CN109784020A - A kind of block chain right management method and device - Google Patents
A kind of block chain right management method and device Download PDFInfo
- Publication number
- CN109784020A CN109784020A CN201910118396.2A CN201910118396A CN109784020A CN 109784020 A CN109784020 A CN 109784020A CN 201910118396 A CN201910118396 A CN 201910118396A CN 109784020 A CN109784020 A CN 109784020A
- Authority
- CN
- China
- Prior art keywords
- account
- permission
- identity
- target
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 40
- 238000000034 method Methods 0.000 claims description 26
- 238000004458 analytical method Methods 0.000 claims description 7
- 230000008859 change Effects 0.000 description 13
- 238000010586 diagram Methods 0.000 description 8
- 238000012795 verification Methods 0.000 description 5
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 230000003044 adaptive effect Effects 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
This application discloses a kind of block chain right management method and devices, comprising: receives the access request for being directed to target account;Access request is for characterizing target account request access block chain;Obtain First ray file;First ray file is used to indicate the first account identity the first account permission corresponding with the first account identity of target account;First account identity and the first account permission are users according to the first business demand autonomous configuration;The mark of target account, the first account identity and the first account permission are written in intelligent contract.It can be seen that, when target account requests access block chain, user such as administrator can according to the first business demand be target service autonomous configuration the first account identity and with the first account permission, and will the first account identity of target account and the first account permission write-in intelligent contract in.It can support only to support simple rights management rather than as existing block chain with the matched account authority configuration of business.
Description
Technical field
This application involves block chain fields, more particularly to a kind of block chain right management method and device.
Background technique
Block chain (blockchain) is a kind of a kind of chain type number for being combined into data block in such a way that sequence is connected
According to structure, and the distributed account book that can not be distorted He can not forge guaranteed in a manner of cryptography.With pushing away for block chain technology
Wide and application, characteristic that is open and clear, can not distorting is approved by industry, but block chain is also relatively high using threshold.
The why high using threshold of block chain is the strategy for being intended to reach common understanding on unreliable network because of it.Exactly because
To need to reach common understanding on unreliable network, therefore block chain is more harsh for the account rights management for accessing block chain.
Block chain includes publicly-owned chain and alliance's chain at present, either publicly-owned chain or alliance's chain, is only supported simple
Rights management.For example, publicly-owned chain can determine strategy according to relevant write-in permission, obtains data and permission, no reading is written
Permission determines strategy.Alliance's chain can carry out rights management based on certificate etc., can carry out simple to reading, write-in, signature etc.
The management of permission.And these simple permissions are unable to satisfy the requirement that user controls permission in practical application, for example, can not be real
Now inquiry of data traffic table etc. is operated.
Summary of the invention
Technical problems to be solved in this application are that existing block chain only supports simple rights management, are unable to satisfy user
Requirement to permission control provides a kind of based on block chain right management method and device.
In a first aspect, the embodiment of the present application provides a kind of block chain right management method, which comprises
Receive the access request for being directed to target account;The access request is for characterizing target account request access area
Block chain;
Obtain First ray file;The First ray file is used to indicate the first account body of the target account
Part the first account permission corresponding with the first account identity;The first account identity and the first account permission are user's roots
According to the first business demand autonomous configuration;
Intelligent contract is written into the mark of the target account, the first account identity and the first account permission
In.
Optionally, described to write the mark of the target account, the first account identity and the first account permission
Enter in intelligent contract, comprising:
Unserializing analysis is carried out to the First ray file, obtains the first account identity and first account
Family permission;
Intelligent contract is written into the mark of the target account, the first account identity and the first account permission
In.
Optionally, the method also includes:
Receive the data operation request for being directed to target account;The data operation request is for indicating that the target account is asked
It asks to the data performance objective operation in block chain;
Verify whether the target account has the permission for executing the object run by the intelligent contract;
If being verified, the target account is allowed to execute the object run.
Optionally, the method also includes:
Receive the second serializing file;The second serializing file is used to indicate the second account body of the target account
Part the second account permission corresponding with the second account identity;The second account identity and the second account permission are users according to
Two business demand autonomous configurations;
The mark of the target account, the second account identity and the second account permission the write-in intelligence are closed
In about;
The mode classification of the second account identity is different from the mode classification of the second account identity, and/or, it is described
The mode classification of second account permission is different from the mode classification of the first account permission.
Optionally, the First ray file, comprising:
Json formatted file, alternatively, xml formatted file.
Second aspect, the embodiment of the present application provide a kind of block chain rights management device, and described device includes:
First receiving unit, for receiving the access request for being directed to target account;The access request is described for characterizing
Target account request access block chain;
First acquisition unit, for obtaining First ray file;The First ray file is used to indicate the mesh
Mark the first account identity the first account permission corresponding with the first account identity of account;The first account identity and
One account permission is user according to the first business demand autonomous configuration;
First writing unit, for by the mark of the target account, the first account identity and first account
Permission is written in intelligent contract.
Optionally, first writing unit, is specifically used for:
Unserializing analysis is carried out to the First ray file, obtains the first account identity and first account
Family permission;
Intelligent contract is written into the mark of the target account, the first account identity and the first account permission
In.
Optionally, described device further include:
Second receiving unit, for receiving the data operation request for being directed to target account;The data operation request is used for
Indicate that the target account request operates the data performance objective in block chain;
Authentication unit, for verifying whether the target account has the execution object run by the intelligent contract
Permission;
Operation execution unit, if allowing the target account to execute the object run for being verified.
Optionally, described device further include:
Third receiving unit, for receiving the second serializing file;The second serializing file is used to indicate the mesh
Mark the second account identity the second account permission corresponding with the second account identity of account;The second account identity and the second account
Family permission is user according to the second business demand autonomous configuration;
Second writing unit, for by the mark of the target account, the second account identity and second account
In the permission write-in intelligent contract;
The mode classification of the second account identity is different from the mode classification of the second account identity, and/or, it is described
The mode classification of second account permission is different from the mode classification of the first account permission.
Optionally, the First ray file, comprising:
Json formatted file, alternatively, xml formatted file.
Compared with prior art, the embodiment of the present application has the advantage that
The embodiment of the present application provides a kind of block chain right management method and device, which comprises reception is directed to
The access request of target account;The access request is for characterizing the target account request access block chain;Obtain the first sequence
Columnization file;The First ray file be used to indicate the target account the first account identity and the first account body
The corresponding first account permission of part;The first account identity and the first account permission are that user is autonomous according to the first business demand
Configuration;The mark of the target account, the first account identity and the first account permission are written in intelligent contract.
It can be seen that in the embodiment of the present application, when target account requests access block chain, user such as administrator can be according to the
One business demand be target service autonomous configuration the first account identity and with the first account permission, and by the of target account
In one account identity and the intelligent contract of the first account permission write-in.That is, in the embodiment of the present application, can support
With the matched account authority configuration of business, meet demand of the user to account rights management, rather than as existing block chain that
Sample only supports simple rights management.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The some embodiments recorded in application, for those of ordinary skill in the art, without creative efforts,
It is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of flow diagram of block chain right management method provided by the embodiments of the present application;
Fig. 2 is a kind of flow diagram of the method for Authority Verification provided by the embodiments of the present application;
Fig. 3 is a kind of flow diagram of method for modifying account permission provided by the embodiments of the present application;
Fig. 4 is a kind of structural schematic diagram of block chain rights management device provided by the embodiments of the present application.
Specific embodiment
In order to make those skilled in the art more fully understand application scheme, below in conjunction in the embodiment of the present application
Attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is only this
Apply for a part of the embodiment, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art exist
Every other embodiment obtained under the premise of creative work is not made, shall fall in the protection scope of this application.
Present inventor has found, in the prior art, either publicly-owned chain or alliance's chain after study, only supports
Support simple rights management.For example, publicly-owned chain can determine strategy according to relevant write-in permission, data write-in power is obtained
Limit, no reading permission determine strategy.Alliance's chain can carry out rights management based on certificate etc., can carry out to reading, write-in, label
The management of the simple permission such as name.And these simple permissions are unable to satisfy the requirement that user controls permission in practical application, example
Such as, it cannot achieve the operation such as inquiry to data traffic table.
To solve the above-mentioned problems, the embodiment of the present application provides a kind of block chain right management method and device, described
Method includes: to receive the access request for being directed to target account;The access request is for characterizing the target account request access
Block chain;Obtain First ray file;The First ray file is used to indicate the first account body of the target account
Part the first account permission corresponding with the first account identity;The first account identity and the first account permission are user's roots
According to the first business demand autonomous configuration;By the mark of the target account, the first account identity and first account
Permission is written in intelligent contract.It can be seen that in the embodiment of the present application, when target account requests access block chain, user
Such as administrator can according to the first business demand be target service autonomous configuration the first account identity and with the first account
Permission, and in the intelligent contract that the first account identity of target account and the first account permission are written.That is, at this
Apply embodiment in, can support with the matched account authority configuration of business, meet demand of the user to account rights management,
Rather than as existing block chain, simple rights management is only supported.
With reference to the accompanying drawing, the various non-limiting embodiments of the application are described in detail.
Illustrative methods
Referring to Fig. 1, which is a kind of flow diagram of block chain right management method provided by the embodiments of the present application.
Block chain right management method provided by the embodiments of the present application, can be applied to block catenary system.It is understood that
Being may include many nodes in block catenary system, and the node can be the node for being deployed in Intranet, or deployment
It can also be the node being deployed in internet in the node of local area network, the embodiment of the present application is not specifically limited.The application is real
The node in the block catenary system that example refers to is applied, block catenary system can be accessed as unit of individual node, it can also be with node
Cluster is that unit accesses block catenary system, and the embodiment of the present application is not specifically limited.
In the present embodiment, the method can for example be realized by following steps S101-S103.
S101: the access request for being directed to target account is received, the access request is for characterizing the target account request
Access block chain.
In the embodiment of the present application, target account can request access block by some node in block catenary system
Chain.
In the embodiment of the present application, it when target account requests access block chain, can be sent first to block catenary system
Access request, so that rights management process of the block catenary system starting to target account.
S102: First ray file is obtained;The First ray file is used to indicate the first of the target account
Account identity the first account permission corresponding with the first account identity;The first account identity and the first account permission are
User is according to the first business demand autonomous configuration.
In a kind of implementation of the embodiment of the present application, after block catenary system receives the access request, then
Backstage can choose generation prompting message, to prompt the permission of administrator configurations target account.In the another of the embodiment of the present application
In kind implementation, after block catenary system receives the access request, generation prompting message can choose from the background, to mention
Show that administrator ignores, is not specifically limited for the account identity and account permission, this example of target account distribution default.
In the embodiment of the present application, administrator can be target account according to practical business demand such as the first business demand
Configure the first account identity and the first account permission corresponding with the first account identity.Specifically, in the embodiment of the present application,
The administrator can embody the First ray file of the first account identity and the first account permission by editor, be mesh
It marks account and configures permission.
In the embodiment of the present application, the first account identity can be used for characterizing the account role of the target account,
The first account identity for example may include any one in group, branch company, part etc..
In the embodiment of the present application, the first account permission can be used to indicate that the industry that the target account can be supported
Business processing type, the first account permission for example may include: competence of auditor, grading permission, trading privilege, permission of transferring accounts with
And savings permission etc.;The first account permission can be used for characterizing the data manipulation that the target account can be supported,
The first account permission for example may include to the search access right of the business datum table in block chain and to industry in block chain
The write-in permission etc. for tables of data of being engaged in.
The embodiment of the present application does not limit the First ray file specifically, and the First ray file for example can be
Json formatted file, alternatively, xml formatted file.
S103: intelligence is written into the mark of the target account, the first account identity and the first account permission
In contract.
It in the embodiment of the present application, can be to described after the block catenary system obtains the First ray file
First ray file is parsed, to obtain the first account identity and the first account permission, thus by the target account
The mark at family, the first account identity and the first account permission are written in intelligent contract.
In the embodiment of the present application, S103 can be there are many implementation.In one possible implementation, Ke Yizhi
It connects and saves the First ray file into intelligent contract.It, can be to the First ray in another implementation
Change file and carry out unserializing analysis, the first account identity and the first account permission is obtained, thus by the target
The mark of account, the first account identity and the first account permission are written in intelligent contract.
In the embodiment of the present application, the mark of the target account can be used for target account described in unique identification.This Shen
Please embodiment do not limit the mark of the target account specifically, the mark of the target account for example may include the target account
The name on account at family.
As can be seen from the above description, a kind of block chain right management method provided by the embodiments of the present application, the method packet
It includes: receiving the access request for being directed to target account;The access request is for characterizing the target account request access block chain;
Obtain First ray file;The First ray file be used to indicate the first account identity of the target account with it is described
The corresponding first account permission of first account identity;The first account identity and the first account permission are users according to the first industry
Business demand autonomous configuration;The mark of the target account, the first account identity and the first account permission are written
In intelligent contract.It can be seen that in the embodiment of the present application, when target account requests access block chain, user is for example managed
Member can according to the first business demand be target service autonomous configuration the first account identity and with the first account permission, and will
In first account identity of target account and the intelligent contract of the first account permission write-in.That is, implementing in the application
In example, can support with the matched account authority configuration of business, meet demand of the user to account rights management, rather than such as
Existing block chain is such, only supports simple rights management.
In the embodiment of the present application, as it was noted above, the mark of target account, the first account identity and described first
Account permission is present in intelligent contract, when target account request executes operation to the data in block chain, Ke Yiyou
The intelligence contract verifies the permission of the target account, executes phase to the data so that whether the determination target account has
The permission that should be operated.
It referring to fig. 2, should be a kind of flow diagram of the method for Authority Verification provided by the embodiments of the present application.
The method of Authority Verification provided by the embodiments of the present application, such as can be realized with S201-S203 as follows.
S201: the data operation request for being directed to target account is received;The data operation request is for indicating the target
Account request operates the data performance objective in block chain.
The embodiment of the present application does not limit the object run specifically, and the object run for example may include corresponding to executing
Business, such as audit, grade, trading, transferring accounts, saving, in the inquiry to tables of data and the write operation to tables of data
Any one is combined.
S202: verify whether the target account has the permission for executing the object run by the intelligent contract.
S203: if being verified, the target account is allowed to execute the object run.
About S202-S203 it should be noted that in the embodiment of the present application, Authority Verification and intelligent contract have been contacted
Come, verified using permission of the intelligent contract to target account, whether verifying target account, which has, executes the object run
Permission.Specifically, the intelligent contract can verify target account according to the first account identity and the first account permission
Whether the permission that executes the object run is had.If the verification passes, then the target account is allowed to execute the target behaviour
Make, if being verified, the data operation request can be refused, the target account is not allowed to execute the object run.
In the conventional technology, in block catenary system the mode classification of the account identity of account and account permission mode classification
Once it is determined that can not then change, such as account identity is initially divided into " administrator " and " general user " two class identity, by account
Family delineation of power is " readable " and " writeable " two kinds of permissions, then account identity can only the choosing in " administrator " and " general user "
It selects, account permission can only select in " readable " and " writeable ", can not change.But in practical applications, business is often sent out
It is raw to change, if the mode classification of corresponding account identity and the mode classification of account permission are immutable, may not be able to adapt to
Business after change.
In consideration of it, in the embodiment of the present application, can also support the mode classification and account to the account identity of target account
The mode classification of family permission is modified.
Specifically, reference can be made to Fig. 3, the figure are a kind of process of method for modifying account permission provided by the embodiments of the present application
Schematic diagram.
The method can for example be realized with S301-S302 as follows.
S301: the second serializing file is received;The second serializing file is used to indicate the second of the target account
Account identity account permission corresponding with the second account identity;The second account identity and the second account permission be user according to
Second business demand autonomous configuration.
It should be noted that the second serializing file in the embodiment of the present application is similar with First ray file, it is described
Second serializing file can be for example json formatted file, alternatively, xml formatted file.Unlike, the First ray
File is used to indicate the first account identity the first account permission corresponding with the first account identity of the target account, and described
Second serializing file is used to indicate the second account identity the second account corresponding with the second account identity of the target account
Permission.
In the embodiment of the present application, the second account identity refers to modified account identity, about second account
The description of family identity, can be with reference to above for the description section of the first account identity, and and will not be described here in detail.
In the embodiment of the present application, the second account permission refers to modified account permission, about second account
The description of family permission, can be with reference to above for the description section of the first account permission, and and will not be described here in detail.
It is understood that in practical applications, when business demand changes, point of the account identity of target account
The mode classification of class mode and/or account permission may change, when business demand does not change, the account of target account
The mode classification of family identity and/or the mode classification of account permission are it can also happen that change.And the first account identity and the first account
Family permission is determined according to the first business demand, the account identity after changing i.e. the second account identity and is changed
Account permission i.e. the second account permission after change, is determined according to the second business demand.Therefore, first business demand
Can be identical as the second business demand, first business demand can also be different from the second business demand, the embodiment of the present application
It is not specifically limited.
In the embodiment of the present application, the mode classification to the account identity of target account and the mode classification of account permission into
When row modification, it is contemplated that in practice, it may be only that the mode classification of account identity is changed, and corresponding permission
Mode classification does not change;The classification for being also possible to only account permission is changed, and the classification of account identity
Mode does not change;It is also possible to the mode classification of account permission and the mode classification of account identity are changed.
It is understood that if only the mode classification of account identity is changed, the first account identity
Mode classification be different from the mode classification of the second account identity, the mode classification of the first account permission and the second account permission
Mode classification is different.If only the mode classification of account permission is changed, the classification side of the first account permission
Formula is different from the mode classification of the second account permission, the mode classification of the mode classification of the first account identity and the second account identity
It is identical.If the mode classification of account permission and the mode classification of account identity are changed, the first account identity
Mode classification be different from the mode classification of the second account identity, and the mode classification of the first account permission is different from the
The mode classification of two account permissions.
S202: will be described in the write-in of the mark of the target account, the second account identity and the second account permission
In intelligent contract.
The specific implementation of S302 is similar with S103, can after the block catenary system obtains the second serializing file
Directly the second serializing file to be written in intelligent contract, the second serializing file can also be parsed,
To obtain the second account identity and the second account permission, thus by the mark of the target account, the first account body
Part and the first account permission are written in intelligent contract.
Specifically, step S302 in specific implementation, can carry out unserializing analysis to the First ray file,
The first account identity and the first account permission are obtained, thus by the mark of the target account, first account
Identity and the first account permission are written in intelligent contract.
It can be seen that using the scheme of the embodiment of the present application, it not only can be according to specific business need autonomous configuration target
The account identity and account permission of account, can also the mode classification of account identity to target account and the classification of account permission
Mode changes, to improve block catenary system for the flexibility of rights management.
It should be noted that in the embodiment of the present application, when the account identity and account permission of target account change
When, if target account initiates data operation request, intelligent contract can be verified according to newest account identity and account permission
The permission of the target account, to determine whether that the target account executes the data behaviour of data operation request instruction
Make.
Example devices
Based on the block chain right management method that above embodiments provide, the embodiment of the present application also provides a kind of block chains
Rights management device introduces the device below in conjunction with attached drawing.
Referring to fig. 4, which is a kind of structural schematic diagram of block chain rights management device provided by the embodiments of the present application.
Block chain rights management device 400 provided by the embodiments of the present application, such as can specifically include:
First receiving unit 410, first acquisition unit 420 and the first writing unit 430.
First receiving unit 410, for receiving the access request for being directed to target account;The access request is for characterizing institute
State target account request access block chain;
First acquisition unit 420, for obtaining First ray file;The First ray file is used to indicate described
First account identity of target account the first account permission corresponding with the first account identity;The first account identity and
First account permission is user according to the first business demand autonomous configuration;
First writing unit 430, for by the mark of the target account, the first account identity and first account
Family permission is written in intelligent contract.
Optionally, first writing unit 430, is specifically used for:
Unserializing analysis is carried out to the First ray file, obtains the first account identity and first account
Family permission;
Intelligent contract is written into the mark of the target account, the first account identity and the first account permission
In.
Optionally, described device 400 further include:
Second receiving unit, for receiving the data operation request for being directed to target account;The data operation request is used for
Indicate that the target account request operates the data performance objective in block chain;
Authentication unit, for verifying whether the target account has the execution object run by the intelligent contract
Permission;
Operation execution unit, if allowing the target account to execute the object run for being verified.
Optionally, described device 400 further include:
Third receiving unit, for receiving the second serializing file;The second serializing file is used to indicate the mesh
Mark the second account identity the second account permission corresponding with the second account identity of account;The second account identity and the second account
Family permission is user according to the second business demand autonomous configuration;
Second writing unit, for by the mark of the target account, the second account identity and second account
In the permission write-in intelligent contract;
The mode classification of the second account identity is different from the mode classification of the second account identity, and/or, it is described
The mode classification of second account permission is different from the mode classification of the first account permission.
Optionally, the First ray file, comprising:
Json formatted file, alternatively, xml formatted file.
Since described device 400 is the corresponding device of method provided with above method embodiment, described device 400 it is each
The specific implementation of a unit is same design with above method embodiment, accordingly, with respect to each unit of described device 400
Specific implementation, can refer to above method embodiment description section, details are not described herein again.
As can be seen from the above description, a kind of block chain rights management device provided by the embodiments of the present application, described device packet
It includes: the first receiving unit, first acquisition unit and the first writing unit.First receiving unit is directed to target account for receiving
Access request;The access request is for characterizing the target account request access block chain;First acquisition unit, for obtaining
Take First ray file;The First ray file is used to indicate the first account identity and described the of the target account
The corresponding first account permission of one account identity;The first account identity and the first account permission are users according to the first business
Demand autonomous configuration;First writing unit, for by the mark of the target account, the first account identity and described
One account permission is written in intelligent contract.It can be seen that in the embodiment of the present application, when target account requests access block chain
When, user such as administrator can be target service autonomous configuration the first account identity and with the according to the first business demand
One account permission, and in the intelligent contract that the first account identity of target account and the first account permission are written.Namely
Say, in the embodiment of the present application, can support with the matched account authority configuration of business, meet user to account rights management
Demand only support simple rights management rather than as existing block chain.
Those skilled in the art after considering the specification and implementing the invention disclosed here, will readily occur to its of the application
Its embodiment.This application is intended to cover any variations, uses, or adaptations of the application, these modifications, purposes or
Person's adaptive change follows the general principle of the application and including the undocumented common knowledge in the art of the disclosure
Or conventional techniques.The description and examples are only to be considered as illustrative, and the true scope and spirit of the application are by following
Claim is pointed out.
It should be understood that the application is not limited to the precise structure that has been described above and shown in the drawings, and
And various modifications and changes may be made without departing from the scope thereof.Scope of the present application is only limited by the accompanying claims
The foregoing is merely the preferred embodiments of the application, not to limit the application, it is all in spirit herein and
Within principle, any modification, equivalent replacement, improvement and so on be should be included within the scope of protection of this application.
Claims (10)
1. a kind of block chain right management method, which is characterized in that the described method includes:
Receive the access request for being directed to target account;The access request is for characterizing the target account request access block
Chain;
Obtain First ray file;The First ray file be used to indicate the first account identity of the target account with
The corresponding first account permission of the first account identity;The first account identity and the first account permission are users according to
One business demand autonomous configuration;
The mark of the target account, the first account identity and the first account permission are written in intelligent contract.
2. the method according to claim 1, wherein described by the mark of the target account, first account
Family identity and the first account permission are written in intelligent contract, comprising:
Unserializing analysis is carried out to the First ray file, obtains the first account identity and first account power
Limit;
The mark of the target account, the first account identity and the first account permission are written in intelligent contract.
3. the method according to claim 1, wherein the method also includes:
Receive the data operation request for being directed to target account;The data operation request is for indicating the target account request pair
Data performance objective operation in block chain;
Verify whether the target account has the permission for executing the object run by the intelligent contract;
If being verified, the target account is allowed to execute the object run.
4. the method according to claim 1, wherein the method also includes:
Receive the second serializing file;The second serializing file be used to indicate the second account identity of the target account with
The corresponding second account permission of second account identity;The second account identity and the second account permission are users according to the second industry
Business demand autonomous configuration;
By the mark of the target account, the second account identity and the second account permission the write-in intelligent contract
In;
The mode classification of the second account identity is different from the mode classification of the second account identity, and/or, described second
The mode classification of account permission is different from the mode classification of the first account permission.
5. method according to any of claims 1-4, which is characterized in that the First ray file, comprising:
Json formatted file, alternatively, xml formatted file.
6. a kind of block chain rights management device, which is characterized in that described device includes:
First receiving unit, for receiving the access request for being directed to target account;The access request is for characterizing the target
Account request accesses block chain;
First acquisition unit, for obtaining First ray file;The First ray file is used to indicate the target account
The first account identity at family the first account permission corresponding with the first account identity;The first account identity and the first account
Family permission is user according to the first business demand autonomous configuration;
First writing unit, for by the mark of the target account, the first account identity and the first account permission
It is written in intelligent contract.
7. device according to claim 6, which is characterized in that first writing unit is specifically used for:
Unserializing analysis is carried out to the First ray file, obtains the first account identity and first account power
Limit;
The mark of the target account, the first account identity and the first account permission are written in intelligent contract.
8. device according to claim 6, which is characterized in that described device further include:
Second receiving unit, for receiving the data operation request for being directed to target account;The data operation request is for indicating
The target account request operates the data performance objective in block chain;
Authentication unit, for verifying whether the target account has the power for executing the object run by the intelligent contract
Limit;
Operation execution unit, if allowing the target account to execute the object run for being verified.
9. device according to claim 6, which is characterized in that described device further include:
Third receiving unit, for receiving the second serializing file;The second serializing file is used to indicate the target account
The second account identity at family the second account permission corresponding with the second account identity;The second account identity and the second account power
Limit is user according to the second business demand autonomous configuration;
Second writing unit, for by the mark of the target account, the second account identity and the second account permission
It is written in the intelligent contract;
The mode classification of the second account identity is different from the mode classification of the second account identity, and/or, described second
The mode classification of account permission is different from the mode classification of the first account permission.
10. according to device described in claim 6-9 any one, which is characterized in that the First ray file, comprising:
Json formatted file, alternatively, xml formatted file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910118396.2A CN109784020A (en) | 2019-02-15 | 2019-02-15 | A kind of block chain right management method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910118396.2A CN109784020A (en) | 2019-02-15 | 2019-02-15 | A kind of block chain right management method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109784020A true CN109784020A (en) | 2019-05-21 |
Family
ID=66503265
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910118396.2A Pending CN109784020A (en) | 2019-02-15 | 2019-02-15 | A kind of block chain right management method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109784020A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110210209A (en) * | 2019-06-06 | 2019-09-06 | 中星技术股份有限公司 | The method and apparatus for managing picture pick-up device |
| CN110473104A (en) * | 2019-08-20 | 2019-11-19 | 深圳市网心科技有限公司 | A kind of transaction processing method and relevant device |
| CN110533403A (en) * | 2019-08-30 | 2019-12-03 | 腾讯科技(深圳)有限公司 | A kind of method and relevant apparatus of consumption processing |
| CN110826103A (en) * | 2019-11-13 | 2020-02-21 | 腾讯科技(深圳)有限公司 | Block chain-based document authority processing method, device, equipment and storage medium |
| CN111324875A (en) * | 2020-02-17 | 2020-06-23 | 支付宝(杭州)信息技术有限公司 | User data operation authority control and account management method, device and system |
| CN111741015A (en) * | 2020-07-21 | 2020-10-02 | 百度在线网络技术(北京)有限公司 | Operation processing method, device, equipment and medium in block chain network |
| CN112822159A (en) * | 2020-12-28 | 2021-05-18 | 杭州趣链科技有限公司 | Permission control method and device for block chain account, electronic equipment and storage medium |
| CN113221164A (en) * | 2021-05-11 | 2021-08-06 | 支付宝(杭州)信息技术有限公司 | Block chain-based data verification method and device and electronic equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102904877A (en) * | 2012-09-11 | 2013-01-30 | 曙光信息产业(北京)有限公司 | Binary serialization role permission management method based on cloud storage |
| CN106796685A (en) * | 2016-12-30 | 2017-05-31 | 深圳前海达闼云端智能科技有限公司 | Block chain authority control method and device and node equipment |
| CN106796688A (en) * | 2016-12-26 | 2017-05-31 | 深圳前海达闼云端智能科技有限公司 | Permission control method, device and system of block chain and node equipment |
| US20180373776A1 (en) * | 2017-04-12 | 2018-12-27 | Vijay K. Madisetti | Method and System for Tuning Blockchain Scalability for Fast and Low-Cost Payment and Transaction Processing |
-
2019
- 2019-02-15 CN CN201910118396.2A patent/CN109784020A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102904877A (en) * | 2012-09-11 | 2013-01-30 | 曙光信息产业(北京)有限公司 | Binary serialization role permission management method based on cloud storage |
| CN106796688A (en) * | 2016-12-26 | 2017-05-31 | 深圳前海达闼云端智能科技有限公司 | Permission control method, device and system of block chain and node equipment |
| CN106796685A (en) * | 2016-12-30 | 2017-05-31 | 深圳前海达闼云端智能科技有限公司 | Block chain authority control method and device and node equipment |
| US20180373776A1 (en) * | 2017-04-12 | 2018-12-27 | Vijay K. Madisetti | Method and System for Tuning Blockchain Scalability for Fast and Low-Cost Payment and Transaction Processing |
Non-Patent Citations (1)
| Title |
|---|
| 陈永丰: "基于区块链的数据访问控制方法及应用研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110210209A (en) * | 2019-06-06 | 2019-09-06 | 中星技术股份有限公司 | The method and apparatus for managing picture pick-up device |
| CN110473104A (en) * | 2019-08-20 | 2019-11-19 | 深圳市网心科技有限公司 | A kind of transaction processing method and relevant device |
| WO2021031313A1 (en) * | 2019-08-20 | 2021-02-25 | 深圳市网心科技有限公司 | Transaction processing method and related apparatus |
| CN110473104B (en) * | 2019-08-20 | 2023-11-17 | 深圳市迅雷网络技术有限公司 | Transaction processing method and related equipment |
| CN110533403A (en) * | 2019-08-30 | 2019-12-03 | 腾讯科技(深圳)有限公司 | A kind of method and relevant apparatus of consumption processing |
| CN110826103A (en) * | 2019-11-13 | 2020-02-21 | 腾讯科技(深圳)有限公司 | Block chain-based document authority processing method, device, equipment and storage medium |
| CN111324875A (en) * | 2020-02-17 | 2020-06-23 | 支付宝(杭州)信息技术有限公司 | User data operation authority control and account management method, device and system |
| CN111741015A (en) * | 2020-07-21 | 2020-10-02 | 百度在线网络技术(北京)有限公司 | Operation processing method, device, equipment and medium in block chain network |
| CN112822159A (en) * | 2020-12-28 | 2021-05-18 | 杭州趣链科技有限公司 | Permission control method and device for block chain account, electronic equipment and storage medium |
| CN113221164A (en) * | 2021-05-11 | 2021-08-06 | 支付宝(杭州)信息技术有限公司 | Block chain-based data verification method and device and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109784020A (en) | A kind of block chain right management method and device | |
| US11108627B2 (en) | Object identification for groups of IoT devices | |
| Rathee et al. | A secure communicating things network framework for industrial IoT using blockchain technology | |
| US20190297491A1 (en) | Network device selective synchronization | |
| US20090276841A1 (en) | Method and device for dynamic deployment of trust bridges in an ad hoc wireless network | |
| CN102799962A (en) | Configuration type business flow system and realization method thereof | |
| CN104937897B (en) | The system and method analyzed for the redundant safety eliminated to network packet | |
| US11075765B2 (en) | Scope-based certificate deployment | |
| CN105162608A (en) | Physical address bypass authentication method and device based on software-defined network | |
| CN105282160A (en) | Credibility-based dynamic access control method | |
| Vernotte et al. | Load balancing of renewable energy: a cyber security analysis | |
| US20170359332A1 (en) | Seamless wireless device onboarding | |
| US20170099321A1 (en) | Enabling Access to an Enterprise Network Domain Based on a Centralized Trust | |
| US9703987B2 (en) | Identity based connected services | |
| CN114531945A (en) | Template-based loading of web-enabled devices | |
| CN114064062B (en) | Kubernetes platform and load balancing component-based default gray level issuing method and device | |
| CN110336813A (en) | A kind of access control method, device, equipment and storage medium | |
| CN104469770B (en) | Towards WLAN authentication methods, platform and the system of third-party application | |
| CN105812223B (en) | campus smart card information processing method | |
| US20230254302A1 (en) | Authentication of device in network using cryptographic certificate | |
| US11777742B2 (en) | Network device authentication | |
| CN109587121A (en) | The management-control method and device of security strategy | |
| Abdulrahman et al. | Blockchain-based access control for the internet of things: A survey | |
| CN109699030A (en) | Unmanned plane authentication method, device, equipment and computer readable storage medium | |
| Qi et al. | Double-edged sword: Incentivized verifiable product path query for RFID-enabled supply chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 401121 b7-7-2, Yuxing Plaza, No.5 Huangyang Road, Yubei District, Chongqing Applicant after: Chongqing duxiaoman Youyang Technology Co.,Ltd. Address before: Room j1328, floor 3, building 8, No. 55, Huiyuan Road, Jiading District, Shanghai 208100 Applicant before: SHANGHAI YOUYANG NEW MEDIA INFORMATION TECHNOLOGY Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20211216 Address after: 100193 Room 606, 6 / F, building 4, West District, courtyard 10, northwest Wangdong Road, Haidian District, Beijing Applicant after: Du Xiaoman Technology (Beijing) Co.,Ltd. Address before: 401121 b7-7-2, Yuxing Plaza, No.5 Huangyang Road, Yubei District, Chongqing Applicant before: Chongqing duxiaoman Youyang Technology Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190521 |
|
| RJ01 | Rejection of invention patent application after publication |