CN115955362A - Block chain based data storage and communication method, device, equipment and medium - Google Patents

Block chain based data storage and communication method, device, equipment and medium Download PDF

Info

Publication number
CN115955362A
CN115955362A CN202310222462.7A CN202310222462A CN115955362A CN 115955362 A CN115955362 A CN 115955362A CN 202310222462 A CN202310222462 A CN 202310222462A CN 115955362 A CN115955362 A CN 115955362A
Authority
CN
China
Prior art keywords
document
node
communication
accessed
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310222462.7A
Other languages
Chinese (zh)
Other versions
CN115955362B (en
Inventor
荆博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Baidu Netcom Science and Technology Co Ltd
Original Assignee
Beijing Baidu Netcom Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baidu Netcom Science and Technology Co Ltd filed Critical Beijing Baidu Netcom Science and Technology Co Ltd
Priority to CN202310222462.7A priority Critical patent/CN115955362B/en
Publication of CN115955362A publication Critical patent/CN115955362A/en
Application granted granted Critical
Publication of CN115955362B publication Critical patent/CN115955362B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The disclosure provides a data storage and communication method, device, equipment and medium based on a block chain, and relates to the technical field of computers, in particular to a block chain technology. The specific implementation scheme is as follows: generating a DID document of the communication node according to the block chain address of the communication node supervised by the communication node and the communication key of the communication node; the communication key is used for establishing a secure communication connection with other communication nodes; determining a document content identifier of a DID document; performing decentralized storage on the DID document to obtain a document position identifier of the DID document; and storing the identity corresponding relation among the document content identification, the document position identification and the block chain address of the communication node in an intelligent contract of the block chain network for searching and verifying the DID document. According to the techniques of this disclosure, security of communications between communication nodes is provided.

Description

Block chain based data storage and communication method, device, equipment and medium
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a blockchain technology, which can be used in an identity authentication scenario.
Background
The multi-party collaborative computing can realize the collaborative use of data of different parties, and improve the usability of the data, thereby enhancing the use value of the data. When multi-party cooperative computing is carried out, any party has a malicious node or communication among nodes is unsafe, and the risk of data leakage or untrustworthy computing results exists.
Disclosure of Invention
The disclosure provides a data storage and communication method, device, equipment and medium based on a block chain.
According to an aspect of the present disclosure, a block chain based data storage method is provided, which is applied to an identity authorizer, and includes:
generating a decentralized identity DID document of the communication node according to the block chain address of the communication node supervised by the communication node and the communication key of the communication node; the communication key is used for establishing a secure communication connection with other communication nodes;
determining a document content identifier of a DID document;
performing decentralized storage on the DID document to obtain a document position identifier of the DID document;
and storing the identity corresponding relation among the document content identification, the document position identification and the block chain address of the communication node in an intelligent contract of the block chain network for searching and verifying the DID document.
According to another aspect of the present disclosure, there is also provided a block chain based communication method, applied to a communication node, including:
acquiring a block chain address of a node to be accessed and a corresponding document content identifier;
determining the identity corresponding relation of the nodes to be accessed in the intelligent contract of the block chain network according to the block chain address of the nodes to be accessed; the identity corresponding relation of the node to be accessed is generated based on any one of the block chain-based data storage methods provided by the embodiment of the disclosure;
searching and verifying a decentralized identity DID document of the node to be accessed according to the document content identification of the node to be accessed and the corresponding identity corresponding relation;
and if the verification is passed, establishing a secure communication connection with the node to be accessed according to the communication key in the DID document of the node to be accessed.
According to another aspect of the present disclosure, there is also provided an electronic device including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform any one of the blockchain based data storage methods provided by the embodiments of the present disclosure and/or to perform any one of the blockchain based communication methods provided by the embodiments of the present disclosure.
According to another aspect of the present disclosure, there is also provided a non-transitory computer readable storage medium storing computer instructions for causing a computer to perform any one of the blockchain based data storage methods provided according to the embodiments of the present disclosure and/or perform any one of the blockchain based communication methods provided by the embodiments of the present disclosure.
According to the technology of the present disclosure, the security of communication between communication nodes is improved.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The drawings are included to provide a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
FIG. 1A is a block diagram of a data processing system according to an embodiment of the present disclosure;
fig. 1B is a flowchart of a data storage method based on a block chain according to an embodiment of the present disclosure;
FIG. 1C is a schematic structural diagram of a DID document provided by an embodiment of the present disclosure;
fig. 2 is a flowchart of a block chain based communication method provided by an embodiment of the present disclosure;
FIG. 3A is a flowchart of a DID identity granting method for a computing node in a multi-party collaborative computing network according to an embodiment of the present disclosure;
fig. 3B is a flowchart of a DID identity revocation method for a computing node in a multi-party collaborative computing network according to an embodiment of the present disclosure;
fig. 3C is a flowchart of a method for establishing a trusted connection between computing nodes in a multi-party collaborative computing network according to an embodiment of the present disclosure;
FIG. 4 is a block diagram of a data storage device based on a blockchain according to an embodiment of the present disclosure;
fig. 5 is a block diagram of a communication device based on a block chain according to an embodiment of the present disclosure;
fig. 6 is a block diagram of an electronic device for implementing a blockchain-based data storage method and/or a blockchain-based communication method according to an embodiment of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below with reference to the accompanying drawings, in which various details of the embodiments of the disclosure are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
To facilitate understanding, a brief description of the data processing system to which the present disclosure relates will be first presented. Referring to FIG. 1A, a data processing system is shown that includes an identity authorizer 10 and a communication node 20, a decentralized storage system 30, and a blockchain network 40. Wherein, the identity authority 10 is connected with the communication node 20 in a communication way; the identity authority 10 and the communication node 20 are each communicatively coupled to a decentralized storage system 30 and a blockchain network 40.
The identity authorizer 10 is configured to grant a Decentralized identity, that is, a Decentralized Identity (DID) document, to the supervised communication node 20, and store the DID document in the Decentralized storage system 30. Wherein, the number of the identity authorized parties 10 is at least one; an identity authority 10 may supervise at least one communication node 20. For ease of management, one communication node 20 may correspond to only one identity authority 10.
The communication nodes 20 participate in distributed computing of the computing network as member nodes of the computing network constructed according to a convention. The different communication nodes 20 can mutually recognize through decentralized identity, and the identity communication among the nodes is realized, so that the safety of distributed computing is improved.
The decentralized storage system 30 is used as a storage location of the DID documents of different communication nodes 20, thereby realizing decentralized storage of the DID documents, improving reliability of granted identities, and providing a DID document query service for each communication node.
And the blockchain network 40 is used for storing the corresponding relation between different communication nodes 20 and corresponding DID documents, and is convenient for each communication node to search the DID documents of other communication nodes from the decentralized storage system 30 through the corresponding relation for verification.
On the basis of the data processing system shown in fig. 1A, the embodiment of the present disclosure provides a data storage method based on a block chain, which is suitable for an application scenario in which a decentralized identity is allocated to a communication node, and the method may be executed by a data storage device, and the data storage device may be implemented by software and/or hardware, and is specifically configured in an electronic device, and the electronic device may be deployed in an identity authorizer.
Referring to fig. 1B, the block chain-based data storage method is applied to an identity authorizer, and includes:
s101, generating a decentralized identity DID document of the communication node according to the block chain address of the communication node supervised by the communication node and the communication key of the communication node.
The communication nodes may be member nodes of a computing network constructed according to a certain convention, and the computing network is used for uniform distributed computing. In a specific embodiment, the computing network may be a multi-party collaborative computing network, and accordingly, the communication node may be a computing node in the multi-party collaborative computing network, thereby adapting to a multi-party collaborative computing scenario. Optionally, the multi-party collaborative computing network may be used for at least one of multi-party data collaboration and decentralized machine learning.
The identity authorization party and the communication node have a supervision relation, and identity information can be granted or further revoked for the communication node through the identity authorization party. The blockchain address of the communication node may be declared by the communication node on the blockchain network, and the disclosure does not limit the specific way of declaring the blockchain address. The communication key can be a symmetric key or an asymmetric key and is used for establishing a secure communication connection with other communication nodes so as to improve the security of communication between the nodes. In a specific implementation manner, the communication key is a communication public key in an asymmetric key, so that the communication connection establishment efficiency is improved.
The Decentralized Identity (DID) may be understood as a digital identity implemented based on a block chain technology and enabling a user to own and control the digital identity. The DID document refers to a description document of the DID, and is used for recording at least one identity attribute of the DID. Optionally, referring to the schematic structure diagram of the DID document shown in fig. 1C, the DID document may include at least one of a DID identifier, version information, creation time, a block chain address, a verification method, a communication attribute, and the like. The DID identifier is used for uniquely representing the content of the DID document, and can be a digital abstract for example; version information for distinguishing versions of different DID documents; creating time for representing the generation time of the DID document; the blockchain address is used for representing the account identity of an object (namely a communication node) granted by an identity authority in a blockchain network; a verification mode for defining a verification mechanism for the DID document; the communication attribute may include a communication key for use as a basis for establishing a communication connection with other communication nodes.
The verification mode may be set or adjusted by a skilled person according to needs or experience, and the specific verification mode is not limited in any way in the present disclosure. For example, the verification method may be Signature verification of the DID document based on ECDSA (Elliptic Curve Digital Signature Algorithm).
It is worth noting that the update time field in the DID document in the prior art is removed from the DID document in the disclosure, so that the non-modifiable characteristic of the generated DID document is ensured, the influence on the DID accuracy due to the hassle modification of the DID document is avoided, the subsequent communication safety is further influenced, and the convenience of managing the DID document is improved.
Further referring to fig. 1C, optionally, other attributes may be added to the DID document to serve as an attribute extension interface of the DID document, so that attribute extension is performed on the DID document subsequently. Illustratively, the other attributes may include a declaration attribute for additionally annotating the present DID document, a previously generated DID document, or a DID document specified by a preset field by adding the preset declaration field. For example, the preset declaration field may be a revocation field for indicating that a corresponding DID document is invalid by adding revocation declaration information in the revocation field for characterizing that the DID document designated to the present DID document, the previously generated DID document, or the preset field revokes an authorized identity. In a specific example, a revocation field can be added in the DID document to declare and revoke the authorized identity of the latest DID document generated in advance, so that the authorized identity of the latest DID document generated in advance is revoked by replacing a direct modification mode of the DID document through a mode of adding a new DID document, the authorized identity is effectively revoked, the identity revocation capability is reserved while the non-modifiable characteristic of the DID document is ensured, timely revocation of the authorized identity of an expired DID is facilitated, and the security of the DID is further improved.
S102, determining the document content identification of the DID document.
In an optional embodiment, a preset coding mode can be adopted to code the DID document to obtain a document content identifier uniquely representing the DID document content. The preset encoding mode can be set or adjusted by technicians according to needs or experience, and the specific encoding mode adopted by the document content identification is not limited in any way in the present disclosure.
S103, performing decentralized storage on the DID document, and obtaining a document position identifier of the DID document.
The decentralized storage is a storage mode for storing files or file set fragments on disk spaces provided by different providers through a distributed storage technology. The reliability of the DID document can be ensured by performing decentralized storage on the DID document. The document storage identifier of the DID document can represent the storage address of the DID document in a decentralized storage system, and the DID document can be conveniently accessed.
And S104, storing the identity corresponding relation among the document content identification, the document position identification and the block chain address of the communication node in an intelligent contract of the block chain network for searching and verifying the DID document.
Because the intelligent contract of the block chain network stores data in a key value pair mode, the identity corresponding relation is stored in the intelligent contract, and different information in the identity corresponding relation can be conveniently searched and positioned. Meanwhile, based on the openness and traceability of the blockchain network, different communication nodes can share the identity corresponding relationship through the blockchain network conveniently, and then the DID document is searched from the decentralized storage system through the document position identification in the identity corresponding relationship, and the searched DID document is verified based on the document content identification in the identity corresponding relationship.
The DID document of the communication node is subjected to decentralized storage, and the identity corresponding relation of the communication node is stored in the block link network, so that the association search and verification of the DID document are facilitated, and the non-tamper property, the durability and the reliability of the DID document are improved; the identity associated information is stored in the intelligent contract of the block chain network, so that the searching convenience is improved; the security of the communication key is ensured by carrying the communication key for establishing secure communication connection with other communication nodes in the DID document, and the reliability of the communication key is enhanced through the DID document, so that the security and the reliability of the communication between the nodes are ensured.
On the basis of the technical schemes, the authorized identity category of the identity authorized party can be stored in the block chain network and used for carrying out generation party identity verification on the DID document.
The authorized identity category can be realized by marking a preset identifier, or generating an authorized party list comprising different identity authorized parties and distinguishing the authorized parties from non-identity authorized parties. The specific content of the preset identifier is not limited in any way in the present disclosure.
Illustratively, the DID document usually carries signature information of a generator of the DID document, and validity of the DID document is ensured by checking the signature of the DID document. However, not all nodes have decentralized identity granting permission, that is, not all nodes have DID document generation permission, so the identity authorizer with decentralized identity granting permission can also mark its authorized identity type while declaring its blockchain address in the blockchain network, and distinguish it from other blockchain addresses in the blockchain network, and perform identity authentication on the DID document in a manner of searching whether the generator of the DID document has authorized identity type in the blockchain network during the process of performing the DID document authentication, thereby ensuring the validity of the DID document.
On the basis of the technical schemes, a storage and zero knowledge proof consensus mechanism can be established in an intelligent contract of the block chain network and used for ensuring the availability of the DID document. It should be noted that in the intelligent contract, the intelligent contracts corresponding to the stored identities may be the same intelligent contract or different intelligent contracts, and for convenience of maintenance, two intelligent contracts with different functions are usually independently set to store the identity correspondence and store the zero-knowledge proof consensus mechanism.
In the above, the identity authorizer is used as the executing entity to describe the storage process of the identity corresponding relationship between the DID document and the corresponding communication node. Hereinafter, a technical solution for performing inter-node communication based on the stored data will be described in detail, with a communication node as an execution subject.
Referring to fig. 2, the block chain based communication method is applied to a communication node, and includes:
s201, acquiring a block chain address of a node to be accessed and a corresponding document content identifier.
The node to be accessed is any communication node needing to be accessed.
Illustratively, the corresponding block chain address and the document content identifier can be directly obtained from the node to be accessed for subsequent communication; or, the block chain address of the node to be accessed and the corresponding document content identifier are obtained in advance, stored in a storage device in communication connection with the node to be accessed, and when communication with the node to be accessed is needed, the block chain address of the node to be accessed and the document content identifier are searched and obtained from the corresponding storage device.
The block chain address of the node to be accessed is used for representing the account identity of the node to be accessed in the block chain network, so that the searching and positioning of the related information of the node to be accessed are carried out in the block chain network through the block chain address; and the document content identifier of the node to be accessed is used as data acquired outside the chain and used for verifying the DID document acquired based on the block chain network.
S202, determining the identity corresponding relation of the nodes to be accessed in the intelligent contract of the block chain network according to the block chain address of the nodes to be accessed.
The identity corresponding relation of the node to be accessed is generated based on the data storage method based on the block chain provided by any embodiment of the disclosure.
Specifically, in the intelligent contract of the blockchain network, the identity correspondence carrying the blockchain address of the node to be accessed is searched for and is used as a basis for subsequently searching and verifying the node to be accessed.
S203, searching and verifying the DID document of the node to be accessed according to the corresponding relation between the document content identification and the corresponding identity of the node to be accessed.
Illustratively, according to a document storage identifier in the identity corresponding relation of the node to be accessed, searching a DID document of the node to be accessed from a decentralized system; and verifying the searched DID document according to the document content identification and/or the identity corresponding relation of the node to be accessed.
In an optional embodiment, a document content identifier corresponding to a DID document of a node to be accessed may be generated, and a generated result may be used as a reference identifier; and according to the reference identifier and the obtained document content identifier of the node to be accessed, performing content verification on the DID document of the node to be accessed. Specifically, if the reference identifier is the same as the obtained document content identifier of the node to be accessed, it is determined that the document content of the DID document of the node to be accessed is correct, that is, the content verification is passed; otherwise, determining that the document content of the DID document of the node to be accessed is wrong, namely that the content verification is not passed.
It can be understood that the document content of the DID document is verified, so that the condition that the obtained DID document is wrong is avoided, the integrity and the accuracy of the obtained DID document are improved, the accuracy and the reliability of a communication key carried in the DID document are further ensured, and the security communication connection with the node to be accessed is established subsequently, so that the security communication connection is guaranteed.
In another optional embodiment, the signature verification can be performed on the obtained DID document based on a verification mode in the DID document, so that the validity of the signature carried in the DID document is ensured.
Because not all nodes have decentralized identity granting authority, that is, not all nodes have the DID document generation authority, the identity of the generation party of the DID document can be verified to ensure the validity of the DID document. In yet another optional embodiment, a generator of the DID document of the node to be accessed may also be obtained; and according to the authorized identity category of the generator in the block chain network, carrying out identity verification on the generator.
Illustratively, in a blockchain network, an authorized identity class of a generator is determined according to a blockchain address of the generator; if the generator has the authorized identity type (for example, the corresponding block chain address is marked with a preset identifier on a statement time mark, or the corresponding block chain address is stored in an authorized party list, etc.), it indicates that the generator of the DID document of the node to be accessed belongs to the identity authorized party with decentralized identity authorization authority, that is, the identity of the generator is verified to pass.
It can be understood that the identity of the obtained generation party of the DID document of the node to be accessed is verified, so that the generation party of the DID document is ensured to be an identity authority party with decentralized identity granting authority, the legality of the DID document is ensured, and further, the legality and reliability of the communication key carried in the DID document are guaranteed.
The identity authorizer can generate at least one DID document for the node to be accessed, for example, the identity authorizes the DID document with an identity authorized to a decentralized identity of the node to be accessed, and revokes the identity-authorized DID document, and different DID documents are corresponding to different identity corresponding relations and are stored in the intelligent contract, so that the number of the identity corresponding relations of the node to be accessed stored in the intelligent contract is at least one.
When at least two identity corresponding relations are stored in the intelligent contract, the latest identity corresponding relation in the at least two identity corresponding relations can be used as a target identity corresponding relation; and searching and verifying the DID document of the node to be accessed according to the corresponding relation of the target identity and the document content identification of the node to be accessed.
It can be understood that the DID document of the node to be accessed is searched and verified by taking the identity corresponding relation with the latest time of the node to be accessed in the intelligent contract as the target identity corresponding relation, so that the timeliness of the searched DID document is ensured, the situation that the safe communication connection cannot be established with the node to be accessed based on the fact that the expired DID document is obtained is avoided, and the effectiveness and the safety of the communication between the nodes are improved.
Furthermore, besides content verification, signature verification and validity verification are carried out on the DID document by adopting the mode, the time validity verification can be carried out on the DID document of the node to be accessed according to the document content identification in the corresponding relation of the target identity and the document content identification of the node to be accessed, so that the validity of the DID document is ensured, the richness and diversity of the verification process of the DID document are improved, the reliability and the accuracy of the obtained DID document are improved, the reliability of a communication key in the DID document is ensured, and the safety of communication between nodes is further ensured.
Specifically, the document content identifier in the target identity corresponding relationship may be compared with the obtained document content identifier of the node to be accessed; if the two are consistent, the obtained document content identification of the node to be accessed is the latest generation identification, namely the aging verification is passed; if the two are not consistent, the obtained document content identifier of the node to be accessed is not the latest generated identifier, the identity authorization of the time may be cancelled subsequently, and the time validity verification is not passed.
It should be noted that, since the aging verification process does not involve the search and acquisition result of the DID document, the present disclosure does not limit the sequence of the aging verification process and the search and acquisition process of the DID document.
In order to reduce the amount of irrelevant operation, aging verification can be performed first, and only when the aging verification is passed, the DID document is searched and acquired from the decentralized system, and other dimension verification such as content verification, signature verification, validity verification and the like is performed on the acquired DID document.
And S204, if the verification is passed, establishing a secure communication connection with the node to be accessed according to the communication key in the DID document of the node to be accessed.
It can be understood that the accurate and reliable communication key of the node to be accessed can be obtained only by analyzing the DID document of the node to be accessed under the condition that the verification is passed; based on the communication key, the secure communication connection can be established between the node to be accessed, so that the security of data communication between the node to be accessed and the node to be accessed is ensured.
Illustratively, a symmetric encryption key can be derived based on a communication key, and an encrypted communication connection with a node to be accessed is established in a manner of the symmetric encryption key, so that transmission bandwidth is reduced, and communication connection establishment efficiency is improved. It should be noted that, the derivation algorithm used for deriving the symmetric encryption key is not limited in any way, and may be implemented by using at least one derivation algorithm in the prior art. For example, an ECDH (Elliptic Curve Diffie-Hellman key Exchange) algorithm may be used to derive a public communication key based on an ECC (Elliptic Curve cryptography) to generate a symmetric encryption key.
The method and the device for searching and verifying the DID document of the node to be accessed in the decentralized storage system are used for searching and verifying the DID document of the node to be accessed through the identity corresponding relation of the node to be accessed stored in the block chain network, so that the safety and the reliability of the DID document of the node to be accessed are improved; the identity corresponding relation is stored and used in the intelligent contract of the block chain network, so that the convenience of the DID document searching process is improved; the DID document is verified, and the communication key in the DID document is used after the DID document passes the verification, so that the reliability of the communication key is enhanced, and further, the communication key and the node to be accessed establish safe communication connection, and the safety and reliability of communication between the nodes are guaranteed.
On the basis of the technical schemes, after the node to be accessed establishes the secure communication connection, a communication record is generated and stored in the intelligent contract for checking; the communication record may include at least one of a blockchain address, a document content identifier, a connection time, and a connection task of both communication nodes.
The connection task is used for representing the task required to be executed by the communication connection, and can be added to the communication record in a mode of recording the task identifier.
It can be understood that after communication connection is established each time, the communication record of the communication is stored in the block chain, so that the well-documented circulation of the inter-node communication is realized, data support is provided for the examination of the subsequent inter-node communication, the occurrence of illegal inter-node communication is reduced, and the normative and the reliability of the inter-node communication are ensured.
On the basis of the above technical solutions, the present disclosure also provides a preferred embodiment, in which a trusted connection establishment process between computing nodes in a multi-party collaborative computing network is described in detail.
Referring to fig. 3A, a DID identity granting method for a computing node in a multi-party collaborative computing network includes:
s301, the computing node and the identity authority respectively declare own blockchain addresses in the blockchain network, and the authorized identity category of the identity authority is labeled.
S302, the identity authorizer generates a DID document of the computing node according to the block chain address of the computing node supervised by the identity authorizer and the communication public key of the computing node.
S303, the identity authority stores the DID document into the decentralized storage system, and obtains the file Identification (ID) of the DID document in the decentralized storage system.
The document ID is a document position identifier of the DID document in the decentralized storage system, and is used for representing the storage position of the DID document in the decentralized storage system.
S304, the identity authority takes the data fingerprint of the DID document of the computing node as a DID identifier.
S305, the identity authority stores the identity corresponding relation among the block chain address, the DID identification and the file ID of the computing node in an intelligent contract of the block chain network.
According to the technical scheme, the DID document storage is carried out by introducing the decentralized storage system, so that the durability and the non-tamper property of the stored DID document are ensured. The identity corresponding relation is stored by introducing the intelligent contract, so that the convenience of the information searching process carried in the identity corresponding relation is improved, the convenience of searching a subsequent DID document is improved, and meanwhile, the node sharing of the identity corresponding relation of different computing nodes is realized.
Further, on the basis of the DID identity granting method shown in fig. 3A, referring to fig. 3B, the present disclosure also provides a DID identity revocation method for a computing node in a multi-party collaborative computing network, including:
s306, the identity authorizer generates a new DID document for declaring and revoking the authorized identity according to the block chain address of the computing node supervised by the identity authorizer.
S307, the identity authority stores the new DID document into the decentralized storage system, and obtains the file ID of the new DID document in the decentralized storage system.
And S308, the identity authority takes the data fingerprint of the new DID document of the computing node as a new DID identifier.
S309, the identity authorizer stores the identity corresponding relation among the block chain address of the computing node, the new DID identification and the new document ID in an intelligent contract of the block chain network.
According to the scheme, the granted DID identity is revoked in a new identity granting mode, so that the granted identity is revoked on the basis of ensuring the self non-tamper property of the DID document, and the DID identity can be effectively managed at different stages (granting stage or revocation stage). It is noted that the old identity correspondence of the compute node still exists in the smart contract and is not deleted.
On the basis of the schemes shown in fig. 3A and fig. 3B, the method for establishing a trusted connection between computing nodes in a multi-party collaborative computing network shown in fig. 3C includes:
s310, respective DID identifications and block chain addresses are interacted between the first computing node and the second computing node.
S311, the first computing node accesses an intelligent contract of the block chain network, and a latest second DID identifier is searched according to a block chain address of the second computing node; and the second computing node accesses the intelligent contract of the block chain network and searches the latest first DID identification according to the block chain address of the first computing node.
S312, if the first computing node determines that the second DID identification is the same as the DID identification sent by the second computing node, determining a second document ID in the identity association relation corresponding to the second DID identification in the intelligent contract; and if the second computing node determines that the first DID identification is the same as the DID identification sent by the first computing node, determining that the first DID identification in the intelligent contract corresponds to the first document ID in the identity association relationship.
S313, the first computing node acquires a second DID document from the decentralized system according to the second document ID; and the second computing node acquires the first DID document from the decentralized system according to the first document ID.
S314, the first computing node compares the digital fingerprint of the second DID document with the second DID identification, and verifies the content integrity of the second DID document; and the second computing node compares the digital fingerprint of the first DID document with the first DID identification, and performs content integrity verification on the first DID document.
S315, the first computing node verifies the signature of the second DID document by adopting a verification mode in the second DID document; and the second computing node adopts the verification mode in the first DID document to carry out signature verification on the first DID document.
S316, the first computing node searches the authorized identity category of the generator of the second DID document from the block chain network; and the second computing node searches the authorized identity category of the generator of the first DID document from the blockchain network.
S317, the first computing node verifies the validity of the generator of the second DID document according to the authorized identity category of the generator of the second DID document; and the second computing node adopts the authorized identity category of the generator of the first DID document to verify the validity of the generator of the first DID document.
S318, if the verification is passed, the first computing node acquires a second communication public key in the second DID document; and the second communication node acquires the first communication public key in the first DID document.
S319, the first computing node deduces the symmetric encryption key according to the second communication public key, and the second computing node deduces the symmetric encryption key according to the first communication public key.
S320, the first computing node and the second computing node establish the encrypted communication connection among the nodes based on the derived symmetric encryption key.
And S321, generating the current communication record by the first computing node and/or the second computing node, and uploading the current communication record to an intelligent contract of the block chain network for a checking party to check.
The communication record comprises block chain addresses of all the communication computing nodes, DID identifications, connection time and computing task identifications.
According to the technical scheme, through the introduction of decentralized storage and a block chain network, the tamper resistance and the verifiability of the DID document are realized, so that the safety and the verifiability of the DID document are ensured. By introducing the communication record, the censorability of the communication between the computing nodes is ensured, so that the security of the cooperative computing between the computing nodes in the multi-party cooperative computing network is ensured.
As an implementation of each above block chain-based data storage method, the present disclosure also provides an optional embodiment of an execution device for implementing each above block chain-based data storage method.
Referring to the block chain based data storage apparatus 400 shown in fig. 4, configured to an identity authority, the apparatus includes: a DID document generation module 401, a document content identification determination module 402, a document position identification determination module 403, and an identity correspondence storage module 404. Wherein the content of the first and second substances,
a DID document generation module 401, configured to generate a decentralized identity DID document of a communication node according to a block chain address of the communication node supervised by the communication node and a communication key of the communication node; the communication key is used for establishing a secure communication connection with other communication nodes;
a document content identifier determining module 402, configured to determine a document content identifier of the DID document;
a document location identifier determining module 403, configured to perform decentralized storage on the DID document and obtain a document location identifier of the DID document;
an identity correspondence storage module 404, configured to store the identity correspondence between the document content identifier of the communication node, the document location identifier, and the blockchain address in an intelligent contract of a blockchain network, so as to perform search and verification on the DID document.
The DID document of the communication node is subjected to decentralized storage, and the identity corresponding relation of the communication node is stored in the block chain network, so that the correlation search and verification of the DID document are facilitated, and the non-tamper property, the durability and the reliability of the DID document are improved; the identity associated information is stored in the intelligent contract of the block chain network, so that the searching convenience is improved; the security of the communication key is ensured by carrying the communication key for establishing secure communication connection with other communication nodes in the DID document, and the reliability of the communication key is enhanced through the DID document, so that the security and the reliability of the communication between the nodes are ensured.
In an alternative embodiment, revocation declaration information indicating that a previously generated history DID document is invalid is further included in the DID document.
In an optional embodiment, the blockchain network stores an authorized identity category of the identity authorizer, and is used for performing generator identity verification on the DID document.
In an optional embodiment, the communication node is a computing node in a multi-party collaborative computing network.
The data storage device based on the block chain can execute the data storage method based on the block chain provided by any embodiment of the disclosure, and has the corresponding functional modules and beneficial effects of executing the data storage method based on the block chain.
As an implementation of each of the above block chain based communication methods, the present disclosure also provides an optional embodiment of an execution apparatus for implementing each of the above block chain based communication methods.
Referring to fig. 5, the block chain based communication apparatus 500 configured at a communication node includes: the system comprises a data acquisition module 501, an identity correspondence determination module 502, a DID document verification module 503 and a communication connection establishment module 504. Wherein the content of the first and second substances,
a data obtaining module 501, configured to obtain a block chain address of a node to be accessed and a corresponding document content identifier;
an identity correspondence determining module 502, configured to determine, according to the block chain address of the node to be accessed, an identity correspondence of the node to be accessed in an intelligent contract of a block chain network; the identity corresponding relation of the node to be accessed is generated based on any one data storage device based on the block chain provided by the embodiment of the disclosure;
a DID document verification module 503, configured to search and verify a decentralized identity DID document of the node to be accessed according to the document content identifier of the node to be accessed and the corresponding identity correspondence;
a communication connection establishing module 504, configured to establish, if the verification passes, a secure communication connection with the node to be accessed according to the communication key in the DID document of the node to be accessed.
According to the method and the device, the DID document of the node to be accessed is searched and verified through the identity corresponding relation of the node to be accessed stored in the block chain network, so that the safety and reliability of the DID document of the node to be accessed are improved; the identity corresponding relation is stored and used in the intelligent contract of the block chain network, so that the convenience of the DID document searching process is improved; the DID document is verified, and the communication key in the DID document is used after the DID document passes the verification, so that the reliability of the communication key is enhanced, and further, the communication key and the node to be accessed establish safe communication connection, and the safety and reliability of communication between the nodes are guaranteed.
In an optional embodiment, if at least two identity correspondences of the node to be accessed are stored in the intelligent contract, the DID document verification module 503 includes:
a target identity corresponding relationship determining unit, configured to use a most recent identity corresponding relationship among the at least two identity corresponding relationships as a target identity corresponding relationship;
and the DID document checking unit is used for searching and verifying the DID document of the node to be accessed according to the target identity corresponding relation and the document content identification of the node to be accessed.
In an optional embodiment, the DID document verification unit is specifically configured to:
and performing aging verification on the DID document of the node to be accessed according to the document content identification in the target identity corresponding relation and the document content identification of the node to be accessed.
In an alternative embodiment, the DID document verification module 503 includes:
the reference identifier determining unit is used for generating a document content identifier corresponding to the DID document of the node to be accessed and taking a generated result as a reference identifier;
and the content verification unit is used for verifying the content of the DID document of the node to be accessed according to the reference identifier and the document content identifier of the node to be accessed.
In an alternative embodiment, the apparatus 500 further comprises:
the generator acquisition module is used for acquiring a generator of the DID document of the node to be accessed;
and the generator identity authentication module is used for authenticating the generator according to the authorized identity category of the generator in the block chain network.
In an alternative embodiment, the apparatus 500 further comprises:
the communication record storage module is used for generating a communication record after establishing a secure communication connection with the node to be accessed, and storing the communication record into the intelligent contract for verification;
the communication record comprises at least one of block chain addresses, document content identification, connection time and connection tasks of both communication nodes.
The communication device based on the block chain can execute the communication method based on the block chain provided by any embodiment of the disclosure, and has corresponding functional modules and beneficial effects for executing the communication method based on the block chain.
In the technical scheme of the disclosure, the processes of collection, storage, use, processing, transmission, provision, disclosure and the like of the DID document, the document content identification, the document position identification, the identity corresponding relation and the like all accord with the regulations of relevant laws and regulations, and do not violate the customs of the public order.
The present disclosure also provides an electronic device, a readable storage medium, and a computer program product according to embodiments of the present disclosure.
FIG. 6 illustrates a schematic block diagram of an example electronic device 600 that can be used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
As shown in fig. 6, the apparatus 600 includes a computing unit 601, which can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM) 602 or a computer program loaded from a storage unit 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data required for the operation of the device 600 can also be stored. The calculation unit 601, the ROM 602, and the RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
A number of components in the device 600 are connected to the I/O interface 605, including: an input unit 606 such as a keyboard, a mouse, and the like; an output unit 607 such as various types of displays, speakers, and the like; a storage unit 608, such as a magnetic disk, optical disk, or the like; and a communication unit 609 such as a network card, modem, wireless communication transceiver, etc. The communication unit 609 allows the device 600 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
The computing unit 601 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of the computing unit 601 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various dedicated Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, and so forth. The calculation unit 601 performs the respective methods and processes described above, such as at least one of a block chain based data storage method and a block chain based communication method. For example, in some embodiments, at least one of the blockchain based data storage method and the blockchain based communication method may be implemented as a computer software program tangibly embodied in a machine-readable medium, such as storage unit 608. In some embodiments, part or all of the computer program may be loaded and/or installed onto the device 600 via the ROM 602 and/or the communication unit 609. When the computer program is loaded into the RAM 603 and executed by the computing unit 601, one or more steps of at least one of the blockchain based data storage method and the blockchain based communication method described above may be performed. Alternatively, in other embodiments, the computing unit 601 may be configured by any other suitable means (e.g., by means of firmware) to perform at least one of a blockchain-based data storage method and a blockchain-based communication method.
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), system on a chip (SOCs), complex Programmable Logic Devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for implementing the methods of the present disclosure may be written in any combination of one or more programming languages. These program codes may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the program codes, when executed by the processor or controller, cause the functions/operations specified in the flowchart and/or block diagram to be performed. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user can be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the Internet.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome. The server may also be a server of a distributed system, or a server incorporating a blockchain.
Artificial intelligence is the subject of research that makes computers simulate some human mental processes and intelligent behaviors (such as learning, reasoning, thinking, planning, etc.), both at the hardware level and at the software level. Artificial intelligence hardware technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing, and the like; the artificial intelligence software technology mainly comprises a computer vision technology, a voice recognition technology, a natural language processing technology, a machine learning/deep learning technology, a big data processing technology, a knowledge map technology and the like.
Cloud computing (cloud computing) refers to a technology system that accesses a flexibly extensible shared physical or virtual resource pool through a network, where resources may include servers, operating systems, networks, software, applications, storage devices, and the like, and may be deployed and managed in a self-service manner as needed. Through the cloud computing technology, high-efficiency and strong data processing capacity can be provided for technical application and model training of artificial intelligence, block chains and the like.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present disclosure may be executed in parallel, sequentially or in different orders, as long as the desired results of the technical solutions provided by the present disclosure can be achieved, which is not limited herein.
The above detailed description should not be construed as limiting the scope of the disclosure. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present disclosure should be included in the scope of protection of the present disclosure.

Claims (22)

1. The data storage method based on the block chain is applied to an identity authority and comprises the following steps:
generating a decentralized identity DID document of a communication node according to a block chain address of the communication node supervised by the communication node and a communication key of the communication node; the communication key is used for establishing a secure communication connection with other communication nodes;
determining a document content identifier of the DID document;
performing decentralized storage on the DID document, and obtaining a document position identifier of the DID document;
and storing the identity corresponding relation among the document content identification, the document position identification and the block chain address of the communication node in an intelligent contract of a block chain network for searching and verifying the DID document.
2. The method as claimed in claim 1, wherein revocation declaration information indicating that a previously generated history DID document is invalid is further included in the DID document.
3. The method as claimed in claim 1, wherein the blockchain network stores an authorized identity category of the identity authorizer for performing generational authentication of the DID document.
4. The method according to any of claims 1-3, wherein the communication node is a computing node in a multi-party collaborative computing network.
5. The communication method based on the block chain is applied to a communication node and comprises the following steps:
acquiring a block chain address of a node to be accessed and a corresponding document content identifier;
determining the identity corresponding relation of the node to be accessed in an intelligent contract of a block chain network according to the block chain address of the node to be accessed; wherein the identity correspondence of the node to be accessed is generated based on the method of any one of claims 1-4;
searching and verifying a decentralized identity DID document of the node to be accessed according to the corresponding relation between the document content identification and the corresponding identity of the node to be accessed;
and if the verification is passed, establishing a secure communication connection with the node to be accessed according to the communication key in the DID document of the node to be accessed.
6. The method according to claim 5, wherein if at least two identity correspondences of the node to be accessed are stored in the smart contract, the finding and verifying the decentralized identity DID document of the node to be accessed according to the document content identifier of the node to be accessed and the corresponding identity correspondences comprises:
taking the latest identity corresponding relation in the at least two identity corresponding relations as a target identity corresponding relation;
and searching and verifying the DID document of the node to be accessed according to the target identity corresponding relation and the document content identification of the node to be accessed.
7. The method of claim 6, wherein the verifying the DID document of the node to be accessed comprises:
and performing aging verification on the DID document of the node to be accessed according to the document content identification in the target identity corresponding relation and the document content identification of the node to be accessed.
8. The method according to any one of claims 5-7, wherein the verifying the DID document of the node to be accessed comprises:
generating a document content identifier corresponding to the DID document of the node to be accessed, and taking a generated result as a reference identifier;
and according to the reference identifier and the document content identifier of the node to be accessed, performing content verification on the DID document of the node to be accessed.
9. The method of any of claims 5-7, wherein the method further comprises:
acquiring a generator of the DID document of the node to be accessed;
and according to the authorized identity category of the generator in the block chain network, performing identity verification on the generator.
10. The method according to any of claims 5-7, after establishing a secure communication connection with the node to be accessed, the method further comprising:
generating a communication record and storing the communication record into the intelligent contract for verification;
the communication record comprises at least one of the block chain addresses, the document content identification, the connection time and the connection task of the two communication nodes.
11. The data storage device based on the block chain is configured at an identity authority and comprises:
the DID document generation module is used for generating a decentralized identity DID document of the communication node according to a block chain address of the communication node supervised by the DID document generation module and a communication key of the communication node; the communication key is used for establishing a secure communication connection with other communication nodes;
the document content identification determining module is used for determining the document content identification of the DID document;
the document position identification determining module is used for performing decentralized storage on the DID document and obtaining a document position identification of the DID document;
and the identity corresponding relation storage module is used for storing the identity corresponding relation among the document content identification, the document position identification and the block chain address of the communication node in an intelligent contract of a block chain network and is used for searching and verifying the DID document.
12. The apparatus as claimed in claim 11, wherein revocation declaration information indicating that a previously generated history DID document is invalid is further included in the DID document.
13. The apparatus of claim 11, wherein the blockchain network has stored therein an authorized identity category of the identity authorizer for generational authentication of the DID document.
14. The apparatus according to any of claims 11-13, wherein the communication node is a computing node in a multi-party collaborative computing network.
15. The communication device based on block chain, configured at the communication node, includes:
the data acquisition module is used for acquiring a block chain address of a node to be accessed and a corresponding document content identifier;
the identity corresponding relation determining module is used for determining the identity corresponding relation of the nodes to be accessed in the intelligent contract of the block chain network according to the block chain address of the nodes to be accessed; wherein the identity correspondence of the node to be accessed is generated based on the apparatus of any one of claims 11-14;
the DID document checking module is used for searching and verifying the decentralized identity DID document of the node to be accessed according to the document content identification of the node to be accessed and the corresponding identity corresponding relation;
and the communication connection establishing module is used for establishing a safe communication connection with the node to be accessed according to the communication key in the DID document of the node to be accessed if the verification is passed.
16. The apparatus of claim 15, wherein if at least two identity correspondences of the node to be accessed are stored in the intelligent contract, the DID document verification module comprises:
a target identity corresponding relationship determining unit, configured to use a most recent identity corresponding relationship among the at least two identity corresponding relationships as a target identity corresponding relationship;
and the DID document checking unit is used for searching and verifying the DID document of the node to be accessed according to the target identity corresponding relation and the document content identification of the node to be accessed.
17. The apparatus of claim 16, wherein the DID document verification unit is specifically configured to:
and performing time effectiveness verification on the DID document of the node to be accessed according to the document content identification in the target identity corresponding relation and the document content identification of the node to be accessed.
18. The apparatus of any one of claims 15-17, wherein the DID document verification module comprises:
the reference identifier determining unit is used for generating a document content identifier corresponding to the DID document of the node to be accessed and taking a generated result as a reference identifier;
and the content verification unit is used for verifying the content of the DID document of the node to be accessed according to the reference identifier and the document content identifier of the node to be accessed.
19. The apparatus of any one of claims 15-17, wherein the apparatus further comprises:
the generator obtaining module is used for obtaining a generator of the DID document of the node to be accessed;
and the generator identity authentication module is used for authenticating the generator according to the authorized identity category of the generator in the block chain network.
20. The apparatus of any of claims 15-17, further comprising:
the communication record storage module is used for generating a communication record after establishing a secure communication connection with the node to be accessed, and storing the communication record into the intelligent contract for verification;
the communication record comprises at least one of block chain addresses, document content identification, connection time and connection tasks of both communication nodes.
21. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the blockchain based data storage method of any one of claims 1 to 4 and/or to perform the blockchain based communication method of any one of claims 5 to 10.
22. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the blockchain based data storage method of any one of claims 1 to 4 and/or the blockchain based communication method of any one of claims 5 to 10.
CN202310222462.7A 2023-03-09 2023-03-09 Block chain-based data storage and communication method, device, equipment and medium Active CN115955362B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310222462.7A CN115955362B (en) 2023-03-09 2023-03-09 Block chain-based data storage and communication method, device, equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310222462.7A CN115955362B (en) 2023-03-09 2023-03-09 Block chain-based data storage and communication method, device, equipment and medium

Publications (2)

Publication Number Publication Date
CN115955362A true CN115955362A (en) 2023-04-11
CN115955362B CN115955362B (en) 2023-06-09

Family

ID=85903303

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310222462.7A Active CN115955362B (en) 2023-03-09 2023-03-09 Block chain-based data storage and communication method, device, equipment and medium

Country Status (1)

Country Link
CN (1) CN115955362B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108737391A (en) * 2018-05-03 2018-11-02 西安电子科技大学 Information service entities identity manages system and identifies quick cancelling method
US20200304498A1 (en) * 2019-03-20 2020-09-24 Microsoft Technology Licensing, Llc Callback pattern for did attestations
US10965461B1 (en) * 2020-08-31 2021-03-30 Syniverse Technologies, Llc Method of verifying telecommunications messaging traffic based on decentralized identifiers
US20210306151A1 (en) * 2020-03-27 2021-09-30 Microsoft Technology Licensing, Llc Deauthorization of private key of decentralized identity
CN113610528A (en) * 2021-08-24 2021-11-05 上海点融信息科技有限责任公司 Block chain-based management system, method, device and storage medium
CN114157447A (en) * 2021-10-22 2022-03-08 北京航空航天大学 Unmanned equipment safety communication method based on block chain technology

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108737391A (en) * 2018-05-03 2018-11-02 西安电子科技大学 Information service entities identity manages system and identifies quick cancelling method
US20200304498A1 (en) * 2019-03-20 2020-09-24 Microsoft Technology Licensing, Llc Callback pattern for did attestations
US20210306151A1 (en) * 2020-03-27 2021-09-30 Microsoft Technology Licensing, Llc Deauthorization of private key of decentralized identity
US10965461B1 (en) * 2020-08-31 2021-03-30 Syniverse Technologies, Llc Method of verifying telecommunications messaging traffic based on decentralized identifiers
CN113610528A (en) * 2021-08-24 2021-11-05 上海点融信息科技有限责任公司 Block chain-based management system, method, device and storage medium
CN114157447A (en) * 2021-10-22 2022-03-08 北京航空航天大学 Unmanned equipment safety communication method based on block chain technology

Also Published As

Publication number Publication date
CN115955362B (en) 2023-06-09

Similar Documents

Publication Publication Date Title
US10164963B2 (en) Enforcing server authentication based on a hardware token
CN111953496A (en) Method and system for blockchain variants using digital signatures
CN110944046B (en) Control method of consensus mechanism and related equipment
US20230370265A1 (en) Method, Apparatus and Device for Constructing Token for Cloud Platform Resource Access Control
JP2017517823A (en) Techniques for operating services with machine-generated authentication tokens
EP3231128A1 (en) Conditional login promotion
CN104715187A (en) Method and apparatus used for authenticating nodes of electronic communication system
US20230037932A1 (en) Data processing method and apparatus based on blockchain network, and computer device
CN113612740A (en) Authority management method and device, computer readable medium and electronic equipment
CN106533691A (en) Method and device for verifying validity of digital certificate
CN112738253A (en) Data processing method, device and equipment based on block chain and storage medium
KR102011363B1 (en) Method for software authentication using block-chain authentication
US20220217004A1 (en) Systems and methods for non-parallelised mining on a proof-of-work blockchain network
US20060248578A1 (en) Method, system, and program product for connecting a client to a network
CN115964755B (en) Data authorization and verification method, device, equipment and storage medium
CN112468497A (en) Block chain terminal equipment authorization authentication method, device, equipment and storage medium
CN115955362B (en) Block chain-based data storage and communication method, device, equipment and medium
CN113935070B (en) Data processing method, device and equipment based on block chain and storage medium
CN110276693A (en) Settlement of insurance claim method and system
CN114338051A (en) Method, device, equipment and medium for acquiring random number by block chain
CN115150086A (en) Identity authentication method and equipment of public key based on biological characteristics of cloud service
CN114238131A (en) Code detection method and device, computer readable medium and electronic equipment
CN111294315B (en) Block chain-based security authentication method, block chain-based security authentication device, block chain-based security authentication equipment and storage medium
CN107743066B (en) Monitorable anonymous signature method and system
CN111598544A (en) Method and apparatus for processing information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant