CN108777675B - Electronic device, block chain-based identity authentication method, and computer storage medium - Google Patents
Electronic device, block chain-based identity authentication method, and computer storage medium Download PDFInfo
- Publication number
- CN108777675B CN108777675B CN201810386011.6A CN201810386011A CN108777675B CN 108777675 B CN108777675 B CN 108777675B CN 201810386011 A CN201810386011 A CN 201810386011A CN 108777675 B CN108777675 B CN 108777675B
- Authority
- CN
- China
- Prior art keywords
- identity
- user
- verification
- information
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses an electronic device, an identity verification method based on a block chain and a computer storage medium. After the first user identity information is verified according to the predetermined identity verification rule, whether multiple identity verification is executed or not is determined according to the predetermined judgment rule, and after the multiple identity verification is determined to be executed, the second user identity information is issued to the blockchain network for verification so as to obtain the verification result of the multiple identity verification. Compared with the prior art, the method and the device can meet the diversified requirements of various application scenes, improve the accuracy of user identity verification and simultaneously prevent the user identity information from being leaked.
Description
Technical Field
The present invention relates to the field of blockchain technologies, and in particular, to an electronic device, an identity verification method based on a blockchain, and a computer storage medium.
Background
The blockchain is essentially a distributed database based on intelligent contracts, and information on the blockchain is shared by a P2P (Peer-to-Peer) network to all nodes. The blockchain has the advantages of tamper resistance, high transparency, decentralization and the like, and is widely applied to various fields in recent years.
Identity authentication is also called as "identity authentication" or "identity authentication", which refers to a process of confirming the identity of an operator in a computer and a computer network system, so as to determine whether the user has access and use authority to a certain resource, thereby enabling the access policy of the computer and the network system to be reliably and effectively executed, preventing an attacker from impersonating a legitimate user to obtain the access authority of the resource, ensuring the security of the system and data, and authorizing the legitimate interests of the accessor.
Generally, the identity authentication method of the blockchain is as follows: when a user logs in through an application terminal of a block chain, the application terminal verifies the user identity through a mode of verifying the user name and the user password of the user. The verification method has the problems that the same verification method is adopted for different users, and the verification method is too single and cannot meet the diversified requirements of various application scenes.
Disclosure of Invention
The invention mainly aims to provide an electronic device, an identity authentication method based on a block chain and a computer storage medium, and aims to solve the problem that the existing identity authentication method is too single and cannot meet diversified requirements of various application scenes.
To achieve the above object, the present invention provides an electronic device, comprising a memory and a processor, wherein the memory stores a first identity verification program based on a block chain, and the first identity verification program based on the block chain realizes the following steps when being executed by the processor:
a verification step: when a first identity authentication request carrying first user identity information is received, verifying the first user identity information according to a predetermined identity authentication rule to obtain a first authentication result;
a judging step: determining whether to execute multiple identity authentication according to the obtained first authentication result, the first user identity information and a predetermined judgment rule;
a first output step: when determining not to execute multiple identity authentication, outputting the first authentication result as a user identity authentication result; or, when determining to execute multiple identity authentication, acquiring second user identity information;
a searching step: searching at least one corresponding verification node of the user identification information in the block chain network according to the user identification information in the first user identity information and a predetermined mapping relation between the user identification information and the verification node identification information;
a release step: issuing a second identity authentication request carrying the second user identity information to the block chain network, and receiving feedback information which carries the authentication node identification information and is generated by verifying and broadcasted the second user identity information and corresponds to the block chain network;
and (3) an analysis step: analyzing and processing the verification result in the feedback information based on a predetermined first result analysis rule, and outputting a first analysis result as a second verification result;
a second output step: and analyzing and processing the second verification result according to a predetermined second result analysis rule, and outputting the second analysis result as the identity verification result of the user.
Preferably, the predetermined judgment rule includes:
when the first verification result is successful, determining whether to execute multiple identity verification according to user identification information in the first user identity information and a predetermined judgment sub-rule;
when multiple identity authentication is determined to be executed based on the predetermined judgment sub-rule, outputting a judgment result as the multiple identity authentication;
when the multiple identity authentication is determined not to be executed based on the predetermined judgment sub-rule, outputting a judgment result as that the multiple identity authentication is not executed;
and when the first verification result is verification failure, outputting a judgment result as that multiple identity verification is not executed.
In addition, to achieve the above object, the present invention further provides an electronic device, which includes a memory and a processor, wherein the memory stores a second authentication program based on a blockchain, and when the second authentication program based on the blockchain is executed by the processor, the electronic device implements the following steps:
a receiving step: receiving an identity authentication request carrying user identity information;
and (3) checking: and verifying the user identity information to obtain a verification result, generating feedback information carrying node identification information according to the verification result, and broadcasting the feedback information to the block chain network.
Preferably, the user identity information is encrypted user identity information obtained by encrypting user identity data by using a predetermined first encryption rule;
the verification step comprises:
decrypting the encrypted user information according to a predetermined first decryption rule to obtain a plaintext of the user identity information as user identity information to be verified, wherein the user identity information to be verified comprises user identification information and user identity characteristic information to be verified;
searching for encrypted standard user identity characteristic information corresponding to the user identification information according to the user identification information in the user identity information to be verified and a predetermined mapping relation between the user identification information and standard user identity characteristic information;
decrypting the encrypted standard user identity characteristic information according to a predetermined second decryption rule to obtain standard user identity characteristic information;
verifying the identity characteristic information of the user to be verified according to the identity characteristic information of the standard user;
when the identity characteristic information of the user to be verified is determined to be the same as the identity characteristic information of the standard user, outputting a verification result as verification success;
and when the identity characteristic information of the user to be verified is different from the identity characteristic information of the standard user, outputting a verification result as verification failure.
In addition, in order to achieve the above object, the present invention further provides an identity authentication method based on a block chain, including the steps of:
a first verification step: when a first identity authentication request carrying first user identity information is received, verifying the first user identity information according to a predetermined identity authentication rule to obtain a first authentication result;
a judging step: determining whether to execute multiple identity authentication according to the obtained first authentication result, the first user identity information and a predetermined judgment rule;
a first output step: when determining not to execute multiple identity authentication, outputting the first authentication result as a user identity authentication result; or, when determining to execute multiple identity authentication, acquiring second user identity information;
a searching step: searching at least one corresponding verification node of the user identification information in the block chain network according to the user identification information in the first user identity information and a predetermined mapping relation between the user identification information and the verification node identification information;
a release step: issuing a second identity authentication request carrying the second user identity information to the block chain network, and receiving feedback information which carries the authentication node identification information and is generated by verifying and broadcasted the second user identity information and corresponds to the block chain network;
and (3) an analysis step: analyzing and processing the verification result in the feedback information based on a predetermined first result analysis rule, and outputting a first analysis result as a second verification result;
a second output step: and analyzing and processing the second verification result according to a predetermined second result analysis rule, and outputting the second analysis result as the identity verification result of the user.
Preferably, the predetermined judgment rule includes: when the first verification result is successful, determining whether to execute multiple identity verification according to user identification information in the first user identity information and a predetermined judgment sub-rule;
when multiple identity authentication is determined to be executed based on the predetermined judgment sub-rule, outputting a judgment result as the multiple identity authentication;
when the multiple identity authentication is determined not to be executed based on the predetermined judgment sub-rule, outputting a judgment result as that the multiple identity authentication is not executed;
and when the first verification result is verification failure, outputting a judgment result as that multiple identity verification is not executed.
In addition, to achieve the above object, the present invention also provides a computer-readable storage medium storing a first blockchain-based authentication system, which is executable by at least one processor to cause the at least one processor to execute any one of the above block chain-based authentication methods.
In addition, in order to achieve the above object, the present invention further provides an identity authentication method based on a block chain, where the identity authentication method based on a block chain includes:
a receiving step: receiving an identity authentication request carrying user identity information;
and (3) checking: and verifying the user identity information to obtain a verification result, generating feedback information carrying node identification information according to the verification result, and broadcasting the feedback information to the block chain network.
Preferably, the user identity information is encrypted user identity information obtained by encrypting user identity data by using a predetermined first encryption rule;
the verification step comprises:
decrypting the encrypted user information according to a predetermined first decryption rule to obtain a plaintext of the user identity information as user identity information to be verified, wherein the user identity information to be verified comprises user identification information and user identity characteristic information to be verified;
searching for encrypted standard user identity characteristic information corresponding to the user identification information according to the user identification information in the user identity information to be verified and a predetermined mapping relation between the user identification information and standard user identity characteristic information;
decrypting the encrypted standard user identity characteristic information according to a predetermined second decryption rule to obtain standard user identity characteristic information;
verifying the identity characteristic information of the user to be verified according to the identity characteristic information of the standard user;
when the identity characteristic information of the user to be verified is determined to be the same as the identity characteristic information of the standard user, outputting a verification result as verification success;
and when the identity characteristic information of the user to be verified is different from the identity characteristic information of the standard user, outputting a verification result as verification failure.
Furthermore, to achieve the above object, the present invention further provides a computer-readable storage medium storing a second identity verification system based on a blockchain, the second identity verification system based on a blockchain being executable by at least one processor, so that the at least one processor executes the method for identity verification based on a blockchain according to any one of the above mentioned items.
After the first user identity information is verified according to the predetermined identity verification rule, whether multiple identity verification is executed or not is determined according to the predetermined judgment rule, and after the multiple identity verification is determined to be executed, the second user identity information is issued to the blockchain network for verification so as to obtain the verification result of the multiple identity verification. Compared with the prior art, the method and the device can meet the diversified requirements of various application scenes, improve the accuracy of user identity verification and simultaneously prevent the user identity information from being leaked.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the structures shown in the drawings without creative efforts.
FIG. 1 is a schematic diagram illustrating an operating environment of a first electronic device and a second electronic device according to the present invention;
FIG. 2 is a diagram illustrating an operating environment of a first embodiment of a blockchain-based authentication procedure according to the present invention;
FIG. 3 is a block diagram of a first embodiment of a first authentication procedure based on blockchain according to the present invention;
FIG. 4 is a flowchart illustrating a first embodiment of a blockchain-based authentication method according to the present invention;
FIG. 5 is a diagram illustrating an operating environment of a first embodiment of a second authentication procedure based on a blockchain according to the present invention;
FIG. 6 is a block diagram of a second embodiment of a blockchain-based authentication procedure according to the present invention;
fig. 7 is a flowchart illustrating a block chain-based authentication method according to a second embodiment of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
The principles and features of this invention are described below in conjunction with the following drawings, which are set forth by way of illustration only and are not intended to limit the scope of the invention.
The electronic device, the identity verification method based on the block chain and the computer storage medium are suitable for a public service system based on the block chain, the system comprises a plurality of application ends and node equipment corresponding to each application end, the application ends comprise public service platforms and public service object platforms, and the node equipment comprises public service platform node equipment corresponding to the public service platforms, public service object platform node equipment corresponding to the public service object platforms, a plurality of public service platform staff management subsystems and public service platform staff management node equipment corresponding to the public service platform staff management subsystems; in some embodiments, the block chain-based public interest system further comprises: a plurality of justice mechanism platforms and justice mechanism node equipment corresponding to the justice mechanism platforms.
The invention also provides a first identity verification program based on the block chain.
Referring to fig. 1, fig. 1 is a schematic diagram illustrating an operating environment of a first electronic device 1 and a second electronic device 2 according to the present invention.
Please refer to fig. 2, which is a schematic operating environment of a first authentication procedure 10 based on a block chain according to a first embodiment of the present invention.
In the present embodiment, the first authentication program 10 based on the block chain is installed and executed in the first electronic device 1. The first electronic device 1 may be a publishing node device, an application server corresponding to the publishing node device, or other electronic devices besides the publishing node device and the application server, which is not limited in the present invention.
The first electronic device 1 may be a desktop computer, a notebook, a palm computer, a server, or other computing devices. The first electronic device 1 may include, but is not limited to, a memory 11, a processor 12, and a display 13. Fig. 2 only shows the first electronic device 1 with components 11-13, but it is to be understood that not all shown components are required to be implemented, and that more or less components may alternatively be implemented.
The storage 11 may in some embodiments be an internal storage unit of the first electronic device 1, such as a hard disk or a memory of the first electronic device 1. The memory 11 may also be an external storage device of the first electronic apparatus 1 in other embodiments, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like provided on the first electronic apparatus 1. Further, the memory 11 may also include both an internal storage unit of the first electronic apparatus 1 and an external storage device. The memory 11 is used for storing application software installed in the first electronic device 1 and various types of data, such as program codes of the first authentication program 10 based on the block chain. The memory 11 may also be used to temporarily store data that has been output or is to be output.
The processor 12 may be a Central Processing Unit (CPU), microprocessor or other data Processing chip in some embodiments, and is used for executing the program codes stored in the memory 11 or Processing data, such as executing the first authentication program 10. In this embodiment, if the first electronic device 1 is a publishing node, the processor 12 may be a smart contract.
The display 13 may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch panel, or the like in some embodiments. The display 13 is used for displaying information processed in the first electronic device 1 and for displaying a visualized user interface. The components 11-13 of the first electronic device 1 communicate with each other via a system bus.
Please refer to fig. 3, which is a block diagram illustrating a first embodiment of a first authentication procedure 10 based on a block chain according to the present invention. In this embodiment, the first authentication procedure 10 based on the block chain may be divided into one or more modules, and the one or more modules are stored in the memory 11 and executed by one or more processors (in this embodiment, the processor 12) to complete the present invention. For example, in fig. 3, the first authentication program 10 based on the block chain may be divided into an authentication module 101, a determination module 102, a first output module 103, a lookup module 104, a publishing module 105, an analysis module 106, and a second output module 107. The module referred to in the present invention refers to a series of computer program instruction segments capable of performing specific functions, and is more suitable than a program for describing the execution process of the first authentication program 10 based on the block chain in the first electronic device 1, wherein:
the verification module 101 is configured to, when a first authentication request carrying first user identity information is received, verify the first user identity information according to a predetermined identity verification rule to obtain a first verification result.
The determining module 102 is configured to determine whether to execute multiple identity authentications according to the obtained first authentication result, the first user identity information, and a predetermined determining rule.
A first output module 103, configured to output the first authentication result as a user authentication result when it is determined that multiple authentication is not performed; or, when it is determined that the multiple authentication is performed, acquiring second user identity information.
The searching module 104 is configured to search for at least one verification node corresponding to the user identification information in the blockchain network according to the user identification information in the first user identity information and a predetermined mapping relationship between the user identification information and the verification node identification information.
The publishing module 105 is configured to publish a second identity authentication request carrying the second user identity information to the blockchain network, and receive feedback information carrying the authentication node identification information, generated by verifying and broadcasting the second user identity information, corresponding to the blockchain network.
The analysis module 106 is configured to analyze the verification result in the feedback information based on a predetermined first result analysis rule, and output the first analysis result as a second verification result.
And the second output module 107 is configured to analyze the second verification result according to a predetermined second result analysis rule, and output the second analysis result as the authentication result of the user.
The first user identity information is identity information which does not relate to user privacy, and even if the first user identity information is acquired by others, an acquirer of the first user identity information cannot acquire the real identity of the user through the first user identity information. For example, the first user identity information includes user identification information and first user identity characteristic information, where the user identity association information includes user name information, user password information (the user password information may be a U shield, an electronic certificate, or the like as a storage medium), a dynamic code, and the like.
The predetermined authentication rule includes:
and searching first standard user identity characteristic information corresponding to the user identification information according to the user identification information in the first identity information and based on a predetermined mapping relation between the user identification information and the first standard user identity characteristic information.
Checking first user identity characteristic information to be verified in the first identity information according to the first standard user identity characteristic information obtained by searching; if the verification results are the same, outputting a first verification result as successful verification; and if the verification results are different, outputting the first verification result as verification failure.
The predetermined judgment rule is explained by the following two schemes:
the first scheme is as follows:
the predetermined judgment rule is:
when the first verification result is verification failure, determining to execute multiple identity verification; or, when the first authentication result is authentication failure and a request for confirming to continue to execute authentication sent by a user is received, determining to execute multiple authentication.
When the first verification result is verification success, determining not to execute multiple identity verification; or when the first verification result is successful verification or when the first verification result is failed verification and a request for stopping the execution of the multiple identity verification is received, determining not to execute the multiple identity verification.
The application scenario of the first scheme is as follows: when a user logs in through the public service platform, the public service platform firstly verifies through a user name and a user password provided by the user, if the verification result is that the verification fails, the user may be an illegal login user or forget the user name and/or the user password, and in order to prevent misjudgment, the public service platform executes multiple identity verifications so as to ensure the accuracy of the identity verification.
Scheme II:
the predetermined judgment rule is:
and when the first verification result is successful verification, determining whether to execute multiple identity verification or not according to the user identification information in the first user identity information and based on a predetermined judgment sub-rule. And when the multiple identity authentication is determined to be executed based on the predetermined judgment sub-rule, outputting a judgment result as the multiple identity authentication. And when the multiple identity authentication is determined not to be executed based on the predetermined judgment sub-rule, outputting a judgment result as that the multiple identity authentication is not executed.
And when the first verification result is verification failure, outputting a judgment result as that multiple identity verification is not executed.
Wherein the predetermined judgment sub-rule is:
and extracting the user identity grade in the user identification information as the user identity grade to be confirmed, and judging whether the mapping relation exists between the user identity grade to be confirmed and the multiple identity verifications or not based on the mapping relation between the predetermined user identity grade and the multiple identity verifications.
If yes, outputting the judgment result as executing multiple identity authentication.
If not, outputting the judgment result that the multiple identity authentication is not executed.
In some embodiments, multiple authentication identifiers may also be set in the user identification information in advance, if the multiple authentication identifiers exist in the user identification information of a user, it is determined that multiple authentication is performed, and if the multiple authentication identifiers do not exist in the user identification information of the user, it is determined that multiple authentication is not performed.
The application scenario of the second scheme is as follows: when a user logs in through the public service platform, the public service platform firstly verifies through first user identity information provided by the user. If the user passes the verification, whether the user is a user with a high system operation level (for example, a public service platform employee) is further determined, since the user often has a processing right on confidential data or non-public data in the system, in order to ensure the security of system data, the real identity of the user needs to be verified to confirm that the login is really operated by the user himself. If the user is determined to be the user with the high system operation level, judging that multiple identity authentications need to be executed on the user; if the user is determined not to be the user with the high system operation level, it is determined that the user does not need to be subjected to multiple identity authentication, and only the first user identity information needs to be authenticated. Because the first user identity information is identity information which does not relate to the user privacy, the first user identity information can be stored in each node on the block chain, and even if the first user identity information is stolen, the user privacy can not be leaked.
The second user identity information comprises user identification information and second user identity characteristic information.
The second user identity characteristic information comprises at least one of user biological information and identity document information.
The user biological information comprises fingerprint information, face information, iris information, voiceprint information and other biological characteristic information used for uniquely identifying the user identity.
The identity document information comprises an identity card number, a passport number, an employee number and the like.
The mapping relationship between the user identification information and the verification node identification information may be stored in a mapping table, where the authentication of a user may be completed by one or more verification nodes in the blockchain network, and the number of verification nodes that complete one-time user authentication enablement may be determined as required, which is not limited herein.
The publishing module 105 is specifically configured to:
and encrypting the second user identity information according to a predetermined first encryption rule, and issuing a second identity verification request carrying the encrypted second user identity information to the block chain network. And a block chain network, for example, a corresponding verification node in the block chain network, decrypts the encrypted second user identity information according to a predetermined first decryption rule to obtain the second user identity information after receiving the second identity verification request, verifies the second user identity information to obtain a verification result, generates feedback information carrying node identification information of the verification node according to the verification result, and broadcasts the feedback information to the block chain network.
The step of encrypting the second user identity information according to the predetermined first encryption rule and issuing the second identity verification request carrying the encrypted second user identity information to the blockchain network specifically includes:
firstly, a public key corresponding to the verification node is obtained.
If the number of the verification nodes is one, the second user identity information is encrypted by using the obtained public key corresponding to the verification node so as to obtain the encrypted second user identity information.
If the number of the verification nodes is multiple, the obtained public key corresponding to each verification node is used for encrypting the second user identity information respectively so as to obtain multiple encrypted second user identity information.
Then, a second authentication request is issued into the blockchain network through the issuing node.
The verification node (e.g., the platform employee management node device) generally corresponds to a first identity verification program based on a block chain, the first identity verification program based on the block chain is stored in a memory, and the first identity verification program based on the block chain can be executed by one or more processors, and the processor executing the first identity verification program based on the block chain can be disposed in the verification node, an application terminal (e.g., the platform employee management subsystem), or an electronic device independently, for example, if the processor is disposed in the verification node, the processor can be an intelligent contract corresponding to the verification node.
How the block chain-based authentication procedure receives and processes the second authentication request is described below by taking the example in which the processor is disposed in the authentication node:
if the number of the verification nodes is one, after receiving the second identity verification request, the verification node decrypts the encrypted second user identity information by using a private key corresponding to the verification node to obtain the second user identity information. According to the user identification information in the second user identity information, and based on the mapping relationship between the predetermined user identification information and the second standard user identity characteristic information, searching the second standard user identity characteristic information which is stored in advance and corresponds to the user identification information in an encrypted manner, decrypting the encrypted second standard user identity characteristic information by using a symmetric encryption key corresponding to the verification node to obtain the second standard user identity characteristic information, and verifying the second user identity characteristic information to be verified in the second identity information according to the searched second standard user identity characteristic information. And if the second user identity characteristic information to be verified is the same as the second standard user identity characteristic information, outputting a verification result as verification success. And if the second user identity characteristic information to be verified is different from the second standard user identity characteristic information, outputting a verification result as verification failure. And generating feedback information carrying the node identification information of the verification node according to the verification result, and issuing the generated feedback information to the block chain network by the verification node.
If the number of the verification nodes is multiple, each verification node can receive multiple encrypted second user identity information, and no matter how many encrypted second user identity information are received by one verification node, the verification node can only decrypt the second user identity information encrypted by the public key corresponding to the verification node. After each verification node decrypts the received encrypted second user identity information by using the private key corresponding to each verification node, the method for verifying the second user identity information and generating and issuing feedback information is the same as the above method, and details are not repeated here.
The predetermined first result analysis rule is:
if the verification node is one, when the verification result is successful, determining that the first analysis result is successful in verification; when the verification result is verification failure, determining that the first analysis result is verification failure;
if the number of the verification nodes is multiple, when all verification results are successful, determining that the first analysis result is successful; otherwise, determining that the first analysis result is verification failure.
The predetermined second result analysis rule is:
if the second verification result is successful, the second analysis result is successful;
and if the second verification result is verification failure or the second verification result is a null value, the second analysis result is verification failure.
The condition that the second authentication result is null value is that the multiple identity authentication is terminated by the user.
In this embodiment, after the first user identity information is verified according to the predetermined identity verification rule, whether multiple identity verifications are performed is determined according to the predetermined judgment rule, and after the multiple identity verifications are determined to be performed, the second user identity information is issued to the blockchain network for verification, so as to obtain a verification result of the multiple identity verifications. Compared with the prior art, the embodiment can meet the diversified requirements of various application scenes, improve the accuracy of user identity verification and simultaneously prevent user identity information from being leaked.
The invention also provides an identity authentication method based on the block chain, which is suitable for an issuing end of the identity authentication request in the block chain network, such as an issuing node.
In this embodiment, the first identity verification program based on the blockchain is stored in the memory, and the first identity verification program based on the blockchain may be executed by one or more processors to implement the identity verification method based on the blockchain in this embodiment, the processor executing the first identity verification program based on the blockchain may be disposed in the verification node, may also be disposed in an application terminal (e.g., a public service platform), and may also be independently disposed in an electronic apparatus, for example, if the processor is disposed in the publishing node, the processor may be an intelligent contract corresponding to the publishing node.
As shown in fig. 4, fig. 4 is a flowchart illustrating a block chain-based authentication method according to a first embodiment of the present invention.
In this embodiment, the method includes:
step S110, when a first identity verification request carrying first user identity information is received, verifying the first user identity information according to a predetermined identity verification rule to obtain a first verification result.
The first user identity information is identity information which does not relate to user privacy, and even if the first user identity information is acquired by others, an acquirer of the first user identity information cannot acquire the real identity of the user through the first user identity information. For example, the first user identity information includes user identification information and first user identity characteristic information, where the user identity association information includes user name information, user password information (the user password information may be a U shield, an electronic certificate, or the like as a storage medium), a dynamic code, and the like.
The predetermined authentication rule includes:
and searching first standard user identity characteristic information corresponding to the user identification information according to the user identification information in the first identity information and based on a predetermined mapping relation between the user identification information and the first standard user identity characteristic information.
Checking first user identity characteristic information to be verified in the first identity information according to the first standard user identity characteristic information obtained by searching; if the verification results are the same, outputting a first verification result as successful verification; and if the verification results are different, outputting the first verification result as verification failure.
Step S120, determining whether to execute multiple identity authentications according to the obtained first authentication result, the first user identity information, and a predetermined determination rule.
The predetermined judgment rule is explained by the following two schemes:
the first scheme is as follows:
the predetermined judgment rule is:
when the first verification result is verification failure, determining to execute multiple identity verification; or, when the first authentication result is authentication failure and a request for confirming to continue to execute authentication sent by a user is received, determining to execute multiple authentication.
When the first verification result is verification success, determining not to execute multiple identity verification; or when the first verification result is successful verification or when the first verification result is failed verification and a request for stopping the execution of the multiple identity verification is received, determining not to execute the multiple identity verification.
The application scenario of the first scheme is as follows: when a user logs in through the public service platform, the public service platform firstly verifies through a user name and a user password provided by the user, if the verification result is that the verification fails, the user may be an illegal login user or forget the user name and/or the user password, and in order to prevent misjudgment, the public service platform executes multiple identity verifications so as to ensure the accuracy of the identity verification.
Scheme II:
the predetermined judgment rule is:
and when the first verification result is successful verification, determining whether to execute multiple identity verification or not according to the user identification information in the first user identity information and based on a predetermined judgment sub-rule. And when the multiple identity authentication is determined to be executed based on the predetermined judgment sub-rule, outputting a judgment result as the multiple identity authentication. And when the multiple identity authentication is determined not to be executed based on the predetermined judgment sub-rule, outputting a judgment result as that the multiple identity authentication is not executed.
And when the first verification result is verification failure, outputting a judgment result as that multiple identity verification is not executed.
Wherein the predetermined judgment sub-rule is:
and extracting the user identity grade in the user identification information as the user identity grade to be confirmed, and judging whether the mapping relation exists between the user identity grade to be confirmed and the multiple identity verifications or not based on the mapping relation between the predetermined user identity grade and the multiple identity verifications.
If yes, outputting the judgment result as executing multiple identity authentication.
If not, outputting the judgment result that the multiple identity authentication is not executed.
In some embodiments, multiple authentication identifiers may also be set in the user identification information in advance, if the multiple authentication identifiers exist in the user identification information of a user, it is determined that multiple authentication is performed, and if the multiple authentication identifiers do not exist in the user identification information of the user, it is determined that multiple authentication is not performed.
The application scenario of the second scheme is as follows: when a user logs in through the public service platform, the public service platform firstly verifies through first user identity information provided by the user. If the user passes the verification, whether the user is a user with a high system operation level (for example, a public service platform employee) is further determined, since the user often has a processing right on confidential data or non-public data in the system, in order to ensure the security of system data, the real identity of the user needs to be verified to confirm that the login is really operated by the user himself. If the user is determined to be the user with the high system operation level, judging that multiple identity authentications need to be executed on the user; if the user is determined not to be the user with the high system operation level, it is determined that the user does not need to be subjected to multiple identity authentication, and only the first user identity information needs to be authenticated. Because the first user identity information is identity information which does not relate to the user privacy, the first user identity information can be stored in each node on the block chain, and even if the first user identity information is stolen, the user privacy can not be leaked.
Step S130, when it is determined that the multiple authentication is not performed, outputting the first authentication result as a user authentication result.
In step S140, when it is determined that the multiple authentication is performed, second user identity information is acquired.
The second user identity information comprises user identification information and second user identity characteristic information.
The second user identity characteristic information comprises at least one of user biological information and identity document information.
The user biological information comprises fingerprint information, face information, iris information, voiceprint information and other biological characteristic information used for uniquely identifying the user identity.
The identity document information comprises an identity card number, a passport number, an employee number and the like.
Step S150, searching for at least one corresponding verification node of the user identification information in the blockchain network according to the user identification information in the first user identity information and a predetermined mapping relationship between the user identification information and the verification node identification information.
The mapping relationship between the user identification information and the verification node identification information may be stored in a mapping table, where the authentication of a user may be completed by one or more verification nodes in the blockchain network, and the number of verification nodes that complete one-time user authentication enablement may be determined as required, which is not limited herein.
Step S160, issuing a second authentication request carrying the second user identity information to the blockchain network, and receiving feedback information carrying the authentication node identification information, generated by verifying and broadcasted by the corresponding second user identity information in the blockchain network.
Step S160 specifically includes:
and encrypting the second user identity information according to a predetermined first encryption rule, and issuing a second identity verification request carrying the encrypted second user identity information to the block chain network. After receiving the second identity authentication request, the block chain network, for example, a certain authentication node in the block chain network decrypts the encrypted second user identity information according to a predetermined first decryption rule to obtain the second user identity information, verifies the second user identity information to obtain a verification result, generates feedback information carrying node identification information of the authentication node according to the verification result, and broadcasts the feedback information to the block chain network.
The step of encrypting the second user identity information according to the predetermined first encryption rule and issuing the second identity verification request carrying the encrypted second user identity information to the blockchain network specifically includes:
firstly, a public key corresponding to the verification node is obtained.
If the number of the verification nodes is one, the second user identity information is encrypted by using the obtained public key corresponding to the verification node so as to obtain the encrypted second user identity information.
If the number of the verification nodes is multiple, the obtained public key corresponding to each verification node is used for encrypting the second user identity information respectively so as to obtain multiple encrypted second user identity information.
Then, a second authentication request is issued into the blockchain network through the issuing node.
The verification node (e.g., the platform employee management node device) generally corresponds to a first identity verification program based on a block chain, the first identity verification program based on the block chain is stored in a memory, and the first identity verification program based on the block chain can be executed by one or more processors, and the processor executing the first identity verification program based on the block chain can be disposed in the verification node, an application terminal (e.g., the platform employee management subsystem), or an electronic device independently, for example, if the processor is disposed in the verification node, the processor can be an intelligent contract corresponding to the verification node.
How the block chain-based authentication procedure receives and processes the second authentication request is described below by taking the example in which the processor is disposed in the authentication node:
if the number of the verification nodes is one, after receiving the second identity verification request, the verification node decrypts the encrypted second user identity information by using a private key corresponding to the verification node to obtain the second user identity information; according to the user identification information in the second user identity information, and based on the mapping relationship between the predetermined user identification information and the second standard user identity characteristic information, searching the second standard user identity characteristic information which is stored in advance and corresponds to the user identification information in an encrypted manner, decrypting the encrypted second standard user identity characteristic information by using a symmetric encryption key corresponding to the verification node to obtain the second standard user identity characteristic information, and verifying the second user identity characteristic information to be verified in the second identity information according to the searched second standard user identity characteristic information; if the identity characteristic information of the second user to be verified is the same as the identity characteristic information of the second standard user, outputting a verification result as verification success; if the identity characteristic information of the second user to be verified is different from the identity characteristic information of the second standard user, outputting a verification result as verification failure; and generating feedback information carrying the node identification information of the verification node according to the verification result, and issuing the generated feedback information to the block chain network by the verification node.
If the number of the verification nodes is multiple, each verification node can receive multiple encrypted second user identity information, and no matter how many encrypted second user identity information are received by one verification node, the verification node can only decrypt the second user identity information encrypted by the public key corresponding to the verification node; after each verification node decrypts the received encrypted second user identity information by using the private key corresponding to each verification node, the method for verifying the second user identity information and generating and issuing feedback information is the same as the above method, and details are not repeated here.
Step S170, analyzing the verification result in the feedback information based on a predetermined first result analysis rule, and outputting the first analysis result as a second verification result.
The predetermined first result analysis rule is:
if the verification node is one, when the verification result is successful, determining that the first analysis result is successful in verification; when the verification result is verification failure, determining that the first analysis result is verification failure;
if the number of the verification nodes is multiple, when all verification results are successful, determining that the first analysis result is successful; otherwise, determining that the first analysis result is verification failure.
And step S180, analyzing and processing the second verification result according to a predetermined second result analysis rule, and outputting the second analysis result as the identity verification result of the user.
The predetermined second result analysis rule is:
if the second verification result is successful, the second analysis result is successful;
and if the second verification result is verification failure or the second verification result is a null value, the second analysis result is verification failure.
The condition that the second authentication result is null value is that the multiple identity authentication is terminated by the user.
In this embodiment, after the first user identity information is verified according to the predetermined identity verification rule, whether multiple identity verifications are performed is determined according to the predetermined judgment rule, and after the multiple identity verifications are determined to be performed, the second user identity information is issued to the blockchain network for verification, so as to obtain a verification result of the multiple identity verifications. Compared with the prior art, the identity authentication method provided by the embodiment can meet the diversified requirements of various application scenes, improve the accuracy of user identity authentication, and simultaneously prevent user identity information from being leaked.
Further, the present invention also provides a computer-readable storage medium storing a first identity verification program based on a blockchain, where the first identity verification program based on a blockchain is executable by at least one processor to cause the at least one processor to execute the method for identity verification based on a blockchain in any of the above embodiments.
The invention also provides a second identity authentication program based on the block chain.
Referring to fig. 5, a schematic operating environment of a second authentication program 20 based on a block chain according to a first embodiment of the present invention is shown.
In the present embodiment, the second authentication program 20 based on the block chain is installed and executed in the second electronic device 2. The second electronic device 2 may be a verification node device, an application server corresponding to the verification node device, or other electronic devices except the verification node device and the application server, which is not limited in the present invention.
The second electronic device 2 may be a desktop computer, a notebook, a palm computer, a server, or other computing devices. The second electronic device 2 may include, but is not limited to, a memory 21, a processor 22, and a display 23. Fig. 5 only shows the second electronic device 2 with components 21-23, but it is to be understood that not all shown components are required to be implemented, and that more or fewer components may alternatively be implemented.
The storage 21 may in some embodiments be an internal storage unit of the second electronic device 2, such as a hard disk or a memory of the second electronic device 2. The memory 21 may also be an external storage device of the second electronic apparatus 2 in other embodiments, such as a plug-in hard disk provided on the second electronic apparatus 2, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like. Further, the memory 21 may also include both an internal storage unit of the second electronic apparatus 2 and an external storage device. The memory 21 is used for storing application software installed in the second electronic device 2 and various types of data, such as program codes of the second authentication program 20 based on the block chain. The memory 21 may also be used to temporarily store data that has been output or is to be output.
The processor 22 may be a Central Processing Unit (CPU), microprocessor or other data Processing chip in some embodiments, and is used for executing program codes stored in the memory 21 or Processing data, such as executing the second authentication program 20. In this embodiment, if the second electronic device 2 is a verification node, the processor 22 may be a smart contract.
The display 23 may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch panel, or the like in some embodiments. The display 23 is used for displaying information processed in the second electronic device 2 and for displaying a visualized user interface. The components 21-23 of the second electronic device 2 communicate with each other via a system bus.
Referring to fig. 6, a block diagram of a second authentication procedure 20 based on a block chain according to a first embodiment of the present invention is shown. In this embodiment, the second authentication program 20 based on the blockchain may be divided into one or more modules, and the one or more modules are stored in the memory 21 and executed by one or more processors (in this embodiment, the processor 22) to complete the present invention. For example, in fig. 6, the second authentication program 20 based on the block chain may be divided into a receiving module 201 and a verifying module 202. The module referred to in the present invention refers to a series of computer program instruction segments capable of performing specific functions, and is more suitable than a program for describing the execution process of the second authentication program 20 based on the block chain in the second electronic device 2, wherein:
the receiving module 201 is configured to receive an authentication request carrying user identity information.
The verification module 202 is configured to verify the user identity information to obtain a verification result, generate feedback information carrying node identification information according to the verification result, and broadcast the feedback information to the blockchain network.
The user identity information comprises user identification information and user identity characteristic information.
The user identity characteristic information comprises at least one of user biological information and identity document information.
The user biological information comprises fingerprint information, face information, iris information, voiceprint information and other biological characteristic information used for uniquely identifying the user identity.
The identity document information comprises an identity card number, a passport number, an employee number and the like.
Preferably, the user identity information is encrypted user identity information obtained by encrypting the user identity information by using a predetermined first encryption rule.
Wherein the first encryption rule comprises: and encrypting the user identity information by using the public key of the verification node.
The verification module 202 is specifically configured to:
decrypting the encrypted user information according to a predetermined first decryption rule (for example, by using an asymmetric encryption private key of a verification node) to obtain a plaintext of the user identity information as user identity information to be verified, wherein the user identity information to be verified comprises user identification information and user identity characteristic information to be verified;
searching for encrypted standard user identity characteristic information corresponding to the user identification information according to the user identification information in the user identity information to be verified and a predetermined mapping relation between the user identification information and standard user identity characteristic information;
decrypting the encrypted standard user identity characteristic information according to a predetermined second decryption rule (for example, by using a symmetric encryption key of a verification node) to obtain standard user identity characteristic information;
verifying the identity characteristic information of the user to be verified according to the identity characteristic information of the standard user;
when the identity characteristic information of the user to be verified is determined to be the same as the identity characteristic information of the standard user, outputting a verification result as verification success;
and when the identity characteristic information of the user to be verified is different from the identity characteristic information of the standard user, outputting a verification result as verification failure.
Compared with the prior art, the embodiment meets the diversified requirements of various application scenes, improves the accuracy of user identity verification, and simultaneously prevents user identity information from being leaked.
The invention also provides an identity authentication method based on the block chain, which is suitable for a receiving end of the identity authentication request in the block chain network, such as an authentication node.
In this embodiment, the second identity authentication program based on the blockchain is stored in the memory, and the second identity authentication program based on the blockchain can be executed by one or more processors to implement the identity authentication method based on the blockchain in this embodiment, the processor executing the second identity authentication program based on the blockchain may be disposed in the authentication node, may also be disposed in an application terminal (for example, a public service platform employee management subsystem), and may also be independently disposed in an electronic device, for example, if the processor is disposed in the authentication node, the processor may be an intelligent contract corresponding to the authentication node.
As shown in fig. 7, fig. 7 is a flowchart illustrating a block chain-based authentication method according to a second embodiment of the present invention.
In this embodiment, the method includes:
step S210, receiving an authentication request carrying user identity information.
The user identity information comprises user identification information and user identity characteristic information.
The user identity characteristic information comprises at least one of user biological information and identity document information.
The user biological information comprises fingerprint information, face information, iris information, voiceprint information and other biological characteristic information used for uniquely identifying the user identity.
The identity document information comprises an identity card number, a passport number, an employee number and the like.
Preferably, the user identity information is encrypted user identity information obtained by encrypting the user identity information by using a predetermined first encryption rule.
Wherein the first encryption rule comprises: and encrypting the user identity information by using the public key of the verification node.
Step S220 is performed to verify the user identity information to obtain a verification result, and according to the verification result, feedback information carrying node identification information is generated and broadcasted to the blockchain network.
Preferably, the step S220 includes:
decrypting the encrypted user information according to a predetermined first decryption rule (for example, by using an asymmetric encryption private key of a verification node) to obtain a plaintext of the user identity information as user identity information to be verified, wherein the user identity information to be verified comprises user identification information and user identity characteristic information to be verified;
searching for encrypted standard user identity characteristic information corresponding to the user identification information according to the user identification information in the user identity information to be verified and a predetermined mapping relation between the user identification information and standard user identity characteristic information;
decrypting the encrypted standard user identity characteristic information according to a predetermined second decryption rule (for example, by using a symmetric encryption key of a verification node) to obtain standard user identity characteristic information;
verifying the identity characteristic information of the user to be verified according to the identity characteristic information of the standard user;
when the identity characteristic information of the user to be verified is determined to be the same as the identity characteristic information of the standard user, outputting a verification result as verification success;
and when the identity characteristic information of the user to be verified is different from the identity characteristic information of the standard user, outputting a verification result as verification failure.
Compared with the prior art, the embodiment meets the diversified requirements of various application scenes, improves the accuracy of user identity verification, and simultaneously prevents user identity information from being leaked.
Further, the present invention also provides a computer-readable storage medium storing a second identity verification program based on a blockchain, where the second identity verification program based on a blockchain is executable by at least one processor to cause the at least one processor to execute the method for identity verification based on a blockchain in any of the above embodiments.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention, and all modifications and equivalents of the present invention, which are made by the contents of the present specification and the accompanying drawings, or directly/indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (5)
1. An electronic device comprising a memory and a processor, the memory having stored thereon a blockchain based first authentication procedure that when executed by the processor performs the steps of:
a verification step: when a first identity verification request carrying first user identity information is received, verifying the first user identity information according to a predetermined identity verification rule to obtain a first verification result, wherein the first user identity information is identity information which does not relate to user privacy and is stored in each node of a block chain;
a judging step: determining whether to execute multiple identity authentication according to the obtained first authentication result, the first user identity information and a predetermined judgment rule, wherein the predetermined judgment rule comprises:
when the first verification result is successful, determining whether to execute multiple identity verification according to user identification information in the first user identity information and a predetermined judgment sub-rule;
when multiple identity authentication is determined to be executed based on the predetermined judgment sub-rule, outputting a judgment result as the multiple identity authentication;
when the multiple identity authentication is determined not to be executed based on the predetermined judgment sub-rule, outputting a judgment result as that the multiple identity authentication is not executed; and
when the first verification result is verification failure, outputting a judgment result as that multiple identity verification is not executed;
a first output step: when determining not to execute multiple identity authentication, outputting the first authentication result as a user identity authentication result; when determining to execute multiple identity authentication, acquiring second user identity information, wherein the second user identity information comprises the user identification information and second user identity characteristic information, and the second user identity characteristic information comprises at least one of user biological information and identity document information;
a searching step: searching at least one corresponding verification node of the user identification information in the block chain network according to a predetermined mapping relation between the user identification information and the verification node identification information;
a release step: issuing a second identity authentication request carrying the second user identity information to the block chain network, and receiving feedback information carrying the authentication node identification information, generated by verifying the second user identity information and broadcasted by a corresponding authentication node in the block chain network;
and (3) an analysis step: analyzing and processing the verification result in the feedback information based on a predetermined first result analysis rule, and outputting a first analysis result as a second verification result;
a second output step: and analyzing and processing the second verification result according to a predetermined second result analysis rule, and outputting the second analysis result as the identity verification result of the user.
2. The electronic device of claim 1, wherein the predetermined decision sub-rule is:
extracting the user identity grade in the user identification information as the user identity grade to be confirmed, and judging whether the user identity grade to be confirmed has a mapping relation with multiple identity verifications or not based on the mapping relation between the predetermined user identity grade and the multiple identity verifications;
if yes, judging to execute multiple identity authentications;
if not, the multi-identity authentication is not executed.
3. An identity authentication method based on a block chain is characterized by comprising the following steps:
a first verification step: when a first identity verification request carrying first user identity information is received, verifying the first user identity information according to a predetermined identity verification rule to obtain a first verification result, wherein the first user identity information is identity information which does not relate to user privacy and is stored in each node of a block chain;
a judging step: determining whether to execute multiple identity authentication according to the obtained first authentication result, the first user identity information and a predetermined judgment rule, wherein the predetermined judgment rule comprises:
when the first verification result is successful, determining whether to execute multiple identity verification according to user identification information in the first user identity information and a predetermined judgment sub-rule;
when multiple identity authentication is determined to be executed based on the predetermined judgment sub-rule, outputting a judgment result as the multiple identity authentication;
when the multiple identity authentication is determined not to be executed based on the predetermined judgment sub-rule, outputting a judgment result as that the multiple identity authentication is not executed; and
when the first verification result is verification failure, outputting a judgment result as that multiple identity verification is not executed;
a first output step: when determining not to execute multiple identity authentication, outputting the first authentication result as a user identity authentication result; when determining to execute multiple identity authentication, acquiring second user identity information, wherein the second user identity information comprises the user identification information and second user identity characteristic information, and the second user identity characteristic information comprises at least one of user biological information and identity document information;
a searching step: searching at least one corresponding verification node of the user identification information in the block chain network according to a predetermined mapping relation between the user identification information and the verification node identification information;
a release step: issuing a second identity authentication request carrying the second user identity information to the block chain network, and receiving feedback information carrying the authentication node identification information, generated by verifying the second user identity information and broadcasted by a corresponding authentication node in the block chain network;
and (3) an analysis step: analyzing and processing the verification result in the feedback information based on a predetermined first result analysis rule, and outputting a first analysis result as a second verification result;
a second output step: and analyzing and processing the second verification result according to a predetermined second result analysis rule, and outputting the second analysis result as the identity verification result of the user.
4. The blockchain-based authentication method according to claim 3, wherein the predetermined judgment sub-rule is:
extracting the user identity grade in the user identification information as the user identity grade to be confirmed, and judging whether the user identity grade to be confirmed has a mapping relation with multiple identity verifications or not based on the mapping relation between the predetermined user identity grade and the multiple identity verifications;
if yes, judging to execute multiple identity authentications;
if not, the multi-identity authentication is not executed.
5. A computer-readable storage medium having stored thereon a blockchain based first authentication system executable by at least one processor to cause the at least one processor to perform the blockchain based authentication method of claim 3 or 4.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810386011.6A CN108777675B (en) | 2018-04-26 | 2018-04-26 | Electronic device, block chain-based identity authentication method, and computer storage medium |
| PCT/CN2018/102407 WO2019205389A1 (en) | 2018-04-26 | 2018-08-27 | Electronic device, authentication method based on block chain, and program and computer storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810386011.6A CN108777675B (en) | 2018-04-26 | 2018-04-26 | Electronic device, block chain-based identity authentication method, and computer storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108777675A CN108777675A (en) | 2018-11-09 |
| CN108777675B true CN108777675B (en) | 2020-04-14 |
Family
ID=64026779
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810386011.6A Active CN108777675B (en) | 2018-04-26 | 2018-04-26 | Electronic device, block chain-based identity authentication method, and computer storage medium |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN108777675B (en) |
| WO (1) | WO2019205389A1 (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109767534B (en) * | 2019-01-17 | 2022-03-04 | 平安科技(深圳)有限公司 | Access control access method, system, management terminal and access control terminal based on block chain |
| EP3596613B1 (en) * | 2019-03-14 | 2022-05-04 | Advanced New Technologies Co., Ltd. | Methods and devices for acquiring and recording tracking information on blockchain |
| CN111859347A (en) * | 2019-08-01 | 2020-10-30 | 创新先进技术有限公司 | Identity verification method, device and equipment based on block chain |
| CN110727933A (en) * | 2019-09-10 | 2020-01-24 | 阿里巴巴集团控股有限公司 | Identity authentication method and device, electronic equipment and storage medium |
| CN110602114B (en) * | 2019-09-19 | 2022-07-19 | 腾讯科技(深圳)有限公司 | Block chain-based identity authentication method and device, storage medium and electronic equipment |
| CN111010367B (en) * | 2019-11-07 | 2022-11-29 | 深圳市电子商务安全证书管理有限公司 | Data storage method and device, computer equipment and storage medium |
| CN114880645A (en) * | 2022-06-07 | 2022-08-09 | 中关村科学城城市大脑股份有限公司 | Identity verification method and device based on block chain |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101557406A (en) * | 2009-06-01 | 2009-10-14 | 杭州华三通信技术有限公司 | User terminal authentication method, device and system thereof |
| CN102202040A (en) * | 2010-03-26 | 2011-09-28 | 联想(北京)有限公司 | Client authentication method and device |
| CN106453407A (en) * | 2016-11-23 | 2017-02-22 | 江苏通付盾科技有限公司 | Identity authentication method based on block chain, authentication server and user terminal |
| CN107079037A (en) * | 2016-09-18 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Identity identifying method, device, node and system based on block chain |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6914517B2 (en) * | 2001-04-17 | 2005-07-05 | Dalton Patrick Enterprises, Inc. | Fingerprint sensor with feature authentication |
| US8949951B2 (en) * | 2011-03-04 | 2015-02-03 | Red Hat, Inc. | Generating modular security delegates for applications |
| CN102236766B (en) * | 2011-05-10 | 2014-04-09 | 桂林电子科技大学 | Security data item level database encryption system |
| CN105005720B (en) * | 2015-06-24 | 2018-01-19 | 青岛大学 | Computer security control system |
| AU2017315345B2 (en) * | 2016-08-23 | 2022-01-06 | BBM Health LLC | Blockchain-based mechanisms for secure health information resource exchange |
| CN106533696B (en) * | 2016-11-18 | 2019-10-01 | 江苏通付盾科技有限公司 | Identity identifying method, certificate server and user terminal based on block chain |
| CN107276973A (en) * | 2016-12-10 | 2017-10-20 | 江苏恒为信息科技有限公司 | A kind of internet article identity mark is built and verification method |
| CN107241329B (en) * | 2017-06-07 | 2020-04-21 | 北京奇艺世纪科技有限公司 | Account login processing method and device |
| CN107257340B (en) * | 2017-06-19 | 2019-10-01 | 阿里巴巴集团控股有限公司 | A kind of authentication method, authentication data processing method and equipment based on block chain |
| CN107480555B (en) * | 2017-08-01 | 2020-03-13 | 中国联合网络通信集团有限公司 | Database access authority control method and device based on block chain |
-
2018
- 2018-04-26 CN CN201810386011.6A patent/CN108777675B/en active Active
- 2018-08-27 WO PCT/CN2018/102407 patent/WO2019205389A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101557406A (en) * | 2009-06-01 | 2009-10-14 | 杭州华三通信技术有限公司 | User terminal authentication method, device and system thereof |
| CN102202040A (en) * | 2010-03-26 | 2011-09-28 | 联想(北京)有限公司 | Client authentication method and device |
| CN107079037A (en) * | 2016-09-18 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Identity identifying method, device, node and system based on block chain |
| CN106453407A (en) * | 2016-11-23 | 2017-02-22 | 江苏通付盾科技有限公司 | Identity authentication method based on block chain, authentication server and user terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108777675A (en) | 2018-11-09 |
| WO2019205389A1 (en) | 2019-10-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108777675B (en) | Electronic device, block chain-based identity authentication method, and computer storage medium | |
| CN108900464B (en) | Electronic device, block chain-based data processing method, and computer storage medium | |
| CN108200050B (en) | Single sign-on server, method and computer readable storage medium | |
| KR102493744B1 (en) | Security Verification Method Based on Biometric Characteristics, Client Terminal, and Server | |
| CN111783075B (en) | Authority management method, device and medium based on secret key and electronic equipment | |
| US11669605B1 (en) | Dynamic enrollment using biometric tokenization | |
| US20190305955A1 (en) | Push notification authentication | |
| JP2018501567A (en) | Device verification method and equipment | |
| US11418499B2 (en) | Password security | |
| US9940446B2 (en) | Anti-piracy protection for software | |
| WO2015010568A1 (en) | Method,apparatus and server for identity authentication | |
| EP3206329B1 (en) | Security check method, device, terminal and server | |
| CN110535884B (en) | Method, device and storage medium for cross-enterprise inter-system access control | |
| US11783016B2 (en) | Computing system and method for verification of access permissions | |
| CN116980230B (en) | Information security protection method and device | |
| JP2007280393A (en) | Device and method for controlling computer login | |
| CN112165382A (en) | Software authorization method and device, authorization server and terminal equipment | |
| CN109889342B (en) | Interface test authentication method and device, electronic equipment and storage medium | |
| US9122878B1 (en) | Software license management with drifting component | |
| CN111934882B (en) | Identity authentication method and device based on block chain, electronic equipment and storage medium | |
| CN113360868A (en) | Application program login method and device, computer equipment and storage medium | |
| CN111294315A (en) | Block chain-based security authentication method, block chain-based security authentication device, block chain-based security authentication equipment and storage medium | |
| US20240184863A1 (en) | Verification of Access Permissions | |
| CN114553570B (en) | Method, device, electronic equipment and storage medium for generating token | |
| CN114139131A (en) | Operating system login method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |