CN109936569B - Decentralized digital identity login management system based on Ether house block chain - Google Patents
Decentralized digital identity login management system based on Ether house block chain Download PDFInfo
- Publication number
- CN109936569B CN109936569B CN201910130292.3A CN201910130292A CN109936569B CN 109936569 B CN109936569 B CN 109936569B CN 201910130292 A CN201910130292 A CN 201910130292A CN 109936569 B CN109936569 B CN 109936569B
- Authority
- CN
- China
- Prior art keywords
- user
- identity
- module
- login
- service provider
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The embodiment of the invention discloses a decentralized digital identity login management system based on an Ether house block chain, the system includes an intelligent contract module on an ethernet blockchain and an identity provider server under the blockchain, the identity provider server comprises a user authentication module and an identity authorization module, and by block chaining and cryptography, the method has the advantages that digital identity integration services such as single sign-on and the like are realized under the condition that centralized storage of digital identity identifiers and passwords is omitted, users can independently manage own digital identity identifiers and public keys through intelligent contracts on a block chain on an Ethernet, the users can safely and efficiently log in the traditional website through the digital identities which are independent of the users only by storing own private keys, and the users have complete control right and use right of the digital identities without depending on an identity data server.
Description
Technical Field
The embodiment of the invention relates to the technical field of computers, in particular to a decentralized digital identity login management system based on an Ether house block chain.
Background
At present, solutions such as single sign-on are generally adopted for identity system login service integration, and a traditional solution requires an identity data server established by using an open protocol such as OpenID or OAuth to help realize authentication and authorization processes possibly encountered in the login service.
On the basis, when a user needs to log in a system integrated by identity services, a personal identity file of the user needs to be established in an identity data server, and particularly, an identity identifier and a password are important and are mastered by the identity data server, the user control right and the user right to the digital identity are completely dependent on the identity data server, and complete autonomy and guarantee in a strict sense are not obtained.
Disclosure of Invention
Therefore, the embodiment of the invention provides a decentralized digital identity login management system based on an Ethernet block chain, so as to solve the problem that in the prior art, because the control right and the use right of a user on digital identity are completely dependent on an identity data server, complete autonomy and guarantee cannot be realized.
In order to achieve the above object, the embodiments of the present invention provide the following technical solutions: a decentralized digital identity login management system based on an Ethernet house block chain comprises an intelligent contract module on the Ethernet house block chain and an identity provider server under the block chain, wherein the identity provider server comprises a user authentication module and an identity authorization module:
the intelligent contract module is used for registering and managing a decentralized identifier and public key information and related attribute information which are associated with the decentralized identifier by a user, wherein the related attribute information comprises third-party facilitator website service endpoint information which is customized by the user and is associated with the decentralized identifier;
the user authentication module is used for inquiring corresponding public key information of a user in the intelligent contract module according to a login request sent by the user to a third-party service provider website and verifying digital signature information which is encrypted by a private key and attached to the login request so as to authenticate the identity of the user;
the identity authorization module is used for configuring corresponding single sign-on protocol parameters by the user and the third-party service provider website, and after the identity authentication of the user is passed, the identity authorization module grants the login authority of the corresponding third-party service provider website of the user according to the single sign-on protocol parameters.
Preferably, the system further comprises an ethernet shop interaction module, and the ethernet shop interaction module is used for providing a necessary intelligent contract interaction interface to realize the interaction between the user and the intelligent contract module.
Preferably, the system further comprises an ethernet house encryption module, and the ethernet house encryption module is configured to encrypt and generate the digital signature information by using a private key of the user through an encryption algorithm of the ethernet house block chain.
Preferably, the system for login management of decentralized digital identities mainly comprises: a configuration phase, an authorization phase, and a login phase.
Preferably, the configuration phase comprises:
establishing a single sign-on protocol by a third-party service provider website;
configuring corresponding single sign-on protocol parameters at the identity authorization module by the user and the third-party service provider website;
the user registers and formulates a management scheme of the decentralized identifier and the public key information and the related attribute information which are associated with the decentralized identifier in the intelligent contract module.
Preferably, the authorization phase comprises:
the user initiates an examination and approval request of autonomous login to a third-party service provider website in the identity authorization module;
the third-party service provider website inquires and confirms the digital identity information of the user to the intelligent contract module through the user authentication module according to the approval request;
and the third-party service provider passes the approval request through the identity authorization module and grants the corresponding login permission to the user.
Preferably, the login phase includes:
a user initiates a login request at a third-party service provider website, wherein the login request is attached with digital signature information;
the third-party service provider website acquires public key information in the intelligent contract module through the user authentication module to verify the digital signature information so as to authenticate the user identity, and confirms the login authority of the user through the identity authorization module;
after the user identity authentication is passed and the login authority is determined, the user successfully logs in the third-party service provider website and acquires corresponding resources according to the login authority.
Preferably, the single sign-on protocol includes OpenID, OAuth or SAML protocol.
The embodiment of the invention has the following advantages:
the embodiment of the invention provides a decentralized digital identity login management system based on an Ethernet block chain, which comprises an intelligent contract module on the Ethernet block chain and an identity provider server under the block chain, wherein the identity provider server comprises a user authentication module and an identity authorization module, digital identity integration services such as single sign-on and the like are realized under the condition that digital identity identifiers and passwords are not stored in a centralized manner through the block chain and a cryptography technology, a user can autonomously manage the own identity identifiers and public keys through the intelligent contract on the Ethernet block chain, the user can safely and efficiently log in a traditional website through the autonomous digital identity of the user only by storing the own private key, and the user has complete control and use right on the digital identity without depending on an identity data server.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It should be apparent that the drawings in the following description are merely exemplary, and that other embodiments can be derived from the drawings provided by those of ordinary skill in the art without inventive effort.
The structures, ratios, sizes, and the like shown in the present specification are only used for matching with the contents disclosed in the specification, so as to be understood and read by those skilled in the art, and are not used to limit the conditions that the present invention can be implemented, so that the present invention has no technical significance, and any structural modifications, changes in the ratio relationship, or adjustments of the sizes, without affecting the effects and the achievable by the present invention, should still fall within the range that the technical contents disclosed in the present invention can cover.
Fig. 1 is a schematic diagram of a logical architecture of a decentralized digital identity login management system based on an ethernet block chain according to embodiment 1 of the present invention.
Detailed Description
The present invention is described in terms of particular embodiments, other advantages and features of the invention will become apparent to those skilled in the art from the following disclosure, and it is to be understood that the described embodiments are merely exemplary of the invention and that it is not intended to limit the invention to the particular embodiments disclosed. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
The embodiment of the invention provides a decentralized digital identity login management system based on an Ether house block chain. The block chain technology provides a possibility of digital identity identifiers which do not need to be stored in a centralized mode, and mainly benefits from an asymmetric encryption technology, public and private keys of asymmetric encryption have great similarity of abstract meanings on digital identity services relative to traditional identity identifiers and passwords, after digital identity authentication and authorization are achieved through asymmetric encryption, a single sign-on protocol is adopted to transmit trusted data to a traditional website so that services such as digital identity integration login and the like are achieved, correlation exists, authentication means that a certain user is proved to be the person stated by the user, and authorization means that the user with determined identity can access resources.
Etherhouses (Ethereum) is an open-source, common blockchain platform with intelligent contract functionality, which is a computer protocol intended to propagate, validate or execute contracts in an informative manner, allowing trusted transactions to be conducted without third parties, which transactions are traceable and irreversible. The private key of the Etherhouse is randomly generated through a specp256k1 elliptic curve algorithm, the public key can be obtained through the private key, and the Etherhouse address is a derivative of the public key. In the asymmetric encryption technology, the encryption of information is carried out by using a public key and the decryption is carried out by using a private key, so that the safety of the information is ensured; the digital signature is to encrypt and generate a signature by a private key and decrypt and verify the signature by a public key to ensure the attribute of the digital signature, and the signature has non-repudiation.
As shown in fig. 1, the system includes an intelligent contract module on the ethernet blockchain and an identity provider server under the blockchain, where the identity provider server includes a user authentication module and an identity authorization module.
The intelligent contract module is used for registering and managing the decentralized identifier and public key information and related attribute information which are associated with the decentralized identifier by the user, wherein the related attribute information comprises third-party facilitator website service endpoint information which is customized by the user and is associated with the decentralized identifier.
Specifically, an intelligent contract includes three parts, namely decentralized identifier ownership (owner), key rotation and management (public keys), and decentralized identifier correlation attribute (attribute).
Decentralized Identifiers (DIDs) are a new type of verifiable digital identity identifier with "autonomy" as an authentication data structure for Decentralized authentication, the specification of methods that can define people, things, and organizations, decentralized identifiers was created by the world wide web consortium (W3C), the advent of blockchain technology provides opportunities for implementing decentralized identity management, in decentralized identifiers, all identity information shares trust nodes in the form of distributed ledgers, each decentralized identifier is cryptographically protected by the identity owner's private key, which is recognized as an important layer of security that can redefine the absence in internet protocols, namely, the identity layer, the traditional identity authentication management system is centralized, and the decentralized identifier is completely independent of a centralized management center, a third-party authentication service and a certificate authority.
In the embodiment of the invention, each entity can own DIDs as much as possible according to needs to respect the expected identity of the entity, so that the separation of character and background of people is realized, the ownership of the decentralized identifier is agreed by binding the Etheng address in the decentralized identifier, the decentralized identifier adopts a data format of a fixed prefix 'DIDs: idhub' and the Etheng address, each decentralized identifier can designate one Etheng address as the owner of the decentralized identifier, and the owner has the unique authority of modifying the corresponding data of the centralized identifier in three parts of the intelligent contract.
And the key rotation and management are used for realizing the rotation and management of the public key autonomously recorded in the intelligent contract by the user, and the key rotation and management is realized by sending the Ethernet workshop transaction to the Ethernet workshop by using the Ethernet workshop address of all parties of the decentralized identifier by the user and calling an intelligent contract interface. The public key supports data formats such as hexadecimal character strings, base64 character strings or pem.
In this embodiment, the reading of the data in the intelligent contract is realized by the decentralized identifier document parsing module, and the decentralized identifier document parsing module may read the data recorded in the intelligent contract and convert the data into a decentralized identifier document that can be read by a third party or other users. The decentralized identifier document is in a readable json data format. The decentralized identifier document comprises a version of the decentralized identifier standard specification, decentralized identifier content, a public key json array, a user-defined service endpoint and customized special field information.
Specifically, the decentralized identifier document mainly comprises the following fields:
1. context: "@ Context" represents the version of the decentralized identifier standard specification;
2. subject: "id" denotes decentralized identifier content, default "DIDs: idhub: EthereumAddressExampe";
3. public keys "pubic key" represents a json array of public keys that contain all users' own records in the intelligent contract for decentralized identifiers for key rotation and management, and third parties or other users can verify user signature data through the contents of this field. The format of a single element of the public key json array is exemplified as follows, the public key format defaults to "publicKeyHex":
4. service represents data recorded in an intelligent contract 'Attribute' field by a user, and particularly refers to a service endpoint required by the user for data processing under the block downlink. For example, the general format is as follows:
5. customizing the special field information: the user may customize the special fields to handle the customized data recorded within the decentralized identity compliance session.
In addition, the decentralized identifier document parsing module reads data of the portions through smart contract events corresponding to the decentralized identifier ownership contract, the key rotation and management contract, and the decentralized identifier related property contract, respectively. Smart contract events are a convenient tool to use the EVM log built-in functions, which in turn can invoke callbacks to snoop events in the DAPP's interface. Events may be inherited in smart contracts, which when invoked will trigger (emit) parameters to be stored in logs of transactions (a special data structure on the blockchain), which are associated with the addresses of the contracts and merged into the blockchain, which will always exist as long as the blocks are accessible.
Due to the openness of the blockchain, anyone can query the public key data associated with the decentralized identifier and can prove that the private key is kept by the entity to which the owner of the decentralized identifier corresponds. Due to the characteristics of the block chain and the asymmetric encryption, a user only needs to ensure the safety of the private key. Other users or third parties can check the digital signature information of the user by obtaining the public key which the user wants to use publicly from the decentralized identifier document, or can check whether the user public key is used correctly by calling an interface of an EtherFang Intelligent contract "valid public Key (address identity, bytes32 public KeyType, bytes32 public Key)".
The user authentication module is used for inquiring the corresponding public key information of the user in the intelligent contract module according to the login request sent by the user to the third-party service provider website and verifying the digital signature information encrypted by the private key attached to the login request, thereby authenticating the identity of the user.
The identity authorization module is used for configuring corresponding single sign-on protocol parameters by the user and the third-party service provider website, and after the identity authentication of the user is passed, the identity authorization module grants the login authority of the corresponding third-party service provider website of the user according to the single sign-on protocol parameters.
Preferably, the system further comprises an ethernet house interaction module, and the ethernet house interaction module is used for providing a necessary intelligent contract interaction interface to realize the interaction between the user and the intelligent contract module.
Preferably, the system further comprises an ethernet house encryption module, and the ethernet house encryption module is used for generating digital signature information by encrypting the digital signature information by using a private key of the user through an encryption algorithm of the ethernet house block chain.
The system for login management of decentralized digital identities mainly comprises the following steps: a configuration phase, an authorization phase, and a login phase.
Wherein the configuration phase comprises:
establishing a single sign-on protocol by a third-party service provider website, wherein the single sign-on protocol comprises an OpenID, an OAuth or a SAML protocol;
configuring corresponding single sign-on protocol parameters at an identity authorization module by a user and a third-party service provider website;
the user registers and formulates a management scheme of the decentralized identifier and the public key information and the related attribute information which are associated with the decentralized identifier in the intelligent contract module.
Under the environment of coexistence of multiple systems, a single Sign on (sso) (single Sign on) is that a user does not need to log in other systems after logging in one place, that is, one-time logging of the user can obtain the trust of all other systems, all user identities are uniformly authenticated, that is, an identity credential (such as a password) of the user is only stored in one place, other subsystems do not directly obtain sensitive information such as the password of the user, but receive the identity credential from a trusted source, and the main three solutions in the single Sign on and the uniform authentication are OpenID, OAuth and SAML.
OpenID is a decentralized online identity authentication system, for a website supporting OpenID, a user does not need to remember a traditional authentication mark such as a user name and a password, but instead, they only need to register on a website serving as an OpenID identity provider (IdP) in advance, OpenID is decentralized, any website can use OpenID as a way for the user to log in, and any website can also serve as an OpenID identity provider. OpenID solves the problem without relying on a central web site to confirm the digital identity.
OAuth2 provides a proxy access mechanism, that is, an application (which may be called a client) can obtain resources belonging to a user from a resource server or perform operations conforming to the user's authority instead of the user sharing his or her own credentials such as username and password to the client, OAuth2 issues a Token (Token) to a third-party application through IDP, and the third-party application exchanges the corresponding resource for the resource server by using the Token.
SAML is a security assertion markup language, and the SAML protocol can be used for both authentication and authorization. So-called security assertions, which are sets of assertions about authentication, authorization, and user attributes (e.g., with information about the user's availability or address), are transmitted in XML format in SAML. When a user identity is to be verified, a Service Provider (SP, i.e. RP, should have a relying party) will issue a SAML authentication request to the IDP, where the SAML authentication request will specify the setup of the authentication method in XML format, for example, in what way the IDP is expected to verify the user; the IDP, after authenticating the user identity, will return a SAML request response, also returning an assertion in XML format indicating the user identity and related attributes, and furthermore the SAML security assertion information must use a digital signature to ensure its integrity and non-repudiation (no mandatory requirement to encrypt the SAML assertion); after receiving SAML assertion, SP verifies whether its message source costs trusted IDP, and after verification, XML is parsed to obtain authentication information.
The authorization phase includes:
a user initiates an approval request of autonomous login to a third-party service provider website in an identity authorization module;
the third-party service provider website inquires and confirms the digital identity information of the user to the intelligent contract module through the user authentication module according to the approval request;
and the third-party service provider grants the corresponding login authority to the user through the approval request by the identity authorization module.
The login stage comprises the following steps:
a user initiates a login request at a third-party service provider website, wherein the login request is accompanied with digital signature information;
the third-party service provider website acquires public key information in the intelligent contract module through the user authentication module to verify the digital signature information so as to authenticate the user identity, and confirms the login authority of the user through the identity authorization module;
after the user identity authentication is passed and the login authority is determined, the user successfully logs in the third-party service provider website and acquires corresponding resources according to the login authority.
Through a block chain and a cryptography technology, digital identity integration services such as single sign-on and the like are realized under the condition that digital identity identifiers and passwords are not stored in a centralized manner, a user can independently manage own identity identifiers and public keys through an intelligent contract on the block chain on an Ethernet, the user can safely and efficiently log in a traditional website through the digital identity of the user autonomy only by storing own private keys, and the user has complete control right and use right on the digital identity without depending on an identity data server.
Although the invention has been described in detail above with reference to a general description and specific examples, it will be apparent to one skilled in the art that modifications or improvements may be made thereto based on the invention. Accordingly, such modifications and improvements are intended to be within the scope of the invention as claimed.
Claims (8)
1. The utility model provides a decentralization digit identity login management system based on ether mill block chain which characterized in that, the system includes intelligent contract module on the ether mill block chain and the identity provider server under the block chain, the identity provider server includes user authentication module and identity authorization module:
the intelligent contract module is used for registering and managing a decentralized identifier and public key information and related attribute information which are associated with the decentralized identifier by a user, wherein the related attribute information comprises third-party facilitator website service endpoint information which is customized by the user and is associated with the decentralized identifier;
the user authentication module is used for inquiring corresponding public key information of a user in the intelligent contract module according to a login request sent by the user to a third-party service provider website and verifying digital signature information which is encrypted by a private key and attached to the login request so as to authenticate the identity of the user;
the identity authorization module is used for configuring corresponding single sign-on protocol parameters by the user and the third-party service provider website, and after the identity authentication of the user is passed, the identity authorization module grants the login authority of the corresponding third-party service provider website of the user according to the single sign-on protocol parameters.
2. The system of claim 1, further comprising an etherhouse interaction module configured to provide a necessary intelligent contract interaction interface to enable user interaction with the intelligent contract module.
3. The decentralization digital identity login management system based on the Etherhouse blockchain as claimed in claim 1, wherein the system further comprises an Etherhouse encryption module, and the Etherhouse encryption module is configured to generate the digital signature information by encrypting a private key of the user through an encryption algorithm of the Etherhouse blockchain.
4. The system of claim 1, wherein the log-in management of the decentralized digital identity mainly comprises: a configuration phase, an authorization phase, and a login phase.
5. The system of claim 4, wherein the configuration phase comprises:
establishing a single sign-on protocol by a third-party service provider website;
configuring corresponding single sign-on protocol parameters at the identity authorization module by the user and the third-party service provider website;
the user registers and formulates a management scheme of the decentralized identifier and the public key information and the related attribute information which are associated with the decentralized identifier in the intelligent contract module.
6. The system of claim 4, wherein the authorization phase comprises:
the user initiates an examination and approval request of autonomous login to a third-party service provider website in the identity authorization module;
the third-party service provider website inquires and confirms the digital identity information of the user to the intelligent contract module through the user authentication module according to the approval request;
and the third-party service provider passes the approval request through the identity authorization module and grants the corresponding login permission to the user.
7. The decentralised digital identity login management system based on an etherhouse blockchain according to claim 4, wherein the login phase comprises:
a user initiates a login request at a third-party service provider website, wherein the login request is attached with digital signature information;
the third-party service provider website acquires public key information in the intelligent contract module through the user authentication module to verify the digital signature information so as to authenticate the user identity, and confirms the login authority of the user through the identity authorization module;
after the user identity authentication is passed and the login authority is determined, the user successfully logs in the third-party service provider website and acquires corresponding resources according to the login authority.
8. The etherhouse blockchain-based decentralized digital identity login management system according to claim 5, wherein said single sign-on protocol comprises the OpenID, OAuth or SAML protocol.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910130292.3A CN109936569B (en) | 2019-02-21 | 2019-02-21 | Decentralized digital identity login management system based on Ether house block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910130292.3A CN109936569B (en) | 2019-02-21 | 2019-02-21 | Decentralized digital identity login management system based on Ether house block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109936569A CN109936569A (en) | 2019-06-25 |
| CN109936569B true CN109936569B (en) | 2021-05-28 |
Family
ID=66985685
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910130292.3A Active CN109936569B (en) | 2019-02-21 | 2019-02-21 | Decentralized digital identity login management system based on Ether house block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109936569B (en) |
Families Citing this family (35)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3688930B1 (en) | 2019-07-02 | 2021-10-20 | Advanced New Technologies Co., Ltd. | System and method for issuing verifiable claims |
| EP3721603B1 (en) | 2019-07-02 | 2021-12-08 | Advanced New Technologies Co., Ltd. | System and method for creating decentralized identifiers |
| CN111316303B (en) | 2019-07-02 | 2023-11-10 | 创新先进技术有限公司 | Systems and methods for blockchain-based cross-entity authentication |
| CN111213147B (en) | 2019-07-02 | 2023-10-13 | 创新先进技术有限公司 | Systems and methods for blockchain-based cross-entity authentication |
| CN116910726A (en) | 2019-07-02 | 2023-10-20 | 创新先进技术有限公司 | System and method for mapping a de-centralized identity to a real entity |
| WO2019179535A2 (en) | 2019-07-02 | 2019-09-26 | Alibaba Group Holding Limited | System and method for verifying verifiable claims |
| CN112398799A (en) * | 2019-08-19 | 2021-02-23 | 北京国双科技有限公司 | Single sign-on method, device and system |
| CN110545273B (en) * | 2019-08-29 | 2022-05-03 | 广东昭阳信息技术有限公司 | Resource allocation method and system based on block chain application |
| CN110519277B (en) * | 2019-08-29 | 2020-08-21 | 上海威尔立杰网络科技发展有限公司 | Method for realizing control of other systems based on single-point execution contract |
| US11356436B2 (en) * | 2019-09-13 | 2022-06-07 | Sony Corporation | Single sign-on authentication via multiple authentication options |
| CN110798483A (en) * | 2019-11-12 | 2020-02-14 | 北京芯际科技有限公司 | Identity authentication method based on block chain |
| CN111030829A (en) * | 2019-12-24 | 2020-04-17 | 山东爱城市网信息技术有限公司 | Method, device and medium for authorizing login of third-party application based on block chain |
| CN111355723B (en) * | 2020-02-26 | 2023-04-18 | 腾讯科技(深圳)有限公司 | Single sign-on method, device, equipment and readable storage medium |
| US11587084B2 (en) * | 2020-02-28 | 2023-02-21 | Microsoft Technology Licensing, Llc | Decentralized identification anchored by decentralized identifiers |
| CN111461710B (en) * | 2020-03-06 | 2023-06-23 | 重庆邮电大学 | Distributed account book access control method based on alliance chain |
| CN111600900B (en) * | 2020-05-26 | 2022-09-02 | 牛津(海南)区块链研究院有限公司 | Single sign-on method, server and system based on block chain |
| CN111832001B (en) * | 2020-07-20 | 2024-05-24 | 国家信息中心 | Identity management method and identity management system based on block chain |
| CN111885049B (en) * | 2020-07-21 | 2022-08-02 | 黑龙江枫晟网络科技有限公司 | Memory system based on block chain technology |
| CN111787530B (en) * | 2020-08-06 | 2024-01-09 | 联通雄安产业互联网有限公司 | Block chain digital identity management method based on SIM card |
| CN111813999B (en) * | 2020-08-13 | 2024-01-05 | 广州科创空间信息科技有限公司 | Method for improving expansibility of intelligent contract field of Ethernet |
| CN113420284B (en) * | 2020-11-20 | 2024-05-17 | 支付宝(杭州)信息技术有限公司 | Login and user login related service processing method, device and equipment |
| CN112468504B (en) * | 2020-11-30 | 2023-06-20 | 四川易诚智讯科技有限公司 | Industrial control network access control method based on block chain |
| CN112768018A (en) * | 2020-12-15 | 2021-05-07 | 扬州大学 | Electronic medical record security sharing method based on integrated credit evaluation intelligent contract |
| CN112653553B (en) * | 2020-12-29 | 2022-07-12 | 上海交通大学 | Internet of things equipment identity management system |
| CN112800446A (en) * | 2021-01-26 | 2021-05-14 | 南京纯白矩阵科技有限公司 | Safe decentralized application hosting method |
| CN113159682B (en) * | 2021-04-22 | 2023-05-05 | 上海卓钢链科技有限公司 | Electronic warehouse information alliance chain system |
| CN113222595A (en) * | 2021-04-23 | 2021-08-06 | 上海和数软件有限公司 | Electric power data storage and query method and system based on block chain technology |
| CN113221093B (en) * | 2021-05-25 | 2022-11-25 | 成都佰纳瑞信息技术有限公司 | Single sign-on system, method, equipment and product based on block chain |
| CN113378240B (en) * | 2021-06-23 | 2023-03-28 | 浪潮云信息技术股份公司 | Synchronous calling user identity authentication method based on block chain |
| CN113852628B (en) * | 2021-09-23 | 2023-09-05 | 武汉众邦银行股份有限公司 | Decentralizing single sign-on method, device and storage medium |
| CN114401100A (en) * | 2021-10-02 | 2022-04-26 | 杭州荔藤网络科技有限公司 | Cross-application platform login method and system for block chain account |
| CN114826618B (en) * | 2022-05-06 | 2023-07-21 | 珠海复旦创新研究院 | Certificate distribution and access control integrated system |
| CN115102760A (en) * | 2022-06-21 | 2022-09-23 | 上海万向区块链股份公司 | System, method and medium for password-free secure login based on blockchain and DID |
| CN115208886B (en) * | 2022-07-13 | 2024-05-10 | 上海柚子工道物联技术有限公司 | DID-based data authorization method, system and medium |
| CN117056900B (en) * | 2023-10-12 | 2024-02-09 | 中电数创(北京)科技有限公司 | Method for main body whole-flow trusted authentication in trusted data space |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107659429A (en) * | 2017-08-11 | 2018-02-02 | 四川大学 | Data sharing method based on block chain |
| CN107705125A (en) * | 2017-08-28 | 2018-02-16 | 杭州云象网络技术有限公司 | A kind of payment marking method based on block chain |
| CN108173850A (en) * | 2017-12-28 | 2018-06-15 | 杭州趣链科技有限公司 | A kind of identity authorization system and identity identifying method based on block chain intelligence contract |
| CN108235805A (en) * | 2017-12-29 | 2018-06-29 | 深圳前海达闼云端智能科技有限公司 | Account unifying method and device and storage medium |
| CN108259467A (en) * | 2017-12-13 | 2018-07-06 | 晖保智能科技(上海)有限公司 | A kind of encryption and authentication method of block chain communication system |
| CN108551437A (en) * | 2018-03-13 | 2018-09-18 | 百度在线网络技术(北京)有限公司 | Method and apparatus for authentication information |
| WO2018165763A1 (en) * | 2017-03-17 | 2018-09-20 | Royal Bank Of Canada | Systems and methods for hybrid blockchain platform |
-
2019
- 2019-02-21 CN CN201910130292.3A patent/CN109936569B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018165763A1 (en) * | 2017-03-17 | 2018-09-20 | Royal Bank Of Canada | Systems and methods for hybrid blockchain platform |
| CN107659429A (en) * | 2017-08-11 | 2018-02-02 | 四川大学 | Data sharing method based on block chain |
| CN107705125A (en) * | 2017-08-28 | 2018-02-16 | 杭州云象网络技术有限公司 | A kind of payment marking method based on block chain |
| CN108259467A (en) * | 2017-12-13 | 2018-07-06 | 晖保智能科技(上海)有限公司 | A kind of encryption and authentication method of block chain communication system |
| CN108173850A (en) * | 2017-12-28 | 2018-06-15 | 杭州趣链科技有限公司 | A kind of identity authorization system and identity identifying method based on block chain intelligence contract |
| CN108235805A (en) * | 2017-12-29 | 2018-06-29 | 深圳前海达闼云端智能科技有限公司 | Account unifying method and device and storage medium |
| CN108551437A (en) * | 2018-03-13 | 2018-09-18 | 百度在线网络技术(北京)有限公司 | Method and apparatus for authentication information |
Non-Patent Citations (1)
| Title |
|---|
| 基于区块链的身份管理认证研究;董贵山等;《计算机科学》;20181115;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109936569A (en) | 2019-06-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109936569B (en) | Decentralized digital identity login management system based on Ether house block chain | |
| US9621355B1 (en) | Securely authorizing client applications on devices to hosted services | |
| CN109918942B (en) | Decentralized identifier management system based on ether house block chain | |
| KR100872099B1 (en) | Method and system for a single-sign-on access to a computer grid | |
| US8898457B2 (en) | Automatically generating a certificate operation request | |
| US7533265B2 (en) | Establishment of security context | |
| US9225525B2 (en) | Identity management certificate operations | |
| EP1872502B1 (en) | Peer-to-peer authentication and authorization | |
| US9699168B2 (en) | Method and system for authenticating a rich client to a web or cloud application | |
| US7844816B2 (en) | Relying party trust anchor based public key technology framework | |
| US20100154041A1 (en) | Transforming claim based identities to credential based identities | |
| US20080263644A1 (en) | Federated authorization for distributed computing | |
| US7287156B2 (en) | Methods, systems and computer program products for authentication between clients and servers using differing authentication protocols | |
| US20230299973A1 (en) | Service registration method and device | |
| US11882120B2 (en) | Identity intermediary service authorization | |
| JP2012181662A (en) | Account information cooperation system | |
| Pöhn et al. | New directions and challenges within identity and access management | |
| Rajathi et al. | Practical Implementation and Analysis of TLS Client Certificate Authentication | |
| Myyrä | Protection of Information and Communications in Distributed Systems and Microservices | |
| Chakrabarti et al. | Grid Information Security Architecture | |
| CN117478295A (en) | Block chain digital identity service system and method | |
| Straub et al. | A multipurpose delegation proxy for WWW credentials | |
| Chandersekaran et al. | Claims-Based Authentication for a Web-Based Enterprise | |
| Moralis et al. | Security Standards and Issues for Grid Computing | |
| Virtanen | Smart card usage for authentication in web single sign-on systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |