in further detail below with reference to the accompanying drawings in the specification, and a specific implementation manner of the method may include the following steps (a method flow is shown in fig. 2):
step 201, a server receives a joining request sent by an organization to be joined, wherein the joining request includes identity information and an IP address of the organization to be joined.
The identity information includes the name of the organization to be added, the type of the organization to be added, and a Uniform Resource Locator (URL) address of the organization application certificate to be added.
Specifically, the server is a server corresponding to the supervision platform, the server receives a join request sent by an organization to be joined, and based on the received join request, the name of the organization to be joined, the type of the organization to be joined, the URL address of the application certificate of the organization to be joined, identification information (such as an organization code) of the organization to be joined and the like can be obtained, and the IP address and reputation level of the server sending the join request by the organization to be joined can also be obtained, wherein the reputation level includes a good level, a good level and a bad level. For example, the type of the organization to be joined includes finance, logistics, and services, if the type of the organization to be joined is finance, the organization to be joined includes bank, securities company, insurance company, trust investment company, and fund management company, if the type of the organization to be joined is logistics, the organization to be joined includes logistics company, express company, and the like, and if the type of the organization to be joined is services, the organization to be joined includes housekeeping service company, intermediary service company, and consulting company, and the like.
After the server acquires the joining request sent by the organization to be joined, read-write permission and administrator permission are also pre-allocated to the organization to be joined, and permission can be specifically allocated to the organization to be joined in the following way:
in the method 1, a right item is allocated to the to-be-added organization based on the to-be-added organization credit level, for example, if the to-be-added organization credit level is excellent, the to-be-added organization is allowed to have read-write permission and administrator permission; if the credit level of the organization to be added is good, allowing the organization to be added to have read-write permission; and if the credit rating of the organization to be added is poor, allowing the organization to be added to have a read permission.
In the mode 2, the mapping relationship between the organization type and the authority is pre-stored in the server database, for example, the financial organization has read-write authority and administrator authority, the logistics organization has read-write authority, the service organization has read authority, and after the server acquires the type of the organization to be joined, the server allocates the authority for the organization to be joined based on the preset mapping relationship between the organization type and the authority.
Step 202, the server sends the join request to each trusted third party in the federation chain, and receives verification information fed back by each trusted third party based on the join request.
The server sends the received join request to be joined to the organization to each trusted third party in the federation chain, where the federation chain may include multiple trusted third parties, the trusted third parties may be Certificate Authorities (CAs), the multiple trusted third parties may correspond to one server, and each trusted third party may also correspond to one server.
When a plurality of trusted third parties in the alliance chain receive a joining request to be joined into an organization, identity information and an IP address in the joining request are verified. As shown in fig. 3, the specific process is as follows:
step 301, each trusted third party in the federation chain determines whether a name to join the organization exists.
And the server of the trusted third party searches the name of the organization to be joined through the Internet, and if the name of the organization to be joined cannot be searched, the name of the organization to be joined does not exist.
Step 302, determine whether the type of the organization to be added matches the type of the preset federation chain.
The type of the alliance chain is stored in a server corresponding to a trusted third party, the server corresponding to the trusted third party determines whether the type of the organization to be joined is the same as the type of the preset alliance chain or not based on the received type of the organization to be joined, and if the type of the organization to be joined is the same as the type of the preset alliance chain, the type of the organization to be joined is matched with the type of the preset alliance chain.
For example, the type of the preset alliance chain is a financial alliance chain, the type of the organization to be joined received by the server of the trusted third party is a financial organization, and the organization to be joined is matched with the type of the preset alliance chain.
Step 303, determine whether the URL address of the application certificate to be added to the organization is valid.
And the server corresponding to the trusted third party skips based on the URL address of the application certificate to be added into the organization, and judges whether the server can skip to the page corresponding to the URL address of the application certificate, if not, the URL address of the application certificate to be added into the organization is an invalid address.
Step 203, the server judges whether the identity information and the IP address are legal or not based on the verification information.
The server judges whether the verification information fed back by each trusted third party comprises preset legal information or not, wherein the preset legal information comprises information that the name of the organization to be joined exists, information that the type of the organization to be joined is matched with the type of the alliance chain, information that the URL of the application certificate of the organization to be joined is valid and information that the IP address of the organization to be joined is legal;
and if the preset legal information is included, the identity information and the IP address are legal.
Specifically, the verification information includes at least one of information that a name of the organization to be joined exists, information that the type of the organization to be joined matches the type of the federation chain, information that a URL of an application certificate of the organization to be joined is valid, and information that an IP address of the organization to be joined is legal. After receiving the verification information fed back by the multiple trusted third parties in the alliance chain, the server verifies the content of the verification information fed back by each trusted third party respectively, judges whether the received multiple verification information includes preset legal information, and determines that the identity information and the IP address of the organization to be joined are legal if the multiple verification information includes the preset legal information.
And 204, if the identity information and the IP address are legal, the server judges whether to allow the organization to be added to the alliance chain or not based on a consensus mechanism among organizations in the alliance chain.
The consensus mechanism comprises:
determining the number of the organizations of the alliance chain which agree to the organization to be joined based on a voting algorithm, and if the number exceeds a preset threshold value, allowing the organization to be joined to join the alliance chain; or
And if the preset organization in the alliance chain agrees to join the organization to be joined, allowing the organization to be joined to join the alliance chain, wherein the preset organization at least comprises one organization in the alliance chain.
Specifically, after verifying that the identity information and the IP address of the organization to be joined are legal, the organization in the federation chain needs to determine whether to allow the organization to be joined to join the federation chain through a consensus mechanism. Organizations in a federation chain may determine whether to allow a joining organization to join the federation chain by:
in the method 1, each organization in the federation chain votes based on a voting algorithm (such as a mole voting algorithm) to determine whether the organization to be added is allowed to be added into the federation chain, and sends a voting result to the server, and the server determines whether the number of the organizations allowed to be added into the federation chain exceeds a preset threshold value based on the voting result, for example, the preset threshold value includes half of the number of the organizations already added into the federation chain, and if the number of the organizations allowed to be added into the federation chain exceeds the preset threshold value, the organization to be added is determined to be added into the federation chain.
And 2, optionally selecting at least one organization in the alliance chain as a preset organization, receiving a voting result of whether each organization in the alliance chain agrees to join the organization to join the alliance chain by the server, determining whether the preset organization allows the organization to be joined to join the alliance chain based on the voting result, and if so, determining that the organization to be joined is joined to the alliance chain.
Step 205, if the to-be-joined organization is allowed to join in the federation chain, the server joins the to-be-joined organization in the federation chain.
The server receives the digital certificate and the secret key generated by the trusted third party for the organization to be joined, and feeds back the digital certificate and the secret key to the organization to be joined in a storage form of an encryption card or a U shield;
adding the organization to join to a list of organization members of the federation chain.
Specifically, after the organization to be joined is allowed to join the alliance chain, a trusted third party generates a digital certificate and a secret key for the organization to be joined, the digital certificate and the secret key are sent to a server, the server stores the digital certificate in an encryption card or a U shield, the stored form is fed back to the organization to be joined, information of the organization to be joined is pushed to a client, and the client adds the organization to be joined to an organization member list of the alliance chain based on the information of the organization to be joined.
In the scheme provided by the embodiment of the application, whether the identity information and the IP address of the organization to be joined are legal is judged based on the verification information fed back by each trusted third party in the alliance chain, and if the identity information and the IP address of the organization to be joined are legal, whether the organization to be joined is allowed to join the alliance chain is judged based on a common identification mechanism among organizations in the alliance chain. Therefore, whether the organization to be joined can be joined into the alliance chain is determined through the verification of a trusted third party and multiple parties of organizations in the alliance chain, the joining of malicious organizations is avoided, and the safety of the alliance chain is improved.
Example two
The present application provides an admission apparatus of a federation chain, as shown in fig. 4, the apparatus includes:
a receiving module 401, configured to receive a join request sent by a to-be-joined organization, where the join request includes identity information and an IP address of the to-be-joined organization;
a sending module 402, configured to send the join request to each trusted third party in a federation chain, and receive verification information fed back by each trusted third party based on the join request;
a determining module 403, configured to determine whether the identity information and the IP address are legal based on the verification information;
the determining module 403 is further configured to determine, if the identity information and the IP address are legal, whether to allow the to-be-joined organization to join the federation chain based on a consensus mechanism between the organizations in the federation chain;
a processing module 404, configured to join the to-be-joined organization to the federation chain if the to-be-joined organization is allowed to join the federation chain.
Optionally, the identity information includes a name of the organization to be joined, a type of the organization to be joined, and a uniform resource locator URL of an application certificate of the organization to be joined.
Optionally, the determining module 403 is specifically configured to:
judging whether the verification information fed back by each trusted third party comprises preset legal information or not, wherein the preset legal information comprises information that the name of the organization to be joined exists, information that the type of the organization to be joined is matched with the type of the alliance chain, information that the URL of the application certificate of the organization to be joined is valid and information that the IP address of the organization to be joined is legal;
and if the preset legal information is included, the identity information and the IP address are legal.
Optionally, the consensus mechanism comprises:
determining the number of the organizations of the alliance chain which agree to the organization to be joined based on a voting algorithm, and if the number exceeds a preset threshold value, allowing the organization to be joined to join the alliance chain; or
And if the preset organization in the alliance chain agrees to join the organization to be joined, allowing the organization to be joined to join the alliance chain, wherein the preset organization at least comprises one organization in the alliance chain.
Optionally, the processing module 404 is specifically configured to:
receiving a digital certificate and a secret key generated by the trusted third party for the organization to be joined, and feeding back the digital certificate and the secret key to the organization to be joined in a storage form of an encryption card or a U shield;
adding the organization to join to a list of organization members of the federation chain.
EXAMPLE III
The present application provides a server, as shown in fig. 5, including:
a memory 501 for storing instructions for execution by at least one processor;
the processor 502 is configured to execute instructions stored in the memory to perform the method of the first embodiment.
Example four
The present application provides a computer-readable storage medium having stored thereon computer instructions which, when executed on a computer, cause the computer to perform the method of embodiment one.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (10)
1. An admission method for a federation chain, comprising
Receiving a joining request sent by an organization to be joined, wherein the joining request comprises identity information and an IP address of the organization to be joined;
sending the join request to each trusted third party in a alliance chain, and receiving verification information fed back by each trusted third party based on the join request;
judging whether the identity information and the IP address are legal or not based on the verification information;
if the organization is legal, judging whether the organization to be added is allowed to be added into the alliance chain or not based on a consensus mechanism among the organizations in the alliance chain;
and if so, adding the organization to be added into the alliance chain.
2. The method of claim 1, wherein the identity information comprises a name of the organization to join, a type of the organization to join, and a Uniform Resource Locator (URL) of an application certificate of the organization to join.
3. The method of claim 2, wherein determining whether the identity information and the IP address are legitimate based on the authentication information comprises:
judging whether the verification information fed back by each trusted third party comprises preset legal information or not, wherein the preset legal information comprises information that the name of the organization to be joined exists, information that the type of the organization to be joined is matched with the type of the alliance chain, information that the URL of the application certificate of the organization to be joined is valid and information that the IP address of the organization to be joined is legal;
and if the identity information and the IP address are included, the identity information and the IP address are legal.
4. The method of claim 3, wherein the predetermined consensus mechanism comprises:
determining the number of the organizations of the alliance chain which agree to the organization to be joined based on a voting algorithm, and if the number exceeds a preset threshold value, allowing the organization to be joined to join the alliance chain; or
And if the preset organization in the alliance chain agrees to join the organization to be joined, allowing the organization to be joined to join the alliance chain, wherein the preset organization at least comprises one organization in the alliance chain.
5. The method of any of claims 1-4, wherein joining the organization to be joined to the federation chain comprises:
receiving a digital certificate and a secret key generated by the trusted third party for the organization to be joined, and feeding back the digital certificate and the secret key to the organization to be joined in a storage form of an encryption card or a U shield;
adding the organization to join to a list of organization members of the federation chain.
6. An admission arrangement for a federation chain, comprising
The system comprises a receiving module, a joining module and a sending module, wherein the receiving module is used for receiving a joining request sent by an organization to be joined, and the joining request comprises identity information and an IP address of the organization to be joined;
the sending module is used for sending the joining request to each trusted third party in a alliance chain and receiving verification information fed back by each trusted third party based on the joining request;
the judging module is used for judging whether the identity information and the IP address are legal or not based on the verification information;
the judging module is further configured to judge whether to allow the organization to be joined to join the federation chain based on a consensus mechanism among the organizations in the federation chain if the identity information and the IP address are legal;
and the processing module is used for adding the organization to be added into the alliance chain if the organization to be added is allowed to be added into the alliance chain.
7. The apparatus of claim 6, wherein the identity information comprises a name of the organization to join, a type of the organization to join, and a Uniform Resource Locator (URL) of an application certificate of the organization to join.
8. The apparatus of claim 7, wherein the determining module is specifically configured to:
judging whether the verification information fed back by each trusted third party comprises preset legal information or not, wherein the preset legal information comprises information that the name of the organization to be joined exists, information that the type of the organization to be joined is matched with the type of the alliance chain, information that the URL of the application certificate of the organization to be joined is valid and information that the IP address of the organization to be joined is legal;
and if the preset legal information is included, the identity information and the IP address are legal.
9. A server, comprising:
a memory for storing instructions for execution by at least one processor;
a processor for executing instructions stored in the memory to perform the method of any one of claims 1-5.
10. A computer-readable storage medium having stored thereon computer instructions which, when executed on a computer, cause the computer to perform the method of any one of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811526390.0A CN111327564B (en) | 2018-12-13 | 2018-12-13 | Access method and device for alliance chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811526390.0A CN111327564B (en) | 2018-12-13 | 2018-12-13 | Access method and device for alliance chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111327564A true CN111327564A (en) | 2020-06-23 |
| CN111327564B CN111327564B (en) | 2022-03-08 |
Family
ID=71172237
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811526390.0A Active CN111327564B (en) | 2018-12-13 | 2018-12-13 | Access method and device for alliance chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111327564B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111865993A (en) * | 2020-07-23 | 2020-10-30 | 北京天融信网络安全技术有限公司 | Identity authentication management method and device, distributed system and readable storage medium |
| CN112182101A (en) * | 2020-09-22 | 2021-01-05 | 建信金融科技有限责任公司 | Member admission method and system in block chain |
| CN112202581A (en) * | 2020-09-24 | 2021-01-08 | 成都质数斯达克科技有限公司 | Group joining method and device and electronic equipment |
| CN112910982A (en) * | 2021-01-27 | 2021-06-04 | 网易(杭州)网络有限公司 | Node access method and device of alliance chain, electronic equipment and storage medium |
| CN113114634A (en) * | 2021-03-24 | 2021-07-13 | 武汉卓尔信息科技有限公司 | Credible data management method based on alliance chain and alliance chain |
| CN113225736A (en) * | 2021-03-24 | 2021-08-06 | 湖南宸瀚信息科技有限责任公司 | Unmanned aerial vehicle cluster node authentication method and device, storage medium and processor |
| CN113596168A (en) * | 2021-08-02 | 2021-11-02 | 中国民生银行股份有限公司 | Block chain alliance chain-based verification method and device |
| CN113706131A (en) * | 2021-08-27 | 2021-11-26 | 成都质数斯达克科技有限公司 | Block chain transaction method, device and equipment based on encryption card |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107426157A (en) * | 2017-04-21 | 2017-12-01 | 杭州趣链科技有限公司 | A kind of alliance's chain authority control method based on digital certificate and ca authentication system |
| CN107592292A (en) * | 2017-07-26 | 2018-01-16 | 阿里巴巴集团控股有限公司 | A kind of block chain communication method between nodes and device |
| CN108052530A (en) * | 2017-11-10 | 2018-05-18 | 杭州云象网络技术有限公司 | A kind of decentralization CA construction methods and its system based on alliance's chain |
| CN108416589A (en) * | 2018-03-08 | 2018-08-17 | 深圳前海微众银行股份有限公司 | Connection method, system and the computer readable storage medium of block chain node |
| CN108667618A (en) * | 2018-05-10 | 2018-10-16 | 阿里巴巴集团控股有限公司 | Data processing method, device, server and the system of block chain member management |
| CA3048743A1 (en) * | 2017-04-28 | 2018-11-01 | Alibaba Group Holding Limited | Consensus verification method and device |
-
2018
- 2018-12-13 CN CN201811526390.0A patent/CN111327564B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107426157A (en) * | 2017-04-21 | 2017-12-01 | 杭州趣链科技有限公司 | A kind of alliance's chain authority control method based on digital certificate and ca authentication system |
| CA3048743A1 (en) * | 2017-04-28 | 2018-11-01 | Alibaba Group Holding Limited | Consensus verification method and device |
| CN107592292A (en) * | 2017-07-26 | 2018-01-16 | 阿里巴巴集团控股有限公司 | A kind of block chain communication method between nodes and device |
| CN108052530A (en) * | 2017-11-10 | 2018-05-18 | 杭州云象网络技术有限公司 | A kind of decentralization CA construction methods and its system based on alliance's chain |
| CN108416589A (en) * | 2018-03-08 | 2018-08-17 | 深圳前海微众银行股份有限公司 | Connection method, system and the computer readable storage medium of block chain node |
| CN108667618A (en) * | 2018-05-10 | 2018-10-16 | 阿里巴巴集团控股有限公司 | Data processing method, device, server and the system of block chain member management |
Non-Patent Citations (1)
| Title |
|---|
| 董友康等: "基于联盟区块链的董事会电子投票系统", 《网络与信息安全学报》 * |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111865993A (en) * | 2020-07-23 | 2020-10-30 | 北京天融信网络安全技术有限公司 | Identity authentication management method and device, distributed system and readable storage medium |
| CN111865993B (en) * | 2020-07-23 | 2022-04-01 | 北京天融信网络安全技术有限公司 | Identity authentication management method, distributed system and readable storage medium |
| CN112182101A (en) * | 2020-09-22 | 2021-01-05 | 建信金融科技有限责任公司 | Member admission method and system in block chain |
| CN112202581A (en) * | 2020-09-24 | 2021-01-08 | 成都质数斯达克科技有限公司 | Group joining method and device and electronic equipment |
| CN112910982A (en) * | 2021-01-27 | 2021-06-04 | 网易(杭州)网络有限公司 | Node access method and device of alliance chain, electronic equipment and storage medium |
| CN113114634A (en) * | 2021-03-24 | 2021-07-13 | 武汉卓尔信息科技有限公司 | Credible data management method based on alliance chain and alliance chain |
| CN113225736A (en) * | 2021-03-24 | 2021-08-06 | 湖南宸瀚信息科技有限责任公司 | Unmanned aerial vehicle cluster node authentication method and device, storage medium and processor |
| CN113225736B (en) * | 2021-03-24 | 2024-02-02 | 湖南宸瀚信息科技有限责任公司 | Unmanned aerial vehicle cluster node authentication method and device, storage medium and computer equipment |
| CN113596168A (en) * | 2021-08-02 | 2021-11-02 | 中国民生银行股份有限公司 | Block chain alliance chain-based verification method and device |
| CN113706131A (en) * | 2021-08-27 | 2021-11-26 | 成都质数斯达克科技有限公司 | Block chain transaction method, device and equipment based on encryption card |
| CN113706131B (en) * | 2021-08-27 | 2024-02-27 | 成都质数斯达克科技有限公司 | Block chain transaction method, device and equipment based on encryption card |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111327564B (en) | 2022-03-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111327564B (en) | Access method and device for alliance chain | |
| US20220277307A1 (en) | Systems and methods for personal identification and verification | |
| CN110377239B (en) | Data signature method, device, server, system and storage medium | |
| CN110620810B (en) | Non-linked ownership of continuous asset transfer over blockchain | |
| US10790976B1 (en) | System and method of blockchain wallet recovery | |
| CN109274652B (en) | Identity information verification system, method and device and computer storage medium | |
| US20190333031A1 (en) | System, method, and computer program product for validating blockchain or distributed ledger transactions in a service requiring payment | |
| CN112311735B (en) | Credible authentication method, network equipment, system and storage medium | |
| US20220394026A1 (en) | Network identity protection method and device, and electronic equipment and storage medium | |
| CN110633963B (en) | Electronic bill processing method, electronic bill processing device, computer readable storage medium and computer readable storage device | |
| CN111444273B (en) | Data authorization method and device based on block chain | |
| US20210391991A1 (en) | Linking identities in a distributed database | |
| CN116250210A (en) | Methods, apparatus, and computer readable media for authentication and authorization of networked data transactions | |
| CN111340483A (en) | Data management method based on block chain and related equipment | |
| CN110223075B (en) | Identity authentication method and device, computer equipment and storage medium | |
| CN111222989B (en) | Transaction method of multi-channel blockchain, electronic equipment and storage medium | |
| CN113112354A (en) | Transaction processing method of block chain network, block chain network and storage medium | |
| US11283623B1 (en) | Systems and methods of using group functions certificate extension | |
| CN111311260A (en) | Method and device for resetting account private key | |
| CN111078649A (en) | Block chain-based on-cloud file storage method and device and electronic equipment | |
| Uesugi et al. | Design and evaluation of a privacy-preserving supply chain system based on public permissionless blockchain | |
| CN112865981B (en) | Token acquisition and verification method and device | |
| CN114003959A (en) | Decentralized identity information processing method, device and system | |
| US11310044B2 (en) | Authenticate transactions of secured file in blockchain | |
| CN114372280A (en) | Block chain service execution method and device based on multi-sign intelligent contract |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |