CN109743321B

CN109743321B - Block chain, application program, and user authentication method and system of application program

Info

Publication number: CN109743321B
Application number: CN201910006153.XA
Authority: CN
Inventors: 田新雪; 马书惠; 肖征荣
Original assignee: China United Network Communications Group Co Ltd
Current assignee: China United Network Communications Group Co Ltd
Priority date: 2019-01-04
Filing date: 2019-01-04
Publication date: 2022-02-11
Anticipated expiration: 2039-01-04
Also published as: CN109743321A

Abstract

The invention belongs to the technical field of block chains, and relates to a user authentication method and system for an application program based on a block chain, the block chain and the application program. The method comprises the following steps: constructing a block chain comprising a plurality of real-name authentication nodes and management nodes; the application program obtains the mobile phone number of a registered user at least including the application program, sends the mobile phone number of the registered user to a management node of the block chain, and applies for authenticating the personal information authentication level and/or the credit level of the registered user; the management node provides the personal information authentication level and/or the credit level of the registered user associated with the mobile phone number to the application program based on the real-name authentication node according to the mobile phone number of the registered user of the application program; and the application program judges whether the real-name authentication request of the user passes or not according to the application level of the application program and the personal information authentication level and/or credit level of the registered user. The method can provide a convenient, effective and safe user information authentication mode for the application program.

Description

Block chain, application program, and user authentication method and system of application program

Technical Field

The invention belongs to the technical field of block chains, and particularly relates to a user authentication method for an application program based on a block chain, the block chain for user authentication of the application program, the application program for user authentication based on the block chain and a user authentication system for the application program based on the block chain.

Background

The mobile internet application program information service management regulation (hereinafter referred to as the regulation) aims to strengthen the information service regulation of an application program (namely APP), promote the orderly development of industry health and protect the legal rights and interests of individuals. When registering an application, the real name for realizing the application has various forms. According to the requirements of the regulations, the registered user is authenticated based on the real identity information such as the mobile phone number. Different application programs and real-name systems can be different, for example, payment tools such as early WeChat and Paibao finish real-name authentication only by binding a bank card. Because each bank card needs an identity card to be handled. Thus binding the bank card is equivalent to knowing who the actual user of the account is. For other applications, the identity document may need to be uploaded to complete real-name authentication. For example, if a Taobao network wants to open a shop on the platform, the positive and negative photos of the personal handheld identity card need to be uploaded, and the real-name authentication can be completed after the background manual authentication.

The problem brought by the implementation mode is that each application program needs to develop a function for real-name authentication of a user, so that the difficulty and the workload of application program development are increased, and the popularization of some new application programs is blocked; on the other hand, for some small application developers, the user cannot reassure that important information such as the identity card of the user and the like is uploaded to the background of the application for auditing, so that real-name authentication cannot be smoothly performed, and the safety of other users cannot be guaranteed. Under the limitation, the payment related functions of the application programs can only realize payment by means of large application programs such as WeChat and Paibao, and the safety and the convenience of the use of the user are not facilitated.

How to provide convenient, effective and safe user information authentication for an application program becomes a technical problem to be solved urgently at present.

Disclosure of Invention

The technical problem to be solved by the present invention is to provide a user authentication method for an application based on a blockchain, a blockchain for user authentication of an application, an application for user authentication based on a blockchain, and a user authentication system for an application based on a blockchain, aiming at the above-mentioned deficiencies in the prior art, so as to provide a convenient, effective and safe user information authentication mode for an application.

The technical scheme adopted for solving the technical problem of the invention is the user authentication method of the application program based on the block chain, which comprises the following steps:

constructing a block chain comprising a plurality of real-name authentication nodes with databases of information related to the identities of the public users and a management node;

the management node provides the personal information authentication level and/or the credit level of the registered user associated with the mobile phone number to the application program based on the real-name authentication node according to the mobile phone number of the registered user of the application program;

the real-name authentication nodes at least comprise any one of communication operation nodes, bank nodes and administrative department nodes, and the management nodes are the Ministry of industry and information nodes.

A user authentication method of an application program based on a block chain comprises the following steps:

the application program obtains a mobile phone number at least comprising a registered user applying for the application program;

the application program sends the mobile phone number of the registered user to a management node of the block chain, and applies for authenticating the personal information authentication level and/or the credit level of the registered user;

and the application program judges whether the real-name authentication request of the user passes or not according to the application level of the application program and the personal information authentication level and/or credit level of the registered user returned by the block chain.

the application program sends the mobile phone number of the registered user to the management node of the block chain, and applies for authenticating the personal information authentication level and/or the credit level of the registered user;

the application program judges whether the real-name authentication request of the user passes or not according to the application level of the application program and the personal information authentication level and/or credit level of the registered user returned by the block chain;

Preferably, the step of constructing a blockchain including a plurality of real-name authentication nodes having a database of information related to identities of mass users and a management node includes:

the management node establishes an founding block of the block chain, the founding block comprises an identification of the management node, a public key and record information of identity information of a founder, and the record information is signed by using a private key of the management node;

a functional user node with a database of information related to the identities of public users inquires the information of the founding block and extracts the address of the management node;

the functional user node sends application information to the management node to apply for becoming the real-name system authentication node, wherein the application information comprises an identification, a public key and identity information of the functional user node, and a private key of the functional user node is used for signing, and the identity information at least comprises a company name, a legal representative, registered capital, a registered address, an enterprise registration number and establishment time of a functional department;

the management node receives the application of the functional user node, verifies the authentication qualification of the functional user node and the filing information of the corresponding functional user obtained through a non-block chain way, and judges whether the functional user node has real-name authentication qualification;

the management node encrypts and broadcasts the attribute information of the approved functional user node with the real-name system authentication qualification to the block chain by using a private key of the management node, and announces that the functional user node becomes the real-name system authentication node, wherein the attribute information comprises an identifier and a public key of the real-name system authentication node;

and the management node stores the attribute information of all the real-name authentication nodes in a local list.

Preferably, before the functional user node queries the information of the founder block and extracts the address of the management node, the method further includes a step of confirming the management node and the authenticity qualification thereof in the block chain, and the step includes:

the functional user node broadcasts confirmation information to the block chain, wherein the confirmation information comprises an identification, a public key and identity information of the functional user node, and a private key of the functional user node is used for signature;

the functional user node sends inquiry information of the created block to at least one adjacent node of the block chain, and the inquiry information is signed by using a private key of the functional node;

and the functional user node confirms the authenticity of the created region node of the block chain through the authenticity information of the created region returned by the adjacent node or the percentage of the authenticity information of the created region returned by more than two adjacent nodes.

Preferably, the step of providing, by the management node, the personal information authentication level and/or the credit level of the registered user associated with the mobile phone number to the application program based on the real-name authentication node according to the mobile phone number of the registered user includes:

the management node receives the mobile phone number sent by the application program;

the management node inquires whether the authentication information of the user corresponding to the mobile phone number is stored in a local account book of the management node according to the mobile phone number:

if the authentication information of the user corresponding to the mobile phone number is stored in the local account book, sending the personal information authentication level of the user corresponding to the mobile phone number to the application program;

if the authentication information of the user corresponding to the mobile phone number is not stored in the local account book, the management node sends broadcast information to the blockchain, the real-name authentication node is inquired about the personal information authentication level and the credit level of the user corresponding to the mobile phone number, and the broadcast information is signed by using a private key of the management node;

the real-name system authentication node receives the broadcast message of the management node, inquires the user personal information authentication level and the credit level of the mobile phone number corresponding to the local database of the real-name system authentication node, and broadcasts an inquiry result to the block chain, wherein the inquiry result is signed by using a private key of the real-name system authentication node;

and the management node receives the query structure broadcast by the real-name authentication node, and sends the user personal information authentication level and/or credit level corresponding to the mobile phone number in the query result to the application program.

Preferably, before the application program sends the mobile phone number of the registered user to the management node and applies for authentication of the personal information authentication level and/or the credit level of the registered user, the method further provides the registered user verification query service of the application program to an internet network other than the local block chain, and includes:

the application program sends a short message to the registered user through an industry gateway of a communication operator according to the mobile phone number of the registered user so as to provide a verification code:

if the registered user can not input the correct verification code in the application program, canceling the subsequent registration process;

and if the registered user can input the correct verification code in the application program, entering the real identity authentication process of the registered user.

A blockchain for user authentication of an application comprising a building module and an authentication module, wherein:

the building module is configured for building a block chain comprising a plurality of real-name authentication nodes with databases of information related to the identities of the public users and a management node;

the authentication module is configured to provide, by the management node, a personal information authentication level and/or a credit level of a registered user associated with the mobile phone number to the application program based on the real-name authentication node according to the mobile phone number of the registered user of the application program;

The utility model provides an application program based on block chain carries out user authentication, its includes acquires module, applies for the module and judges the module, wherein:

the acquisition module is configured to allow the application program to acquire a mobile phone number at least comprising a registered user applying for the application program;

the application module is configured to enable the application program to send the mobile phone number of the registered user to a management node of the block chain, and apply for authenticating the personal information authentication level and/or the credit level of the registered user;

and the judging module is configured to judge whether the application program passes the real-name authentication request of the user according to the application level of the application program and the personal information authentication level and/or the credit level of the registered user returned by the block chain.

A user authentication system of an application program based on a block chain comprises a block chain architecture and an application program architecture, wherein the block chain architecture comprises a construction module and an authentication module, the application program architecture comprises an acquisition module, an application module and a judgment module, and the application program architecture comprises:

the application module is configured to enable the application program to send the mobile phone number of the registered user to the management node of the block chain, and apply for authenticating the personal information authentication level and/or the credit level of the registered user;

the authentication module is configured to provide, by the management node, a personal information authentication level and/or a credit level of the registered user associated with the mobile phone number to the application program based on the real-name authentication node according to the mobile phone number of the registered user of the application program;

the judging module is configured to allow the application program to judge whether the real-name authentication request of the user passes or not according to the application level of the application program and the personal information authentication level and/or credit level of the registered user returned by the block chain;

Preferably, the building module comprises a management node module and a functional user node module, wherein the management node module comprises a creating block establishing unit, an auditing unit, a publishing unit and a storage unit, and the functional user node module comprises an address acquiring unit and an applying unit, wherein:

the creating block establishing unit is configured to establish a creating block of the block chain for the management node, the creating block includes an identifier of the management node, a public key and record information of identity information of a creator, and the record information is signed by using a private key of the management node;

the address acquisition unit is configured to be used for a functional user node of a database with information related to the identities of public users to query the information of the created area and extract the address of the management node;

the application unit is configured to enable the functional user node to send an application information application to the management node to become the real-name system authentication node, the application information includes an identifier of the functional user node, a public key and identity information, and a private key of the functional user node is used for signing, and the identity information at least includes a company name, a legal representative, registered capital, a registered address, an enterprise registration number and establishment time of a functional department;

the auditing unit is configured to enable the management node to receive the application of the functional user node, audit the authentication qualification of the functional user node and record information of the corresponding functional user obtained through a non-block chain way, and judge whether the functional user node has real-name authentication qualification;

the declaring unit is configured to allow the management node to encrypt the attribute information of the audited functional user node with real-name system authentication qualification by using a private key of the management node and broadcast the encrypted attribute information to the block chain, and declare the functional user node to be the real-name system authentication node, wherein the attribute information comprises an identifier and a public key of the real-name system authentication node;

the storage unit is configured to store, by the management node, attribute information of all the real-name authentication nodes in a local list.

Preferably, the functional user node module further includes a preposed verification unit for confirming the management node and its authenticity qualification in the block chain, and is configured to:

the functional user node sends query information of the created block to at least one adjacent node of the block chain, and the query information is signed by using a private key of the functional node;

Preferably, the authentication module comprises an interface module, a local query module, and a network query module, and the network query module comprises a collaborative query request unit, a database query unit, and a receiving unit, wherein:

the interface module is configured to allow the management node to receive the mobile phone number sent by the application program;

the local query module is configured to allow the management node to query whether the local account book stores the authentication information of the user corresponding to the mobile phone number according to the mobile phone number:

if the authentication information of the user corresponding to the mobile phone number is not stored in the local account book, the collaborative query request unit is configured to allow the management node to send broadcast information to the blockchain, query the real-name authentication node for the personal information authentication level and the credit level of the user corresponding to the mobile phone number, and sign the broadcast information by using the private key of the management node;

the database query unit is configured to allow the real-name system authentication node to receive the broadcast message of the management node, query the user personal information authentication level and the credit level of the mobile phone number corresponding to the local database of the mobile phone number, and broadcast a query result to the block chain, wherein the query result is signed by using a private key of the real-name system authentication node;

the receiving unit is configured to allow the management node to receive the query structure broadcast by the real-name authentication node, and send the user personal information authentication level and/or credit level corresponding to the mobile phone number in the query result to the application program.

Preferably, the application program framework further includes an external verification module for providing the registered user verification query service of the application program to the internet outside the non-local block link, where the external verification module is configured to allow the application program to send a short message to the registered user through an industry gateway of a communication operator to provide a verification code according to the mobile phone number of the registered user acquired by the acquisition module:

The invention has the beneficial effects that:

the user authentication method of the application program based on the block chain, the block chain for the user authentication of the application program, the application program for the user authentication based on the block chain and the user authentication system of the application program based on the block chain, provided by the invention, use the existing personal identity information of the user in functional departments such as various operators, banks, administration departments and the like to provide different levels of identity authentication service for various different application programs, reduce the development difficulty and workload of application program developers, reduce the difficulty of application program development, reduce the complicated authentication process of each application program on the user identity, facilitate the user registration and use of the application program, facilitate the development and popularization of more application programs, and are also more beneficial to the popularization and use of block chain service.

Drawings

Fig. 1 is a flowchart of a user authentication method for a blockchain-based application according to embodiment 1 of the present invention;

fig. 2 is a block diagram of a blockchain for user authentication of an application according to embodiment 1 of the present invention;

fig. 3 is a flowchart of a user authentication method for a blockchain-based application according to embodiment 2 of the present invention;

fig. 4 is a block diagram of an application program for user authentication based on a blockchain according to embodiment 2 of the present invention;

fig. 5 is a flowchart of a user authentication method for a blockchain-based application according to embodiment 3 of the present invention;

fig. 6 is a flowchart illustrating the detailed steps of step S31) in fig. 5;

fig. 7 is a flowchart illustrating the detailed steps of step S34) in fig. 5;

fig. 8 is a block diagram of a user authentication system of an application based on a blockchain according to embodiment 3 of the present invention;

fig. 9 is an architecture diagram of a user authentication system for blockchain-based applications according to embodiment 3 of the present invention;

FIG. 10 is a block diagram of the construction module of FIG. 8;

FIG. 11 is a block diagram of the authentication module of FIG. 8;

in the drawings, wherein:

1-block chain architecture, 11-construction module, 111-management node module, 1111-creation block establishment unit, 1112-auditing unit, 1113-declaration unit, 1114-storage unit, 112-functional user node module, 1120-preposed verification unit, 1121-address acquisition unit, 1122-application unit, 12-authentication module, 121-interface module, 122-local query module, 123-network query module, 1231-collaborative query request unit, 1232-database query unit and 1233-receiving unit;

2-application program structure, 21-acquisition module, 22-application module, 23-judgment module.

Detailed Description

In order to make those skilled in the art better understand the technical solution of the present invention, the following describes in detail a user authentication method for an application based on a blockchain, a blockchain for user authentication of an application, an application for user authentication based on a blockchain, and a user authentication system for an application based on a blockchain according to the present invention with reference to the accompanying drawings and the detailed description.

Example 1:

as an aspect of the present invention, this embodiment provides a method for authenticating a user of an application based on a blockchain, as shown in fig. 1, including the steps of:

step S11): constructing a block chain comprising a plurality of real-name authentication nodes with databases of information related to the identities of the public users and a management node;

step S12): and the management node provides the personal information authentication level and/or the credit level of the registered user associated with the mobile phone number to the application program based on the real-name authentication node according to the mobile phone number of the registered user of the application program.

Accordingly, as shown in fig. 2, the present embodiment provides a blockchain for user authentication of an application, which includes a building module 11 and an authentication module 12, wherein:

the building module 11 is configured to build a block chain comprising a plurality of real-name authentication nodes with a database of information related to the identities of the public users and a management node;

and the authentication module 12 is configured to provide the management node with the personal information authentication level and/or the credit level of the registered user associated with the mobile phone number to the application program based on the real-name authentication node according to the mobile phone number of the registered user of the application program.

A blockchain is a decentralized database that contains a list of what are called blocks, with records that are growing and aligned. Each tile contains a timestamp and a link to the previous tile: the blockchain is designed so that the data is not tamperable — once recorded, the data in one block will not be reversible. The blockchain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm. The consensus mechanism is a mathematical algorithm for establishing trust and obtaining rights and interests among different nodes in the blockchain system. The block chain is a string of data blocks generated by using a cryptographic method, and each data block contains information of one authentication for verifying the validity (anti-counterfeiting) of the information and generating a next block. In a narrow sense, the blockchain is a distributed account book which is a chain data structure formed by combining data blocks in a sequential connection mode according to a time sequence and is guaranteed in a cryptographic mode and cannot be tampered and forged. Broadly, the blockchain technique is a completely new distributed infrastructure and computing that utilizes blockchain data structures to verify and store data, distributed node consensus algorithms to generate and update data, cryptographic means to secure data transmission and access, and intelligent contracts composed of automated script code to program and manipulate data. Blockchain design is a protective measure, such as (applied to) highly fault-tolerant distributed computing systems. Block chains enable mixed consistency. This makes the blockchain suitable for recording events, titles, query logs and other activities requiring the inclusion of data, identification management, transaction flow management and provenance management. By utilizing a peer-to-peer network and distributed timestamp servers, the blockchain database can be managed autonomously.

In this embodiment, the real-name authentication node at least includes any one of a communication operation type node, a bank type node, and an administrative department type node, and the management node is a title node. That is, the nodes in the blockchain include: the system comprises communication operation nodes (including a communication node, a mobile node, a telecommunication node and the like), bank nodes (including a Chinese bank node, a business bank node, a construction bank node and the like), administrative department nodes (a social security related department node, a public security department node or a post node and the like), a work and credit department node and the like, wherein each node respectively has a public key and a private key thereof. The work and information department, namely the industry and informatization department, corresponding to the work and information department node, the main responsibilities include: examining and approving the industrial, communication and informationized fixed asset investment projects in national planning and annual planning scale; energy conservation, comprehensive utilization of resources and clean production promotion work in the industry and communication industry; guidance and support for small businesses … …. The management information of each unit of communication operators, banks and administrative departments is recorded in the Ministry of industry and information; the information of the service target of each unit is also recorded in the Ministry of industry and communications as the information stock, and particularly, the wide and universal range of each unit service can cover most people nationwide.

In the communication operation class node, a main execution network element is a Home Location Register (HLR for short). The Ministry of industry and telecommunication locally stores the list information of the home location register of the operator of one local block chain, and updates the list information of the home location register of the operator in real time. With the operation and expansion of the block chain, the list also includes the identification and public key of each local operator belonging to the operator node of the block chain, the identification and public key of the home location register, and other information, and each operator node is a unique national home location register.

The home location register is a database responsible for mobile subscriber management, permanently stores and records subscription data of subscribers in the administered area, and dynamically updates the location information of the subscribers so as to provide network routing of the called subscriber in the call service. The home location register is used as the data center of the system, which stores all the location information, service data, account management and other information of the mobile subscriber signed by the home location register, and can provide the inquiry and modification of the location information of the subscriber in real time, and realize various service operations including location updating, call processing, authentication, supplementary service and the like, thus completing the mobility management of the subscriber in the mobile communication network. The home location register and a Mobile Switching Center (MSC) may communicate with each other for call control or processing resource allocation.

The block chain provides a data sharing platform for user authentication of the application program, realizes a user authentication method of the application program based on the block chain, and provides convenient, effective and safe user information authentication for the application program.

Example 2:

as an aspect of the present invention, this embodiment provides a method for authenticating a user of an application based on a blockchain, as shown in fig. 3, including the steps of:

step S21): the application program obtains the mobile phone number of a registered user at least including the application program;

step S22): the application program sends the mobile phone number of the registered user to the management node of the block chain, and applies for authenticating the personal information authentication level and/or the credit level of the registered user;

step S23): and the application program judges whether the real-name authentication request of the user passes according to the application level of the application program and the personal information authentication level and/or credit level of the registered user returned by the blockchain.

Accordingly, as shown in fig. 4, the present embodiment provides an application program for performing user authentication based on a block chain, which includes an obtaining module 21, an applying module 22, and a determining module 23, wherein:

the acquisition module 21 is configured to allow the application program to acquire a mobile phone number of a registered user at least including the application program;

the application module 22 is configured to allow the application program to send the mobile phone number of the registered user to the management node of the block chain, and apply for authenticating the personal information authentication level and/or the credit level of the registered user;

the determining module 23 is configured to allow the application program to determine whether the real-name authentication request of the user passes through the application level of the application program and the personal information authentication level and/or the credit level of the registered user returned by the blockchain.

In this embodiment, the non-blockchain includes various application modules, and an application is a computer program that performs one or more specific tasks, operates in a user mode, can interact with a user, and has a visual user interface.

The application program realizes the user authentication method of the application program based on the block chain by accessing the block chain of the data sharing platform for the user authentication of the application program, and realizes the convenient, effective and safe user information authentication of the application program.

Example 3:

as an aspect of the present invention, this embodiment provides a method for authenticating a user of an application based on a blockchain, as shown in fig. 5, including the steps of:

step S31): and constructing a block chain comprising a plurality of real-name authentication nodes with databases of information related to the identities of the public users and a management node.

In this step, a step of constructing a blockchain including a plurality of real-name authentication nodes having a database of information related to identities of mass users and a management node is performed, as shown in fig. 6, and includes:

step S311): the management node establishes an founding block of the block chain, the founding block comprises the identification of the management node, a public key and record information of identity information of a founder, and the record information is signed by using a private key of the management node.

The industrial and telecommunications department node is used as an originator of the local block chain, and distributes a created block of the local block chain in the block chain by adopting a mode of sending broadcast messages, wherein the created block comprises the following contents: the identity and public key of the Ministry of industry and trust node and identity information of the originator. The broadcast message is signed by the private key of the Ministry of industry and information node and then is broadcast to the block chain, and the created block is used as the first block of the block chain.

The method comprises the steps that the business department node and the letter department node locally store list information of communication operation type nodes, bank type nodes and administrative department type nodes of a block chain respectively, and relevant information of the three types of lists is updated in real time, wherein the lists comprise information of identifications and public keys of all the communication operation type nodes, the bank type nodes and the administrative department type nodes of the block chain. For example, the list of the communication operation class nodes includes the following information: the identifier and the public key of the communication node, the identifier and the public key of the telecommunication node, the identifier and the public key of the mobile node, and the identifiers and the public keys of other operators can also be introduced; the list of the bank class nodes comprises the following information: the identification and public key of the bank node such as the identification and public key of the industrial and commercial bank node, the identification and public key of the construction bank node and the like; the list of administrative department class nodes includes the following information: and the marks and the public keys of the nodes of the government administrative and functional departments, such as the marks and the public keys of the nodes of the social security related department, the marks and the public keys of the nodes of the public security department or the nodes of the police department.

If a new node wants to join the block chain, for example, taking an operator node B who wants to apply for becoming the operator node of the block chain as an example, the following steps may be performed when the node B first accesses the block chain:

step S312): the functional user nodes with the database of information related to the identities of the mass users query the information of the founder blocks and extract the addresses of the management nodes. That is, the node B stores the created block locally, and takes out the address of the originator node of the block chain, i.e., the title node, from the created block.

Step S313): the method comprises the steps that a functional user node sends application information to a management node to apply for becoming a real-name system authentication node, the application information comprises identification, a public key and identity information of the functional user node, a private key of the functional user node is used for signing, and the identity information at least comprises company name, legal representative, registered capital, registered address, enterprise registration number and establishment time of a functional department. That is, the node B sends an application request for an operator node to become the local blockchain to the carrier node, where the request includes information such as the blockchain identifier and the public key of the node B, the company name of the node B, the legal representative (name + identification number), the registered capital, the registered address, the enterprise registration number (registration number such as 569876654324567), and the establishment time.

Step S314): and the management node receives the application of the functional user node, checks the authentication qualification of the functional user node and the filing information of the corresponding functional user obtained through a non-block chain way, and judges whether the functional user node has real-name authentication qualification. That is, the node of the Ministry of industry and information receives the application request of the node B for becoming the communication operation node of the local block chain, and starts the process of checking the operator qualification of the node B.

Step S315): the management node encrypts the attribute information of the approved functional user node with the real-name system authentication qualification by using a private key of the management node and broadcasts the attribute information to the block chain, and declares the functional user node to be the real-name system authentication node, wherein the attribute information comprises an identification and a public key of the real-name system authentication node. If the operator qualification is approved, the Ministry of industry and communications node rechecks the respective basic information reported to the Ministry of industry and communications node by each operator, which is obtained in advance through a non-block chain way in the Ministry of industry and communications node, including the information such as the identification and the public key of the block chain of the node B, if the Ministry of industry and communications node also passes the audit, the Ministry of industry and communications node sends broadcast information to the block chain, declares the node B to become the operator node of the block chain, and broadcasts the broadcast information after being signed by the private key of the Ministry of industry and communications node.

Step S316): the management node stores the attribute information of all real-name authentication nodes in a local list. That is, the carrier node adds the information on the node B to the list information of the operator stored in the carrier node.

Preferably, before the step S312) of querying the information of the created block by the functional user node and extracting the address of the management node, the method further includes a step of confirming the management node and the authenticity and qualification thereof in the block chain, including:

the functional user nodes broadcast confirmation information to the block chain, wherein the confirmation information comprises identification, a public key and identity information of the functional user nodes, and the private keys of the functional user nodes are used for signature;

and the functional user node confirms the authenticity of the created node of the block chain through the authenticity information of the created block returned by the adjacent node or the percentage of the authenticity information of the created node returned by more than two adjacent nodes.

In the process of confirming the management node and the authenticity qualification thereof in the block chain, the node B broadcasts the identity information thereof to the block chain, the broadcast information comprises the operator node identity information, the identifier, the public key and other information of the node B, and the broadcast information is broadcasted to the block chain after being signed by the private key of the node. Then, the node B queries the created block of the block chain from its own neighboring node, and the query request is signed by using the private key of the node B and then sent to each neighboring node. Certainly, the node B may query the created blocks from multiple neighboring nodes, and compare the created blocks returned by the multiple neighboring nodes to determine whether the created blocks are consistent: if the two blocks are consistent, the two blocks are considered to be real created blocks; if not, since the existence of any blockchain assumes that most of the blockchains are good, it can be determined whether the returned information is a real created block by defining whether the returned information has consistency exceeding a certain number percentage threshold. And the node B receives the created block returned from the adjacent node and subjected to correctness verification, stores the created block in the local of the node B, and takes the address of the originator node of the block chain, namely the address of the Ministry of industry and communications node from the created block.

If other bank type nodes and government functional department type nodes want to be added into the block chain, refer to the above steps.

Step S32) the application program obtains the mobile phone number at least including the registered user applying for the application program.

In this step, the application finishes registering the mobile phone number input by the user. Preferably, before proceeding to the next step, the application further provides a service for authenticating and querying a registered user of the application to an internet network other than the local blockchain, including:

the application program sends a short message to the registered user through an industry gateway of a communication operator according to the mobile phone number of the registered user to provide a verification code:

if the registered user can not input the correct verification code in the application program, the subsequent registration process is cancelled;

That is, the industry and information department node provides the application program user verification inquiry service for the INTERNET network outside the non-local area link, for example, when a user registers for using an application program, the user inputs own mobile phone number on the registration interface of the application program, the application program sends a short message verification short message to the user through the industry gateway of the operator, if the user inputs a correct short message verification code, the real identity verification link of the user is entered.

Step S33): and the application program sends the mobile phone number of the registered user to the management node of the block chain, and applies for authenticating the personal information authentication level and/or the credit level of the registered user.

In this step, the application queries the Ministry of industry and telecommunication node for the user's identity, and the application sends the user's mobile phone number to the Ministry of industry and telecommunication node.

Step S34): and the management node provides the personal information authentication level and/or the credit level of the registered user associated with the mobile phone number to the application program based on the real-name authentication node according to the mobile phone number of the registered user of the application program.

In this step, the step in which the management node provides the personal information authentication level and/or the credit level of the registered user associated with the mobile phone number to the application program based on the real-name authentication node according to the mobile phone number of the registered user, as shown in fig. 7, includes:

step S341): the management node receives a mobile phone number sent by an application program;

step S342): the management node inquires whether the authentication information of the user corresponding to the mobile phone number is stored in a local account book of the management node according to the mobile phone number:

step S343): if the authentication information of the user corresponding to the mobile phone number is stored in the local account book, sending the personal information authentication level of the user corresponding to the mobile phone number to the application program;

step S344): if the authentication information of the user corresponding to the mobile phone number is not stored in the local account book, the management node sends broadcast information to the blockchain, inquires the personal information authentication level and the credit level of the user corresponding to the mobile phone number from the real-name authentication node, and the broadcast information uses the private key of the management node to sign;

step S344'): the real-name system authentication node receives the broadcast message of the management node, inquires the corresponding user personal information authentication level and credit level of the mobile phone number in a local database of the real-name system authentication node, broadcasts the inquiry result to the block chain, and the inquiry result is signed by using a private key of the real-name system authentication node;

step S344 "): and the management node receives the query structure broadcast by the real-name authentication node, and sends the user personal information authentication level and/or credit level corresponding to the mobile phone number in the query result to the application program.

The business and information department node receives a personal information authentication request of a certain mobile phone number sent by a certain application program, and firstly inquires whether a block chain account book stored in the business and information department node has authentication information of a user corresponding to the mobile phone number. If the authentication information of the user corresponding to the mobile phone number exists, sending the authentication information to the application program according to the personal information authentication level of the user corresponding to the mobile phone number in the block chain account book; if the authentication information of the user corresponding to the mobile phone number does not exist, broadcast information is sent to the block chain, the authentication information and the credit level of the user corresponding to the hand number are inquired, and the broadcast information is preferably broadcasted after being signed by a private key of a department of industry and information node.

And other functional user nodes in the block chain receive the information broadcast by the Ministry of industry and information, such as the personal information authentication level, the credit level and the like of the user corresponding to the mobile phone number in the own database, and then broadcast the query result to the block chain in a broadcast message mode, wherein the broadcast message is broadcast after being signed by the private key of the node.

The work and trust department node receives the personal information authentication level and credit level of the user corresponding to the mobile phone number broadcasted by the node, and sends the personal information authentication level and credit level of the user corresponding to the mobile phone number in the message to the application program.

Step S35): and the application program judges whether the real-name authentication request of the user passes according to the application level of the application program and the personal information authentication level and/or credit level of the registered user returned by the blockchain.

In this step, after receiving the information authentication level and credit level of the user, the application program determines whether to pass the real-name authentication request of the user according to the personal information authentication level and/or credit level of the user corresponding to the mobile phone number. The application program distinguishes the personal information authentication level and the credit level of the user according to the application level of the application program, and takes part or all of the personal information authentication level and the credit level as assessment objects, such as: the low-level can be authenticated by a mailbox, the general level can be authenticated by a mailbox plus a mobile phone number, the medium-level can be authenticated by a mailbox plus a mobile phone number plus a bank card, the high-level can be authenticated by a mailbox plus a mobile phone number plus a bank card plus a head portrait, and the like, which is not limited herein.

In this embodiment, the real-name authentication node at least includes any one of a communication operation type node, a bank type node, and an administrative department type node, and the management node is a title node.

Any functional user node in the block chain can be used as an accounting node of the block chain, and the broadcast messages in the process are written into a new block and then recorded into an account book of the block chain. That is, if the user authentication method of the application based on the blockchain is used to query the mobile phone number of the service, the blockchain account book has information such as the user personal information authentication level and the credit level corresponding to the number, so that the internal query of the Ministry of industry and communications node is facilitated. Since the functional user nodes related in this embodiment almost cover all regulatory departments related to daily life of people and identity information or credit levels, by accessing the functional user nodes to the block chain to be retrieved and authenticated, it is not necessary to pre-store corresponding information such as personal information authentication levels and credit levels in advance for more than 10 hundred million users in the country (for example, some infants, middle-aged and old users and low-school-history people may not use the application service all the time), thereby effectively avoiding large storage space consumption of each node due to large data storage of the whole population.

Correspondingly, as shown in fig. 8, the present embodiment further provides a user authentication system for an application based on a blockchain, which includes a blockchain architecture 1 and an application architecture 2, where the blockchain architecture 1 includes a building module 11 and an authentication module 12, and the application architecture 2 includes an obtaining module 21, an applying module 22 and a determining module 23, where:

the authentication module 12 is configured to provide the management node with the personal information authentication level and/or the credit level of the registered user associated with the mobile phone number to the application program based on the real-name authentication node according to the mobile phone number of the registered user of the application program;

the judging module 23 is configured to allow the application program to judge whether the real-name authentication request of the user passes through the personal information authentication level and/or the credit level of the registered user returned by the blockchain according to the application level of the application program and the personal information authentication level and/or the credit level of the registered user;

in the user authentication system based on the application program of the block chain, the real-name authentication nodes at least include any one of communication operation type nodes, bank type nodes and administrative department type nodes, the management node is a department of industry and trust node, and fig. 9 shows an architecture diagram of the user authentication system based on the application program of the block chain.

As shown in fig. 10, the building module 11 includes a management node module 111 and a functional user node module 112, the management node module 111 includes a creating block creating unit 1111, an auditing unit 1112, a declaring unit 1113, and a storage unit 1114, and the functional user node module 112 includes an address obtaining unit 1121, an applying unit 1122, where:

a created block establishing unit 1111, configured to configure a created block for the management node to establish the block chain, where the created block includes an identifier of the management node, a public key, and record information of identity information of a creator (i.e., identity information of the ministry of industry and trust node), and the record information is signed by using a private key of the management node;

an address obtaining unit 1121 configured to provide a functional user node having a database of information related to identities of public users to query information of the created blocks and extract addresses of the management nodes;

an application unit 1122 configured to allow the functional user node to send an application information application to the management node to become a real-name system authentication node, where the application information includes an identifier of the functional user node, a public key, and identity information, and is signed by using a private key of the functional user node, and the identity information at least includes a company name, a legal representative, registered capital, a registered address, an enterprise registration number, and establishment time of the functional department;

an auditing unit 1112 configured to allow the management node to receive an application from the functional user node, audit the authentication qualification of the functional user node and record information of the corresponding functional user obtained through a non-blockchain approach, and determine whether the functional user node has the real-name authentication qualification;

the declaring unit 1113 is configured to allow the management node to encrypt the attribute information of the approved functional user node with the real-name authentication qualification by using a private key of the management node and broadcast the encrypted attribute information to the block chain, and declare the functional user node to become the real-name authentication node, wherein the attribute information includes an identifier and a public key of the real-name authentication node;

the storage unit 1114 is configured to store, by the management node, attribute information of all real-name authentication nodes in the local list.

The functional user node module 112 further includes a pre-verification unit 1120 for verifying the management node and its authenticity qualification in the blockchain, configured to:

the functional user node sends inquiry information of the founding block to at least one adjacent node of the block chain, and the inquiry information is signed by using a private key of the functional node;

and the functional user node confirms the authenticity of the created nodes of the block chain through the authenticity information of the created blocks returned by the adjacent nodes or the percentages of the authenticity information of the created nodes returned by more than two adjacent nodes.

As shown in fig. 11, the authentication module 12 includes an interface module 121, a local query module 122, and a network query module 123, where the network query module 123 includes a collaborative query request unit 1231, a database query unit 1232, and a receiving unit 1233, where:

the interface module 121 is configured to allow the management node to receive the mobile phone number sent by the application program;

the local query module 122 is configured to allow the management node to query, according to the mobile phone number, whether the authentication information of the user corresponding to the mobile phone number is stored in the local account book of the management node:

if the authentication information of the user corresponding to the mobile phone number is not stored in the local account book, the collaborative query request unit 1231 is configured to allow the management node to send broadcast information to the blockchain, query the real-name authentication node for the personal information authentication level and the credit level of the user corresponding to the mobile phone number, and sign the broadcast information by using the private key of the management node;

the database query unit 1232 is configured to allow the real-name system authentication node to receive the broadcast message of the management node, query the user personal information authentication level and the credit level of the mobile phone number corresponding to the local database of the mobile phone number, and broadcast a query result to the block chain, wherein the query result is signed by using a private key of the real-name system authentication node;

the receiving unit 1233 is configured to enable the management node to receive the query structure broadcasted by the real-name authentication node, and send the user personal information authentication level and/or credit level corresponding to the mobile phone number in the query result to the application program.

The application framework 2 further includes an external verification module for providing a registered user verification query service of the application to the internet outside the non-local block link, where the external verification module is configured to allow the application to send a short message to the registered user through an industry gateway of a communication operator to provide a verification code according to the mobile phone number of the registered user acquired by the acquisition module 21:

The user authentication method of the application program based on the blockchain and the corresponding user authentication system of the application program based on the blockchain provide a data sharing platform for user authentication of the application program, realize the user authentication method of the application program based on the blockchain, and provide convenient, effective and safe user information authentication for the application program.

In summary, the block chain based application program user authentication method, the block chain for user authentication of the application program, the application program for user authentication based on the block chain, and the user authentication system for the application program based on the block chain provided by the present invention use the existing user personal identity information of the functional departments such as various operators, banks, administration departments, and the like to provide different levels of identity authentication services for various different application programs, reduce the development difficulty and workload of application program developers, reduce the difficulty of application program development, also reduce the tedious authentication process of each application program on the user identity, facilitate user registration and application program use, facilitate development and popularization of more application programs, and are also more beneficial to popularization and use of block chain services.

It will be understood that the above embodiments are merely exemplary embodiments taken to illustrate the principles of the present invention, which is not limited thereto. It will be apparent to those skilled in the art that various modifications and improvements can be made without departing from the spirit and substance of the invention, and these modifications and improvements are also considered to be within the scope of the invention.

Claims

1. A user authentication method for an application program based on a block chain is characterized by comprising the following steps:

the real-name system authentication node at least comprises any one of a communication operation node, a bank node and an administrative department node, and the management node is a Ministry of industry and information node;

the step that the management node provides the personal information authentication level and/or the credit level of the registered user associated with the mobile phone number to the application program based on the real-name authentication node according to the mobile phone number of the registered user comprises the following steps:

if the authentication information of the user corresponding to the mobile phone number is not stored in the local account book, the management node sends broadcast information to the blockchain, the real-name authentication node is inquired about the personal information authentication level and the credit level of the user corresponding to the mobile phone number, and the broadcast information is signed by using a private key of the management node.

2. A user authentication method for an application program based on a block chain is characterized by comprising the following steps:

the application program sends the mobile phone number of the registered user to a management node of the block chain, and applies for authenticating the personal information authentication level and/or the credit level of the registered user; the acquiring, by the management node, the personal information authentication level and/or the credit level of the registered user specifically includes:

if the authentication information of the user corresponding to the mobile phone number is not stored in the local account book, the management node sends broadcast information to the block chain, inquires the personal information authentication level and the credit level of the user corresponding to the mobile phone number from a real-name authentication node, and the broadcast information is signed by using a private key of the management node;

3. A user authentication method for an application program based on a block chain is characterized by comprising the following steps:

the real-name system authentication node receives the broadcast information of the management node, inquires the user personal information authentication level and the credit level of the mobile phone number corresponding to the local database of the real-name system authentication node, and broadcasts an inquiry result to the block chain, wherein the inquiry result is signed by using a private key of the real-name system authentication node;

and the management node receives the query result broadcasted by the real-name authentication node, and the user personal information authentication level and/or credit level corresponding to the mobile phone number in the query result is sent to the application program.

4. The method of claim 3, wherein the step of constructing the blockchain comprising a plurality of real-name authentication nodes having a database of information related to identities of the general users and a management node comprises:

5. The method of claim 4, further comprising the step of confirming the management node and its authenticity qualification in the blockchain before the functional user node queries the information of the founder block and extracts the address of the management node, comprising:

the functional user node sends inquiry information of the created block to at least one adjacent node of the block chain, and the inquiry information is signed by using a private key of the functional user node;

and the functional user node confirms the authenticity of the created area of the area chain through the authenticity information of the created area returned by the adjacent node or the percentage of the authenticity information of the created area returned by more than two adjacent nodes.

6. The method for authenticating a user of a blockchain-based application according to any one of claims 3 to 5, wherein before the application sends the mobile phone number of the registered user to the management node and applies for authentication of the personal information authentication level and/or the credit level of the registered user, the method further provides the registered user authentication query service of the application to an internet network other than the blockchain, and comprises:

7. A system for user authentication of an application, comprising a building module and an authentication module, wherein:

the authentication module is configured to provide the management node with a personal information authentication level and/or a credit level of the registered user associated with the mobile phone number to the application program based on the real-name authentication node according to the mobile phone number of the registered user of the application program;

the authentication module comprises an interface module, a local query module and a network query module, wherein the network query module comprises a collaborative query request unit, a database query unit and a receiving unit, and the authentication module comprises:

if the local account book does not store the authentication information of the user corresponding to the mobile phone number, the collaborative query request unit is configured to allow the management node to send broadcast information to the blockchain, query the real-name authentication node for the personal information authentication level and the credit level of the user corresponding to the mobile phone number, and sign the broadcast information by using the private key of the management node.

8. The utility model provides a client side based on block chain carries out user authentication which characterized in that, including acquireing the module, applying for the module and judging the module, wherein:

the acquisition module is configured for an application program to acquire a mobile phone number at least comprising a registered user applying for the application program;

the application module is configured to enable the application program to send the mobile phone number of the registered user to a management node of the block chain, and apply for authenticating the personal information authentication level and/or the credit level of the registered user; the acquiring, by the management node, the personal information authentication level and/or the credit level of the registered user specifically includes:

9. The user authentication system of the application program based on the block chain is characterized by comprising a block chain architecture and an application program architecture, wherein the block chain architecture comprises a construction module and an authentication module, the application program architecture comprises an acquisition module, an application module and a judgment module, and the application program architecture comprises:

the database query unit is configured to enable the real-name system authentication node to receive the broadcast information of the management node, query the user personal information authentication level and the credit level of the mobile phone number corresponding to the local database of the mobile phone number, and broadcast a query result to the block chain, wherein the query result is signed by using a private key of the real-name system authentication node;

the receiving unit is configured to allow the management node to receive the query result broadcasted by the real-name authentication node, and send the user personal information authentication level and/or credit level corresponding to the mobile phone number in the query result to the application program.

10. The system according to claim 9, wherein the building module comprises a management node module and a functional user node module, the management node module comprises a created block creating unit, an auditing unit, a publishing unit and a storage unit, and the functional user node module comprises an address obtaining unit and an applying unit, wherein:

11. The system of claim 10, wherein the functional user node module further comprises a pre-verification unit configured to verify the management node and its authenticity in the blockchain, and configured to:

the functional user node sends query information of the created block to at least one adjacent node of the block chain, and the query information is signed by using a private key of the functional user node;

12. The system according to any one of claims 9 to 11, wherein the application framework further includes an external verification module that provides the registered user verification query service of the application to the internet outside the local blockchain, and the external verification module is configured to allow the application to send a short message to the registered user through an industry gateway of a communications carrier to provide a verification code according to the mobile phone number of the registered user acquired by the acquisition module: