CN109831418A - Credible alliance's chain building method, system and electronic equipment based on certificate - Google Patents
Credible alliance's chain building method, system and electronic equipment based on certificate Download PDFInfo
- Publication number
- CN109831418A CN109831418A CN201811626893.5A CN201811626893A CN109831418A CN 109831418 A CN109831418 A CN 109831418A CN 201811626893 A CN201811626893 A CN 201811626893A CN 109831418 A CN109831418 A CN 109831418A
- Authority
- CN
- China
- Prior art keywords
- certificate
- node
- verification
- chain
- nodes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000003860 storage Methods 0.000 claims abstract description 12
- 238000012795 verification Methods 0.000 claims description 61
- 238000005304 joining Methods 0.000 claims description 8
- 238000010276 construction Methods 0.000 claims description 6
- 238000004891 communication Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 238000004519 manufacturing process Methods 0.000 description 3
- 239000000203 mixture Substances 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 238000007792 addition Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 1
- 238000000354 decomposition reaction Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 238000005215 recombination Methods 0.000 description 1
- 230000006798 recombination Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The embodiment of the invention discloses a kind of credible alliance's chain building method, apparatus, electronic equipment and storage medium based on certificate, wherein a kind of credible alliance's chain building method based on certificate, comprising: generate root certificate and be bundled with the certificate of alliance chain interior joint IP;To existing node in alliance's chain without certification authentication;Certification authentication is carried out to the node for the chain that newly coalizes;The node that certification authentication is passed through coalizes chain.By, without certification authentication, carrying out certification authentication to the node being newly added to existing node in alliance's chain, under the premise of guaranteeing that alliance's chain is compatible, certification authentication is carried out to node, solves the problems, such as do not have certification authentication between existing issue interior joint.
Description
Technical Field
The present invention relates to the field of block chains, and in particular, to a method and an apparatus for establishing a trusted alliance chain based on a certificate, an electronic device, and a storage medium.
Background
Existing distributed systems that build federation chains employ a single or multiple service nodes plus several verification nodes. In the process of starting the nodes, the statically configured IP addresses in the configuration file are read firstly, network connection is initiated, and certificate verification is not carried out among the nodes.
The main defects of the prior art are as follows:
1. nodes cannot be added dynamically.
2. There is no certificate verification between nodes.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method and an apparatus for establishing a trusted alliance chain based on a certificate, an electronic device, and a storage medium, which at least partially solve the problems in the prior art.
In a first aspect, an embodiment of the present invention provides a method for building a certificate-based trusted federation chain, including:
generating a root certificate and a certificate binding the IP of the node in the alliance chain;
certificate verification is not performed on existing nodes in a federation chain;
carrying out certificate verification on the node newly added into the alliance chain;
and adding the nodes passing the certificate verification into the federation chain.
As a specific implementation manner of the embodiment of the present invention, the generating a root certificate and a certificate binding an IP of a node in a federation chain includes:
and issuing a certificate for binding the IP node by using an open source tool OpenSSL, wherein the certificate comprises certificate failure time or IP valid information.
As a specific implementation manner of the embodiment of the present invention, the performing no certificate verification on an existing node in a federation chain includes:
a check mark is added in a handshake information header sent between nodes, the check mark defaults to a closed state, certificate check is in the closed state, handshake information between the nodes does not carry out certificate verification, and existing nodes in a alliance chain cannot analyze a field of the check mark, so that certificate verification does not need to be carried out on the existing nodes in the alliance chain.
As a specific implementation manner of the embodiment of the present invention, the verifying the certificate of the node newly joining the federation chain includes:
and starting a check mark, and performing certificate verification on all nodes of the alliance chain.
As a specific implementation manner of the embodiment of the present invention, the starting of the check mark performs certificate verification on all nodes of the federation chain, including:
exchanging public keys of both sides in the handshake Hello information by the node newly added into the alliance chain and the alliance chain, and writing the public keys into a node list by the new node and the alliance chain respectively if the public keys pass verification, wherein the new node is successfully added; if the verification fails, the new node is considered to belong to the malicious node, the connection is disconnected, and the joining fails.
As a specific implementation manner of the embodiment of the present invention, the starting of the check mark performs certificate verification on all nodes of the federation chain, including:
and verifying a plurality of items of the certificate, and if one item in the plurality of items fails to be verified, not verifying other items, namely considering that the node failed in verification belongs to an illegal node.
As a specific implementation manner of the embodiment of the present invention, the plurality of items include:
validity, time to failure, node IP, and revocation list.
In a second aspect, an embodiment of the present invention further provides a device for building a trusted alliance chain based on a certificate, where the device includes:
a certificate module: the method comprises the steps of generating a root certificate and a certificate binding the IP of a node in a federation chain;
existing node verification module: the method is used for not verifying the certificate of the existing nodes in the alliance chain;
a new node verification module: the system is used for verifying the certificate of the node newly added into the alliance chain;
adding a module: and the node used for verifying the certificate is added into the federation chain.
In a third aspect, an embodiment of the present invention further provides an electronic device, where the electronic device includes:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of the first aspect.
In a fourth aspect, embodiments of the present invention also provide a non-transitory computer-readable storage medium storing computer instructions for causing a computer to perform the method according to any one of the first aspect.
According to the trusted alliance chain construction method based on the certificate, which is provided by the embodiment of the invention, the certificate verification is carried out on the newly added node by not carrying out the certificate verification on the existing node in the alliance chain, and the certificate verification is carried out on the node on the premise of ensuring the compatibility of the alliance chain, so that the problem that the certificate verification does not exist among the nodes in the existing problem is solved. Thereby to obtain
1. Credibility verification among nodes in distributed system for constructing alliance chain is increased
2. The nodes are verified by adopting the certificate, the expired nodes can directly quit the distributed system, and the verified nodes can join the system, so that dynamic joining and quitting of the nodes of the distributed system for constructing the alliance chain are realized.
The foregoing description is only an overview of the technical solutions of the present invention, and in order to make the technical means of the present invention more clearly understood, the present invention may be implemented in accordance with the content of the description, and in order to make the above and other objects, features, and advantages of the present invention more clearly understandable, the following preferred embodiments are described in detail with reference to the accompanying drawings.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart of a certificate-based trusted federation chain construction method according to an embodiment of the present invention;
fig. 2 is a flowchart of a specific application scenario of the certificate-based trusted alliance chain construction method according to an embodiment of the present invention;
fig. 3 is a schematic block diagram of a certificate-based trusted alliance chain building apparatus according to a second embodiment of the present invention.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
It is to be understood that the embodiments of the present invention are described below by way of specific examples, and that other advantages and effects of the present invention will be readily apparent to those skilled in the art from the disclosure herein. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. The invention is capable of other and different embodiments and of being practiced or of being carried out in various ways, and its several details are capable of modification in various respects, all without departing from the spirit and scope of the present invention. It is to be noted that the features in the following embodiments and examples may be combined with each other without conflict. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It is noted that various aspects of the embodiments are described below within the scope of the appended claims. It should be apparent that the aspects described herein may be embodied in a wide variety of forms and that any specific structure and/or function described herein is merely illustrative. Based on the disclosure, one skilled in the art should appreciate that one aspect described herein may be implemented independently of any other aspects and that two or more of these aspects may be combined in various ways. For example, an apparatus may be implemented and/or a method practiced using any number of the aspects set forth herein. Additionally, such an apparatus may be implemented and/or such a method may be practiced using other structure and/or functionality in addition to one or more of the aspects set forth herein.
It should be noted that the drawings provided in the following embodiments are only for illustrating the basic idea of the present invention, and the drawings only show the components related to the present invention rather than the number, shape and size of the components in practical implementation, and the type, quantity and proportion of the components in practical implementation can be changed freely, and the layout of the components can be more complicated.
In addition, in the following description, specific details are provided to facilitate a thorough understanding of the examples. However, it will be understood by those skilled in the art that the aspects may be practiced without these specific details.
The first embodiment is as follows:
as shown in fig. 1, an embodiment of the present invention provides a method for building a certificate-based trusted federation chain, including:
s101, generating a root certificate and a certificate binding the IP of the node in the alliance chain;
s102, certificate verification is not carried out on the existing nodes in the alliance chain;
s103, certificate verification is carried out on the nodes newly added into the alliance chain;
and S104, adding the nodes passing the certificate verification into the federation chain.
Optionally, the generating a root certificate and a certificate binding an IP of a node in a federation chain includes:
and issuing a certificate for binding the IP node by using an open source tool OpenSSL, wherein the certificate comprises certificate failure time or IP valid information.
Optionally, the performing no certificate verification on the existing node in the federation chain includes:
a check mark is added in a handshake information header sent between nodes, the check mark defaults to a closed state, certificate check is in the closed state, handshake information between the nodes does not carry out certificate verification, and existing nodes in a alliance chain cannot analyze a field of the check mark, so that certificate verification does not need to be carried out on the existing nodes in the alliance chain.
Optionally, the verifying the certificate of the node newly joining the federation chain includes:
and starting a check mark, and performing certificate verification on all nodes of the alliance chain.
Optionally, the starting the check mark performs certificate verification on all nodes of the federation chain, including:
exchanging public keys of both sides in the handshake Hello information by the node newly added into the alliance chain and the alliance chain, and writing the public keys into a node list by the new node and the alliance chain respectively if the public keys pass verification, wherein the new node is successfully added; if the verification fails, the new node is considered to belong to the malicious node, the connection is disconnected, and the joining fails.
Optionally, the starting the check mark performs certificate verification on all nodes of the federation chain, including:
and verifying a plurality of items of the certificate, and if one item in the plurality of items fails to be verified, not verifying other items, namely considering that the node failed in verification belongs to an illegal node.
Optionally, the plurality of items includes:
validity, time to failure, node IP, and revocation list.
In a specific application scenario, the workflow is as follows:
1. using OpenSSL stub certificate and the certificate binding node IP in the alliance chain:
and issuing the system node certificate bound with the IP by using an open source tool OpenSSL, wherein the system node certificate comprises valid information such as certificate failure time, the IP and the like.
2. Nodes compatible with existing systems on the line:
the on-line distributed system does not have the function, in order to be compatible with the new system and the old system, a switch mark is added in a handshake information header sent between nodes, the default is a closing state, the certificate verification system is in the closing state in the state, the handshake information between the nodes is not verified, and the old node cannot analyze the field and cannot influence the field.
3. Deploying a certificate system for the new node:
the root certificate CA, revocation list CRL, certificate PEM and the secret key are included. And starting a new node, starting a check mark, and performing certificate verification on all nodes in the system, including nodes which are newly added later and existing nodes.
4. The one-time check comprises all verifications of the validity, the failure time, the node IP and the revoke list of the certificate, if all verifications are successful, no operation is carried out, if one verification fails, other items are not verified, the Peer which fails the verification can be considered to belong to an illegal node, the communication with the Peer (Peer) node is immediately closed, and the Peer is rejected out of the system.
5. After the distributed system is upgraded to the certificate verification system, the distributed system has no influence on the broadcast, data exchange, transaction processing and other related communication between the nodes, only encrypts the communication channel, and provides a credible communication system.
6. For the conditions of certificate expiration, revocation list invalidation and the like, the Node (Node) can be stopped, and after the information is updated, the Node is restarted, and then the Node can be added into the original system.
7. Each Node will hold a Node object of all connection states through which verification is performed.
8. A new node needs to be added into the distributed system, the new node and the system exchange public keys of both parties in the handshake Hello information, if the system is verified, the public keys are respectively written into UNLlist (uniqueodelist node list), and the new node is successfully added into the system; and if the verification fails, the node is considered to belong to the malicious node, the connection is disconnected, and the joining fails.
9. The distributed system can persist the UNLlist, and the UNLlist is not influenced after the nodes exit the system in an active or passive mode. After restarting the node, the node in the persistent UNLlist is communicated and the certificate is checked.
The dynamic addition and subtraction of nodes and node verification are shown in fig. 2.
Example two:
as shown in fig. 3, a trusted alliance chain building apparatus based on certificate includes:
the certificate module 301: the method comprises the steps of generating a root certificate and a certificate binding the IP of a node in a federation chain;
existing node verification module 302: the method is used for not verifying the certificate of the existing nodes in the alliance chain;
new node verification module 303: the system is used for verifying the certificate of the node newly added into the alliance chain;
the adding module 304: and the node used for verifying the certificate is added into the federation chain.
Example three:
an embodiment of the present invention further provides an electronic device, including:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to cause the at least one processor to perform a method according to embodiment one.
An electronic device according to an embodiment of the invention includes a memory and a processor.
The memory is for storing computer readable instructions. In particular, the memory may include one or more computer program products that may include various forms of computer-readable storage media, such as volatile memory and/or non-volatile memory. The volatile memory may include, for example, Random Access Memory (RAM), cache memory (cache), and/or the like. The non-volatile memory may include, for example, Read Only Memory (ROM), hard disk, flash memory, etc.
The processor may be a Central Processing Unit (CPU) or other form of processing unit having data processing capabilities and/or instruction execution capabilities, and may control other components in the electronic device to perform desired functions. In one embodiment of the invention, the processor is configured to execute the computer readable instructions stored in the memory.
Those skilled in the art should understand that, in order to solve the technical problem of how to obtain a good user experience, the present embodiment may also include well-known structures such as a communication bus, an interface, and the like, and these well-known structures should also be included in the protection scope of the present invention.
For the detailed description of the present embodiment, reference may be made to the corresponding descriptions in the foregoing embodiments, which are not repeated herein.
Example four:
embodiments of the present invention also provide a non-transitory computer-readable storage medium storing computer instructions for causing a computer to perform the method of embodiment one.
A computer-readable storage medium according to an embodiment of the present invention has non-transitory computer-readable instructions stored thereon. The non-transitory computer readable instructions, when executed by a processor, perform all or a portion of the steps of a method according to embodiments of the invention described above.
The computer-readable storage media include, but are not limited to: optical storage media (e.g., CD-ROMs and DVDs), magneto-optical storage media (e.g., MOs), magnetic storage media (e.g., magnetic tapes or removable disks), media with built-in rewritable non-volatile memory (e.g., memory cards), and media with built-in ROMs (e.g., ROM cartridges).
For the detailed description of the present embodiment, reference may be made to the corresponding descriptions in the foregoing embodiments, which are not repeated herein.
The basic principles of the present invention have been described above with reference to specific embodiments, but it should be noted that the advantages, effects, etc. mentioned in the present invention are only examples and are not limiting, and the advantages, effects, etc. must not be considered to be possessed by various embodiments of the present invention. Furthermore, the foregoing detailed description of the invention is provided for the purpose of illustration and understanding only, and is not intended to be limiting, since the invention will be described in any way as it would be understood by one skilled in the art.
In the present invention, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions, and block diagrams of devices, apparatuses, devices, systems, and the like in the present invention are used merely as illustrative examples and are not intended to require or imply that such connections, arrangements, configurations, and so forth must be made in the manner shown in the block diagrams. These devices, apparatuses, devices, systems may be connected, arranged, configured in any manner, as will be appreciated by those skilled in the art. Words such as "including," "comprising," "having," and the like are open-ended words that mean "including, but not limited to," and are used interchangeably therewith. The words "or" and "as used herein mean, and are used interchangeably with, the word" and/or, "unless the context clearly dictates otherwise. The word "such as" is used herein to mean, and is used interchangeably with, the phrase "such as but not limited to".
Also, as used herein, "or" as used in a list of items beginning with "at least one" indicates a separate list, such that, for example, a list of "A, B or at least one of C" means A or B or C, or AB or AC or BC, or ABC (i.e., A and B and C). Furthermore, the word "exemplary" does not mean that the described example is preferred or better than other examples.
It should also be noted that the components or steps may be broken down and/or re-combined in the systems and methods of the present invention. These decompositions and/or recombinations are to be regarded as equivalents of the present invention.
Various changes, substitutions and alterations to the techniques described herein may be made without departing from the techniques of the teachings as defined by the appended claims. Moreover, the scope of the present claims is not intended to be limited to the particular aspects of the process, machine, manufacture, composition of matter, means, methods and acts described above. Processes, machines, manufacture, compositions of matter, means, methods, or acts, presently existing or later to be developed that perform substantially the same function or achieve substantially the same result as the corresponding aspects described herein may be utilized. Accordingly, the appended claims are intended to include within their scope such processes, machines, manufacture, compositions of matter, means, methods, or acts.
The previous description of the inventive aspects is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these aspects will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other aspects without departing from the scope of the invention. Thus, the present invention is not intended to be limited to the aspects shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
The foregoing description has been presented for purposes of illustration and description. Furthermore, this description is not intended to limit embodiments of the invention to the form disclosed herein. While a number of example aspects and embodiments have been discussed above, those of skill in the art will recognize certain variations, modifications, alterations, additions and sub-combinations thereof.
Claims (10)
1. A method for building a trusted alliance chain based on certificates is characterized by comprising the following steps:
generating a root certificate and a certificate binding the IP of the node in the alliance chain;
certificate verification is not performed on existing nodes in a federation chain;
carrying out certificate verification on the node newly added into the alliance chain;
and adding the nodes passing the certificate verification into the federation chain.
2. The method for building a trusted alliance chain based on certificates according to claim 1, wherein the generating a root certificate and a certificate binding with an IP of a node in the federation chain comprises:
and issuing a certificate for binding the IP node by using an open source tool OpenSSL, wherein the certificate comprises certificate failure time or IP valid information.
3. The method for building a trusted federation chain based on certificates according to claim 1, wherein the non-certificate-verification of existing nodes in a federation chain comprises:
a check mark is added in a handshake information header sent between nodes, the check mark defaults to a closed state, certificate check is in the closed state, handshake information between the nodes does not carry out certificate verification, and existing nodes in a alliance chain cannot analyze a field of the check mark, so that certificate verification does not need to be carried out on the existing nodes in the alliance chain.
4. The method for building a trusted federation chain based on certificates according to claim 3, wherein the certificate verification for the node newly joining the federation chain comprises:
and starting a check mark, and performing certificate verification on all nodes of the alliance chain.
5. The method for building a trusted alliance chain based on certificates according to claim 4, wherein the starting of the check flag to perform certificate verification on all nodes of the alliance chain comprises:
exchanging public keys of both sides in the handshake Hello information by the node newly added into the alliance chain and the alliance chain, and writing the public keys into a node list by the new node and the alliance chain respectively if the public keys pass verification, wherein the new node is successfully added; if the verification fails, the new node is considered to belong to the malicious node, the connection is disconnected, and the joining fails.
6. The method for building a trusted alliance chain based on certificates according to claim 4, wherein the starting of the check flag to perform certificate verification on all nodes of the alliance chain comprises:
and verifying a plurality of items of the certificate, and if one item in the plurality of items fails to be verified, not verifying other items, namely considering that the node failed in verification belongs to an illegal node.
7. The certificate-based trusted federation chain construction method of claim 6, wherein the plurality of items includes:
validity, time to failure, node IP, and revocation list.
8. A certificate-based trusted federation chain construction system, comprising:
a certificate module: the method comprises the steps of generating a root certificate and a certificate binding the IP of a node in a federation chain;
existing node verification module: the method is used for not verifying the certificate of the existing nodes in the alliance chain;
a new node verification module: the system is used for verifying the certificate of the node newly added into the alliance chain;
adding a module: and the node used for verifying the certificate is added into the federation chain.
9. An electronic device, characterized in that the electronic device comprises:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-7.
10. A computer-readable storage medium storing computer instructions for causing a computer to perform the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811626893.5A CN109831418A (en) | 2018-12-28 | 2018-12-28 | Credible alliance's chain building method, system and electronic equipment based on certificate |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811626893.5A CN109831418A (en) | 2018-12-28 | 2018-12-28 | Credible alliance's chain building method, system and electronic equipment based on certificate |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109831418A true CN109831418A (en) | 2019-05-31 |
Family
ID=66861349
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811626893.5A Pending CN109831418A (en) | 2018-12-28 | 2018-12-28 | Credible alliance's chain building method, system and electronic equipment based on certificate |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109831418A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110874747A (en) * | 2019-10-16 | 2020-03-10 | 支付宝(杭州)信息技术有限公司 | Product service data uploading method, product service data storing device, product service data storing equipment and product service data storing medium |
| CN110958118A (en) * | 2019-10-12 | 2020-04-03 | 平安国际智慧城市科技股份有限公司 | Certificate authentication management method, device, equipment and computer readable storage medium |
| CN111294339A (en) * | 2020-01-16 | 2020-06-16 | 北京航空航天大学 | Homogeneous alliance chain cross-chain method and device based on Fabric architecture |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107426157A (en) * | 2017-04-21 | 2017-12-01 | 杭州趣链科技有限公司 | A kind of alliance's chain authority control method based on digital certificate and ca authentication system |
| CN108092982A (en) * | 2017-12-22 | 2018-05-29 | 广东工业大学 | A kind of date storage method and system based on alliance's chain |
| CN108416589A (en) * | 2018-03-08 | 2018-08-17 | 深圳前海微众银行股份有限公司 | Connection method, system and the computer readable storage medium of block chain node |
| CN108833385A (en) * | 2018-06-01 | 2018-11-16 | 深圳崀途科技有限公司 | User data anonymity sharing method based on the encryption of alliance's chain |
| CN109067553A (en) * | 2018-10-17 | 2018-12-21 | 杭州趣链科技有限公司 | A kind of management method of the block chain distributed certificate based on intelligent contract |
-
2018
- 2018-12-28 CN CN201811626893.5A patent/CN109831418A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107426157A (en) * | 2017-04-21 | 2017-12-01 | 杭州趣链科技有限公司 | A kind of alliance's chain authority control method based on digital certificate and ca authentication system |
| CN108092982A (en) * | 2017-12-22 | 2018-05-29 | 广东工业大学 | A kind of date storage method and system based on alliance's chain |
| CN108416589A (en) * | 2018-03-08 | 2018-08-17 | 深圳前海微众银行股份有限公司 | Connection method, system and the computer readable storage medium of block chain node |
| CN108833385A (en) * | 2018-06-01 | 2018-11-16 | 深圳崀途科技有限公司 | User data anonymity sharing method based on the encryption of alliance's chain |
| CN109067553A (en) * | 2018-10-17 | 2018-12-21 | 杭州趣链科技有限公司 | A kind of management method of the block chain distributed certificate based on intelligent contract |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110958118A (en) * | 2019-10-12 | 2020-04-03 | 平安国际智慧城市科技股份有限公司 | Certificate authentication management method, device, equipment and computer readable storage medium |
| CN110874747A (en) * | 2019-10-16 | 2020-03-10 | 支付宝(杭州)信息技术有限公司 | Product service data uploading method, product service data storing device, product service data storing equipment and product service data storing medium |
| CN111294339A (en) * | 2020-01-16 | 2020-06-16 | 北京航空航天大学 | Homogeneous alliance chain cross-chain method and device based on Fabric architecture |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7093428B2 (en) | Digital certificate management methods, devices, computer devices and computer programs | |
| US11170093B2 (en) | Authentication device and system | |
| Wang et al. | BlockCAM: a blockchain-based cross-domain authentication model | |
| CN110288480B (en) | Private transaction method and device for blockchain | |
| US9419806B2 (en) | Trusted certificate authority to create certificates based on capabilities of processes | |
| CN100495963C (en) | Public key certificate state obtaining and verification method | |
| Basin et al. | Design, analysis, and implementation of ARPKI: An attack-resilient public-key infrastructure | |
| JP2021517412A (en) | Digital certificate verification methods and their devices, computer equipment and computer programs | |
| US11849052B2 (en) | Certificate in blockchain network, storage medium, and computer device | |
| WO2016011827A1 (en) | Information security realizing method and system based on digital certificate | |
| CN109831418A (en) | Credible alliance's chain building method, system and electronic equipment based on certificate | |
| CN110177124B (en) | Identity authentication method based on block chain and related equipment | |
| WO2015111107A1 (en) | Authentication method | |
| CN101534192B (en) | System used for providing cross-domain token and method thereof | |
| CN110380868A (en) | A kind of communication means, device and communication system and storage medium | |
| CN109412792A (en) | Generation, authentication method, communication equipment and the storage medium of digital certificate | |
| CN102231729A (en) | Method for supporting various CA (Certification Authority) identity authentications | |
| CN111222174A (en) | Joining method, verification method, device and storage medium of block chain node | |
| Abraham et al. | Qualified eID derivation into a distributed ledger based IdM system | |
| WO2021184642A1 (en) | Blockchain-based transaction method and apparatus, electronic device, and readable storage medium | |
| CN111177265A (en) | Block chain domain division method | |
| CN111769949A (en) | Management/execution method/system, medium, management/agent terminal for mutual authentication | |
| CN114978698B (en) | Network access method, target terminal, credential management network element and verification network element | |
| CN110855442A (en) | PKI (public key infrastructure) technology-based inter-device certificate verification method | |
| CN114448639B (en) | Decentralized identity system with uniqueness and secret key safety and implementation method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190531 |