CN108881252A - Identification authentication data processing method, device, computer equipment and storage medium - Google Patents

Abstract

This application involves a kind of identification authentication data processing method, device, computer readable storage medium and computer equipment, this method to include：Identity information certification request is sent to identity block chain node to be certified, identity information certification request is used to indicate identity block chain node to be certified and returns to corresponding digital certificate；The corresponding tissue check information of digital certificate is obtained, tissue check information includes root information；Tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, and the organizational identities of identity block chain node to be certified are authenticated according to recognition result.The safety of authentication in block chain can be improved in scheme provided by the present application.

Description

Identification authentication data processing method, device, computer equipment and storage medium

Technical field

This application involves field of computer technology, more particularly to a kind of identification authentication data processing method, device, calculating Machine equipment and storage medium.

Background technique

With the development of computer technology, there is block chain technology, block chain technology (also known as distributed account book technology) With its decentralization, it is open and clear, can not distort, trusted the advantages that, by favor, in intelligent contract, securities trading, electronics Commercial affairs, Internet of Things, social communication, file storage, existence proof, authentication, equity crowd the various fields such as raise and obtain extensively Using.

In this field of authentication, digital certificate is a kind of mode for verifying network communications entity identity, be can use Digital certificate technique carries out data encryption, authentication etc..Digital certificate is usually to promulgate that equipment is demonstrate,proved to number from digital certificate Book application equipment is signed and issued, and can be used for identifying the identity of applying digital certificate equipment.In the prior art, generally by certificate granting The center center (Certificate Authority, CA) and its affiliated institutions certificate registration (Registration Authority, RA) center is responsible for signing and issuing, authenticate, managing digital certificate.It includes open that CA, which is used to generate through CA digital signature, The digital certificate of key owners' information and public-key cryptography.

It is demonstrate,proved however, generalling use the number that privately owned authentication center issues currently based on the management method of block chain digital certificate Book carries out the tissue authentication of block chain, not only be easy to cause between block chain tissue and falsely uses identity, but also this private mutually Some identification authentication modes also only individually verify the root information for the digital certificate that privately owned authentication center issues, and it is not high that there are safeties The problem of.

Summary of the invention

Based on this, it is necessary in view of the above technical problems, provide a kind of body for improving identification authentication security in block chain Part authentication data processing method, device, computer equipment and storage medium.

A kind of identification authentication data processing method, including：

To identity block chain node to be certified send identity information certification request, identity information certification request be used to indicate to Authenticating identity block chain node returns to corresponding digital certificate；

The corresponding tissue check information of digital certificate is obtained, tissue check information includes root information；

Tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, is authenticated according to recognition result wait recognize Demonstrate,prove the organizational identities of identity block chain node.

A kind of identification authentication data processing system, the system include：

Multiple tissue block chains, each tissue block chain include multiple organization nodes, and the first tissue node is used for wait recognize It demonstrate,proves identity block chain node and sends identity information certification request；

Identity block chain node to be certified, for returning to corresponding digital certificate according to identity information certification request；

The first tissue node, for obtaining the corresponding tissue check information of digital certificate, tissue check information includes root letter Breath, identifies tissue check information according to the protocol algorithm arranged with authenticating authority center, authenticates body to be certified according to recognition result The organizational identities of part block chain node；

Authenticating authority central server issues digital certificate for the organization node into tissue block chain.

A kind of identification authentication data processing unit, the device include：

Identity information certification request sending module is asked for sending identity information certification to identity block chain node to be certified It asks, identity information certification request is used to indicate identity block chain node to be certified and returns to corresponding digital certificate；

It organizes check information to obtain module, for obtaining the corresponding tissue check information of digital certificate, organizes check information Including root information；

Organizational identities identification module, for being believed according to the protocol algorithm identification tissue verification with authenticating authority center agreement Breath, the organizational identities of identity block chain node to be certified are authenticated according to recognition result.

A kind of computer equipment can be run on a memory and on a processor including memory, processor and storage Computer program, the processor realize following steps when executing program：

To identity block chain node to be certified send identity information certification request, identity information certification request be used to indicate to Authenticating identity block chain node returns to corresponding digital certificate；

The corresponding tissue check information of digital certificate is obtained, tissue check information includes root information；

Tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, is authenticated according to recognition result wait recognize Demonstrate,prove the organizational identities of identity block chain node.

A kind of computer readable storage medium is stored thereon with computer program, when computer program is executed by processor, So that processor executes following steps：

To identity block chain node to be certified send identity information certification request, identity information certification request be used to indicate to Authenticating identity block chain node returns to corresponding digital certificate；

The corresponding tissue check information of digital certificate is obtained, tissue check information includes root information；

Tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, is authenticated according to recognition result wait recognize Demonstrate,prove the organizational identities of identity block chain node.

Above-mentioned identification authentication data processing method, device, computer equipment and storage medium, the first tissue node is to wait recognize It demonstrate,proves identity block chain node and sends identity information certification request, identity information certification request is used to indicate identity block chain to be certified Node returns to corresponding digital certificate, obtains the corresponding tissue check information of digital certificate, and tissue check information includes root information, Tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, and identity area to be certified is authenticated according to recognition result The organizational identities of block chain node.The tissue check information of digital certificate is identified by the protocol algorithm arranged with authenticating authority center To obtain the organizational identities of identity block chain node to be certified, the authenticating party of block chain tissue authentication is not only simplified Formula, and authenticating authority center has legal nature, improves the safety of block chain authentication and ensure that block chain body The legality of part certification, since tissue check information is identified with the protocol algorithm of authenticating authority center agreement, Identity can not be falsely used mutually between different blocks chain tissue, be further able to prevent to palm off identity between different blocks chain tissue.

Detailed description of the invention

Fig. 1 is the applied environment figure of identification authentication data processing method in one embodiment；

Fig. 2 is the flow diagram of identification authentication data processing method in one embodiment；

Fig. 3 is the interface schematic diagram of the corresponding digital certificate of identity block chain node to be certified in one embodiment；

Fig. 4 is the flow diagram of identification authentication data processing method in another embodiment；

Fig. 5 is the tissue identification area that root digital certificate is written in current organization information by authenticating authority center in one embodiment The schematic diagram in domain；

Fig. 6 is the schematic diagram that digital certificate is issued at authenticating authority center in one embodiment；

Fig. 6 A is the schematic diagram that Contemporary Digital certificate is written to the block chain block of current organization in one embodiment；

Fig. 7 is the flow diagram of identification authentication data processing method in another embodiment；

For secondary authentication center in one embodiment secondary authentication center number certificate root is written in current organization information by Fig. 8 Schematic diagram in information；

Fig. 9 is the schematic diagram that digital certificate is issued at secondary authentication center in one embodiment；

Figure 10 is to identify tissue check information, root according to the protocol algorithm with authenticating authority center agreement in one embodiment The flow diagram of the organizational identities step of identity block chain node to be certified is authenticated according to recognition result；

Figure 11 is the structural block diagram of identification authentication data processing system in one embodiment；

Figure 12 is the structural block diagram of identification authentication data processing system in another embodiment；

Figure 13 is the structural block diagram of identification authentication data processing unit in one embodiment；

Figure 14 is the structural block diagram of identification authentication data processing unit in another embodiment；

Figure 15 is the structural block diagram of identification authentication data processing unit in another embodiment；

Figure 16 is the structural block diagram of computer equipment in one embodiment.

Specific embodiment

It is with reference to the accompanying drawings and embodiments, right in order to which the objects, technical solutions and advantages of the application are more clearly understood The application is further elaborated.It should be appreciated that specific embodiment described herein is only used to explain the application, and It is not used in restriction the application.

Fig. 1 is the applied environment figure of identification authentication data processing method in one embodiment.Referring to Fig.1, the authentication Data processing method is applied to identification authentication data processing system.The identification authentication data processing system includes multiple tissue blocks Chain 110 and authenticating authority central server 120, plurality of tissue block chain 110 include the first tissue node 112 and other groups Knit node 114.Tissue block chain 110 and authenticating authority central server 120 pass through network connection.Organize block chain 110 specific It can be terminal console or mobile terminal, mobile terminal specifically can be at least one in mobile phone, tablet computer, laptop etc. The server cluster of the either multiple servers compositions of independent server is planted to realize.Authenticating authority central server 120 can be realized with the server cluster of the either multiple server compositions of independent server.

Specifically, the first tissue node 112 sends identity information certification request, identity to identity block chain node to be certified Authentification of message request is used to indicate identity block chain node to be certified and returns to corresponding digital certificate, wherein identity block to be certified Chain node is one of other organization nodes 114, and the first tissue node 112 obtains the corresponding tissue verification letter of digital certificate Breath, tissue check information includes root information, identifies tissue further according to the protocol algorithm arranged with authenticating authority central server 120 Check information finally authenticates the organizational identities of identity block chain node to be certified according to recognition result.

As shown in Fig. 2, in one embodiment, providing a kind of identification authentication data processing method.The present embodiment is main It is applied to the first tissue node 120 in above-mentioned Fig. 1 in this way to illustrate.Referring to Fig. 2, identification authentication data processing Method specifically comprises the following steps：

Step 202, identity information certification request is sent to identity block chain node to be certified, identity information certification request is used Corresponding digital certificate is returned in instruction identity block chain node to be certified.

Wherein, block chain node is the node with identity information in block catenary system under each block chain tissue, and Identity block chain node to be certified refers to the block chain node for not carrying out authentication.Wherein, identity information is for proving area The information of block chain node identities, block catenary system be by multiple and different block chain organizational compositions, and block chain tissue be by Multiple block chain node compositions, the identity information between different block chain tissues is different, the area in same block chain tissue The identity information of block chain node can be identical.Block chain is a kind of distributed data base of decentralization, is based on P2P The new application mode of the technologies such as (person-to-person, point-to-point) network transmission, common recognition mechanism, Encryption Algorithm, its benefit Guarantee the safety of data transmission and inquiry with cryptography.

Wherein, identity information certification request is the request for requesting to authenticate identity block chain node identities to be certified, It is used to indicate the request that identity block chain node to be certified returns to corresponding digital certificate.Digital certificate is a kind of for verifying area The mode of block chain node entities identity, a digital certificate not instead of numeric string, by special authenticating authority center promulgate, It is a chapter or print of the authenticating authority central lid on numeric string, or a signature being added on numeric string.Specifically, One organization node needs to learn the identity information of identity block chain node entities to be certified, then needs to identity block chain link to be certified Point sends identity information certification request, and identity block chain node to be certified is authenticated according to the identity information that the first tissue node is sent Request returns to corresponding digital certificate to the first tissue node, and the first tissue node, which can use, receives digital certificate to identify The corresponding identity information of identity block chain node to be certified.

Step 204, the corresponding tissue check information of digital certificate is obtained, tissue check information includes root information.

Wherein, digital certificate includes but is not limited to tissue check information, digital certificate time validity period, public key etc..Group Knitting check information is the information that identity is knitted for verifying block chain group, and tissue check information includes but is not limited to root information, sub- letter Breath etc., root information, specifically can be with customized for describing digital certificate issuer information, such as issuer organization name Field indicates.Sub-information can specifically be indicated, such as user CN for describing digital certificate user's information with custom field Domain representation digital certificate user's information.Digital certificate validity period refers to that digital certificate has effect within the specific period. As shown in figure 3, Fig. 3 shows the schematic diagram of digital certificate in one embodiment, in the corresponding detailed letter of digital certificate got In breath, including but not limited to the corresponding value of signature hash algorithm, the corresponding issuer information of issuer, i.e. root information, number are demonstrate,proved Book validity period from XX XX month XX day to XX XX month XX day, the corresponding user's information of user, i.e. sub-information and public key Corresponding value etc..Specifically, the first tissue node is after getting the corresponding digital certificate of identity block chain node to be certified, It obtains for verifying the tissue check information that block chain group knits identity information in digital certificate, which includes being used for The root information of digital certificate issuer information is described, i.e. the first tissue node can be obtained according to the tissue check information in digital certificate Know the issuer information of the corresponding digital certificate of identity block chain node to be certified.

Step 206, tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, according to recognition result Authenticate the organizational identities of identity block chain node to be certified.

Wherein, authenticating authority center refers to that the digital certificate for having law retrospect right issues center, authenticating authority center It can be either internal authoritative authentication center of external authoritative authentication center.External authority authentication center is outside block catenary system Digital certificate issue center, external authority authentication center is simultaneously not belonging in block catenary system, such as China's finance authentication center CFCA (China Financial Certification Authority, abbreviation CFCA), and internal authoritative authentication information can be with It is to choose a certain block chain node in block catenary system under each block chain tissue as internal authoritative authentication center.Wherein, should The block chain node being selected needs in advance with the authenticating authority center rendezvous protocol outside block catenary system, only authoritative by outside It could become under the block chain node location block chain tissue being selected after authentication center's entitle in corresponding authenticating authority The heart.Refer to that block chain tissue is arranged some agreements with authenticating authority center in advance and calculated with the protocol algorithm of authenticating authority center agreement Method, wherein the protocol algorithm can customize, and customized includes but is not limited to one-way hash function algorithm etc..It is used by protocol algorithm Identity is falsely used between different blocks chain tissue mutually to constrain, reduces a possibility that falsely using identity between different blocks chain tissue, The protocol algorithm wherein arranged can also constrain the behavior of any malice deception block catenary system, because any malice cheats block chain The behavior of system all can by the repulsion and inhibition of the block chain organization node under block chain tissue, in advance by with authenticating authority The protocol algorithm of center agreement, which can be effectively prevented between block chain tissue, falsely uses mutually identity.

Specifically, the first tissue node is after getting the corresponding digital certificate of identity block chain node to be certified, according to In advance with the tissue check information in the protocol algorithm identification digital certificate of authenticating authority center agreement, tied to obtain identification Fruit, the first tissue node authenticate the organizational identities of identity block chain node to be certified further according to recognition result.For example, if first group The corresponding digital certificate of identity block chain node to be certified that node is got is knitted as shown in figure 3, about according to authenticating authority center Issuer field and user's field in fixed protocol algorithm identification digital certificate, can be corresponding from the issuer of digital certificate Field learns that the digital certificate of identity block chain node to be certified is promulgated by China's finance authenticating authority center CFCA, further It can learn that the corresponding organizational identities of identity block chain node be tissue acc according to the corresponding field of user of digital certificate.

Above-mentioned identification authentication data processing method, the first tissue node send identity letter to identity block chain node to be certified Certification request is ceased, identity information certification request is used to indicate identity block chain node to be certified and returns to corresponding digital certificate, obtains The corresponding tissue check information of digital certificate is taken, tissue check information includes root information, according to what is arranged with authenticating authority center Protocol algorithm identifies tissue check information, and the organizational identities of identity block chain node to be certified are authenticated according to recognition result.Pass through Tissue check information with the protocol algorithm identification digital certificate of authenticating authority center agreement is to obtain identity block to be certified The organizational identities of chain node not only simplify the authentication mode of block chain tissue authentication, and authenticating authority center has Legal nature improves the safety of block chain authentication and ensure that the legality of block chain authentication, due to tissue Check information is identified with the protocol algorithm of authenticating authority center agreement, therefore can not be mutual between different blocks chain tissue Identity is mutually falsely used, is further able to prevent to palm off identity between different blocks chain tissue.

As shown in figure 4, in one embodiment, identification authentication data processing method shown in Fig. 2 further includes：

Step 402, applying digital certificate request is sent to authenticating authority center, applying digital certificate request includes current group Mark is knitted, applying digital certificate request is used to indicate authenticating authority center will current organization information corresponding with current organization mark The tissue that root digital certificate is written recognizes region, generates Contemporary Digital certificate corresponding with current organization mark, Contemporary Digital card The root information of book is authenticating authority central information.

Step 404, Contemporary Digital certificate is received, it will be in the block chain block of Contemporary Digital certificate write-in current organization.

Wherein, applying digital certificate request is the request for applying for corresponding digital certificate to authenticating authority center, number The request of word certificate request includes that current organization identifies, and current organization mark is currently to issue applying digital certificate for unique identification Request the block chain tissue where block chain node.Specifically, the first tissue node sends number card to authenticating authority center Book application request, firstly, authenticating authority center is corresponding with current organization mark current according to applying digital certificate request Organizational information, then the tissue of current organization information write-in root digital certificate is recognized into region.Root digital certificate refers to authenticating authority The digital certificate at center itself, the i.e. corresponding organizational information of issuer in digital certificate and the corresponding organizational information of user are all For the organizational information at authenticating authority center.Tissue identification region be for the region of reference numbers certificate user's identity, can be with It is the corresponding field of user in digital certificate.

As shown in figure 5, Fig. 5, which shows in one embodiment authenticating authority center, is written root digital certificate for current organization information Tissue identification region schematic diagram, digital certificate shown in Fig. 5 a is root digital certificate, the issuer of root digital certificate and is made The corresponding field value of user is all authenticating authority central information, such as CFCA.When authoritative authentication center asks according to applying digital certificate After seeking acquisition current organization information corresponding with current organization mark, if current organization information is the corresponding organization name of tissue a For acc, then the tissue of current organization information acc write-in root digital certificate is recognized into region, i.e., by the use in root digital certificate Person's corresponding field CFCA is changed to current organization information acc, updates root digital certificate and regenerates tissue a corresponding with current identification Corresponding Contemporary Digital certificate, as shown in Figure 5 b.Digital certificate shown in Fig. 5 b is Contemporary Digital certificate, Contemporary Digital certificate Root information is still authenticating authority central information CFCA, but organizing identification region is current group corresponding with current organization mark Knit information acc.Wherein, the root information in Contemporary Digital certificate is the information of digital certificate issuer, i.e. authenticating authority center is believed Breath, and the tissue identification region in Contemporary Digital certificate is the information of digital certificate user, i.e. tissue acc.

As shown in fig. 6, Fig. 6 shows the schematic diagram that digital certificate is issued at authenticating authority center in one embodiment, block chain System includes different blocks chain tissue a, b and c, includes each block chain node I, block chain node in each block chain tissue II, block chain node III etc..In particular it is required that obtaining block chain tissue outside portion's authenticating authority center hair of digital certificate Applying digital certificate is sent to request, applying digital certificate request carries current organization mark, and external authority authentication center is according to number The request of word certificate request first obtains the root digital certificate of external authoritative authentication center itself, then obtains corresponding with current organization mark Current organization information, the tissue of current organizational information write-in root digital certificate is recognized into region, update root digital certificate from And generate Contemporary Digital certificate corresponding with current organization mark.Finally, external authority authentication center is by the Contemporary Digital of generation Certificate is issued in block chain tissue corresponding with current organization mark.

Further, block chain tissue receives Contemporary Digital certificate, by the block of Contemporary Digital certificate write-in current organization In chain block, the current digital certificate can be specifically written in a certain specific fields of block sequence block or block chain. As shown in Figure 6A, Fig. 6 A shows in one embodiment the Contemporary Digital certificate schematic diagram in block sequence block is written, and Fig. 6 A shows The block chain block of current organization out, including block head and block body, the Contemporary Digital certificate write-in block chain specifically received In block body.Further, when the block chain node of the block chain tissue needs the digital certificate of current block chain tissue, then It directly goes in the block chain block of current organization to call.Wherein, if the block chain node in block chain tissue needs corresponding number When word certificate, then it can directly be called from the block chain block of current organization, not only increase the efficiency of authentication, Er Qieyou It can not be tampered in block chain block, therefore Contemporary Digital certificate is written in block sequence block and can be effectively reduced block chain group The risk of identity is falsely used between knitting.

As shown in fig. 7, in one embodiment, identification authentication data processing method shown in Fig. 2 further includes：

Step 702, applying digital certificate request is sent to secondary authentication center, applying digital certificate request includes current group Mark is knitted, applying digital certificate request is used to indicate secondary authentication center will current organization information corresponding with current organization mark The root information of secondary authentication center number certificate is written, generates Contemporary Digital certificate corresponding with current organization mark, current number The tissue identification region of word certificate is secondary authentication central information, and secondary authentication center is the number that authenticating authority center has authenticated Certificate Authority.

Step 704, Contemporary Digital certificate is received, it will be in the block chain block of Contemporary Digital certificate write-in current organization.

Wherein, secondary authentication center is external authoritative authentication center from each under block chain tissue each in block catenary system Target block chain node is chosen in a block chain node as secondary authentication center, target block chain node needs in advance and external weight The target block chain node of prestige authentication center rendezvous protocol, only external authoritative authentication center entitle could have with outside The same legal nature in authenticating authority center.In order to avoid the block chain node in each block catenary system is all recognized to external authority It demonstrate,proves center requests and obtains corresponding digital certificate, cause the processing pressure of external authoritative authentication center excessive, specifically, Ge Gequ Secondary authentication center in block chain tissue sends digital certificate to external authenticating authority center first and signs and issues request, digital certificate label Hair request is for the request to external authenticating authority center requests issuing digital certificate, and external authority authentication center is by each area The corresponding secondary authentication center number certificate of block chain tissue is issued to each secondary authentication center.As shown in figure 8, Fig. 8 shows one The schematic diagram in secondary authentication center number certificate root information is written in current organization information by secondary authentication center in a embodiment, Digital certificate shown in Fig. 8 a is the secondary authentication center number that external authoritative authentication center is issued to each secondary authentication center Certificate.

The corresponding field value of issuer of secondary authentication center number certificate shown in Fig. 8 a is external authoritative authentication center, Such as CFCA, and the corresponding field value of user of secondary authentication center number certificate is each block where secondary authentication center The corresponding organizational information of chain tissue, such as organizing the organizational information of a is acc.When external authoritative authentication center is according to digital certificate label The second level that the corresponding secondary authentication center number certificate of each block chain tissue is issued in each block chain tissue by hair request Authentication center, secondary authentication center receive the secondary authentication center number certificate that external authoritative authentication center issues and store.When Secondary authentication center receives the applying digital certificate request of block chain organization node transmission, takes in applying digital certificate request Band current organization identifies, and secondary authentication center is current group corresponding with current organization mark according to applying digital certificate request It is acc if current organization information is the corresponding organization name of tissue a after knitting information, then second level is written into current organization information acc The corresponding field CFCA of issuer in secondary authentication center number certificate is changed to by the root information of authentication center's digital certificate Current organization information acc updates secondary authentication center number certificate and regenerates Contemporary Digital corresponding with current organization mark Certificate, as shown in Figure 8 b.Digital certificate shown in Fig. 8 b is the Contemporary Digital certificate that secondary authentication center issues, the Contemporary Digital The root information of certificate is acc, i.e. the corresponding field value of issuer in digital certificate is acc, and the tissue of Contemporary Digital certificate is distinguished Knowing region is still secondary authentication central information acc, i.e., the corresponding field value of the user in digital certificate is acc.

As shown in figure 9, Fig. 9 shows the schematic diagram that digital certificate is issued at secondary authentication center in one embodiment, block chain System includes different blocks chain tissue a, b and c, includes each block chain node I, block chain node in each block chain tissue II, block chain node III etc. and the corresponding secondary authentication center of each block chain tissue.Wherein, block chain each first It organizes corresponding secondary authentication center to send this block chain group to external authenticating authority center requests to knit in corresponding secondary authentication The corresponding secondary authentication center number certificate of each block chain tissue is issued to pair by heart digital certificate, external authority authentication center The secondary authentication center in each block chain tissue answered, then obtained from the secondary authentication center in each block chain tissue to needs Take the block chain organization node issuing digital certificate of digital certificate.

In particular it is required that the block chain organization node for obtaining digital certificate knits interior secondary authentication center to this block chain group Applying digital certificate request is sent, applying digital certificate request carries current organization mark, and secondary authentication center is according to number Certificate request request first obtains this block chain group and knits corresponding secondary authentication center number certificate, then obtains and identify with current organization Corresponding current organization information updates two in the root information of the current organizational information write-in secondary authentication center number certificate Grade authentication center's digital certificate is to generate Contemporary Digital certificate corresponding with current organization mark.Finally, secondary authentication center The Contemporary Digital certificate of generation is issued in the block chain organization node for needing to obtain digital certificate.Further, block chain Organization node receives Contemporary Digital certificate, Contemporary Digital certificate write-in block chain group is knitted in the block chain block of node, specifically The current digital certificate can be written in a certain specific fields of block sequence block or block chain, wherein by the current number It is specifically referred to shown in Fig. 6 A in word certificate write-in block sequence block.

In one embodiment, tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, according to Recognition result authenticates the organizational identities of identity block chain node to be certified, including：According to the agreement arranged with authenticating authority center Algorithm identifies the root information of digital certificate, true according to secondary authentication central information when root information is secondary authentication central information The organizational identities of fixed identity block chain node to be certified.

Specifically, when the digital certificate that the first tissue node is got is issued by the secondary authentication center in block chain tissue Hair, illustrate that secondary authentication center is exactly authenticating authority center at this time, the first tissue node is arranged according to authenticating authority center The root information of digital certificate that gets of protocol algorithm identification, can specifically be identified in digital certificate according to the protocol algorithm of agreement Root information to obtaining the corresponding organizational information of digital certificate issuer, when the root information for identifying digital certificate is second level It is that external authoritative authentication center specifies in advance since secondary authentication center is located in block chain tissue when authentication center's information A certain block chain organization node in block chain tissue as internal authoritative authentication center, i.e. recognize by secondary authentication center, second level Card center has legal nature same as external authority authentication center.It therefore then can be directly true according to secondary authentication central information The organizational identities of fixed identity block chain node to be certified, specifically can be according to the corresponding secondary authentication center of secondary authentication central information The block chain organizational information at place determines the organizational identities of identity block chain node to be certified.

For example, the block chain group where secondary authentication center is woven to tissue acc, as shown in figure 8, if number shown in Fig. 8 b Word certificate is that secondary authentication center is issued to identity block chain node to be certified, and identity block chain node to be certified is again by the number Certificate is sent to the first tissue node, and the root information of the digital certificate is identified according to the protocol algorithm arranged with authenticating authority center For secondary authentication central information acc, i.e. the corresponding field value of issuer in digital certificate is acc, due to the two of digital certificate The corresponding secondary authentication center of grade authentication center information is a certain block chain organization node in tissue acc, therefore then can basis The organizational identities that the root information of the digital certificate directly determines identity block chain node to be certified are tissue acc.

In one embodiment, as shown in Figure 10, tissue school is identified according to the protocol algorithm arranged with authenticating authority center Information is tested, the organizational identities of identity block chain node to be certified are authenticated according to recognition result, including：

Step 1002, according to the root information for the protocol algorithm identification digital certificate arranged with authenticating authority center, when root is believed When breath is authenticating authority central information, recognized according to the tissue for the protocol algorithm identification digital certificate arranged with authenticating authority center Area information.

Step 1004, the tissue identification area information obtained according to identification determines the tissue of identity block chain node to be certified Identity.

Specifically, when the digital certificate that the first tissue node is got is issued by external authoritative authentication center, then the One organization node is according to the root information of the protocol algorithm identification digital certificate with external authoritative authentication center's agreement, i.e. identification number The corresponding information of certificate authority person, when identify the root information in digital certificate be authenticating authority central information when, then further according to Area information is recognized with the tissue of the protocol algorithm identification digital certificate of authenticating authority center agreement, i.e., in identification digital certificate The corresponding information of user.Further, the tissue identification area information in the digital certificate obtained according to identification directly determines The organizational identities of identity block chain node to be certified.As shown in figure 5, if Figure 5b shows that digital certificate be authenticating authority center under Be sent to identity block chain node to be certified, identity block chain node to be certified again using the digital certificate as target digital certificate, It is sent to the first tissue node, the root information of the target digital certificate is authenticating authority central information CFCA, but organizes identification Region is that the block chain organizational information where identity block chain node to be certified is tissue acc.Firstly, according to in authenticating authority After the protocol algorithm of heart agreement identifies the information that the root information in target digital certificate is digital certificate issuer, i.e., authority recognizes Central information is demonstrate,proved, then after identifying the information of the tissue identification corresponding digital certificate user in region in target digital certificate, i.e., Acc is organized, then can directly determine the organizational identities of identity block chain node to be certified from the tissue identification region that identification obtains, The organizational identities of identity block chain node i.e. to be certified are tissue acc.

In a specific embodiment, a kind of identification authentication data processing method is provided, following steps are specifically included：

Step 1102, digital certificate obtaining step and digital certificate write step.

Step 1102a sends applying digital certificate request to authenticating authority center, and applying digital certificate request includes current Organization identification, applying digital certificate request is used to indicate authenticating authority center will current organization letter corresponding with current organization mark The tissue of breath write-in root digital certificate recognizes region, generates Contemporary Digital certificate corresponding with current organization mark, Contemporary Digital The root information of certificate is authenticating authority central information, receives Contemporary Digital certificate, by Contemporary Digital certificate write-in current organization In block chain block.

Step 1102b sends applying digital certificate request to secondary authentication center, and applying digital certificate request includes current Organization identification, applying digital certificate request is used to indicate secondary authentication center will current organization letter corresponding with current organization mark The root information of breath write-in secondary authentication center number certificate, generates Contemporary Digital certificate corresponding with current organization mark, currently The tissue identification region of digital certificate is secondary authentication central information, and secondary authentication center is the number that authenticating authority center has authenticated Word Certificate Authority receives Contemporary Digital certificate, will be in the block chain block of Contemporary Digital certificate write-in current organization.

Step 1104, identity information certification request, identity information certification request are sent to identity block chain node to be certified It is used to indicate identity block chain node to be certified and returns to corresponding digital certificate.

Step 1106, the corresponding tissue check information of digital certificate is obtained, tissue check information includes root information.

Step 1108, tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, is tied according to identification Fruit authenticates the organizational identities of identity block chain node to be certified.

Step 1108a, according to the root information for the protocol algorithm identification digital certificate arranged with authenticating authority center, when root is believed When breath is secondary authentication central information, the tissue body of identity block chain node to be certified is determined according to secondary authentication central information Part.

Step 1108b, according to the root information for the protocol algorithm identification digital certificate arranged with authenticating authority center, when root is believed When breath is authenticating authority central information, recognized according to the tissue for the protocol algorithm identification digital certificate arranged with authenticating authority center Area information, the tissue identification area information obtained according to identification determine the organizational identities of identity block chain node to be certified.

It should be understood that although each step in above-mentioned flow chart is successively shown according to the instruction of arrow, this A little steps are not that the inevitable sequence according to arrow instruction successively executes.Unless expressly state otherwise herein, these steps It executes there is no the limitation of stringent sequence, these steps can execute in other order.Moreover, in above-mentioned flow chart at least A part of step may include that perhaps these sub-steps of multiple stages or stage are not necessarily in same a period of time to multiple sub-steps Quarter executes completion, but can execute at different times, the execution in these sub-steps or stage be sequentially also not necessarily according to Secondary progress, but in turn or can replace at least part of the sub-step or stage of other steps or other steps Ground executes.

As shown in figure 11, in one embodiment, a kind of identification authentication data processing system is provided, which includes： Multiple tissue block chains, such as tissue block chain 1200 and tissue block chain 1300, each tissue block chain includes multiple tissues Node, such as organizing block chain 1200 includes the first tissue node 1202, and tissue block chain 1300 includes identity block chain to be certified Node 1204, wherein：

The first tissue node 1202, for sending identity information certification request to identity block chain node to be certified.

Identity block chain node 1204 to be certified, for returning to corresponding digital certificate according to identity information certification request.

The first tissue node 1202, for obtaining the corresponding tissue check information of digital certificate, tissue check information includes Root information identifies tissue check information according to the protocol algorithm arranged with authenticating authority center, is authenticated according to recognition result wait recognize Demonstrate,prove the organizational identities of identity block chain node.

Authenticating authority central server 1206 issues digital certificate for the organization node into tissue block chain.

Specifically, identification authentication data processing system includes but is not limited in block catenary system and external authenticating authority The heart, block catenary system include but is not limited to multiple tissue block chains, such as tissue block chain 1200 and tissue block chain 1300, often A tissue block chain includes multiple organization nodes, and such as organizing block chain 1200 includes the first tissue node 1202, organizes block chain 1300 include identity block chain node 1204 to be certified.The first tissue node 1202 and 1204 He of identity block chain node to be certified The corresponding authenticating authority central server 1206 of external authority authentication center establishes connection, and the first tissue node 1202 is to be certified Identity block chain node 1204 sends identity information certification request, and it is corresponding to indicate that identity block chain node 1204 to be certified returns For digital certificate to the first tissue node 1202, the first tissue node 1202 obtains the corresponding tissue verification letter of the digital certificate returned Breath, tissue check information includes root information, identifies tissue check information, root according to the protocol algorithm arranged with authenticating authority center The organizational identities of identity block chain node to be certified are authenticated according to recognition result.And authenticating authority central server 1206 is to tissue area Each organization node in block chain issues digital certificate.

In one embodiment, the organization node in block chain is organized to be also used to send number to authenticating authority central server The request of word certificate request, applying digital certificate request include that current organization identifies.

Authenticating authority central server 1206 is also used to the current organization information corresponding with current organization mark root is written The tissue of digital certificate recognizes region, generates Contemporary Digital certificate corresponding with current organization mark, the root of Contemporary Digital certificate Information is authenticating authority central information, and Contemporary Digital certificate is sent to applying digital certificate and requests corresponding destination organization section Point.

Destination organization node is also used to the digital certificate received be written in block sequence block.

Wherein, applying digital certificate request is the request for applying for corresponding digital certificate to authenticating authority center, number The request of word certificate request includes that current organization identifies, and current organization mark is currently to issue applying digital certificate for unique identification Request the block chain tissue where block chain node.Specifically, the first tissue node 1202 or identity block chain to be certified Other organization nodes in node 1204 or block chain tissue send digital certificate Shen to authenticating authority central server 1206 It please request, firstly, authenticating authority central server 1206 is corresponding with current organization mark according to applying digital certificate request Current organization information, then by current organization information write-in root digital certificate tissue recognize region, generate with current organization mark Know corresponding Contemporary Digital certificate, the root information of Contemporary Digital certificate is authenticating authority central information, and Contemporary Digital certificate is sent out It send to applying digital certificate and requests corresponding destination organization node.The destination organization node, which refers to, issues applying digital certificate request Block chain organization node, the destination organization node be also used to will the digital certificate that received be written block sequence block in.Specifically The digital certificate received can be written in block sequence block.

In one embodiment, as shown in figure 12, the tissue block chain 1200 where the first tissue node 1202 includes the One organization node 1202, secondary authentication central node 1222, other organization nodes 1242, identity block chain node 1204 to be certified The tissue block chain 1300 at place includes identity block chain node 1204, secondary authentication central node 1224 and other groups to be certified Node 1244 is knitted, other tissue block chains all include secondary authentication central node and other organization nodes；

Secondary authentication central node 1222 or 1224 is also used to send digital certificate to authenticating authority central server and obtain Take request.

Authenticating authority central server 1206 is also used to send secondary authentication center number according to digital certificate acquisition request Certificate is to secondary authentication central node, and wherein secondary authentication central node is that the digital certificate that authenticating authority center has authenticated is issued Center.

Specifically, the tissue block chain 1200 where the first tissue node 1202 includes the first tissue node 1202, second level Authentication center's node 1222, other organization nodes 1242, the tissue block chain where identity block chain node 1204 to be certified 1300 include identity block chain node 1204 to be certified, secondary authentication central node 1224 and other organization nodes 1244, other Organizing block chain all includes secondary authentication central node and other organization nodes, the secondary authentication center in each block chain tissue Node sends digital certificate acquisition request to authenticating authority central server, and authenticating authority central server 1206 is according to number Certificate acquisition request sends secondary authentication center number certificate to secondary authentication central node, and wherein secondary authentication central node is The digital certificate that external authority authentication center has authenticated issues center.

In one embodiment, other organization nodes 1242 or 1244, for sending number card to secondary authentication center Book application request, applying digital certificate request include that current organization identifies.

Secondary authentication central node 1222 or 1224 is also used to current organization information corresponding with current organization mark The root information of secondary authentication center number certificate is written, generates Contemporary Digital certificate corresponding with current organization mark, current number The tissue identification region of word certificate is secondary authentication central information, and Contemporary Digital certificate is sent to applying digital certificate request pair The destination organization node answered.

Destination organization node is also used to the digital certificate received be written in block sequence block.

Specifically, other organization nodes in block chain is organized to send applying digital certificate request to secondary authentication center, Applying digital certificate request includes that current organization identifies, and the secondary authentication central node in each tissue block chain will be with current group The root information for identifying corresponding current organization information write-in secondary authentication center number certificate is knitted, is generated and current organization mark pair The tissue identification region of the Contemporary Digital certificate answered, Contemporary Digital certificate is secondary authentication central information, by Contemporary Digital certificate It is sent to applying digital certificate and requests corresponding destination organization node.And the digital certificate received is written destination organization node In block chain block.

In one embodiment, the first tissue node 1202 is also used to according to the protocol algorithm with authenticating authority center agreement The root information for identifying digital certificate, when root information is authenticating authority central information, according to the association arranged with authenticating authority center The tissue for discussing algorithm identification digital certificate recognizes area information.

The tissue identification area information that the first tissue node 1202 is also used to be obtained according to identification determines identity area to be certified The organizational identities of block chain node.

In one embodiment, the first tissue node 1202 is also used to according to the protocol algorithm with authenticating authority center agreement Identify digital certificate root information, when root information be secondary authentication central information when, according to secondary authentication central information determine to The organizational identities of authenticating identity block chain node.

In one embodiment, as shown in figure 13, a kind of identification authentication data processing unit is provided, which includes：

Identity information certification request sending module 1302 is recognized for sending identity information to identity block chain node to be certified Card request, identity information certification request are used to indicate identity block chain node to be certified and return to corresponding digital certificate.

Check information is organized to obtain module 1304, for obtaining the corresponding tissue check information of digital certificate, tissue verification Information includes root information.

Organizational identities identification module 1306, for according to the protocol algorithm identification tissue verification with authenticating authority center agreement Information authenticates the organizational identities of identity block chain node to be certified according to recognition result.

In one embodiment, as shown in figure 14, which further includes：

Applying digital certificate request sending module 1402, for sending applying digital certificate request to authenticating authority center, Applying digital certificate request include current organization identify, applying digital certificate request be used to indicate authenticating authority center will with it is current The tissue of the corresponding current organization information write-in root digital certificate of organization identification recognizes region, generates corresponding with current organization mark Contemporary Digital certificate, the root information of Contemporary Digital certificate is authenticating authority central information.

For receiving Contemporary Digital certificate current organization is written in Contemporary Digital certificate by digital certificate receiving module 1404 Block chain block in.

In one embodiment, as shown in figure 15, which further includes：

Applying digital certificate request sending module 1502, for sending applying digital certificate request to secondary authentication center, Applying digital certificate request include current organization identify, applying digital certificate request be used to indicate secondary authentication center will with it is current The root information of the corresponding current organization information write-in secondary authentication center number certificate of organization identification, generates and identifies with current organization The tissue identification region of corresponding Contemporary Digital certificate, Contemporary Digital certificate is secondary authentication central information, secondary authentication center The digital certificate authenticated for authenticating authority center issues center.

For receiving Contemporary Digital certificate current organization is written in Contemporary Digital certificate by digital certificate writing module 1504 Block chain block in.

In one embodiment, organizational identities identification module 1306 is also used to according to the agreement with authenticating authority center agreement Algorithm identifies the root information of digital certificate, true according to secondary authentication central information when root information is secondary authentication central information The organizational identities of fixed identity block chain node to be certified.

In one embodiment, organizational identities identification module 1306 is also used to according to the agreement with authenticating authority center agreement Algorithm identifies the root information of digital certificate, when root information is authenticating authority central information, arranges according to authenticating authority center Protocol algorithm identification digital certificate tissue recognize area information, according to identification obtain tissue identification area information determine to The organizational identities of authenticating identity block chain node.

Figure 16 shows the internal structure chart of computer equipment in one embodiment.The computer equipment specifically can be figure The first tissue node 120 in 1.As shown in figure 16, it includes passing through system bus which, which includes the computer equipment, Processor, memory, network interface, input unit and the display screen of connection.Wherein, memory includes non-volatile memory medium And built-in storage.The non-volatile memory medium of the computer equipment is stored with operating system, can also be stored with computer program, When the computer program is executed by processor, processor may make to realize identification authentication data processing method.In the built-in storage Computer program can also be stored, when which is executed by processor, processor may make to execute identification authentication data Processing method.The display screen of computer equipment can be liquid crystal display or electric ink display screen, computer equipment it is defeated Entering device can be the touch layer covered on display screen, be also possible to the key being arranged on computer equipment shell, trace ball or Trackpad can also be external keyboard, Trackpad or mouse etc..

It will be understood by those skilled in the art that structure shown in Figure 16, only part relevant to application scheme The block diagram of structure, does not constitute the restriction for the computer equipment being applied thereon to application scheme, and specific computer is set Standby may include perhaps combining certain components or with different component layouts than more or fewer components as shown in the figure.

In one embodiment, identification authentication data processing unit provided by the present application can be implemented as a kind of computer journey The form of sequence, computer program can be run in computer equipment as shown in figure 16.It can be deposited in the memory of computer equipment Storage forms each program module of the identification authentication data processing unit, for example, identity information certification request shown in Figure 13 is sent out Module, tissue check information is sent to obtain module and organizational identities identification module.The computer program that each program module is constituted makes It obtains processor and executes the step in the identification authentication data processing method of each embodiment of the application described in this specification.

For example, computer equipment shown in Figure 16 can be by identification authentication data processing unit as shown in fig. 13 that Identity information certification request sending module executes to identity block chain node to be certified and sends identity information certification request, identity letter Breath certification request is used to indicate identity block chain node to be certified and returns to corresponding digital certificate.Computer equipment can pass through tissue Check information obtains module and executes the corresponding tissue check information of acquisition digital certificate, and tissue check information includes root information.Meter Calculating machine equipment can be executed by organizational identities identification module according to the protocol algorithm identification tissue school with authenticating authority center agreement Information is tested, the organizational identities of identity block chain node to be certified are authenticated according to recognition result.

In one embodiment it is proposed that a kind of computer equipment, including memory and processor, the memory storage There is computer program, when the computer program is executed by the processor, so that the processor executes following steps：To Authenticating identity block chain node sends identity information certification request, and identity information certification request is used to indicate identity block to be certified Chain node returns to corresponding digital certificate；The corresponding tissue check information of digital certificate is obtained, tissue check information includes root letter Breath；Tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, and body to be certified is authenticated according to recognition result The organizational identities of part block chain node.

In one embodiment, the computer program also makes the processor execute following steps：To authenticating authority Center sends applying digital certificate request, and applying digital certificate request includes that current organization identifies, and applying digital certificate request is used The tissue for identifying corresponding current organization information write-in root digital certificate with current organization is recognized in instruction authenticating authority center Region, generates Contemporary Digital certificate corresponding with current organization mark, and the root information of Contemporary Digital certificate is authenticating authority center Information；Contemporary Digital certificate is received, it will be in the block chain block of Contemporary Digital certificate write-in current organization.

In one embodiment, the computer program also makes the processor execute following steps：To secondary authentication Center sends applying digital certificate request, and applying digital certificate request includes that current organization identifies, and applying digital certificate request is used Secondary authentication center number certificate is written into current organization information corresponding with current organization mark in instruction secondary authentication center Root information, generate corresponding with current organization mark Contemporary Digital certificate, it is two that the tissue of Contemporary Digital certificate, which recognizes region, Grade authentication center information, secondary authentication center are that the digital certificate that authenticating authority center has authenticated issues center；Receive current number Word certificate, will be in the block chain block of Contemporary Digital certificate write-in current organization.

In one embodiment, tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, according to Recognition result authenticates the organizational identities of identity block chain node to be certified, including：According to the agreement arranged with authenticating authority center Algorithm identifies the root information of digital certificate, true according to secondary authentication central information when root information is secondary authentication central information The organizational identities of fixed identity block chain node to be certified.

In one embodiment, tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, according to Recognition result authenticates the organizational identities of identity block chain node to be certified, including：According to the agreement arranged with authenticating authority center Algorithm identifies the root information of digital certificate, when root information is authenticating authority central information, arranges according to authenticating authority center Protocol algorithm identification digital certificate tissue recognize area information；According to identification obtain tissue identification area information determine to The organizational identities of authenticating identity block chain node.

In one embodiment it is proposed that a kind of computer readable storage medium, is stored with computer program, the calculating When machine program is executed by processor, so that the processor executes following steps：Body is sent to identity block chain node to be certified Part authentification of message request, identity information certification request are used to indicate identity block chain node to be certified and return to corresponding number card Book；The corresponding tissue check information of digital certificate is obtained, tissue check information includes root information；According to authenticating authority center about Fixed protocol algorithm identifies tissue check information, and the organizational identities of identity block chain node to be certified are authenticated according to recognition result.

In one embodiment, the computer program also makes the processor execute following steps：To authenticating authority Center sends applying digital certificate request, and applying digital certificate request includes that current organization identifies, and applying digital certificate request is used The tissue for identifying corresponding current organization information write-in root digital certificate with current organization is recognized in instruction authenticating authority center Region, generates Contemporary Digital certificate corresponding with current organization mark, and the root information of Contemporary Digital certificate is authenticating authority center Information；Contemporary Digital certificate is received, it will be in the block chain block of Contemporary Digital certificate write-in current organization.

In one embodiment, the computer program also makes the processor execute following steps：To secondary authentication Center sends applying digital certificate request, and applying digital certificate request includes that current organization identifies, and applying digital certificate request is used Secondary authentication center number certificate is written into current organization information corresponding with current organization mark in instruction secondary authentication center Root information, generate corresponding with current organization mark Contemporary Digital certificate, it is two that the tissue of Contemporary Digital certificate, which recognizes region, Grade authentication center information, secondary authentication center are that the digital certificate that authenticating authority center has authenticated issues center；Receive current number Word certificate, will be in the block chain block of Contemporary Digital certificate write-in current organization.

In one embodiment, tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, according to Recognition result authenticates the organizational identities of identity block chain node to be certified, including：According to the agreement arranged with authenticating authority center Algorithm identifies the root information of digital certificate, true according to secondary authentication central information when root information is secondary authentication central information The organizational identities of fixed identity block chain node to be certified.

In one embodiment, tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, according to Recognition result authenticates the organizational identities of identity block chain node to be certified, including：According to the agreement arranged with authenticating authority center Algorithm identifies the root information of digital certificate, when root information is authenticating authority central information, arranges according to authenticating authority center Protocol algorithm identification digital certificate tissue recognize area information；According to identification obtain tissue identification area information determine to The organizational identities of authenticating identity block chain node.

Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be with Relevant hardware is instructed to complete by computer program, the program can be stored in a non-volatile computer and can be read In storage medium, the program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein, provided herein Each embodiment used in any reference to memory, storage, database or other media, may each comprise non-volatile And/or volatile memory.Nonvolatile memory may include that read-only memory (ROM), programming ROM (PROM), electricity can be compiled Journey ROM (EPROM), electrically erasable ROM (EEPROM) or flash memory.Volatile memory may include random access memory (RAM) or external cache.By way of illustration and not limitation, RAM is available in many forms, such as static state RAM (SRAM), dynamic ram (DRAM), synchronous dram (SDRAM), double data rate sdram (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronization link (Synchlink) DRAM (SLDRAM), memory bus (Rambus) directly RAM (RDRAM), straight Connect memory bus dynamic ram (DRDRAM) and memory bus dynamic ram (RDRAM) etc..

Each technical characteristic of above embodiments can be combined arbitrarily, for simplicity of description, not to above-described embodiment In each technical characteristic it is all possible combination be all described, as long as however, the combination of these technical characteristics be not present lance Shield all should be considered as described in this specification.

The several embodiments of the application above described embodiment only expresses, the description thereof is more specific and detailed, but simultaneously The limitation to the application the scope of the patents therefore cannot be interpreted as.It should be pointed out that for those of ordinary skill in the art For, without departing from the concept of this application, various modifications and improvements can be made, these belong to the guarantor of the application Protect range.Therefore, the scope of protection shall be subject to the appended claims for the application patent.

Claims (15)

1. a kind of identification authentication data processing method, including：

Identity information certification request is sent to identity block chain node to be certified, the identity information certification request is used to indicate institute It states identity block chain node to be certified and returns to corresponding digital certificate；

The corresponding tissue check information of the digital certificate is obtained, the tissue check information includes root information；

Identify the tissue check information according to the protocol algorithm arranged with authenticating authority center, authenticated according to recognition result described in The organizational identities of identity block chain node to be certified.

2. the method according to claim 1, wherein the method also includes：

Applying digital certificate request is sent to authenticating authority center, the applying digital certificate request includes that current organization identifies, The applying digital certificate request is used to indicate the authenticating authority center will be current group corresponding with current organization mark The tissue identification region for knitting information write-in root digital certificate, generates Contemporary Digital certificate corresponding with current organization mark, The root information of the Contemporary Digital certificate is authenticating authority central information；

The Contemporary Digital certificate is received, it will be in the block chain block of Contemporary Digital certificate write-in current organization.

3. the method according to claim 1, wherein the method also includes：

Applying digital certificate request is sent to secondary authentication center, the applying digital certificate request includes that current organization identifies, The applying digital certificate request is used to indicate the secondary authentication center will be current group corresponding with current organization mark The root information for knitting information write-in secondary authentication center number certificate generates Contemporary Digital card corresponding with current organization mark The tissue identification region of book, the Contemporary Digital certificate is secondary authentication central information, and the secondary authentication center is recognized for authority The digital certificate that card center has authenticated issues center；

The Contemporary Digital certificate is received, it will be in the block chain block of Contemporary Digital certificate write-in current organization.

4. the method according to claim 1, wherein the protocol algorithm that the basis is arranged with authenticating authority center It identifies the tissue check information, the organizational identities of the identity block chain node to be certified is authenticated according to recognition result, including：

The root information that the digital certificate is identified according to the protocol algorithm arranged with authenticating authority center, when the root information is two When grade authentication center's information, the tissue body of the identity block chain node to be certified is determined according to the secondary authentication central information Part.

5. the method according to claim 1, wherein the protocol algorithm that the basis is arranged with authenticating authority center It identifies the tissue check information, the organizational identities of the identity block chain node to be certified is authenticated according to recognition result, including：

The root information that the digital certificate is identified according to the protocol algorithm arranged with authenticating authority center, when the root information is power When prestige authentication center information, identify that the tissue of the digital certificate recognizes area according to the protocol algorithm arranged with authenticating authority center Domain information；

The tissue identification area information obtained according to identification determines the organizational identities of the identity block chain node to be certified.

6. a kind of identification authentication data processing system, which is characterized in that the system comprises：

Multiple tissue block chains, each tissue block chain include multiple organization nodes, and the first tissue node is used for body to be certified Part block chain node sends identity information certification request；

The identity block chain node to be certified, for returning to corresponding digital certificate according to the identity information certification request；

The first tissue node, for obtaining the corresponding tissue check information of the digital certificate, the tissue check information Including root information, the tissue check information is identified according to the protocol algorithm arranged with authenticating authority center, according to recognition result Authenticate the organizational identities of the identity block chain node to be certified；

Authenticating authority central server issues digital certificate for the organization node into tissue block chain.

7. system according to claim 6, which is characterized in that the organization node in the tissue block chain is also used to power Prestige authentication center server sends applying digital certificate request, and the applying digital certificate request includes that current organization identifies；

The authenticating authority central server is also used to the current organization information corresponding with current organization mark root is written The tissue of digital certificate recognizes region, generates Contemporary Digital certificate corresponding with current organization mark, the Contemporary Digital The root information of certificate is authenticating authority central information, and the Contemporary Digital certificate is sent to the applying digital certificate request pair The destination organization node answered；

The destination organization node is also used to the digital certificate received be written in block sequence block.

8. system according to claim 6, which is characterized in that the organization node in the tissue block chain includes that second level is recognized Demonstrate,prove central node and other organization nodes；

The secondary authentication central node is also used to send digital certificate acquisition request to the authenticating authority central server, The digital certificate acquisition request includes the current organization mark where current secondary authentication central node；

The authenticating authority central server is also used to the current organization mark where with the current secondary authentication central node The tissue identification region for knowing corresponding current organization information write-in root digital certificate, generates and the current secondary authentication centromere Current organization where point identifies corresponding secondary authentication center number certificate, the root letter of the secondary authentication center number certificate Breath is authenticating authority central information, by the secondary authentication center number certificate to the secondary authentication central node, wherein institute Stating secondary authentication central node is that the digital certificate that the authenticating authority center has authenticated issues center.

9. system according to claim 8, which is characterized in that other described organization nodes are used for the secondary authentication Center sends applying digital certificate request, and the applying digital certificate request includes that current organization identifies；

The secondary authentication central node is also used to the current organization information corresponding with current organization mark second level is written The root information of authentication center's digital certificate generates Contemporary Digital certificate corresponding with current organization mark, the current number The tissue identification region of word certificate is secondary authentication central information, and the Contemporary Digital certificate is sent to the digital certificate Shen It please request corresponding destination organization node；

The destination organization node is also used to the digital certificate received be written in block sequence block.

10. system according to claim 6, which is characterized in that the first tissue node is also used to basis and the power The protocol algorithm of prestige authentication center agreement identifies the root information of the digital certificate, when the root information is authenticating authority center letter When breath, identify that the tissue of the digital certificate recognizes area information according to the protocol algorithm arranged with authenticating authority center；

The tissue identification area information that the first tissue node is also used to be obtained according to identification determines the identity area to be certified The organizational identities of block chain node.

11. system according to claim 6, which is characterized in that the first tissue node is also used to basis and the power The protocol algorithm of prestige authentication center agreement identifies the root information of the digital certificate, when the root information is secondary authentication center letter When breath, the organizational identities of the identity block chain node to be certified are determined according to the secondary authentication central information.

12. a kind of identification authentication data processing unit, which is characterized in that described device includes：

Identity information certification request sending module, for sending identity information certification request to identity block chain node to be certified, The identity information certification request is used to indicate the identity block chain node to be certified and returns to corresponding digital certificate；

Check information is organized to obtain module, for obtaining the corresponding tissue check information of the digital certificate, the tissue verification Information includes root information；

Organizational identities identification module, for identifying that the tissue verification is believed according to the protocol algorithm with authenticating authority center agreement Breath, the organizational identities of the identity block chain node to be certified are authenticated according to recognition result.

13. device according to claim 12, which is characterized in that described device further includes：

Applying digital certificate request sending module, for sending applying digital certificate request, the number to authenticating authority center Certificate request request includes that current organization identifies, and applying digital certificate request is used to indicate the authenticating authority center will be with The current organization identifies the tissue identification region of corresponding current organization information write-in root digital certificate, generates and described current The corresponding Contemporary Digital certificate of organization identification, the root information of the Contemporary Digital certificate are authenticating authority central information；

For receiving the Contemporary Digital certificate current organization is written in the Contemporary Digital certificate by digital certificate receiving module Block chain block in.

14. a kind of computer readable storage medium is stored with computer program, when the computer program is executed by processor, So that the processor is executed such as the step of any one of claims 1 to 5 the method.

15. a kind of computer equipment, including memory and processor, the memory is stored with computer program, the calculating When machine program is executed by the processor, so that the processor executes the step such as any one of claims 1 to 5 the method Suddenly.