CN115688183B - Method for authenticating uplink evidence storage and evidence collection of cloud-signed electronic certificate - Google Patents
Method for authenticating uplink evidence storage and evidence collection of cloud-signed electronic certificate Download PDFInfo
- Publication number
- CN115688183B CN115688183B CN202211526728.9A CN202211526728A CN115688183B CN 115688183 B CN115688183 B CN 115688183B CN 202211526728 A CN202211526728 A CN 202211526728A CN 115688183 B CN115688183 B CN 115688183B
- Authority
- CN
- China
- Prior art keywords
- certification
- hash value
- evidence
- security system
- electronic certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention discloses a method for up-chain certification and evidence collection and identification of a cloud signed electronic certificate, which is based on a secondary security system, a third party certification block chain and an industry block chain platform, wherein the secondary security system is used for carrying out data acquisition and hash calculation on the electronic certificate which is signed by the cloud, the third party certification block chain is used for storing a hash value of the electronic certificate, and the industry block chain platform is used for storing a source data file and the hash value of the electronic certificate and forming a certification record; the method comprises a uplink evidence-storing process and a evidence-taking identification process of the cloud-signed electronic certificate. The method realizes the trusted verification and verification service of the electronic certificate based on the blockchain technology, ensures the authenticity, the reliability, the tamper resistance and the traceability of the service data, and is convenient for related personnel to quickly verify the data in possible judicial disputes, thereby improving the judicial efficiency.
Description
Technical Field
The invention belongs to the technical field of electronic certificate access, and particularly relates to a method for cloud-signed uplink certificate storage and evidence collection identification of electronic certificates.
Background
With the development of information technology, applications such as electronic commerce, online finance, electronic contract, electronic transaction and the like formed based on an internet mode gradually become core business mode and operation assets of enterprises, a large number of electronic certificates such as settlement receipts, process files and the like can be generated in the transaction process, the related electronic certificates generally adopt an electronic signing mode, however, signed electronic certificates are often stored in a computer or other similar carriers in the form of electronic data and are easy to synthesize and tamper, so that the authenticity is lost, and therefore, the method for guaranteeing the authenticity and the reliability of the acquired electronic certificates is a technical problem at present.
Disclosure of Invention
The invention aims to provide a method for authenticating the uplink evidence storage and evidence collection of cloud-signed electronic certificates, so as to solve the technical problems.
In order to achieve the above object, the present invention is provided with:
the invention discloses a method for up-chain certification and evidence collection and identification of a cloud signed electronic certificate, which is based on a secondary security system, a third party certification block chain and an industry block chain platform, wherein the secondary security system is used for carrying out data acquisition and hash calculation on the electronic certificate which is signed by the cloud, the third party certification block chain is used for storing a hash value of the electronic certificate, and the industry block chain platform is used for storing a source data file and the hash value of the electronic certificate and forming a certification record; the method is characterized by comprising a uplink evidence-storing process and a evidence-taking and identifying process of the cloud-signed electronic certificate;
the uplink certification process of the cloud signed electronic certificate comprises the following steps:
the first step: the secondary security system collects data of the electronic certificates which are signed by the cloud through an evidence collection interface, and stores the collected source data files;
and a second step of: the secondary security system performs hash calculation on the acquired source data file to obtain a hash value;
and a third step of: the second-level security system transmits the hash value to the third party certificate block chain, and the third party certificate block chain receives the hash value and then adds a time stamp and certificates; simultaneously, sequentially transmitting the source data file and the hash value to each node block chain of the industry block chain platform to form a certificate storage record of the electronic certificate;
the evidence obtaining and identifying process of the cloud-signed electronic certificate comprises the following steps:
the first step: the second-level security system is used for carrying out evidence extraction, the second-level security system sends a source data file to the third-party evidence-storing blockchain, the third-party evidence-storing blockchain calculates the hash value of the source data file and compares the hash value with the stored hash value, and if the hash value is the same, a third-party evidence-storing report is sent;
and a second step of: the certification record of the electronic certificate is sequentially fed back to the secondary security system from each node blockchain of the industry blockchain platform, and an industry certification report is issued according to the certification record of the electronic certificate;
and a third step of: the third party certification report and the industry certification report together prove that the uplink electronic certification data is not tampered.
Further, the third party certification blockchain comprises a time stamp system, a primary security system and an authentication mechanism, wherein the time stamp system is used for stamping a time stamp, and the primary security system and the authentication mechanism are used for certifying hash values.
Further, in the uplink certification process, the secondary security system transmits the hash value to the time stamp system, the secondary security system transmits the hash value to the primary security system for certification after time stamping, and the primary security system synchronizes the hash value to the authentication mechanism for certification.
Further, in the evidence obtaining and identifying process, the secondary security system sends the source data file to the primary security system and submits the source data file to the identifying mechanism at the same time, the primary security system calculates the hash value of the source data file and compares the hash value with the hash value of the evidence, and if the hash value of the source data file is the same as the hash value of the evidence, a data evidence storing report is provided; the authentication mechanism calculates the hash value of the source data file and compares the hash value with the stored hash value, and if the hash value is the same, a data authentication report is provided; the data certification report and the data authentication report together form a third party certification report.
Further, the source data file is structured source data of an electronic certificate which completes cloud signing and a PDF source file.
Further, the third party certification blockchain is a CA institution certification blockchain.
Further, the certification record of the electronic certificate comprises a hash value and a certification number.
The beneficial effects of the invention are as follows: the method for verifying the uplink evidence of the cloud signed electronic certificate and the evidence obtaining realizes the trusted evidence storing and verifying service of the electronic certificate based on the blockchain technology, ensures the authenticity, the falsification resistance and the traceability of service data, and is convenient for related personnel to quickly verify data in possible judicial disputes, thereby improving the judicial efficiency.
The invention is described in further detail below with reference to the drawings and examples.
Drawings
FIG. 1 is a diagram illustrating a ul credit flow according to a first embodiment;
fig. 2 is a schematic diagram of a forensic authentication process according to the first embodiment.
Detailed Description
The invention discloses a method for up-chain evidence storage and evidence collection identification of a cloud signed electronic certificate, which is based on a secondary security system, a third party evidence storage blockchain and an industry blockchain platform, wherein the secondary security system is used for carrying out data collection and hash calculation on the electronic certificate which completes cloud signing, and is provided with an evidence collection interface, and after the electronic certificate completes cloud signing, the evidence collection interface of the secondary security system collects source data files comprising generated structured source data, PDF source files and the like; after the secondary security system receives the source data file, the source data file is firstly stored and subjected to hash calculation to obtain a hash value, wherein the hash value is a group of fixed-length binary values obtained by carrying out encryption operation on the original information, and the change of any byte in the original information can cause the change of the hash value, so that the secondary security system can be used for verifying whether the source data file is tampered. The third party certification blockchain is used for certifying the hash value of the electronic certificate, and the industry blockchain platform is used for certifying the source data file and the hash value of the electronic certificate and forming a certification record, including the hash value and the certification number. Specifically, the third party certification block chain comprises a time stamp system, a primary security system and an authentication mechanism, wherein the time stamp system is used for adding a time stamp, and the primary security system and the authentication mechanism are used for certifying hash values.
The secondary security system comprises a mechanism and application management module, a user management module, a system configuration module, a template management module, an evidence acquisition module, an evidence management module and a statistics module; the mechanism and application management module is used for setting related mechanism and application information according to the actual condition of the using mechanism by a system administrator; the user management module is used for creating an administrator for the application by a system administrator, wherein each application only creates one administrator, and the administrator uses the contact information in the application information to manufacture the digital certificate; the system configuration module is used for configuring SSL communication certificates and time stamp services for safety communication with the primary security system; the template management module is used for managing evidence obtaining templates of the electronic certificates, and comprises template editing, template destroying and the like; the evidence collection module is used for carrying out data collection and document reservation storage on the electronic certificate which completes cloud signing through the evidence collection interface by the service system, and calculating the collected source data file to form a hash value; the evidence management module is used for evidence checking and evidence obtaining management, wherein the evidence checking comprises inquiring according to input conditions (including document numbers, application ids and the like), displaying inquiry results and downloading evidence including evidence storage attachments, data evidence storage reports and the like; the evidence collection management comprises evidence collection application, evidence collection audit, evidence extraction and the like, wherein the evidence collection application is used for carrying out evidence collection application according to the deposit number, the return number or the screening result, and can carry out progress tracking on the evidence collection behavior of the application, inquire the evidence collection result, download related reports and the like; the evidence collection audit is used for inquiring information such as institutions, applications, time and the like, and can be used for exporting the inquired information; evidence extraction is used for inquiring evidence, exporting the evidence and submitting the evidence to a primary security system during evidence collection; the statistics module is used for the second-level security system to count the total number of the data stored in the period according to the elements such as time and the like so as to check the second-level security data and support the statistics of the number of the stored certificates under the conditions of institutions and applications.
The primary security system comprises a evidence storage module and a evidence obtaining module, wherein the evidence storage module is used for receiving the hash value uploaded by the secondary security system, and the hash value is subjected to evidence storage solidification after being subjected to time stamping by the time stamping system; the evidence obtaining module is used for evidence obtaining comparison, specifically, when evidence obtaining is needed, the secondary security system sends the source data file to the primary security system, and the primary security system automatically compares the relation between the source data file and the evidence storing hash value, and after the comparison is successful, a third party evidence storing report is provided.
The method comprises a cloud signing electronic certificate uplink evidence storage process and an electronic certificate evidence obtaining and identifying process.
The uplink certification process of the cloud signed electronic certificate comprises the following steps:
the first step: the secondary security system performs data acquisition on the electronic certificate which is signed by the cloud through an evidence acquisition interface, and stores the acquired source data file;
and a second step of: the secondary security system performs hash calculation on the acquired source data file to obtain a hash value;
and a third step of: the second-level security system transmits the hash value to a third party certificate block chain, and the third party certificate block chain receives the hash value and then adds a time stamp and certificates; simultaneously, sequentially transmitting the source data file and the hash value to each node block chain of the industry block chain platform to form a certification record of the electronic certification;
the evidence obtaining and identifying process of the cloud signed electronic certificate comprises the following steps:
the first step: the second-level security system is used for carrying out evidence extraction, the second-level security system sends the source data file to a third-party evidence-storing blockchain, the third-party evidence-storing blockchain calculates the hash value of the source data file and compares the hash value with the stored hash value, and if the hash value is the same, a third-party evidence-storing report is sent;
and a second step of: the certification record of the electronic certificate is sequentially fed back to the secondary security system from each node blockchain of the industry blockchain platform, and an industry certification report is issued according to the certification record of the electronic certificate;
and a third step of: the third party certification report and the industry certification report together prove that the uplink electronic certification data is not tampered.
In the uplink certification process, the second-level security system transmits the hash value to the time stamp system, the second-level security system transmits the hash value to the first-level security system for certification after the time stamp is stamped, and the first-level security system synchronizes the hash value to the certification authority for certification. In the evidence obtaining and identifying process, the secondary security system sends the source data file to the primary security system, the primary security system calculates the hash value of the source data file and compares the hash value with the stored hash value, and if the hash value is the same, a data evidence storing report is provided; similarly, submitting the source data file to an authentication mechanism, wherein the authentication mechanism calculates the hash value of the source data file and compares the hash value with the hash value transmitted by the primary security system, and if the hash value is the same, a data authentication report is provided; the data certification report and the data authentication report together form a third party certification report.
Example 1
The embodiment is an application example of the method for uplink evidence-preserving and evidence-obtaining authentication of the cloud-signed electronic certificate.
The method is based on a secondary security system, a third party certification block chain and an industry block chain platform, wherein the third party certification block chain in the embodiment is a CA mechanism certification block chain, and comprises a time stamp system, a primary security system and an identification mechanism, wherein the identification mechanism is a national information center electronic data judicial identification center; the industry block chain platform comprises a Jibei slave chain, a national net E-commerce judicial chain and a Tianpingchain.
The method comprises a uplink evidence-storing process and a evidence-obtaining authentication process of the cloud-signed electronic certificate.
As shown in fig. 1, the uplink certification process of the cloud-signed electronic certificate includes the following steps:
the first step: the secondary security system performs data acquisition on the electronic certificate which is signed by the cloud through an evidence acquisition interface, and stores the acquired source data file;
and a second step of: the secondary security system performs hash calculation on the acquired source data file to obtain a hash value;
and a third step of: the second-level security system transmits the hash value to the CA mechanism certification block chain, and the time stamp system of the CA mechanism certification block chain marks the time stamp and transmits the time stamp to the first-level security system for certification, and the first-level security system synchronizes the hash value to the national information center electronic data judicial identification center for certification. The secondary security system transmits the source data file and the hash value to the Jibei slave chain, sequentially transmits the source data file and the hash value to the national network chain and the national network e-commerce judicial chain through the Jibei slave chain, and finally transmits the hash value to the balance chain through the national network e-commerce judicial chain to form a balance chain evidence record comprising the balance chain hash value and the balance chain evidence number.
As shown in fig. 2, the evidence collection and authentication process of the cloud-signed electronic certificate includes the following steps:
the first step: and carrying out evidence extraction on the secondary security system, sending the source data file to a primary security system of a CA organization evidence storage block chain by the secondary security system, and simultaneously submitting the source data file to an electronic data judicial identification center of a national information center for hash value comparison. The secondary security system transmits the source data file to the primary security system in an SSL bidirectional encryption mode, the primary security system calculates the hash value and carries out automatic verification with the hash value of the stored record, if the hash value is the same, the secondary security system carries out manual verification, and after the manual verification is passed, a data storage report is sent to the secondary security system. The national information center electronic data judicial authentication center is the same as the primary security system authentication mechanism, and performs comparison and authentication according to the received source data file and the hash value synchronously transmitted by the primary security system, and if the source data file and the hash value are the same, a data authentication report is provided. Because of the internal rule requirement of the national information center electronic data judicial identification center, the off-line carving disc provides evidence data for comparison.
And a second step of: the balance chain certificate record is fed back in sequence through the national network e-commerce judicial chain, the national network chain and the Jibei slave chain, and finally fed back to the secondary security system to form the certificate record of the electronic certificate. And issuing an industry evidence-storing report by the judicial identification center of the national network electric business according to the weather chain evidence-storing record.
And a third step of: the data certification report, the data identification report and the industry certification report jointly prove that the uplink electronic certification data is not tampered, and jointly ensure the legal efficacy of the electronic certification.
Finally, it should be noted that the above description is only for the purpose of illustrating the technical solution of the present invention and not for the purpose of limiting the same, and that although the present invention has been described in detail with reference to the preferred arrangement, it will be understood by those skilled in the art that modifications and equivalents may be made thereto without departing from the spirit and scope of the technical solution of the present invention.
Claims (7)
1. The method is based on a secondary security system, a third party certification block chain and an industry block chain platform, wherein the secondary security system is used for carrying out data acquisition and hash calculation on the electronic certification which is signed by the cloud, the third party certification block chain is used for storing the hash value of the electronic certification, and the industry block chain platform is used for storing the source data file and the hash value of the electronic certification and forming a certification record; the method is characterized by comprising a uplink evidence-storing process and a evidence-taking and identifying process of the cloud-signed electronic certificate;
the uplink certification process of the cloud signed electronic certificate comprises the following steps:
the first step: the secondary security system collects data of the electronic certificates which are signed by the cloud through an evidence collection interface, and stores the collected source data files;
and a second step of: the secondary security system performs hash calculation on the acquired source data file to obtain a hash value;
and a third step of: the second-level security system transmits the hash value to the third party certificate block chain, and the third party certificate block chain receives the hash value and then adds a time stamp and certificates; simultaneously, sequentially transmitting the source data file and the hash value to each node block chain of the industry block chain platform to form a certificate storage record of the electronic certificate;
the evidence obtaining and identifying process of the cloud-signed electronic certificate comprises the following steps:
the first step: the second-level security system is used for carrying out evidence extraction, the second-level security system sends a source data file to the third-party evidence-storing blockchain, the third-party evidence-storing blockchain calculates the hash value of the source data file and compares the hash value with the stored hash value, and if the hash value is the same, a third-party evidence-storing report is sent;
and a second step of: the certification record of the electronic certificate is sequentially fed back to the secondary security system from each node blockchain of the industry blockchain platform, and an industry certification report is issued according to the certification record of the electronic certificate;
and a third step of: the third party certification report and the industry certification report together prove that the uplink electronic certification data is not tampered.
2. The method of claim 1, wherein the third party forensic blockchain includes a time stamping system, a primary security system and an authentication mechanism, the time stamping system being configured to time stamp, the primary security system and the authentication mechanism being configured to forensic hash values.
3. The method of claim 2, wherein during the uplink certification, the secondary security system transmits the hash value to the time stamping system, and the primary security system certification after time stamping, and the primary security system synchronizes the hash value to the certification authority certification.
4. The method for up-chain evidence deposit and evidence collection authentication of cloud-signed electronic certificates according to claim 3, wherein in the evidence collection authentication process, the secondary security system sends a source data file to the primary security system and submits the source data file to the authentication mechanism at the same time, and the primary security system calculates and compares the hash value of the source data file with the hash value of the evidence deposit, and if the hash value of the source data file is the same, a data evidence deposit report is provided; the authentication mechanism calculates the hash value of the source data file and compares the hash value with the stored hash value, and if the hash value is the same, a data authentication report is provided; the data certification report and the data authentication report together form a third party certification report.
5. The method for authenticating a cloud-signed electronic certificate as set forth in claim 1 wherein said source data file is a structured source data, PDF source file of the electronic certificate for which cloud signing is completed.
6. The method of claim 1, wherein the third party forensic blockchain is a CA institution forensic blockchain.
7. The method of claim 1, wherein the certification record of the electronic certificate comprises a hash value and a certification number.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211526728.9A CN115688183B (en) | 2022-12-01 | 2022-12-01 | Method for authenticating uplink evidence storage and evidence collection of cloud-signed electronic certificate |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211526728.9A CN115688183B (en) | 2022-12-01 | 2022-12-01 | Method for authenticating uplink evidence storage and evidence collection of cloud-signed electronic certificate |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115688183A CN115688183A (en) | 2023-02-03 |
| CN115688183B true CN115688183B (en) | 2023-06-23 |
Family
ID=85055750
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211526728.9A Active CN115688183B (en) | 2022-12-01 | 2022-12-01 | Method for authenticating uplink evidence storage and evidence collection of cloud-signed electronic certificate |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115688183B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102223374A (en) * | 2011-06-22 | 2011-10-19 | 熊志海 | Third-party authentication security protection system and third-party authentication security protection method based on online security protection of electronic evidence |
| CN110474779A (en) * | 2019-08-09 | 2019-11-19 | 深圳前海微众银行股份有限公司 | Card method, apparatus, equipment and readable storage medium storing program for executing are deposited in ballot based on block chain |
| CN110879809A (en) * | 2019-11-12 | 2020-03-13 | 北京芯际科技有限公司 | Judicial data evidence storage method based on block chain |
| CN111510298A (en) * | 2020-04-10 | 2020-08-07 | 中国司法大数据研究院有限公司 | Cross-domain trusted data exchange method and system based on block chain |
-
2022
- 2022-12-01 CN CN202211526728.9A patent/CN115688183B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102223374A (en) * | 2011-06-22 | 2011-10-19 | 熊志海 | Third-party authentication security protection system and third-party authentication security protection method based on online security protection of electronic evidence |
| CN110474779A (en) * | 2019-08-09 | 2019-11-19 | 深圳前海微众银行股份有限公司 | Card method, apparatus, equipment and readable storage medium storing program for executing are deposited in ballot based on block chain |
| CN110879809A (en) * | 2019-11-12 | 2020-03-13 | 北京芯际科技有限公司 | Judicial data evidence storage method based on block chain |
| CN111510298A (en) * | 2020-04-10 | 2020-08-07 | 中国司法大数据研究院有限公司 | Cross-domain trusted data exchange method and system based on block chain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115688183A (en) | 2023-02-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6367013B1 (en) | System and method for electronic transmission, storage, and retrieval of authenticated electronic original documents | |
| US7162635B2 (en) | System and method for electronic transmission, storage, and retrieval of authenticated electronic original documents | |
| CN109756341A (en) | Electronic signature method and device | |
| CN111798209A (en) | Engineering project management method based on block chain, electronic equipment and storage medium | |
| CN112115205B (en) | Cross-chain trust method, device, equipment and medium based on digital certificate authentication | |
| CN103080958A (en) | Method for creating/issuing electronic document distribution certificate, method for verifying electronic document distribution certificate, and system for distributing electronic document | |
| KR20110005278A (en) | Method and device for securing data transfers | |
| CN115619404B (en) | Block chain-based enterprise associated transaction business cooperative processing method | |
| CN113128950B (en) | Enterprise chain code service platform | |
| CN111008366A (en) | Copyright authorization method and device based on block chain | |
| KR102015386B1 (en) | Method for certifying the sending of electronic mail | |
| CN112184426A (en) | Data sharing method, system, server and computer readable storage medium | |
| CN112685717A (en) | Metering electronic certificate verification management system based on block chain | |
| CN111491024A (en) | Block chain-based bank letter method, system, terminal and storage medium | |
| CN110210252B (en) | Active security method and device for electronic data and server | |
| CN111444261A (en) | Enterprise data sharing model based on block chain | |
| CN110689348A (en) | Income verification method, device, terminal and medium based on alliance chain | |
| CN112163870B (en) | Information management method based on block chain, analysis node and rework platform | |
| CN114564753A (en) | Forestry carbon-to-carbon asset public service method and system based on block chain | |
| CN113034267A (en) | Electronic letter protection system based on supply chain | |
| KR20140127207A (en) | Method for certifying delivery of sms/mms data messages to mobile terminals | |
| CN115688183B (en) | Method for authenticating uplink evidence storage and evidence collection of cloud-signed electronic certificate | |
| CN112598502A (en) | Evidence obtaining method, device, equipment and storage medium | |
| CN103647650A (en) | Rule definition based automatic signature/signature verification device and method | |
| CN114565485A (en) | Labor contract management method and system based on block chain ipfs storage |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |