CN107832632B - Asset certification authorization query method, system, electronic device and computer readable storage medium - Google Patents
Asset certification authorization query method, system, electronic device and computer readable storage medium Download PDFInfo
- Publication number
- CN107832632B CN107832632B CN201711121632.3A CN201711121632A CN107832632B CN 107832632 B CN107832632 B CN 107832632B CN 201711121632 A CN201711121632 A CN 201711121632A CN 107832632 B CN107832632 B CN 107832632B
- Authority
- CN
- China
- Prior art keywords
- asset
- authorization
- certificate
- owner
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 416
- 238000000034 method Methods 0.000 title claims abstract description 55
- 238000004891 communication Methods 0.000 claims description 19
- 230000007246 mechanism Effects 0.000 claims description 12
- 238000004590 computer program Methods 0.000 claims description 6
- 230000001360 synchronised effect Effects 0.000 claims description 5
- 238000004519 manufacturing process Methods 0.000 claims 4
- 230000005540 biological transmission Effects 0.000 abstract description 5
- 238000010586 diagram Methods 0.000 description 6
- 238000004364 calculation method Methods 0.000 description 4
- 230000000875 corresponding effect Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000010365 information processing Effects 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention provides an asset certification authorization query method, an asset certification authorization query system, an electronic device and a computer readable storage medium. The asset certification authorization query method and system comprise the following steps: the system comprises a first asset proof generation module, a first authorization proof generation module, a first sending module, a first receiving module, a first authentication module, a first asset proof operation module and a first asset proof query module. Therefore, the automation of data transmission is realized, and the risk of data tampering is effectively reduced.
Description
Technical Field
The present invention relates to the field of information transmission, and in particular, to an asset identification authorization query method, system, electronic device, and computer-readable storage medium.
Background
In the prior art, an asset owner generally needs to inquire required data from each bank or related institution, and the inquired data is provided to a data demander by the asset owner, so that the steps of collecting data offline by the asset owner are complicated, and the inquired data is not directly provided to the data demander by a data provider, so that the data is at risk of being tampered, and the data demander cannot obtain the required data.
Disclosure of Invention
In view of the foregoing, there is a need for an asset attestation and authorization query method, system, electronic device and computer readable storage medium to automate data transmission and effectively reduce the risk of data tampering.
An asset proof authorization query system for a document provider, the asset proof authorization query system being in communication with an asset owner and a document demander, the asset proof authorization query system comprising:
the first asset certification generating module is used for generating an asset certification containing a digital certificate signature of a material provider according to the asset managed by the asset owner at the material provider after receiving an asset certification application request sent by the asset owner and the identity of the asset owner passes authentication, and encrypting the asset certification by using a public key of an identity authorization certification owner of the asset owner;
the first asset certificate generation module is also used for adding a query condition to the encrypted asset certificate;
the first authorization certificate generation module is used for generating a first authorization certificate according to the asset certificate application request;
the first sending module is used for sending the first authorization certificate and the encrypted asset certificate added with the query condition to an asset certificate database of the data provider;
the first sending module is further configured to send the first authorization identification to the property owner so that the property owner provides the first authorization identification to the material demanding party;
the first receiving module is used for receiving the authorization certification and the query condition provided by the property owner and/or the data demander;
the first authentication module is used for authenticating whether the authorization certificate and the query condition provided by the property owner and/or the data demander are valid or not according to the first authorization certificate and the encrypted asset certificate after the first authorization certificate and the query condition are added;
the first asset certification computation module is used for computing the asset certification required by the asset owner and/or the data demander according to the authorization certification provided by the asset owner and/or the data demander when the authorization certification and the query condition provided by the asset owner and/or the data demander are valid;
a first asset proof query module for obtaining a computed asset proof from an asset proof database of the data provider or an associated asset proof database in communication with the asset proof database of the data provider;
the first sending module is further configured to send the obtained asset credential to the asset owner and/or the data demander, so that the asset owner and/or the data demander decrypt the obtained asset credential with a private key of the authorized credential owner.
According to a preferred embodiment of the present invention, before generating the asset certificate including the digital credential signature of the material provider according to the asset managed by the asset owner at the material provider, the first receiving module is further configured to:
receiving authentication information which is sent by an authentication center and used for confirming that the identity of the property owner passes the authentication according to the authentication information, wherein the identity of the property owner passes the authentication;
the certification authority generates an identity of an authorized certificate owner for the property owner and a set of public and private keys for the authorized certificate owner after determining that the identity of the property owner is certified, and the certification authority includes one or more of the following combinations:
the authentication center of the material provider and the authentication center which is communicated with the material provider.
According to a preferred embodiment of the present invention, the first proof of authority generating module is specifically configured to:
determining an authorization scope according to the asset attestation application request, and generating the first attestation of authority in a hash mode according to the authorization scope.
According to a preferred embodiment of the present invention, the first authentication module authenticates whether the authorization certificate and the query condition provided by the property owner and/or the material demander are valid according to the first authorization certificate and the encrypted property certificate after the query condition is added, including:
matching the authorization certificate provided by the property owner and/or the data demander with the first authorization certificate, and matching the query condition provided by the property owner and/or the data demander with the query condition pre-added to the generated property certificate;
when the authorization certification provided by the property owner and/or the data demander is matched with the first authorization certification and the query condition provided by the property owner and/or the data demander is matched with the query condition pre-added to the generated property certification, the authorization certification and the query condition provided by the property owner and/or the data demander are confirmed to be valid; or
When the authorization certificate provided by the property owner and/or the data demander is matched with the first authorization certificate, but the query condition provided by the property owner and/or the data demander is not matched with the query condition pre-added to the generated property certificate, the authorization certificate and the query condition provided by the property owner and/or the data demander are confirmed to be invalid; or
When the authorization certificate provided by the property owner and/or the data demander does not match the first authorization certificate, but the query condition provided by the property owner and/or the data demander matches the query condition pre-added to the generated property certificate, the authorization certificate and the query condition provided by the property owner and/or the data demander are confirmed to be invalid; or
And when the authorization certificate provided by the property owner and/or the data demander does not match the first authorization certificate and the query condition provided by the property owner and/or the data demander does not match the query condition pre-added to the generated property certificate, confirming that the authorization certificate and the query condition provided by the property owner and/or the data demander are invalid.
According to a preferred embodiment of the invention:
the type of asset comprises a combination of one or more of:
bank deposits, foreign currency, stocks, bonds, funds;
the proof of asset comprises a combination of one or more of:
transaction date, transaction details, transaction total, account balance, and currency.
According to a preferred embodiment of the invention, the first proof of authorization comprises a combination of one or more of:
the identity certificate of the data owner, the name of the data owner, the identity certificate of the data provider, the name of the data provider, the identity certificate of the data demander, the name of the data demander and an authorization scope condition;
wherein the authorization scope condition comprises one or more of the following combinations:
validity period, maximum number of queries, time point of querying subject, querying subject.
According to a preferred embodiment of the present invention, the query condition comprises one or more of the following in combination:
a query password, identification, a queryable time and queryable content.
According to the preferred embodiment of the present invention, the data provider corresponds to an asset certification database, the asset owner corresponds to an asset certification database, the data demander corresponds to an asset certification database, the asset certification database of the data provider, the asset certification database of the asset owner and the asset certification database of the data demander are in communication with each other, and the asset certification database of the data provider, the asset certification database of the asset owner and the asset certification database of the data demander are a distributed synchronization mechanism, and the asset certification database of the data provider is used for storing the first authorization certification and the encrypted asset certification after adding the query condition, and synchronously storing the first authorization certification and the encrypted asset certification after adding the query condition in the asset certification database of the asset owner and the asset certification database of the data demander.
According to the preferred embodiment of the present invention, the implementation of the asset attestation authorization query system further comprises:
implemented as a chain of blocks, a block is generated on the chain of blocks, the owner of the block is the owner of the asset, and the block address of the block is the first proof of authorization.
An asset proof authorization query system for a document provider, the asset proof authorization query system in communication with a document demander, the document demander in communication with an asset owner, the asset proof authorization query system comprising:
the second receiving module is used for receiving the asset certification application request and the second authorization certification sent by the data demander;
a second authentication module to authenticate whether the second proof of authority was generated for the property owner;
a second asset certificate generation module, configured to generate an asset certificate including a digital certificate signature of the material provider according to an asset managed by the asset owner at the material provider when the second authorization certificate is generated by the asset owner, and encrypt the asset certificate with a public key of the material demander;
the second asset certificate generation module is also used for adding a query condition to the encrypted asset certificate;
the second authorization certificate generation module is used for generating a third authorization certificate according to the asset certificate application request;
the second sending module is used for sending the third authorization certificate and the encrypted asset certificate added with the query condition to an asset certificate database of the data provider;
the second sending module is further configured to send the third authorization certificate to the data demander;
the second receiving module is further configured to receive an authorization certificate and a query condition provided by the data demander;
the second authentication module is further configured to authenticate whether the authorization certificate and the query condition provided by the data demander are valid according to the third authorization certificate and the encrypted asset certificate after the query condition is added;
the second asset certification operation module is used for calculating the asset certification required by the data demander according to the authorization certification provided by the data demander when the authorization certification and the query condition provided by the data demander are effective;
a second asset proof query module for obtaining the computed asset proof from the asset proof database of the data provider or the associated asset proof database communicated with the asset proof database of the data provider;
the second sending module is further configured to send the obtained asset certificate to the data demander, so that the data demander decrypts the obtained asset certificate with a private key of the data demander.
According to a preferred embodiment of the present invention, the second proof of authority generating module is specifically configured to:
determining an authorization scope according to the asset attestation application request, and generating the third attestation of authority in a hash mode according to the authorization scope.
According to the preferred embodiment of the present invention, the second authentication module, according to the third authorization certificate and the encrypted asset certificate after adding the query condition, authenticates whether the authorization certificate and the query condition provided by the material demander are valid or not, including:
matching the authorization certificate provided by the data demander with the third authorization certificate, and matching the query condition provided by the data demander with the query condition pre-added to the generated asset certificate;
when the authorization certificate provided by the data demander is matched with the third authorization certificate and the query condition provided by the data demander is matched with the query condition pre-added to the generated asset certificate, the authorization certificate and the query condition provided by the data demander are confirmed to be valid; or
When the authorization certificate provided by the data demander is matched with the third authorization certificate but the query condition provided by the data demander is not matched with the query condition pre-added to the generated asset certificate, confirming that the authorization certificate and the query condition provided by the data demander are invalid; or
When the authorization certificate provided by the data demander is not matched with the third authorization certificate but the query condition provided by the data demander is matched with the query condition pre-added to the generated asset certificate, confirming that the authorization certificate and the query condition provided by the data demander are invalid; or
And when the authorization certificate provided by the material demand party is not matched with the third authorization certificate and the query condition provided by the material demand party is not matched with the query condition pre-added to the generated asset certificate, confirming that the authorization certificate and the query condition provided by the material demand party are invalid.
According to a preferred embodiment of the invention:
the type of asset comprises a combination of one or more of:
bank deposits, foreign currency, stocks, bonds, funds;
the proof of asset comprises a combination of one or more of:
transaction date, transaction details, transaction total, account balance, and currency.
According to a preferred embodiment of the invention, the third proof of authorization comprises a combination of one or more of:
the identity certificate of the data owner, the name of the data owner, the identity certificate of the data provider, the name of the data provider, the identity certificate of the data demander, the name of the data demander and an authorization scope condition;
wherein the authorization scope condition comprises one or more of the following combinations:
validity period, maximum number of queries, time point of querying subject, querying subject.
According to a preferred embodiment of the present invention, the query condition comprises one or more of the following in combination:
a query password, identification, a queryable time and queryable content.
According to the preferred embodiment of the present invention, the data provider corresponds to an asset certification database, the asset owner corresponds to an asset certification database, the data demander corresponds to an asset certification database, the asset certification database of the data provider, the asset certification database of the asset owner, and the asset certification database of the data demander are in communication with each other, and the asset certification database of the data provider, the asset certification database of the asset owner, and the asset certification database of the data demander are a distributed synchronization mechanism, and the asset certification database of the data provider is configured to store the third authorization certification and the encrypted asset certification after adding the query condition, and store the third authorization certification and the encrypted asset certification after adding the query condition in the asset certification database of the asset owner and the asset certification database of the data demander synchronously.
According to the preferred embodiment of the present invention, the implementation of the asset attestation authorization query system further comprises:
the method is implemented by using a block chain, a block is generated on the block chain, the owner of the block is the data requester, and the block address of the block is the third authorization certificate.
An asset attestation authorization query method, the asset attestation authorization query method comprising:
a first asset certificate generation step, after receiving an asset certificate application request sent by an asset owner and the identity of the asset owner passes authentication, generating an asset certificate containing a digital certificate signature of a material provider according to an asset managed by the asset owner at the material provider, and encrypting the asset certificate by using a public key of an identity authorization certificate owner of the asset owner;
the first asset certificate generation step of adding a query condition to the encrypted asset certificate;
a first certificate of authority generation step, generating a first certificate of authority according to the asset certificate application request;
a first sending step of sending the first authorization certificate and the encrypted asset certificate added with the query condition to an asset certificate database of the data provider;
the first sending step, sending the first authorization certification to the property owner so that the property owner provides the first authorization certification to the data demand party;
a first receiving step, receiving the authorization certification and inquiry condition provided by the property owner and/or the data demander;
a first authentication step of authenticating whether the authorization certification and the query condition provided by the property owner and/or the data demander are valid or not according to the first authorization certification and the encrypted property certification added with the query condition;
a first asset identification calculation step of calculating an asset identification required by the asset owner and/or the data demander according to the authorization identification provided by the asset owner and/or the data demander when the authorization identification and the query condition provided by the asset owner and/or the data demander are valid;
a first asset certification inquiry step of acquiring a computed asset certification from an asset certification database of the data provider or an associated asset certification database in communication with the asset certification database of the data provider;
and the first sending step is to send the acquired asset certificate to the asset owner and/or the data demander so that the asset owner and/or the data demander can decrypt the acquired asset certificate by using the private key of the authorized certificate owner.
According to a preferred embodiment of the present invention, before generating an asset certificate containing the digital credential signature of the material provider based on an asset managed by the asset owner at the material provider, the first receiving step further comprises:
receiving authentication information which is sent by an authentication center and used for confirming that the identity of the property owner passes the authentication according to the authentication information, wherein the identity of the property owner passes the authentication;
the certification authority generates an identity of an authorized certificate owner for the property owner and a set of public and private keys for the authorized certificate owner after determining that the identity of the property owner is certified, and the certification authority includes one or more of the following combinations:
the authentication center of the material provider and the authentication center which is communicated with the material provider.
According to a preferred embodiment of the present invention, said first proof of authority generating step specifically comprises:
determining an authorization scope according to the asset attestation application request, and generating the first attestation of authority in a hash mode according to the authorization scope.
According to a preferred embodiment of the present invention, the first authentication step of authenticating whether the authorization certificate and the query condition provided by the property owner and/or the data demander are valid according to the first authorization certificate and the encrypted property certificate after the query condition is added includes:
matching the authorization certificate provided by the property owner and/or the data demander with the first authorization certificate, and matching the query condition provided by the property owner and/or the data demander with the query condition pre-added to the generated property certificate;
when the authorization certification provided by the property owner and/or the data demander is matched with the first authorization certification and the query condition provided by the property owner and/or the data demander is matched with the query condition pre-added to the generated property certification, the authorization certification and the query condition provided by the property owner and/or the data demander are confirmed to be valid; or
When the authorization certificate provided by the property owner and/or the data demander is matched with the first authorization certificate, but the query condition provided by the property owner and/or the data demander is not matched with the query condition pre-added to the generated property certificate, the authorization certificate and the query condition provided by the property owner and/or the data demander are confirmed to be invalid; or
When the authorization certificate provided by the property owner and/or the data demander does not match the first authorization certificate, but the query condition provided by the property owner and/or the data demander matches the query condition pre-added to the generated property certificate, the authorization certificate and the query condition provided by the property owner and/or the data demander are confirmed to be invalid; or
And when the authorization certificate provided by the property owner and/or the data demander does not match the first authorization certificate and the query condition provided by the property owner and/or the data demander does not match the query condition pre-added to the generated property certificate, confirming that the authorization certificate and the query condition provided by the property owner and/or the data demander are invalid.
According to a preferred embodiment of the invention:
the type of asset comprises a combination of one or more of:
bank deposits, foreign currency, stocks, bonds, funds;
the proof of asset comprises a combination of one or more of:
transaction date, transaction details, transaction total, account balance, and currency.
According to a preferred embodiment of the invention, the first proof of authorization comprises a combination of one or more of:
the identity certificate of the data owner, the name of the data owner, the identity certificate of the data provider, the name of the data provider, the identity certificate of the data demander, the name of the data demander and an authorization scope condition;
wherein the authorization scope condition comprises one or more of the following combinations:
validity period, maximum number of queries, time point of querying subject, querying subject.
According to a preferred embodiment of the present invention, the query condition comprises one or more of the following in combination:
a query password, identification, a queryable time and queryable content.
According to the preferred embodiment of the present invention, the data provider corresponds to an asset certification database, the asset owner corresponds to an asset certification database, the data demander corresponds to an asset certification database, the asset certification database of the data provider, the asset certification database of the asset owner and the asset certification database of the data demander are in communication with each other, and the asset certification database of the data provider, the asset certification database of the asset owner and the asset certification database of the data demander are a distributed synchronization mechanism, and the asset certification database of the data provider is used for storing the first authorization certification and the encrypted asset certification after adding the query condition, and synchronously storing the first authorization certification and the encrypted asset certification after adding the query condition in the asset certification database of the asset owner and the asset certification database of the data demander.
According to the preferred embodiment of the present invention, the implementation manner of the asset attestation and authorization query method further includes:
implemented as a chain of blocks, a block is generated on the chain of blocks, the owner of the block is the owner of the asset, and the block address of the block is the first proof of authorization.
An asset attestation authorization query method, the asset attestation authorization query method comprising:
a second receiving step, receiving the asset certification application request and a second authorization certification sent by the data demander;
a second authentication step of authenticating whether the second proof of authority is generated for the property owner;
a second asset certificate generation step of generating an asset certificate including a digital certificate signature of a material provider according to an asset managed by a material provider by the asset owner when the second authorization certificate is generated by the asset owner, and encrypting the asset certificate with a public key of the material demander;
the second asset certificate generation step of adding a query condition to the encrypted asset certificate;
a second authorization certification generation step of generating a third authorization certification according to the asset certification application request;
a second sending step of sending the third authorization certification and the encrypted asset certification added with the query condition to an asset certification database of the data provider;
the second sending step, sending the third authorization certification to the data demander;
the second receiving step, receiving the authorization certificate and the query condition provided by the data demander;
the second authentication step is to authenticate whether the authorization certificate and the query condition provided by the data demander are valid or not according to the third authorization certificate and the encrypted asset certificate added with the query condition;
a second asset certification operation step of operating the asset certification required by the data demander according to the authorization certification provided by the data demander when the authorization certification and the query condition provided by the data demander are valid;
a second asset certification inquiry step of acquiring a computed asset certification from the asset certification database of the data provider or an associated asset certification database in communication with the asset certification database of the data provider;
and the second sending step is to send the obtained asset certificate to the data demander so that the data demander decrypts the obtained asset certificate by using a private key of the data demander.
According to a preferred embodiment of the present invention, the second proof of authority generating step specifically comprises:
determining an authorization scope according to the asset attestation application request, and generating the third attestation of authority in a hash mode according to the authorization scope.
According to a preferred embodiment of the present invention, the second authenticating step, according to the third authorization certificate and the encrypted asset certificate added with the query condition, authenticates whether the authorization certificate and the query condition provided by the data demander are valid, and includes:
matching the authorization certificate provided by the data demander with the third authorization certificate, and matching the query condition provided by the data demander with the query condition pre-added to the generated asset certificate;
when the authorization certificate provided by the data demander is matched with the third authorization certificate and the query condition provided by the data demander is matched with the query condition pre-added to the generated asset certificate, the authorization certificate and the query condition provided by the data demander are confirmed to be valid; or
When the authorization certificate provided by the data demander is matched with the third authorization certificate but the query condition provided by the data demander is not matched with the query condition pre-added to the generated asset certificate, confirming that the authorization certificate and the query condition provided by the data demander are invalid; or
When the authorization certificate provided by the data demander is not matched with the third authorization certificate but the query condition provided by the data demander is matched with the query condition pre-added to the generated asset certificate, confirming that the authorization certificate and the query condition provided by the data demander are invalid; or
And when the authorization certificate provided by the material demand party is not matched with the third authorization certificate and the query condition provided by the material demand party is not matched with the query condition pre-added to the generated asset certificate, confirming that the authorization certificate and the query condition provided by the material demand party are invalid.
According to a preferred embodiment of the invention:
the type of asset comprises a combination of one or more of:
bank deposits, foreign currency, stocks, bonds, funds;
the proof of asset comprises a combination of one or more of:
transaction date, transaction details, transaction total, account balance, and currency.
According to a preferred embodiment of the invention, the third proof of authorization comprises a combination of one or more of:
the identity certificate of the data owner, the name of the data owner, the identity certificate of the data provider, the name of the data provider, the identity certificate of the data demander, the name of the data demander and an authorization scope condition;
wherein the authorization scope condition comprises one or more of the following combinations:
validity period, maximum number of queries, time point of querying subject, querying subject.
According to a preferred embodiment of the present invention, the query condition comprises one or more of the following in combination:
a query password, identification, a queryable time and queryable content.
According to the preferred embodiment of the present invention, the data provider corresponds to an asset certification database, the asset owner corresponds to an asset certification database, the data demander corresponds to an asset certification database, the asset certification database of the data provider, the asset certification database of the asset owner, and the asset certification database of the data demander are in communication with each other, and the asset certification database of the data provider, the asset certification database of the asset owner, and the asset certification database of the data demander are a distributed synchronization mechanism, and the asset certification database of the data provider is configured to store the third authorization certification and the encrypted asset certification after adding the query condition, and store the third authorization certification and the encrypted asset certification after adding the query condition in the asset certification database of the asset owner and the asset certification database of the data demander synchronously.
According to the preferred embodiment of the present invention, the implementation manner of the asset attestation and authorization query method further includes:
the method is implemented by using a block chain, a block is generated on the block chain, the owner of the block is the data requester, and the block address of the block is the third authorization certificate.
An electronic device comprising a memory for storing at least one instruction and a processor for executing a computer program stored in the memory to implement the proof of asset authorization query method.
A computer-readable storage medium having stored thereon at least one instruction which, when executed by a processor, implements the proof of asset authorization query method.
According to the technical scheme, the invention can realize the automation of data transmission and effectively reduce the risk of data tampering.
Drawings
FIG. 1 is a schematic diagram of an application environment of a preferred embodiment of the asset identification authorization query method of the present invention.
FIG. 2 is a functional block diagram of a first preferred embodiment of the proof-of-asset-authorization query system of the present invention.
FIG. 3 is a flow chart of a first preferred embodiment of the certification authorization query method of the present invention.
FIG. 4 is a functional block diagram of a second preferred embodiment of the proof-of-asset authorization query system of the present invention.
FIG. 5 is a flow chart of a second preferred embodiment of the asset identification authorization query method of the present invention.
Detailed Description
Fig. 1 is a schematic diagram of an application environment of a preferred embodiment of the asset certification authorization query method according to the present invention. In the present embodiment, the asset certification authority query system 10 is applied to a material provider 11, and the material provider 11 communicates with the asset owner 2 and the material demander 3, respectively.
In this embodiment, the material provider 11 is used for managing the assets of the asset owner 2, and the identity of the material provider 11 is not limited by the present invention.
In this embodiment, the property owner 2 is the party owning the property, and the property owner 2 may also query the proof of property.
In this embodiment, the data demander 3 is a party that needs to query the asset certificate.
In this embodiment, the material provider 11 is configured to generate an asset certificate according to the asset managed by the asset owner 2 at the material provider 11, so that the asset owner 2 and/or the material demander 3 can query the asset certificate.
In this embodiment, the data provider 11 corresponds to an asset certification database 13, the property owner 2 corresponds to an asset certification database 23, the data demander 3 corresponds to an asset certification database 33, the asset certification database 13 of the data provider 11, the asset certification database 23 of the property owner 2, and the asset certification database 33 of the data demander 3 communicate with each other, the asset certification database 13 of the data provider 11, the asset certification database 23 of the property owner 2, and the asset certification database 33 of the data demander 3 are distributed and synchronized mechanisms, the asset certification database 13 of the data provider 11 is used for storing the first authorization certification and the encrypted asset certification added with the query condition, and synchronously storing the first authorization certification and the encrypted asset certification added with the query condition in the asset certification database of the property owner 2 23 and an asset certification database 33 of the data requester 3.
In this embodiment, the asset certification authority query system 10 may be operated in a computer device, which is a device capable of automatically performing numerical calculation and/or information processing according to a preset or stored instruction, and the hardware includes, but is not limited to, a microprocessor, an Application Specific Integrated Circuit (ASIC), a Programmable Gate Array (FPGA), a Digital Signal Processor (DSP), an embedded device, and the like. The computer device includes, but is not limited to, a single web server, a server group consisting of a plurality of web servers, or a Cloud Computing (Cloud Computing) based Cloud consisting of a large number of hosts or web servers.
Referring to fig. 2, a functional block diagram of a first preferred embodiment of the system for certification authorization inquiry of assets of the present invention is shown. In this embodiment, the proof of asset authorization query system 10 may be partitioned into one or more modules. For example, the asset proof authorization query system 10 is divided into a first asset proof generation module 101, a first authorization proof generation module 102, a first transmission module 103, a first reception module 104, a first authentication module 105, a first asset proof computation module 106, and a first asset proof query module 107. The detailed functions of the modules will be described in detail later in fig. 3.
Referring to fig. 3, a flow chart of a first preferred embodiment of the asset certification authorization query method of the present invention is shown. The order of the steps in the flow chart may be changed, and some steps may be omitted or combined according to different requirements.
In step S10, after receiving the asset certification application request sent by the asset owner 2 and the identity of the asset owner 2 is authenticated, the first asset certification generating module 101 generates an asset certification including the digital certificate signature of the material provider 11 according to the asset managed by the asset owner 2 at the material provider 11, and encrypts the asset certification by using the public key of the identity authorized certification owner of the asset owner 2.
In this embodiment, before the first proof-of-asset generating module 101 generates the proof of asset including the digital certificate signature of the material provider 11 according to the asset managed by the property owner 2 at the material provider 11, the first receiving module 104 receives the proof of asset application request sent by the property owner 2.
In this embodiment, the certification application request includes, but is not limited to, one or a combination of:
the identification of the property owner 2, the name of the property owner 2, the identification of the material requirer 3, the name of the material requirer 3, the authorization scope conditions, etc.
In this embodiment, before the first asset certificate generating module 101 generates the asset certificate containing the digital certificate signature of the material provider 11 according to the asset managed by the asset owner 2 at the material provider 11, the first receiving module 104 is further configured to: receiving authentication information which is sent by an authentication center and used for confirming that the identity of the property owner 2 passes the authentication according to the authentication information, wherein the identity of the property owner 2 passes the authentication.
In this embodiment, after determining that the identity of the property owner 2 passes the authentication, the authentication center generates an identity of an authorized certificate owner for the property owner 2, and generates a set of public key and private key for the authorized certificate owner, so as to perform subsequent encryption and decryption operations on the generated property certificate.
In this embodiment, the property owner 2 provides the public key of the proof of authority owner and the private key of the proof of authority owner to the data consumer 3.
In this embodiment, the authentication center is a mechanism for providing authentication to the identity of the property owner 2, and the authentication center includes, but is not limited to, one or more of the following:
an authentication center of the material provider 11, an authentication center communicating with the material provider 11, and the like.
In this embodiment, the types of assets include, but are not limited to, one or a combination of more of the following:
bank deposits, foreign currency, stocks, bonds, funds, etc.
In this embodiment, the proof of assets includes, but is not limited to, one or a combination of:
transaction date, transaction details, transaction total, account balance, currency, etc.
In this embodiment, the generated asset credential is signed with a digital voucher signature of the material provider 11 to prove that the generated asset credential was generated by the material provider 11.
In step S11, the first proof-of-asset generation module 101 adds a query condition to the encrypted proof-of-asset.
In this embodiment, the query condition includes, but is not limited to, one or more of the following:
a query password, identification, queryable time, queryable content, etc.
In step S12, the first proof of authority generation module 102 generates a first proof of authority according to the asset proof application request.
In this embodiment, the first proof of authority generation module 102 determines an authorization scope according to the asset proof application request, and generates the first proof of authority in a hash manner according to the authorization scope.
It should be noted that the hash mode is a one-way cryptosystem, that is, the encryption by the hash mode is an irreversible mapping from plaintext to ciphertext, and only includes an encryption process, but does not include a decryption process. Therefore, the first authorization certificate is generated through the Hash mode, so that the method is safer and more reliable, and the risk of tampering is effectively reduced.
In this embodiment, the first proof of authority includes, but is not limited to, one or more of the following:
the identification of the data owner 2, the name of the data owner 2, the identification of the data provider 11, the name of the data provider 11, the identification of the data demander 3, the name of the data demander 3, the authorization scope condition, etc.
In this embodiment, the authorization scope condition includes, but is not limited to, one or more of the following combinations:
validity period, maximum number of queries, time point of querying subject, etc.
In step S13, the first sending module 103 sends the first authorization certificate and the encrypted asset certificate added with the query condition to the asset certificate repository 13 of the data provider 11.
In this embodiment, the storage mechanism of the asset certificate repository 13 synchronously stores the first proof of authority and the encrypted asset certificate after adding the query condition in the asset certificate repository 23 of the property owner 2 and the asset certificate repository 33 of the data demander 3, so that the property owner 2 or the data demander 3 can query any communicated asset certificate repository for the property certificate.
In step S14, the first sending module 103 sends the first proof of authority to the property owner 2 so that the property owner 2 provides the first proof of authority to the material requirement party 3.
In this embodiment, after the first sending module 103 sends the first authorization certification to the property owner 2, the property owner 2 provides the first authorization certification to the material demander 3, so that both the property owner 2 and the material demander 3 can use the first authorization certification as a certificate to inquire about the generated property certification.
In this embodiment, there is no limitation on the manner in which the property owner 2 provides the first proof of authority to the material requirer 3. For example: the property owner 2 may provide the first proof of authority to the profile demander 3 using mail, social software, electronic file, or the like.
In step S15, the first receiving module 104 receives the authorization certification and inquiry condition provided by the property owner 2 and/or the data demander 3.
In step S16, the first authentication module 105 authenticates whether the authorization certificate and the query condition provided by the property owner 2 and/or the data demander 3 are valid according to the first authorization certificate and the encrypted property certificate after adding the query condition.
In this embodiment, the authenticating, by the first authentication module 105, whether the authorization certificate and the query condition provided by the property owner 2 and/or the material demander 3 are valid according to the first authorization certificate and the encrypted asset certificate after adding the query condition includes: the first authentication module 105 matches the authorization certification provided by the property owner 2 and/or the material demander 3 with the first authorization certification, and matches the query condition provided by the property owner 2 and/or the material demander 3 with the query condition pre-added to the generated property certification.
In this embodiment, the result of authentication includes:
(1) when the authorization certification provided by the property owner 2 and/or the data demander 3 matches the first authorization certification and the query condition provided by the property owner 2 and/or the data demander 3 matches the query condition pre-added to the generated property certification, the first authentication module 105 confirms that the authorization certification and the query condition provided by the property owner 2 and/or the data demander 3 are valid.
(2) When the authorization certification provided by the property owner 2 and/or the data demander 3 matches the first authorization certification but the query condition provided by the property owner 2 and/or the data demander 3 does not match the query condition pre-added to the generated property certification, the first authentication module 105 confirms that the authorization certification and the query condition provided by the property owner 2 and/or the data demander 3 are invalid.
(3) When the proof of authority provided by the property owner 2 and/or the data demander 3 does not match the first proof of authority, but the query condition provided by the property owner 2 and/or the data demander 3 matches the query condition pre-added to the generated proof of property, the first authentication module 105 confirms that the proof of authority and the query condition provided by the property owner 2 and/or the data demander 3 are invalid.
(4) When the authorization certification provided by the property owner 2 and/or the data demander 3 does not match the first authorization certification and the query condition provided by the property owner 2 and/or the data demander 3 does not match the query condition pre-added to the generated property certification, the first authentication module 105 confirms that the authorization certification and the query condition provided by the property owner 2 and/or the data demander 3 are invalid.
In step S17, when the authorization and inquiry conditions provided by the property owner 2 and/or the data demander 3 are valid, the first property certificate calculation module 106 calculates the property certificate required by the property owner 2 and/or the data demander 3 according to the authorization provided by the property owner 2 and/or the data demander 3.
In the present embodiment, the computed asset certificate is the encrypted asset certificate after the query condition is added, which is stored in the asset certificate database 13 of the data provider 11 or the associated asset certificate database communicated with the asset certificate database 13 of the data provider 11.
In step S18, the first asset proof query module 107 obtains the computed asset proof from the asset proof database 13 of the data provider 11 or the associated asset proof database in communication with the asset proof database 13 of the data provider 11.
In this embodiment, the property owner 2 and the data demander 3 may be members or non-members.
Specifically, when the property owner 2 and the data demander 3 are members, the property owner 2 and the data demander 3 can obtain the computed property certificate in the property certificate repository 13 of the data provider 11 or any associated property certificate repository communicating with the property certificate repository 13 of the data provider 11. However, when the property owner 2 and the data demander 3 are non-members, the property owner 2 and the data demander 3 can connect to the corresponding property certificate repository through nodes belonging to members (e.g., the first property certificate query module 107 of the data provider 11) to obtain the computed property certificates.
In this embodiment, the associated asset certification repository includes, but is not limited to, one or more of the following: the asset certification database 23 of the property owner 2, the asset certification database 33 of the data demander 3, etc.
In step S19, the first sending module 103 sends the obtained proof of assets to the property owner 2 and/or the data demander 3 so that the property owner 2 and/or the data demander 3 can decrypt the obtained proof of assets with the private key of the authorized certificate owner.
In this embodiment, after the first sending module 103 sends the obtained asset certificate to the asset owner 2 and/or the data demander 3, the asset owner 2 and/or the data demander 3 decrypts the obtained asset certificate with the private key of the authorized certificate owner, verifies the obtained asset certificate with the digital certificate signature of the data provider 11, and determines whether the obtained asset certificate is generated by the data provider 11.
In this embodiment, the embodiment of the asset certification authorization query system 10 further includes: implemented as a blockchain, the certificate authority query system 10 generates a block on the blockchain, the owner of the block is the property owner 2, and the block address of the block is the first authority certificate.
Referring to fig. 4, a functional block diagram of a second preferred embodiment of the system for certification authorization inquiry of the assets of the present invention is shown. In this embodiment, the proof of asset authorization query system 10 may be partitioned into one or more modules. For example, the asset proof authorization query system 10 is divided into a second receiving module 201, a second authentication module 202, a second asset proof generation module 203, a second authorization proof generation module 204, a second sending module 205, a second asset proof operation module 206, and a second asset proof query module 207. The detailed functions of the modules will be described in detail later in fig. 5.
Referring to fig. 5, a flow chart of a second preferred embodiment of the asset certification authorization query method of the present invention is shown. The order of the steps in the flow chart may be changed, and some steps may be omitted or combined according to different requirements.
In step S200, the second receiving module 201 receives the asset certification application request and the second authorization certification sent by the data demander 3.
In this embodiment, the second proof of authority is generated by the property owner 2, and the second proof of authority includes a digital certificate signature of the property owner 2 to prove that the second proof of authority is generated by the property owner 2.
In this embodiment, the certification application request includes, but is not limited to, one or a combination of:
the identification of the property owner 2, the name of the property owner 2, the identification of the material requirer 3, the name of the material requirer 3, the authorization scope conditions, etc.
In step S201, the second authentication module 202 authenticates whether the second proof of authority is generated for the property owner 2.
In this embodiment, the second authentication module 202 may prove whether the second proof of authority is generated by the property owner 2 through a digital certificate signature of the property owner 2.
Step S202, when the second proof of authority is generated by the property owner 2, the second proof of asset generating module 203 generates the proof of asset including the digital certificate signature of the material provider 11 according to the property managed by the property owner 2 at the material provider 11, and encrypts the proof of asset with the public key of the material demander 3.
In this embodiment, different from the first preferred embodiment, the generated asset certificate is encrypted by using the public key of the material demander 3, and then is decrypted by using the private key of the material demander 3, so that the material demander 3 can directly communicate with the material provider 11 and query the asset certificate without passing through the asset owner 2, thereby facilitating the query of the material demander 3.
In this embodiment, the types of assets include, but are not limited to, one or a combination of more of the following:
bank deposits, foreign currency, stocks, bonds, funds, etc.
In this embodiment, the proof of assets includes, but is not limited to, one or a combination of:
transaction date, transaction details, transaction total, account balance, currency, etc.
In this embodiment, the generated asset credential is signed with a digital voucher signature of the material provider 11 to prove that the generated asset credential was generated by the material provider 11.
In step S203, the second asset identification generation module 203 adds a query condition to the encrypted asset identification.
In this embodiment, the query condition includes, but is not limited to, one or more of the following:
a query password, identification, queryable time, queryable content, etc.
In step S204, the second proof of authority generation module 204 generates a third proof of authority according to the asset proof application request.
In this embodiment, the second proof of authority generation module 204 determines an authorization scope according to the asset proof application request, and generates the first proof of authority in a hash manner according to the authorization scope.
In this embodiment, the third proof of authority includes, but is not limited to, one or more of the following:
the identification of the data owner 2, the name of the data owner 2, the identification of the data provider 11, the name of the data provider 11, the identification of the data demander 3, the name of the data demander 3, the authorization scope condition, etc.
In this embodiment, the authorization scope condition includes, but is not limited to, one or more of the following combinations:
validity period, maximum number of queries, time point of querying subject, etc.
In step S205, the second sending module 205 sends the third proof of authority and the encrypted asset proof added with the query condition to the asset proof database 13 of the data provider 11.
In this embodiment, the storage mechanism of the asset certificate repository 13 synchronously stores the third proof and the encrypted asset certificate after adding the query condition in the asset certificate repository 23 of the property owner 2 and the asset certificate repository 33 of the data demander 3, so that the property owner 2 or the data demander 3 can query any one of the communicated asset certificate repositories for the property certificate.
In step S206, the second sending module 205 sends the third authorization certification to the material demanding party 3.
In step S207, the second receiving module 201 receives the authorization certificate and the query condition provided by the data demander 3.
In step S208, the second authentication module 202 authenticates whether the authorization certificate and the query condition provided by the data demander 3 are valid according to the third authorization certificate and the encrypted asset certificate after the query condition is added.
In this embodiment, the authenticating, by the second authentication module 202, whether the authorization certificate and the query condition provided by the material demander 3 are valid according to the third authorization certificate and the encrypted asset certificate after adding the query condition includes: the second authentication module 202 matches the authorization certificate provided by the material demander 3 with the third authorization certificate, and matches the query condition provided by the material demander 3 with the query condition pre-added to the generated asset certificate.
In this embodiment, the result of authentication includes:
(1) when the authorization certificate provided by the material requiring party 3 matches the third authorization certificate, and the query condition provided by the material requiring party 3 matches the query condition pre-added to the generated asset certificate, the second authentication module 202 confirms that the authorization certificate and the query condition provided by the material requiring party 3 are valid.
(2) When the authorization certificate provided by the material requiring party 3 matches the third authorization certificate, but the query condition provided by the material requiring party 3 does not match the query condition pre-added to the generated asset certificate, the second authentication module 202 confirms that the authorization certificate and the query condition provided by the material requiring party 3 are invalid.
(3) When the authorization certificate provided by the material requiring party 3 does not match the third authorization certificate, but the query condition provided by the material requiring party 3 matches the query condition pre-added to the generated asset certificate, the second authentication module 202 confirms that the authorization certificate and the query condition provided by the material requiring party 3 are invalid.
(4) When the authorization certificate provided by the material requiring party 3 does not match the third authorization certificate, and the query condition provided by the material requiring party 3 does not match the query condition pre-added to the generated asset certificate, the second authentication module 202 confirms that the authorization certificate and the query condition provided by the material requiring party 3 are invalid.
In step S209, when the authorization certificate and the query condition provided by the data demander 3 are valid, the second asset certificate calculation module 206 calculates the asset certificate required by the data demander 3 according to the authorization certificate provided by the data demander 3.
In the present embodiment, the computed asset certificate is the encrypted asset certificate after the query condition is added, which is stored in the asset certificate database 13 of the data provider 11 or the associated asset certificate database communicated with the asset certificate database 13 of the data provider 11.
In step S210, the second asset proof query module 207 obtains the computed asset proof from the asset proof database 13 of the data provider 11 or the associated asset proof database communicated with the asset proof database 13 of the data provider 11.
In this embodiment, the data demander 3 may be a member or a non-member.
Specifically, when the data consumer 3 is a member, the data consumer 3 can obtain the computed asset certificate from the asset certificate repository 13 of the data provider 11 or any associated asset certificate repository in communication with the asset certificate repository 13 of the data provider 11. However, when the data demander 3 is a non-member, the data demander 3 may connect to the corresponding asset certificate repository through a node belonging to a member (e.g., the second asset certificate query module 207 of the data provider 11) to obtain the computed asset certificate.
In this embodiment, the associated asset certification repository includes, but is not limited to, one or more of the following: the asset certification database 23 of the property owner 2, the asset certification database 33 of the data demander 3, etc.
In step S211, the second sending module 205 sends the obtained asset credential to the data demander 3, so that the data demander 3 decrypts the obtained asset credential by using the private key of the data demander 3.
In this embodiment, after the second sending module 205 sends the obtained asset certificate to the data demander 3, the data demander 3 decrypts the obtained asset certificate with the private key of the data demander 3, verifies the obtained asset certificate with the digital certificate signature of the data provider 11, and determines whether the obtained asset certificate is generated by the data provider 11.
In this embodiment, the embodiment of the asset certification authorization query system 10 further includes: implemented as a blockchain, the asset certificate authority query system 10 generates a block on the blockchain, the owner of the block being the data requestor 3, the block address of the block being the third authority certificate.
Although the present invention has been described in detail with reference to the preferred embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted without departing from the spirit and scope of the invention.
In the embodiments provided in the present invention, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.
The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.
The integrated unit implemented in the form of a software functional module may be stored in a computer readable storage medium. The software functional module is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) or a processor (processor) to perform some steps of the methods according to the embodiments of the present invention.
Certain computer program product claims in the subsequent claims are based on a computer program flow that corresponds generally to the computer program flow in the preceding flowchart. These computer product request items should therefore be understood as functional block architectures that implement the foregoing solution mainly through a computer program described in the specification, and not as physical means for implementing the solution mainly through hardware.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs placed in the claims shall not be construed as limiting the claim concerned. Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means through software or hardware. The terms "first," "second" (if present), and the like are used to denote names, but not any particular order.
Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.
Claims (36)
1. An asset proof authorization query system for a data provider, the asset proof authorization query system being in communication with an asset owner and a data demander, the asset proof authorization query system comprising:
the first asset certification generating module is used for generating an asset certification containing a digital certificate signature of a material provider according to the asset managed by the asset owner at the material provider after receiving an asset certification application request sent by the asset owner and the identity of the asset owner passes authentication, and encrypting the asset certification by using a public key of an identity authorization certification owner of the asset owner;
the first asset certificate generation module is also used for adding a query condition to the encrypted asset certificate;
the first authorization certificate generation module is used for generating a first authorization certificate according to the asset certificate application request;
the first sending module is used for sending the first authorization certificate and the encrypted asset certificate added with the query condition to an asset certificate database of the data provider;
the first sending module is further configured to send the first authorization identification to the property owner so that the property owner provides the first authorization identification to the material demanding party;
the first receiving module is used for receiving the authorization certification and the query condition provided by the property owner and/or the data demander;
the first authentication module is used for authenticating whether the authorization certificate and the query condition provided by the property owner and/or the data demander are valid or not according to the first authorization certificate and the encrypted asset certificate after the first authorization certificate and the query condition are added;
the first asset certification computation module is used for computing the asset certification required by the asset owner and/or the data demander according to the authorization certification provided by the asset owner and/or the data demander when the authorization certification and the query condition provided by the asset owner and/or the data demander are valid;
a first asset proof query module for obtaining a computed asset proof from an asset proof database of the data provider or an associated asset proof database in communication with the asset proof database of the data provider;
the first sending module is further configured to send the obtained asset credential to the asset owner and/or the data demander, so that the asset owner and/or the data demander decrypt the obtained asset credential with a private key of the authorized credential owner.
2. The system of claim 1, wherein prior to generating the proof of asset containing the document provider digital credential signature based on the asset managed by the owner of the asset at the document provider, the first receiving module is further configured to:
receiving authentication information which is sent by an authentication center and used for confirming that the identity of the property owner passes the authentication according to the authentication information, wherein the identity of the property owner passes the authentication;
the certification authority generates an identity of an authorized certificate owner for the property owner and a set of public and private keys for the authorized certificate owner after determining that the identity of the property owner is certified, and the certification authority includes one or more of the following combinations:
the authentication center of the material provider and the authentication center which is communicated with the material provider.
3. The asset proof authorization query system of claim 1, wherein the first authorization proof generation module is specifically configured to:
determining an authorization scope according to the asset attestation application request, and generating the first attestation of authority in a hash mode according to the authorization scope.
4. The system as claimed in claim 1, wherein the first authentication module authenticates whether the authorization certificate and the query condition provided by the property owner and/or the material demander are valid according to the first authorization certificate and the encrypted property certificate after the query condition is added, and comprises:
matching the authorization certificate provided by the property owner and/or the data demander with the first authorization certificate, and matching the query condition provided by the property owner and/or the data demander with the query condition pre-added to the generated property certificate;
when the authorization certification provided by the property owner and/or the data demander is matched with the first authorization certification and the query condition provided by the property owner and/or the data demander is matched with the query condition pre-added to the generated property certification, the authorization certification and the query condition provided by the property owner and/or the data demander are confirmed to be valid; or
When the authorization certificate provided by the property owner and/or the data demander is matched with the first authorization certificate, but the query condition provided by the property owner and/or the data demander is not matched with the query condition pre-added to the generated property certificate, the authorization certificate and the query condition provided by the property owner and/or the data demander are confirmed to be invalid; or
When the authorization certificate provided by the property owner and/or the data demander does not match the first authorization certificate, but the query condition provided by the property owner and/or the data demander matches the query condition pre-added to the generated property certificate, the authorization certificate and the query condition provided by the property owner and/or the data demander are confirmed to be invalid; or
And when the authorization certificate provided by the property owner and/or the data demander does not match the first authorization certificate and the query condition provided by the property owner and/or the data demander does not match the query condition pre-added to the generated property certificate, confirming that the authorization certificate and the query condition provided by the property owner and/or the data demander are invalid.
5. The asset attestation authorization query system of any of claims 1 to 4, wherein:
the type of asset comprises a combination of one or more of:
bank deposits, foreign currency, stocks, bonds, funds;
the proof of asset comprises a combination of one or more of:
transaction date, transaction details, transaction total, account balance, and currency.
6. The asset attestation authorization query system of any of claims 1 to 4, wherein the first authorization attestation includes a combination of one or more of:
the identity certificate of the data owner, the name of the data owner, the identity certificate of the data provider, the name of the data provider, the identity certificate of the data demander, the name of the data demander and an authorization scope condition;
wherein the authorization scope condition comprises one or more of the following combinations:
validity period, maximum number of queries, time point of querying subject, querying subject.
7. The asset attestation authorization query system of any of claims 1 to 4, wherein the query conditions comprise a combination of one or more of:
a query password, identification, a queryable time and queryable content.
8. The asset proof authorization query system according to any one of claims 1 to 4, wherein the data provider corresponds to an asset proof database, the asset owner corresponds to an asset proof database, the data demander corresponds to an asset proof database, the asset proof database of the data provider, the asset proof database of the asset owner, and the asset proof database of the data demander communicate with each other, and the asset proof database of the data provider, the asset proof database of the asset owner, and the asset proof database of the data demander are distributed and synchronized mechanisms, the asset proof database of the data provider is used for storing the first authorization proof and the encrypted asset proof after adding query condition, and storing the first authorization proof and the encrypted asset proof after adding query condition synchronously in the asset proof of the asset owner A production certification database and an asset certification database of the data demander.
9. The asset attestation authorization query system of any one of claims 1 to 4, wherein embodiments of the asset attestation authorization query system further comprise:
implemented as a chain of blocks, a block is generated on the chain of blocks, the owner of the block is the owner of the asset, and the block address of the block is the first proof of authorization.
10. An asset proof authorization query system for a data provider, the asset proof authorization query system in communication with a data demander, the data demander in communication with an asset owner, the asset proof authorization query system comprising:
the second receiving module is used for receiving the asset certification application request and the second authorization certification sent by the data demander;
a second authentication module to authenticate whether the second proof of authority was generated for the property owner;
a second asset certificate generation module, configured to generate an asset certificate including a digital certificate signature of the material provider according to an asset managed by the asset owner at the material provider when the second authorization certificate is generated by the asset owner, and encrypt the asset certificate with a public key of the material demander;
the second asset certificate generation module is also used for adding a query condition to the encrypted asset certificate;
the second authorization certificate generation module is used for generating a third authorization certificate according to the asset certificate application request;
the second sending module is used for sending the third authorization certificate and the encrypted asset certificate added with the query condition to an asset certificate database of the data provider;
the second sending module is further configured to send the third authorization certificate to the data demander;
the second receiving module is further configured to receive an authorization certificate and a query condition provided by the data demander;
the second authentication module is further configured to authenticate whether the authorization certificate and the query condition provided by the data demander are valid according to the third authorization certificate and the encrypted asset certificate after the query condition is added;
the second asset certification operation module is used for calculating the asset certification required by the data demander according to the authorization certification provided by the data demander when the authorization certification and the query condition provided by the data demander are effective;
a second asset proof query module for obtaining the computed asset proof from the asset proof database of the data provider or the associated asset proof database communicated with the asset proof database of the data provider;
the second sending module is further configured to send the obtained asset certificate to the data demander, so that the data demander decrypts the obtained asset certificate with a private key of the data demander.
11. The asset proof authorization query system of claim 10, wherein the second authorization proof generation module is specifically configured to:
determining an authorization scope according to the asset attestation application request, and generating the third attestation of authority in a hash mode according to the authorization scope.
12. The asset certification authority query system according to claim 10, wherein the second certification module certifies whether the certification authority and the query condition provided by the material demander are valid or not according to the third certification authority and the encrypted asset certification added to the query condition comprises:
matching the authorization certificate provided by the data demander with the third authorization certificate, and matching the query condition provided by the data demander with the query condition pre-added to the generated asset certificate;
when the authorization certificate provided by the data demander is matched with the third authorization certificate and the query condition provided by the data demander is matched with the query condition pre-added to the generated asset certificate, the authorization certificate and the query condition provided by the data demander are confirmed to be valid; or
When the authorization certificate provided by the data demander is matched with the third authorization certificate but the query condition provided by the data demander is not matched with the query condition pre-added to the generated asset certificate, confirming that the authorization certificate and the query condition provided by the data demander are invalid; or
When the authorization certificate provided by the data demander is not matched with the third authorization certificate but the query condition provided by the data demander is matched with the query condition pre-added to the generated asset certificate, confirming that the authorization certificate and the query condition provided by the data demander are invalid; or
And when the authorization certificate provided by the material demand party is not matched with the third authorization certificate and the query condition provided by the material demand party is not matched with the query condition pre-added to the generated asset certificate, confirming that the authorization certificate and the query condition provided by the material demand party are invalid.
13. The asset attestation authorization query system of any of claims 10 to 12, wherein:
the type of asset comprises a combination of one or more of:
bank deposits, foreign currency, stocks, bonds, funds;
the proof of asset comprises a combination of one or more of:
transaction date, transaction details, transaction total, account balance, and currency.
14. The asset attestation authorization query system of any of claims 10 to 12, wherein the third authorization attestation includes a combination of one or more of:
the identity certificate of the data owner, the name of the data owner, the identity certificate of the data provider, the name of the data provider, the identity certificate of the data demander, the name of the data demander and an authorization scope condition;
wherein the authorization scope condition comprises one or more of the following combinations:
validity period, maximum number of queries, time point of querying subject, querying subject.
15. The asset attestation authorization query system of any of claims 10 to 12, wherein the query conditions comprise a combination of one or more of:
a query password, identification, a queryable time and queryable content.
16. The asset proof authorization query system according to any one of claims 10 to 12, wherein the data provider corresponds to an asset proof library, the asset owner corresponds to an asset proof library, the data demander corresponds to an asset proof library, the asset proof library of the data provider, the asset proof library of the asset owner, and the asset proof library of the data demander are in communication with each other, and the asset proof library of the data provider, the asset proof library of the asset owner, and the asset proof library of the data demander are distributed and synchronized mechanisms, the asset proof library of the data provider is used for storing the third authorization proof and the encrypted asset proof after adding the query condition, and synchronously storing the third authorization proof and the encrypted asset proof after adding the query condition in the asset proof library of the asset demander A production certification database and an asset certification database of the data demander.
17. The asset attestation authorization query system of any of claims 10 to 12, wherein embodiments of the asset attestation authorization query system further comprise:
the method is implemented by using a block chain, a block is generated on the block chain, the owner of the block is the data requester, and the block address of the block is the third authorization certificate.
18. An asset attestation authorization query method, the asset attestation authorization query method comprising:
after an asset certification application request sent by an asset owner is received and the identity of the asset owner passes authentication, generating an asset certification containing a digital certificate signature of a material provider according to an asset managed by the asset owner at the material provider, and encrypting the asset certification by using a public key of an identity authorization certification owner of the asset owner;
adding a query condition to the encrypted asset certificate;
generating a first authorization certificate according to the asset certificate application request;
sending the first authorization certificate and the encrypted asset certificate added with the query condition to an asset certificate database of the data provider;
sending the first proof of authority to the property owner so that the property owner provides the first proof of authority to a material requiring party;
receiving an authorization certificate and a query condition provided by the property owner and/or the data demander;
according to the first authorization certificate and the encrypted asset certificate after the inquiry condition is added, whether the authorization certificate and the inquiry condition provided by the asset owner and/or the data demander are valid or not is authenticated;
when the authorization certification and the query condition provided by the property owner and/or the data demander are valid, computing the property certification required by the property owner and/or the data demander according to the authorization certification provided by the property owner and/or the data demander;
obtaining the computed asset certificate from the asset certificate database of the data provider or a related asset certificate database in communication with the asset certificate database of the data provider;
and sending the obtained asset certificate to the asset owner and/or the data demander so that the asset owner and/or the data demander can decrypt the obtained asset certificate by using the private key of the authorized certificate owner.
19. The method of claim 18, wherein prior to generating the proof of asset containing the document provider digital credential signature based on the asset managed by the asset owner at the document provider, the method further comprises:
receiving authentication information which is sent by an authentication center and used for confirming that the identity of the property owner passes the authentication according to the authentication information, wherein the identity of the property owner passes the authentication;
the certification authority generates an identity of an authorized certificate owner for the property owner and a set of public and private keys for the authorized certificate owner after determining that the identity of the property owner is certified, and the certification authority includes one or more of the following combinations:
the authentication center of the material provider and the authentication center which is communicated with the material provider.
20. The asset attestation authorization query method of claim 18, wherein said generating a first authorization attestation from the asset attestation request comprises:
determining an authorization scope according to the asset attestation application request, and generating the first attestation of authority in a hash mode according to the authorization scope.
21. The method as claimed in claim 18, wherein the step of authenticating the validity of the certification authority and the query condition provided by the property owner and/or the data demander according to the first certification authority and the encrypted certification authority added to the query condition comprises:
matching the authorization certificate provided by the property owner and/or the data demander with the first authorization certificate, and matching the query condition provided by the property owner and/or the data demander with the query condition pre-added to the generated property certificate;
when the authorization certification provided by the property owner and/or the data demander is matched with the first authorization certification and the query condition provided by the property owner and/or the data demander is matched with the query condition pre-added to the generated property certification, the authorization certification and the query condition provided by the property owner and/or the data demander are confirmed to be valid; or
When the authorization certificate provided by the property owner and/or the data demander is matched with the first authorization certificate, but the query condition provided by the property owner and/or the data demander is not matched with the query condition pre-added to the generated property certificate, the authorization certificate and the query condition provided by the property owner and/or the data demander are confirmed to be invalid; or
When the authorization certificate provided by the property owner and/or the data demander does not match the first authorization certificate, but the query condition provided by the property owner and/or the data demander matches the query condition pre-added to the generated property certificate, the authorization certificate and the query condition provided by the property owner and/or the data demander are confirmed to be invalid; or
And when the authorization certificate provided by the property owner and/or the data demander does not match the first authorization certificate and the query condition provided by the property owner and/or the data demander does not match the query condition pre-added to the generated property certificate, confirming that the authorization certificate and the query condition provided by the property owner and/or the data demander are invalid.
22. The asset attestation authorization query method of any of claims 18 to 21, wherein:
the type of asset comprises a combination of one or more of:
bank deposits, foreign currency, stocks, bonds, funds;
the proof of asset comprises a combination of one or more of:
transaction date, transaction details, transaction total, account balance, and currency.
23. The asset attestation authorization query method of any of claims 18 to 21, wherein the first authorization attestation comprises a combination of one or more of:
the identity certificate of the data owner, the name of the data owner, the identity certificate of the data provider, the name of the data provider, the identity certificate of the data demander, the name of the data demander and an authorization scope condition;
wherein the authorization scope condition comprises one or more of the following combinations:
validity period, maximum number of queries, time point of querying subject, querying subject.
24. The asset attestation authorization query method of any of claims 18 to 21, wherein the query conditions comprise a combination of one or more of:
a query password, identification, a queryable time and queryable content.
25. The asset proof authorization query method according to any of claims 18 to 21, wherein the data provider corresponds to an asset proof database, the asset owner corresponds to an asset proof database, the data demander corresponds to an asset proof database, the asset proof database of the data provider, the asset proof database of the asset owner, and the asset proof database of the data demander communicate with each other, and the asset proof database of the data provider, the asset proof database of the asset owner, and the asset proof database of the data demander are distributed and synchronized mechanisms, the asset proof database of the data provider is used for storing the first authorization proof and the encrypted asset proof after adding query condition, and storing the first authorization proof and the encrypted asset proof after adding query condition synchronously in the asset proof of the asset owner A production certification database and an asset certification database of the data demander.
26. The asset attestation authorization query method of any one of claims 18 to 21, wherein an embodiment of the asset attestation authorization query method further comprises:
implemented as a chain of blocks, a block is generated on the chain of blocks, the owner of the block is the owner of the asset, and the block address of the block is the first proof of authorization.
27. An asset attestation authorization query method, the asset attestation authorization query method comprising:
receiving an asset certification application request and a second authorization certification sent by a data demander;
authenticating whether the second proof of authority was generated for an asset owner;
when the second authorization certification is generated by the asset owner, generating an asset certification containing the digital certificate signature of the material provider according to the asset managed by the asset owner at the material provider, and encrypting the asset certification by using the public key of the material demander;
adding a query condition to the encrypted asset certificate;
generating a third authorization certificate according to the asset certificate application request;
sending the third authorization certification and the encrypted asset certification added with the query condition to an asset certification database of the data provider;
sending the third authorization certification to the data demander;
receiving an authorization certificate and a query condition provided by the data demander;
according to the third authorization certificate and the encrypted asset certificate added with the query condition, whether the authorization certificate and the query condition provided by the data demander are valid is authenticated;
when the authorization certificate and the query condition provided by the data demander are effective, calculating the asset certificate required by the data demander according to the authorization certificate provided by the data demander;
obtaining the computed asset certificate from the asset certificate database of the data provider or a related asset certificate database in communication with the asset certificate database of the data provider;
and sending the obtained asset certificate to the data demander so that the data demander decrypts the obtained asset certificate by using a private key of the data demander.
28. The asset attestation authorization query method of claim 27, wherein said generating a third authorization attestation from the asset attestation request comprises:
determining an authorization scope according to the asset attestation application request, and generating the third attestation of authority in a hash mode according to the authorization scope.
29. The asset certification authority query method according to claim 27, wherein the step of verifying whether the certification authority and the query condition provided by the material demander are valid or not according to the third certification authority and the encrypted asset certification added to the query condition comprises:
matching the authorization certificate provided by the data demander with the third authorization certificate, and matching the query condition provided by the data demander with the query condition pre-added to the generated asset certificate;
when the authorization certificate provided by the data demander is matched with the third authorization certificate and the query condition provided by the data demander is matched with the query condition pre-added to the generated asset certificate, the authorization certificate and the query condition provided by the data demander are confirmed to be valid; or
When the authorization certificate provided by the data demander is matched with the third authorization certificate but the query condition provided by the data demander is not matched with the query condition pre-added to the generated asset certificate, confirming that the authorization certificate and the query condition provided by the data demander are invalid; or
When the authorization certificate provided by the data demander is not matched with the third authorization certificate but the query condition provided by the data demander is matched with the query condition pre-added to the generated asset certificate, confirming that the authorization certificate and the query condition provided by the data demander are invalid; or
And when the authorization certificate provided by the material demand party is not matched with the third authorization certificate and the query condition provided by the material demand party is not matched with the query condition pre-added to the generated asset certificate, confirming that the authorization certificate and the query condition provided by the material demand party are invalid.
30. The asset attestation authorization query method of any of claims 27 to 29, wherein:
the type of asset comprises a combination of one or more of:
bank deposits, foreign currency, stocks, bonds, funds;
the proof of asset comprises a combination of one or more of:
transaction date, transaction details, transaction total, account balance, and currency.
31. The asset attestation authorization query method of any of claims 27 to 29, wherein the third authorization attestation includes a combination of one or more of:
the identity certificate of the data owner, the name of the data owner, the identity certificate of the data provider, the name of the data provider, the identity certificate of the data demander, the name of the data demander and an authorization scope condition;
wherein the authorization scope condition comprises one or more of the following combinations:
validity period, maximum number of queries, time point of querying subject, querying subject.
32. The asset attestation authorization query method of any of claims 27 to 29, wherein the query conditions comprise a combination of one or more of:
a query password, identification, a queryable time and queryable content.
33. The asset proof authorization query method according to any of claims 27 to 29, wherein the data provider corresponds to an asset proof database, the asset owner corresponds to an asset proof database, the data demander corresponds to an asset proof database, the asset proof database of the data provider, the asset proof database of the asset owner, and the asset proof database of the data demander communicate with each other, and the asset proof database of the data provider, the asset proof database of the asset owner, and the asset proof database of the data demander are distributed and synchronized mechanisms, the asset proof database of the data provider is used for storing the third authorization proof and the encrypted asset proof after adding the query condition, and synchronously storing the third authorization proof and the encrypted asset proof after adding the query condition in the asset proof of the asset owner A production certification database and an asset certification database of the data demander.
34. The asset attestation authorization query method of any of claims 27 to 29, wherein an embodiment of the asset attestation authorization query method further comprises:
the method is implemented by using a block chain, a block is generated on the block chain, the owner of the block is the data requester, and the block address of the block is the third authorization certificate.
35. An electronic device, comprising a memory for storing at least one instruction and a processor for executing a computer program stored in the memory to implement the asset attestation authorization query method of any of claims 18 to 26 and/or the asset attestation authorization query method of any of claims 27 to 34.
36. A computer-readable storage medium storing at least one instruction which, when executed by a processor, implements the asset attestation authorization query method of any one of claims 18 to 26 and/or the asset attestation authorization query method of any one of claims 27 to 34.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW106137280 | 2017-10-30 | ||
TW106137280A TWI650723B (en) | 2017-10-30 | 2017-10-30 | Asset certificate authorization query method and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107832632A CN107832632A (en) | 2018-03-23 |
CN107832632B true CN107832632B (en) | 2020-07-03 |
Family
ID=61654321
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711121632.3A Active CN107832632B (en) | 2017-10-30 | 2017-11-14 | Asset certification authorization query method, system, electronic device and computer readable storage medium |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN107832632B (en) |
TW (1) | TWI650723B (en) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109361688B (en) * | 2018-11-16 | 2021-01-22 | 大唐高鸿信息通信(义乌)有限公司 | Evidence storing method and system based on 5G architecture and block chain |
CN109669955B (en) * | 2018-12-20 | 2022-05-31 | 姚前 | Digital asset query system and method based on block chain |
CN113190822B (en) * | 2019-01-16 | 2023-06-09 | 腾讯科技(深圳)有限公司 | Identity authentication method, personal security kernel node and electronic equipment |
EP3673435B1 (en) * | 2019-03-27 | 2022-05-25 | Advanced New Technologies Co., Ltd. | Improving integrity of communications between blockchain networks and external data sources |
KR102136960B1 (en) | 2019-03-27 | 2020-07-23 | 알리바바 그룹 홀딩 리미티드 | How to retrieve public data for blockchain networks using a highly available trusted execution environment |
CA3058244C (en) | 2019-03-29 | 2021-04-27 | Alibaba Group Holding Limited | Retrieving access data for blockchain networks using highly available trusted execution environments |
TWI687839B (en) * | 2019-07-15 | 2020-03-11 | 天逸財金科技服務股份有限公司 | Public document limited viewing method and system thereof |
CN111932261A (en) * | 2020-09-22 | 2020-11-13 | 支付宝(杭州)信息技术有限公司 | Asset data management method and device based on verifiable statement |
TWI759090B (en) * | 2021-01-29 | 2022-03-21 | 國立中興大學 | Platform login method |
CN114465734B (en) * | 2022-04-11 | 2022-08-02 | 成方金融科技有限公司 | Investor authentication method and storage medium |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104125063A (en) * | 2013-04-28 | 2014-10-29 | 腾讯科技(深圳)有限公司 | Authentication method, equipment and system |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6128602A (en) * | 1997-10-27 | 2000-10-03 | Bank Of America Corporation | Open-architecture system for real-time consolidation of information from multiple financial systems |
US7451217B2 (en) * | 2002-12-19 | 2008-11-11 | International Business Machines Corporation | Method and system for peer-to-peer authorization |
CN1667630A (en) * | 2005-04-08 | 2005-09-14 | 王志坚 | Finance and taxation monitoring method and system based on transaction original certificate data |
US20070150724A1 (en) * | 2005-12-27 | 2007-06-28 | Taiwan Semiconductor Manufacturing Co., Ltd. | Data archiving and accessing methods and systems |
US20160277412A1 (en) * | 2010-11-17 | 2016-09-22 | Invysta Technology Group | Methodology for identifying local/mobile client computing devices using a network based database containing records of hashed distinctive hardware, software, and user provided biometric makers for authorization of electronic transactions and right of entry to secure locations |
CN103295126A (en) * | 2012-03-02 | 2013-09-11 | 刘家焜 | Transaction document method capable of being trusted |
TWI610261B (en) * | 2012-08-10 | 2018-01-01 | Zhou yan ru | Transaction voucher management system and method thereof |
CN103391196A (en) * | 2013-07-04 | 2013-11-13 | 黄铁军 | Asset digital authentication method and device |
CN105095693A (en) * | 2015-07-13 | 2015-11-25 | 江苏简果科技发展有限公司 | Method and system for safely sharing digital asset based on Internet |
CN104966194A (en) * | 2015-07-21 | 2015-10-07 | 深圳市淘淘谷信息技术有限公司 | Composite cash register method and intelligent cash register system therefor |
CN105956923B (en) * | 2016-04-20 | 2022-04-29 | 上海如鸽投资有限公司 | Asset transaction system and digital authentication and transaction method of assets |
TWM539666U (en) * | 2016-12-15 | 2017-04-11 | 彰化商業銀行股份有限公司 | Integrated account system |
CN106611372B (en) * | 2016-12-27 | 2021-01-08 | 深圳微众信用科技股份有限公司 | Credit investigation data query method and system |
TWM545952U (en) * | 2017-05-09 | 2017-07-21 | 兆豐國際商業銀行股份有限公司 | System for account authority and verification process management |
-
2017
- 2017-10-30 TW TW106137280A patent/TWI650723B/en active
- 2017-11-14 CN CN201711121632.3A patent/CN107832632B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104125063A (en) * | 2013-04-28 | 2014-10-29 | 腾讯科技(深圳)有限公司 | Authentication method, equipment and system |
Non-Patent Citations (1)
Title |
---|
面向第三方服务平台的隐私保护;姜文广等;《兰州大学学报(自然科学版)》;20120831;第48卷(第4期);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN107832632A (en) | 2018-03-23 |
TWI650723B (en) | 2019-02-11 |
TW201812673A (en) | 2018-04-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107832632B (en) | Asset certification authorization query method, system, electronic device and computer readable storage medium | |
AU2021206913B2 (en) | Systems and methods for distributed data sharing with asynchronous third-party attestation | |
US11677569B1 (en) | Systems and methods for notary agent for public key infrastructure names | |
US11032086B2 (en) | Certificate authority master key tracking on distributed ledger | |
CN107493273B (en) | Identity authentication method, system and computer readable storage medium | |
EP3556069B1 (en) | System and method for securely processing an electronic identity | |
US20190295069A1 (en) | Systems and methods for integrating cryptocurrency wallet identifiers with digital certificates | |
CN112291245B (en) | Identity authorization method, identity authorization device, storage medium and equipment | |
US20190394176A1 (en) | Information masking using certificate authority | |
CN110874464A (en) | Method and equipment for managing user identity authentication data | |
CN108768933B (en) | Autonomous supervision digital identity authentication system on block chain platform | |
US20040165728A1 (en) | Limiting service provision to group members | |
CN109450843B (en) | SSL certificate management method and system based on block chain | |
CN112311538B (en) | Identity verification method, device, storage medium and equipment | |
CN110597836B (en) | Information inquiry request response method and device based on block chain network | |
Win et al. | Privacy enabled digital rights management without trusted third party assumption | |
US20220020020A1 (en) | Methods, systems, and devices for managing digital assets | |
CN113536329A (en) | Electronic device for cryptographic communication and cryptographic communication system | |
CN111079190A (en) | Block chain supply chain transaction hiding dynamic supervision system and method | |
CN113722749A (en) | Data processing method and device for block chain BAAS service based on encryption algorithm | |
KR102056612B1 (en) | Method for Generating Temporary Anonymous Certificate | |
CN112950356B (en) | Personal loan processing method, system, equipment and medium based on digital identity | |
KR102569582B1 (en) | Method for Selective Disclosure of Attribute Information and Zero-Knowledge Proof Using Attribute-Based Encryption | |
CN116318784B (en) | Identity authentication method, identity authentication device, computer equipment and storage medium | |
Alharbi et al. | A Blockchain Review: A Comparative Study Between Public Key Infrastructure and Identity Based Encryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |