CN112769871A - Cross-chain access control method and device - Google Patents
Cross-chain access control method and device Download PDFInfo
- Publication number
- CN112769871A CN112769871A CN202110340164.9A CN202110340164A CN112769871A CN 112769871 A CN112769871 A CN 112769871A CN 202110340164 A CN202110340164 A CN 202110340164A CN 112769871 A CN112769871 A CN 112769871A
- Authority
- CN
- China
- Prior art keywords
- resource
- blockchain
- access
- transaction
- cross
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/21—Design, administration or maintenance of databases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
An embodiment of the present specification provides a cross-chain access control method and an apparatus, where the method is performed by a node device of a blockchain, a cross-chain contract is deployed in the blockchain, and an account state of the cross-chain contract includes an access control table corresponding to the blockchain, and the method includes: acquiring a first transaction and a digital signature thereof, wherein the first transaction calls the cross-link contract and provides a write-in request for the cross-link contract, and the write-in request comprises an identifier of a resource in the first block chain and authorization information of the resource; executing the first transaction to: acquiring a public key for verifying the digital signature based on the identification of the resource; verifying the digital signature using the public key; and writing the authorization information of the resource in the access control table in the case of passing the verification.
Description
Technical Field
The embodiment of the specification relates to the technical field of block chains, and more particularly, to a method and an apparatus for controlling cross-chain access.
Background
The block chain technology is also called as distributed book technology, is decentralized distributed database technology and is characterized by decentralized, transparent disclosure, no tampering and trusty. Each data of the block chain is broadcasted to the block chain nodes of the whole network, and each whole node has the full amount of consistent data. With the fire of blockchain technology, many different types of chains have emerged, which are used in the fields of finance, health care, supply chain, asset management and traceability. However, most of the applications (cryptocurrency or intelligent contracts) on the chain cannot cross the boundary of the current chain and cannot cooperate with other chains to realize the circulation of data, so that the development space of the block chain is limited. How to enable different types of chains to collaborate to realize data circulation is an exploration direction.
In one existing interlink technique, an interlink message to be sent to a second blockchain is written in a first blockchain into a receipt of the first blockchain, and a relay device under the chain acquires the receipt from the first blockchain and provides the receipt to the second blockchain. The receipt includes a data read request for the second blockchain or a call request for the smart contract. In this case, how to perform access right control on the second blockchain is an urgent problem to be solved in order to ensure the data security in the blockchain.
Therefore, a more efficient cross-chain access control scheme is needed.
Disclosure of Invention
The embodiments of the present specification aim to provide a more efficient cross-chain access control scheme to address the deficiencies in the prior art.
To achieve the above object, an aspect of the present specification provides a cross-chain access control method, which is performed by a node device of a blockchain, a cross-chain contract is deployed in the blockchain, and an access control table corresponding to the blockchain is included in an account state of the cross-chain contract, and the method includes:
acquiring a first transaction and a digital signature thereof, wherein the first transaction calls the cross-link contract and provides a write-in request for the cross-link contract, and the write-in request comprises an identifier of a resource in the first block chain and authorization information of the resource;
executing the first transaction to:
acquiring a public key for verifying the digital signature based on the identification of the resource;
verifying the digital signature using the public key;
and writing the authorization information of the resource in the access control table in the case of passing the verification.
In one embodiment, obtaining the public key for verifying the digital signature based on the identity of the resource includes determining an owner of the resource based on the identity of the resource, obtaining the public key of the owner.
In one embodiment, the identification of the resource is an account address of a smart contract, and determining the owner of the resource based on the identification of the resource includes reading the account address of the owner of the smart contract from an account status of the smart contract.
In one embodiment, the identification of the resource includes an identification of a second transaction, wherein determining the owner of the resource based on the identification of the resource includes reading an account address from the first blockchain that sent the second transaction based on the identification of the second transaction.
In one embodiment, the identification of the resource includes an identification of a first block, wherein obtaining the public key for verifying the digital signature based on the identification of the resource includes obtaining a public key of an owner of a first block chain preset in the cross-chain contract based on the identification of the first block.
In one embodiment, the write request includes an identification of an authorized account of the resource that is authorized to write authorization information for the resource in the access control table, wherein writing authorization information for the resource in the access control table includes writing the identification of the authorized account of the resource in the access control table.
In one embodiment, obtaining the public key for verifying the digital signature based on the identity of the resource includes reading, at the access control table, an identity of an authorized account for the resource, and obtaining the public key of the authorized account based on the identity of the authorized account.
Another aspect of the present specification provides a cross-chain access control method, where the method is performed by a node device of a first blockchain, a cross-chain contract is deployed in the first blockchain, an account state of the cross-chain contract includes an access control table corresponding to the blockchain, and the access control table includes authorization information of a resource in the first blockchain, and the method includes:
acquiring a third transaction, calling the cross-link contract, and providing an access request for the cross-link contract, wherein the access request is used for requesting to access the resource in the first block chain;
executing the third transaction to:
determining whether the access request is authorized based on the access control table;
and in the case that the access request is judged to be authorized, accessing the resource.
In one embodiment, the access request includes an identifier of a second blockchain that the access request is sent, wherein determining whether the access request is authorized based on the access control table includes: and judging whether the resource is the resource authorized to the second block chain or not based on the access control table.
In one embodiment, the access request further includes a requested access mode for the resource, wherein determining whether the access request is authorized based on the access control table includes: and judging whether the access mode of the request to the resource is an authorized access mode or not based on the access control table.
In one embodiment, the access request is a call request to a first contract in the first blockchain, wherein making access to the resource includes calling the first contract with the access request as an incoming parameter.
In one embodiment, the access request is a read request for second data in the first blockchain, wherein accessing the resource includes reading the second data from the first blockchain, and the method further includes, after performing the third transaction, logging the second data in the first blockchain.
Another aspect of the present specification provides a cross-link access control apparatus, where the apparatus is deployed in a node device of a blockchain, a cross-link contract is deployed in the blockchain, and an account state of the cross-link contract includes an access control table corresponding to the blockchain, and the apparatus includes:
an obtaining unit, configured to obtain a first transaction and a digital signature thereof, where the first transaction invokes the cross-link contract and provides a write request to the cross-link contract, and the write request includes an identifier of a resource in the first block chain and authorization information of the resource;
an execution unit configured to execute the first transaction, the execution unit comprising the following sub-units:
an obtaining subunit configured to obtain, based on the identifier of the resource, a public key used for verifying the digital signature;
a verification subunit configured to verify the digital signature using the public key;
and the writing subunit is configured to write the authorization information of the resource in the access control table in the case that the verification is passed.
In one embodiment, the obtaining subunit is further configured to determine an owner of the resource based on the identifier of the resource, and obtain the public key of the owner.
In one embodiment, the identification of the resource is an account address of the intelligent contract, and the obtaining subunit is further configured to read the account address of the owner of the intelligent contract from the account status of the intelligent contract.
In one embodiment, the identification of the resource comprises an identification of a second transaction, wherein the obtaining subunit is further configured to read an account address from the first blockchain that sent the second transaction based on the identification of the second transaction.
In one embodiment, the identifier of the resource includes an identifier of a first block, and the obtaining subunit is further configured to obtain, based on the identifier of the first block, a public key of an owner of the first block chain preset in the cross-link contract.
In one embodiment, the write request includes an identifier of an authorized account of the resource, and the authorized account is authorized to write authorization information of the resource in the access control table, wherein the write subunit is further configured to write the identifier of the authorized account of the resource in the access control table.
In one embodiment, the obtaining subunit is further configured to read, in the access control table, an identification of an authorized account of the resource, and obtain the public key of the authorized account based on the identification of the authorized account.
Another aspect of the present specification provides an apparatus for controlling cross-chain access, where the apparatus is deployed in a node device of a first blockchain, a cross-chain contract is deployed in the first blockchain, an account state of the cross-chain contract includes an access control table corresponding to the blockchain, and the access control table includes authorization information of a resource in the first blockchain, and the apparatus includes:
the obtaining unit is configured to obtain a third transaction, the third transaction invokes the cross-link contract, and provides an access request for the cross-link contract, where the access request is used for requesting to access the resource in the first blockchain;
an execution unit configured to execute the third transaction, the execution unit comprising the following sub-units:
a judging subunit configured to judge whether the access request is authorized based on the access control table;
and the access subunit is configured to perform access to the resource in the case that the access request is judged to be authorized.
In one embodiment, the access request includes an identifier of a second block chain that transmits the access request, and the determining subunit is further configured to: and judging whether the resource is the resource authorized to the second block chain or not based on the access control table.
In one embodiment, the access request further includes a requested access mode for the resource, where the determining subunit is further configured to: and judging whether the access mode of the request to the resource is an authorized access mode or not based on the access control table.
In one embodiment, the access request is a call request to a first contract in the first block chain, wherein the access subunit is further configured to call the first contract with the access request as an incoming parameter.
In one embodiment, the access request is a read request for second data in the first blockchain, wherein the access subunit is further configured to read the second data from the first blockchain, and the apparatus further includes a storage unit configured to store the second data in the first blockchain after the third transaction is completed.
Another aspect of the present specification provides a computer readable storage medium having a computer program stored thereon, which, when executed in a computer, causes the computer to perform any one of the above methods.
Another aspect of the present specification provides a computing device comprising a memory having stored therein executable code, and a processor that, when executing the executable code, implements any of the methods described above.
Through the cross-chain access control scheme according to the embodiment of the specification, only the owner of the resource or the account authorized by the owner of the resource can set the access right of the resource in the ACL table by calling the cross-chain contract in the blockchain, so that the data security of the blockchain is guaranteed. When the block chain receives an access request under the chain, the access request is verified for the authority based on the ACL table by executing cross-chain contract, so that the data security is guaranteed.
Drawings
The embodiments of the present specification may be made more clear by describing the embodiments with reference to the attached drawings:
FIG. 1 shows a schematic diagram of a cross-chain system in accordance with embodiments of the present description;
FIG. 2 is a flow diagram illustrating a method for cross-chain access control according to an embodiment of the present description;
FIG. 3 is a flow diagram illustrating a method for cross-chain access control according to an embodiment of the present description;
FIG. 4 illustrates a method of cross-chain access control according to an embodiment of the present description;
FIG. 5 illustrates a cross-chain access control device 500 according to an embodiment of the present description;
fig. 6 illustrates a cross-chain access control apparatus 600 according to an embodiment of the present description.
Detailed Description
The embodiments of the present specification will be described below with reference to the accompanying drawings.
FIG. 1 shows a schematic diagram of a cross-chain system in accordance with an embodiment of the present description. As shown in fig. 1, the inter-chain system includes a first block chain 11, a relay device 12, and a second block chain 13. Wherein the first block chain 11 is connected with the second block chain 13 through the relay device 12. It is to be understood that, although it is schematically illustrated herein that the first block chain 11 and the second block chain 13 are connected to each other through the relay device 12, the embodiment of the present disclosure is not limited thereto, for example, the first block chain 11 and the second block chain 13 may be connected to each other through a plurality of relay devices, and is not limited herein. A cross-link contract is deployed in the first block chain 11, and an account state of the cross-link contract includes an access control table (ACL table), and the ACL table includes authorization information of resources in the first block chain 11. The cross-chain contract comprises an ACL table writing function and an authority verification function. The ACL table writing function comprises an identity authentication subfunction and a resource authentication subfunction.
The user may send a transaction to the first blockchain 11 through his device that calls a write function (hereinafter simply referred to as a write function) of the ACL table in the cross-link contract for writing authorization information of a specific resource in the ACL table. When a node in the first blockchain 11 executes the transaction, an ACL table write function is first executed, so that an owner or an authorized person of the resource is determined by executing the resource authentication subfunction, and then it is determined whether a sender of the write request is the owner or the authorized person of the resource by the identity authentication subfunction, so that it is determined whether to write to the ACL table based on the write request.
A down-link device of the first blockchain 11 (e.g., the relay device 12) may send an access request for a resource in the first blockchain 11 by sending a transaction to the first blockchain 11 that invokes a cross-link contract. When executing the transaction, the node in the first blockchain 11 first executes the right verification function to verify the access right of the access request based on the ACL table, and after the verification is passed, accesses the resource.
It will be appreciated that the above description with reference to fig. 1 is intended to be illustrative only and is not intended to limit the scope of embodiments of the present description. The above-described access authority control method will be described in detail below.
Fig. 2 shows a flowchart of a cross-chain access control method according to an embodiment of the present specification, which is executed by any node device in the first blockchain 11, for example, and includes the following steps:
step S202, transaction n and its digital signature are obtained. The n is a transaction number, the transaction n calls a write-in function in the cross-link contract, and provides the identification of the resource in the first block chain and authorization information of the resource for the write-in function;
in step S204, the transaction n is executed,
wherein executing the transaction n comprises performing the steps of:
step S2041, determining the owner of the resource;
step S2042, verifying whether the signature is the signature of the owner;
step S2043, in case it is verified that the digital signature is not the signature of the owner, verifying whether the signature is a signature of an authorized account of the resource;
in step S2044, the ACL table is written.
The method illustrated in fig. 2 will be described below in various embodiments.
In one embodiment, the owner of the resource in the first blockchain 11 sends the transaction n and the digital signature to the first blockchain 11 through its device, so that each node device in the first blockchain 11 executes step S202 to obtain the transaction n and its digital signature from the first blockchain 11. Wherein the digital signature is a digital signature of the transaction n by a sender of the transaction n. As shown in fig. 1, a write function is called in the transaction n with a write request as an incoming parameter, where the write request includes an identifier of a specific resource to be authorized in the first blockchain and authorization information for the resource. The resources may include, for example, tile data in the first blockchain 11, transactional data, intelligent contracts, and so forth. The identifier of the block includes, for example, a hash value of a block header or a block number; the identification of the transaction includes, for example, the identification of the block where the transaction is located, the transaction number, and the like; the identification of the intelligent contract includes, for example, an account address of the intelligent contract, etc. The authorization information includes, for example, a domain name of a block chain authorized to use the specific resource, an authorized usage mode of the specific resource, and the like. For example, for the intelligent contract resource, the authorized use mode includes a calling mode, and for the resources such as block data and transaction data, the authorized use mode includes a reading mode, and the like.
Thereafter, the node device in the first blockchain 11 executes step S204, and executes transaction n.
In the process of executing transaction n, the node device first executes step S2041 to determine an owner (owner) of the resource to determine whether the sender of transaction n is the owner of the specific resource, that is, whether the sender has the right to write to the ACL table. Therefore, the node device determines the owner of the resource by executing the resource authentication sub-function in the write function, and acquires the public key of the owner.
For example, the specific resource is an intelligent contract (e.g., contract 1) deployed in the first blockchain 11, and the account address of the owner of the contract 1 is recorded in the owner field in the account status of the contract 1. Thus, the node device may read the owner field in the account status of the contract 1 by executing the resource authentication subfunction, acquire the account address of the owner, and may acquire the public key of the owner by reading the account status of the account of the owner.
For example, the specific resource is transaction data of transaction m stored in the first blockchain 11. For transaction data in blockchains, different blockchains may have different provisions for the owner of the transaction data, e.g., in one blockchain the transaction data for the transaction includes forensic data for the transaction sender and in the blockchain the owner of the transaction data is defined as the transaction sender, in another blockchain the owner of the transaction may be defined as the owner of the blockchain. The resource authentication subfunction may preset a corresponding program according to the specification of the transaction data owner in the first block chain 11. For example, if the owner of the transaction data is defined as the sender of the transaction in the first blockchain 11, when the resource authentication subfunction is executed, the transaction data of the transaction m is read from the first blockchain 11 according to a preset program, the sending account of the transaction m is obtained from the transaction data, and the account public key of the sending account is obtained from the account status of the sending account. If the owner of the transaction data specified in the first blockchain 11 is the owner of the first blockchain 11, the public key of the owner of the first blockchain 11 preset in the resource authentication subfunction is acquired when the resource authentication subfunction is executed.
For example, the specific resource is block data in the first block chain 11, and usually, the owner of the block data is the owner of the corresponding block chain. Thus, the resource authentication subfunction can acquire the public key of the owner of the preset first block chain 11 similarly as above.
Then, the node apparatus executes step S2042 to determine whether the digital signature is a signature of the owner of the specific resource by executing an identity authentication subfunction. Specifically, after acquiring the public key of the owner of the specific resource, the identity authentication subfunction decrypts the digital signature by using the public key, calculates the hash value of the transaction n, and compares whether the data acquired by decryption is the same as the hash value. If so, it may be determined that the digital signature is the signature of the owner of the particular resource, so that the node device may perform step S2044, writing the ACL table by executing the write function. As shown in fig. 1, the ACL table is stored in the account status of the cross-link contract, and writing to the ACL table changes the account status of the cross-link contract. If not, the node device will not write to the ACL table based on the write request, thereby improving the data security of the first block chain 11 by performing cross-chain contract control writes to the ACL table. Table 1 shows a schematic diagram of the ACL table.
TABLE 1
As shown in table 1, a column of "resource" is used to record an identifier of a resource in the first blockchain 11, the resource includes, for example, blockchain data, transaction data, intelligent contracts, etc., a column of "blockchain identifier" is used to record an identifier of a blockchain authorized to use the corresponding resource, a domain name of the blockchain is used as the identifier of the blockchain in table 1, and a column of "access mode" is used to record an authorized access mode of the corresponding resource, the access mode includes a call to a contract and a read of data, etc. Specifically, assuming that the domain name of the second blockchain 13 is domain name 2, the table 1 records that the second blockchain 13 is authorized to have the call authority of contract 1 in the first blockchain 11 and the read authority of transaction m in block N in the first blockchain 11.
It is to be understood that the access control table shown in Table 1 is illustrative only and not limiting. For example, the domain name of the blockchain is not limited to record the blockchain in one column, but other blockchain identifications for uniquely identifying the blockchain may be recorded, and in addition, the access control table is not limited to include 3 columns shown in table 1, but only one or two columns may be recorded, for example, the ACL table may include only the "resource" column in table 1, which means that the call authority to contract 1, the read authority to transaction M in block N, and the read authority to block M are authorized for all the blockchains.
In one embodiment, the transaction n requests, for example, to write an account identifier, such as an account public key or an account address, authorized to set access rights to a specific resource, in an ACL table. In this case, the node device writes an account identifier authorized for a specific resource in the ACL table after determining that the digital signature is a signature of an owner of the specific resource by executing the resource authentication subfunction and the identity authentication subfunction. Table 2 shows a schematic diagram of the ACL table in this embodiment.
TABLE 2
In the ACL table shown in table 2, unlike table 1, a column of an authorized account for recording an account public key of an account authorized to set access rights of resources in the ACL table is further included (schematically shown in abc456 and the like in table 2). It is understood that the column of authorized accounts in table 2 is not limited to recording public account keys, and in the case where the account is an account in the first blockchain 11, an account address may also be recorded in the ACL table.
In another embodiment, after the node device determines that the digital signature is not the signature of the resource owner in step S2042, step S2043 may be performed by executing an identity authentication sub-function to determine whether the signature is a signature of an authorized account. Specifically, the node device reads an account public key of an authorized account of a specific resource from the ACL table by executing an ACL table write function, and verifies a signature by using the public key, thereby determining whether the signature is a signature of the authorized account. In the case where the account address of the authorized account is recorded in the ACL table, the node device may obtain the public key corresponding to the account from the first blockchain 11 based on the account address, and verify the signature using the public key.
If the node device determines that the signature is the signature of the authorized account by executing the identity authentication sub-function, for example, the transaction n includes the access right information of the contract 1, the node device modifies the account status of the cross-chain contract by executing the write function, and writes the block chain identifier, the access mode and the like associated with the contract 1 account as shown in table 1 in the ACL table in the account status. If the signature is determined not to be the signature of the authorized account by executing step S2043, the method execution flow is ended, and no write is performed to the ACL table.
Fig. 3 shows a flowchart of a cross-chain access control method according to an embodiment of the present specification, where the method is performed by a node device of the first block chain 11, for example, and includes the following steps S302-S304, where the step S304 includes steps S3041-S3045.
In this embodiment, the node device of the first blockchain 11 first performs step S302, receiving a transaction n and a digital signature from the sender device. And calling a write function by taking a write request as an incoming parameter in the transaction n, wherein the write request comprises the identification of a specific resource to be authorized in the first block chain, the authorization information of the resource and the signature indication information. The signature indication information is used for indicating whether the signature of the transaction n is the signature of the resource owner or the signature of the authorized account of the resource. Thereafter, the node device performs step S304, i.e. performs transaction n. In the process of executing transaction n, step S3041 is first executed, and signature indicating information is read in transaction n. If the signature indication information indicates that the signature is an identifier of an owner of the resource, that is, transaction n is sent by the owner of the resource, the node device performs step S3042 of determining the owner of the resource to obtain a public key of the owner, and step S3043 of verifying whether the signature is the signature of the owner using the public key of the owner to determine whether to perform step S3045 of determining whether to write an ACL table. If the signature indication information indicates that the signature is the signature of the authorized account, that is, the transaction n is sent by the authorized account, the node device performs step S3044 similarly to the above, and verifies whether the signature is the signature of the authorized account based on the ACL table, thereby determining whether to write to the ACL table.
After the ACL table is recorded in the account status of the cross-link contract by the above method, when receiving the cross-link access from the device under the link, the first blockchain 11 may verify whether the cross-link access has the access right based on the ACL table, and determine whether to process the cross-link access based on the verification result. The process of rights verification for cross-chain access is described in detail below.
Fig. 4 is a flowchart illustrating a cross-chain access control method performed by a node device of a first blockchain according to an embodiment of the present specification, the method including:
step S402, obtaining a transaction q, wherein the transaction q calls the cross-link contract and provides an access request for the cross-link contract, and the access request is used for requesting to access the resource in the first block chain 11;
step S404, executing the transaction q to perform the following operations:
step S4041, based on ACL table, judging whether the access request is authorized;
step S4042, in a case that it is determined that the access request is authorized, accessing the resource.
First, at step S402, a transaction q is acquired.
For example, a node device of the second blockchain 13 may have access to resources in the first blockchain 11 through the relay device 12. The access is, for example, a call to an intelligent contract in the first blockchain 11 or a reading of block data or transaction data in the first blockchain 11. The node devices of the second blockchain 13 may deposit data (e.g., a transaction receipt) including an access request in the second blockchain 13 by performing a transaction, and the relay device 12 may send a transaction q to the first blockchain 11 after reading the data from the second blockchain 13, wherein the access request is used as an incoming parameter to invoke an authority verification function in a cross-link contract in the transaction q.
The access request is, for example, data having a predetermined data structure. For example, the access request is used to call contract 1 in the first block chain 11, and then the access request includes information such as an account address of contract 1, parameters to be transferred to contract 1, and the like. In one embodiment, the access request may further include an access mode, i.e., a calling mode, for the contract 1. In one embodiment, the access request may further include at least one of: send blockchain identification, receive contract (e.g., contract 1) account, send account, receive account, and so on.
For example, if the access request is used to read data of transaction m in block N in the first block chain 11, the access request includes, for example, an identifier of transaction m (i.e., block N, transaction m). In one embodiment, the access request may further include an access mode, i.e., a read mode, for data of the transaction m. In one embodiment, the access request may further include at least one of: a send blockchain identification, a receive blockchain identification, a send account, a receive account, and the like.
Step S404, executing the transaction q.
In the process of executing the transaction q, firstly, the authority verification function in the cross-link contract is executed, so that step S4041 is executed, and whether the access request is authorized is judged based on the access control table.
During the execution of this step, it is determined whether the access request is authorized by reading an ACL table in the account status of the cross-link contract, such as the ACL table shown in table 1 above. Specifically, the identifier of the resource requested to be accessed in the access request is obtained, the authorization information of the resource is read in the ACL table, and whether the access request is authorized is determined based on the authorization information of the resource.
For example, the access request is used to request to invoke contract 1 in the first block chain 11, including the identification of contract 1, the parameters of contract 1, the identification of the transmission chain (second block chain 13), and the access mode (invocation). By reading table 1 it can be determined that contract 1 is authorized for second blockchain 13 (i.e., domain name 2) and the manner of access authorized is a call, from which it can be determined that the access request is authorized. It will be appreciated that the access request may include different content depending on the particular form of the ACL table. For example, the ACL table only includes a list of resources authorized for each block chain, in which case, the access request may include only an identification of the resource.
For example, the access request is used to request to read data of transaction m of block N in the first block chain 11, which includes resource identification (i.e. block N, transaction m), identification of the transmission chain (second block chain 13), and access mode (read). By reading table 1 it can be determined that tile N transaction m is authorized for second tile chain 13 and that the access granted is by way of a call, from which it can be determined that the access request is authorized.
Then, step S4042 is executed, and in a case that it is determined that the access request is authorized, access to the resource is performed.
In the case that the access request is determined to be authorized, if the access request is used for requesting to invoke contract 1, executing the contract 1 by using the access request or the parameter of contract 1 included in the access request as an incoming parameter, thereby completing the process of cross-chain access. If the access request is used to read transaction m in block N, a data read function called in the authorization verification function is executed to read the data of transaction m in block N and store the read data in the receipt of transaction q. The relay device 12 is for example restricted to only being able to read specific data in the first blockchain 11 (such as a receipt corresponding to performing a cross-chain contract, a receipt with a specific subject (e.g. ACL-read), etc.), the relay device 12 is allowed by the node device to read the receipt of the transaction q and, after reading the receipt of the transaction q, to return the receipt to the node device of the second blockchain 13, thereby completing the cross-chain access process.
In the event that it is determined that the access request is not authorized, the node devices of the first blockchain 11 will not process the access request and return access failure information.
Fig. 5 illustrates an apparatus 500 for cross-chain access control according to an embodiment of the present specification, where the apparatus 500 is deployed in a node device of a blockchain, a cross-chain contract is deployed in the blockchain, and an access control table corresponding to the blockchain is included in an account status of the cross-chain contract, and the apparatus 500 includes:
an obtaining unit 51, configured to obtain a first transaction and a digital signature thereof, where the first transaction invokes the cross-link contract, and provides a write request to the cross-link contract, where the write request includes an identifier of a resource in the first block chain and authorization information of the resource;
an execution unit 52 configured to execute the first transaction, the execution unit 52 comprising the following sub-units:
an obtaining subunit 521, configured to obtain, based on the identifier of the resource, a public key used for verifying the digital signature;
a verification subunit 522 configured to verify the digital signature using the public key;
a writing subunit 523 configured to, in the case that the verification passes, write authorization information for the resource in the access control table.
In one embodiment, the obtaining subunit 521 is further configured to determine an owner of the resource based on the identifier of the resource, and obtain the public key of the owner.
In one embodiment, the identification of the resource is an account address of the intelligent contract, and the acquiring subunit 521 is further configured to read the account address of the owner of the intelligent contract from the account status of the intelligent contract.
In one embodiment, the identifier of the resource comprises an identifier of a second transaction, and the obtaining subunit 521 is further configured to read, from the first block chain, an account address for transmitting the second transaction based on the identifier of the second transaction.
In an embodiment, the identifier of the resource includes an identifier of a first block, and the obtaining subunit 521 is further configured to obtain, based on the identifier of the first block, a public key of an owner of the first block chain preset in the cross-link contract.
In an embodiment, the write request includes an identifier of an authorized account of the resource, the authorized account is authorized to write the authorization information of the resource in the access control table, wherein the writing subunit 523 is further configured to write the identifier of the authorized account of the resource in the access control table.
In one embodiment, the obtaining subunit 521 is further configured to read, in the access control table, an identifier of an authorized account of the resource, and obtain the public key of the authorized account based on the identifier of the authorized account.
Fig. 6 illustrates an apparatus 600 for cross-chain access control according to an embodiment of the present specification, where the apparatus 600 is deployed in a node device of a first blockchain, a cross-chain contract is deployed in the first blockchain, an account status of the cross-chain contract includes an access control table corresponding to the blockchain, and the access control table includes authorization information of a resource in the first blockchain, and the apparatus 600 includes:
an obtaining unit 61, configured to obtain a third transaction, where the third transaction invokes the cross-link contract and provides an access request to the cross-link contract, where the access request is used to request to access a resource in the first blockchain;
an execution unit 62 configured to execute the third transaction, the execution unit 62 comprising the following sub-units:
a judging subunit 621 configured to judge whether the access request is authorized based on the access control table;
an accessing subunit 622, configured to perform, in a case that it is determined that the access request is authorized, access to the resource.
In one embodiment, the access request includes an identifier of a second block chain that transmits the access request, and the determining subunit is further configured to: and judging whether the resource is the resource authorized to the second block chain or not based on the access control table.
In one embodiment, the access request further includes a requested access mode for the resource, where the determining subunit is further configured to: and judging whether the access mode of the request to the resource is an authorized access mode or not based on the access control table.
In one embodiment, the access request is a call request to a first contract in the first block chain, wherein the access subunit is further configured to call the first contract with the access request as an incoming parameter.
In one embodiment, the access request is a read request for second data in the first blockchain, wherein the access subunit is further configured to read the second data from the first blockchain, and the apparatus further includes a storage unit configured to store the second data in the first blockchain after the third transaction is completed.
Another aspect of the present specification provides a computer readable storage medium having a computer program stored thereon, which, when executed in a computer, causes the computer to perform any one of the above methods.
Another aspect of the present specification provides a computing device comprising a memory having stored therein executable code, and a processor that, when executing the executable code, implements any of the methods described above.
Through the cross-chain access control scheme according to the embodiment of the specification, only the owner of the resource or the account authorized by the owner of the resource can set the access right of the resource in the ACL table by calling the cross-chain contract in the blockchain, so that the data security of the blockchain is guaranteed. When the block chain receives an access request under the chain, the access request is verified for the authority based on the ACL table by executing cross-chain contract, so that the data security is guaranteed.
It is to be understood that the terms "first," "second," and the like, herein are used for descriptive purposes only and not for purposes of limitation, to distinguish between similar concepts.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
It will be further appreciated by those of ordinary skill in the art that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application. The software modules may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (26)
1. A cross-chain access control method, the method being performed by a node device of a blockchain, a cross-chain contract being deployed in the blockchain, an account state of the cross-chain contract including an access control table corresponding to the blockchain, the method comprising:
acquiring a first transaction and a digital signature thereof, wherein the first transaction calls the cross-link contract and provides a write-in request for the cross-link contract, and the write-in request comprises an identifier of a resource in a first block chain and authorization information of the resource;
executing the first transaction to:
acquiring a public key for verifying the digital signature based on the identification of the resource;
verifying the digital signature using the public key;
and writing the authorization information of the resource in the access control table in the case of passing the verification.
2. The method of claim 1, wherein obtaining a public key for verifying the digital signature based on the identity of the resource comprises determining an owner of the resource based on the identity of the resource, obtaining the owner's public key.
3. The method of claim 2, wherein the identification of the resource is an account address of a smart contract, and determining the owner of the resource based on the identification of the resource comprises reading the account address of the owner of the smart contract from an account status of the smart contract.
4. The method of claim 2, wherein the identification of the resource comprises an identification of a second transaction, wherein determining the owner of the resource based on the identification of the resource comprises reading an account address from the first blockchain to send the second transaction based on the identification of the second transaction.
5. The method of claim 2, wherein the identification of the resource comprises an identification of a first block, wherein obtaining the public key for verifying the digital signature based on the identification of the resource comprises obtaining a public key of an owner of a first block chain preset in the cross-link contract based on the identification of the first block.
6. The method of any of claims 1-5, the write request including an identification of an authorized account of the resource that is authorized to write authorization information for the resource in the access control table, wherein writing authorization information for the resource in the access control table includes writing the identification of the authorized account of the resource in the access control table.
7. The method of claim 1, wherein obtaining a public key for verifying the digital signature based on the identity of the resource comprises reading, at the access control table, an identity of an authorized account for the resource, obtaining the public key of the authorized account based on the identity of the authorized account.
8. A cross-chain access control method, executed by a node device of a first blockchain, where a cross-chain contract is deployed in the first blockchain, an account state of the cross-chain contract includes an access control table corresponding to the blockchain, and the access control table includes authorization information of a resource in the first blockchain, the method comprising:
acquiring a third transaction, calling the cross-link contract, and providing an access request for the cross-link contract, wherein the access request is used for requesting to access the resource in the first block chain;
executing the third transaction to:
determining whether the access request is authorized based on the access control table;
and in the case that the access request is judged to be authorized, accessing the resource.
9. The method of claim 8, wherein the access request includes an identification of a second blockchain from which the access request is sent, wherein determining whether the access request is authorized based on the access control table comprises: and judging whether the resource is the resource authorized to the second block chain or not based on the access control table.
10. The method of claim 9, wherein the access request further includes a requested access mode for the resource, and wherein determining whether the access request is authorized based on the access control table comprises: and judging whether the access mode of the request to the resource is an authorized access mode or not based on the access control table.
11. The method of any of claims 8-10, wherein the access request is a call request to a first contract in the first blockchain, wherein making access to the resource comprises calling the first contract with the access request as an incoming parameter.
12. The method of any of claims 8-10, wherein the access request is a read request for second data in the first blockchain, wherein performing access to the resource comprises reading the second data from the first blockchain, the method further comprising, after performing the third transaction, logging the second data in the first blockchain.
13. A cross-chain access control apparatus, the apparatus being deployed in a node device of a blockchain, a cross-chain contract being deployed in the blockchain, an account status of the cross-chain contract including an access control table corresponding to the blockchain, the apparatus comprising:
the acquisition unit is configured to acquire a first transaction and a digital signature thereof, wherein the first transaction calls the cross-link contract and provides a write request for the cross-link contract, and the write request comprises an identifier of a resource in a first block chain and authorization information of the resource;
an execution unit configured to execute the first transaction, the execution unit comprising the following sub-units:
an obtaining subunit configured to obtain, based on the identifier of the resource, a public key used for verifying the digital signature;
a verification subunit configured to verify the digital signature using the public key;
and the writing subunit is configured to write the authorization information of the resource in the access control table in the case that the verification is passed.
14. The apparatus of claim 13, wherein the obtaining subunit is further configured to determine an owner of the resource based on the identity of the resource, and obtain a public key of the owner.
15. The apparatus of claim 14, wherein the identification of the resource is an account address of a smart contract, the obtaining subunit further configured to read the account address of the owner of the smart contract from the account status of the smart contract.
16. The apparatus of claim 14, wherein the identification of the resource comprises an identification of a second transaction, wherein the obtaining subunit is further configured to read an account address from the first blockchain to transmit the second transaction based on the identification of the second transaction.
17. The apparatus of claim 14, wherein the identification of the resource comprises an identification of a first block, and wherein the obtaining subunit is further configured to obtain, based on the identification of the first block, a public key of an owner of the first block chain preset in the cross-link contract.
18. The apparatus of any of claims 13-17, the write request including an identification of an authorized account of the resource, the authorized account being authorized to write authorization information for the resource in the access control table, wherein the write subunit is further configured to write the identification of the authorized account of the resource in the access control table.
19. The apparatus of claim 13, wherein the obtaining subunit is further configured to read, at the access control table, an identification of an authorized account of the resource, and obtain the public key of the authorized account based on the identification of the authorized account.
20. A cross-chain access control apparatus, the apparatus being deployed in a node device of a first blockchain, a cross-chain contract being deployed in the first blockchain, an account state of the cross-chain contract including an access control table corresponding to the blockchain, the access control table including authorization information of a resource in the first blockchain, the apparatus comprising:
the obtaining unit is configured to obtain a third transaction, the third transaction invokes the cross-link contract, and provides an access request for the cross-link contract, where the access request is used for requesting to access the resource in the first blockchain;
an execution unit configured to execute the third transaction, the execution unit comprising the following sub-units:
a judging subunit configured to judge whether the access request is authorized based on the access control table;
and the access subunit is configured to perform access to the resource in the case that the access request is judged to be authorized.
21. The apparatus of claim 20, wherein the access request includes an identification of a second blockchain from which the access request is sent, wherein the determining subunit is further configured to: and judging whether the resource is the resource authorized to the second block chain or not based on the access control table.
22. The apparatus according to claim 21, wherein the access request further includes a requested access mode for the resource, and wherein the determining subunit is further configured to: and judging whether the access mode of the request to the resource is an authorized access mode or not based on the access control table.
23. The apparatus of any of claims 20-22, wherein the access request is a call request for a first contract in the first blockchain, wherein the access subunit is further configured to call the first contract with the access request as an incoming parameter.
24. The apparatus according to any of claims 20-22, wherein the access request is a read request for second data in the first blockchain, wherein the access subunit is further configured to read the second data from the first blockchain, the apparatus further comprising a storage unit configured to store the second data in the first blockchain after performing the third transaction.
25. A computer-readable storage medium, on which a computer program is stored which, when executed in a computer, causes the computer to carry out the method of any one of claims 1-12.
26. A computing device comprising a memory having executable code stored therein and a processor that, when executing the executable code, implements the method of any of claims 1-12.
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110340164.9A CN112769871B (en) | 2021-03-30 | 2021-03-30 | Cross-chain access control method and device |
| CN202210023173.XA CN114244629B (en) | 2021-03-30 | 2021-03-30 | Cross-chain access control method and device |
| PCT/CN2021/133116 WO2022205965A1 (en) | 2021-03-30 | 2021-11-25 | Cross-chain access control method and apparatus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110340164.9A CN112769871B (en) | 2021-03-30 | 2021-03-30 | Cross-chain access control method and device |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210023173.XA Division CN114244629B (en) | 2021-03-30 | 2021-03-30 | Cross-chain access control method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112769871A true CN112769871A (en) | 2021-05-07 |
| CN112769871B CN112769871B (en) | 2021-11-19 |
Family
ID=75691129
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110340164.9A Active CN112769871B (en) | 2021-03-30 | 2021-03-30 | Cross-chain access control method and device |
| CN202210023173.XA Active CN114244629B (en) | 2021-03-30 | 2021-03-30 | Cross-chain access control method and device |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210023173.XA Active CN114244629B (en) | 2021-03-30 | 2021-03-30 | Cross-chain access control method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (2) | CN112769871B (en) |
| WO (1) | WO2022205965A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022205965A1 (en) * | 2021-03-30 | 2022-10-06 | 蚂蚁区块链科技(上海)有限公司 | Cross-chain access control method and apparatus |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11018872B2 (en) * | 2018-07-17 | 2021-05-25 | Verizon Patent And Licensing Inc. | Validating and securing caller identification to prevent identity spoofing |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170237648A1 (en) * | 2016-02-15 | 2017-08-17 | Fujitsu Limited | Recording medium and packet relay method |
| CN109714348A (en) * | 2018-12-29 | 2019-05-03 | 百度在线网络技术(北京)有限公司 | Permission processing method, device, equipment and the medium realized based on block chain |
| CN109905464A (en) * | 2019-01-29 | 2019-06-18 | 华东师范大学 | A kind of distributed Sharing of remote sensing data system based on block chain |
| CN111314363A (en) * | 2020-02-25 | 2020-06-19 | 深圳市亿道信息股份有限公司 | Enterprise mobile equipment management method and system based on block chain |
| CN112508560A (en) * | 2020-12-01 | 2021-03-16 | 浙商银行股份有限公司 | Block chain cross-chain identity authentication and authority control method and device and computer equipment |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10230756B2 (en) * | 2015-11-25 | 2019-03-12 | International Business Machines Corporation | Resisting replay attacks efficiently in a permissioned and privacy-preserving blockchain network |
| US11019059B2 (en) * | 2018-04-26 | 2021-05-25 | Radware, Ltd | Blockchain-based admission processes for protected entities |
| CN108632268B (en) * | 2018-04-28 | 2021-04-09 | 腾讯科技(深圳)有限公司 | Authentication method and device for block chain access, storage medium and electronic device |
| CN110049066B (en) * | 2019-05-23 | 2020-05-26 | 中国科学院软件研究所 | Resource access authorization method based on digital signature and block chain |
| CN110222518B (en) * | 2019-05-30 | 2021-09-17 | 北京工业大学 | Trusted authority access control method based on block chain |
| CN112738139B (en) * | 2021-03-30 | 2021-07-06 | 支付宝(杭州)信息技术有限公司 | Cross-link access control method and device |
| CN113656780B (en) * | 2021-03-30 | 2023-12-19 | 支付宝(杭州)信息技术有限公司 | Cross-chain access control method and device |
| CN112769871B (en) * | 2021-03-30 | 2021-11-19 | 支付宝(杭州)信息技术有限公司 | Cross-chain access control method and device |
-
2021
- 2021-03-30 CN CN202110340164.9A patent/CN112769871B/en active Active
- 2021-03-30 CN CN202210023173.XA patent/CN114244629B/en active Active
- 2021-11-25 WO PCT/CN2021/133116 patent/WO2022205965A1/en active Application Filing
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170237648A1 (en) * | 2016-02-15 | 2017-08-17 | Fujitsu Limited | Recording medium and packet relay method |
| CN109714348A (en) * | 2018-12-29 | 2019-05-03 | 百度在线网络技术(北京)有限公司 | Permission processing method, device, equipment and the medium realized based on block chain |
| CN109905464A (en) * | 2019-01-29 | 2019-06-18 | 华东师范大学 | A kind of distributed Sharing of remote sensing data system based on block chain |
| CN111314363A (en) * | 2020-02-25 | 2020-06-19 | 深圳市亿道信息股份有限公司 | Enterprise mobile equipment management method and system based on block chain |
| CN112508560A (en) * | 2020-12-01 | 2021-03-16 | 浙商银行股份有限公司 | Block chain cross-chain identity authentication and authority control method and device and computer equipment |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022205965A1 (en) * | 2021-03-30 | 2022-10-06 | 蚂蚁区块链科技(上海)有限公司 | Cross-chain access control method and apparatus |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2022205965A1 (en) | 2022-10-06 |
| CN114244629B (en) | 2024-04-16 |
| CN114244629A (en) | 2022-03-25 |
| CN112769871B (en) | 2021-11-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109190410B (en) | Log behavior auditing method based on block chain in cloud storage environment | |
| CN110096857B (en) | Authority management method, device, equipment and medium for block chain system | |
| CN112800404B (en) | Cross-link access control method and device | |
| CN110535833B (en) | Data sharing control method based on block chain | |
| CN112765677B (en) | Federal learning method, device and system based on blockchain | |
| KR20190042567A (en) | Dynamic access control on block chaining | |
| CN112769871B (en) | Cross-chain access control method and device | |
| CN112738139B (en) | Cross-link access control method and device | |
| CN112737782B (en) | Method and apparatus for providing cross-chain messages | |
| CN109040024A (en) | A kind of resource access right control method and system | |
| CN104660401A (en) | Authentication method, authentication system and terminal | |
| CN110032846B (en) | Identity data anti-misuse method and device and electronic equipment | |
| CN110278192A (en) | Method, apparatus, computer equipment and the readable storage medium storing program for executing of extranet access Intranet | |
| CN104104650B (en) | data file access method and terminal device | |
| EP1209577A1 (en) | Web page browsing limiting method and server system | |
| CN112308542B (en) | Method and system for realizing intelligent and non-inductive data input | |
| CN111786995B (en) | Account password management method, management middleware, system, equipment and storage medium | |
| CN109063461B (en) | Third-party password-free login method and system | |
| CN112417403B (en) | Automatic system authentication and authorization processing method based on GitLab API | |
| CN112732676B (en) | Block chain-based data migration method, device, equipment and storage medium | |
| CN114117507B (en) | Object storage system, access control method and device thereof, and storage medium | |
| CN112422281A (en) | Method and system for changing secret key in security module | |
| CN107105046B (en) | Remotely access the method and system of big data | |
| CN112926956A (en) | Block chain financial payment management method and system | |
| JP6642060B2 (en) | Information processing device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |