CN110247894A - The method and device of handle server is forged in a kind of identification - Google Patents
The method and device of handle server is forged in a kind of identification Download PDFInfo
- Publication number
- CN110247894A CN110247894A CN201910407635.6A CN201910407635A CN110247894A CN 110247894 A CN110247894 A CN 110247894A CN 201910407635 A CN201910407635 A CN 201910407635A CN 110247894 A CN110247894 A CN 110247894A
- Authority
- CN
- China
- Prior art keywords
- handle
- cryptographic hash
- target
- services
- code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the present invention provides a kind of method and device of identification forgery handle server, is related to Internet technical field, can ensure that handle server is not tampered in the resolving of handle system banner.This method comprises: obtaining the target handle code analysis request that client is sent;If it is determined that including requested privacy in target handle code analysis request, then obtains the target handle code stored on block chain and carry out corresponding second cryptographic Hash of the first cryptographic Hash after hash conversion;Target home information on services is matched according to target handle code;Target home information on services is subjected to hash conversion, obtains third cryptographic Hash;If it is determined that the second cryptographic Hash is identical as third cryptographic Hash, it is determined that handle server is not forged.The embodiment of the present application is applied to the parsing of handle system banner.
Description
Technical field
The embodiment of the present invention is related to Internet technical field more particularly to the side of handle server is forged in a kind of identification
Method and device.
Background technique
Handle system can provide permanent mark as a kind of general name service system for the digital object in network
Know, the infrastructure services such as dynamic link and safety management, the new technologies such as development and Internet of Things recently as internet it is emerging
It rises, handle system obtains more wide application prospect.
The safety of Handle system depends on the safety of client and handle server.In the business of progress, lead to
Normal handle system is trusted completely between each other with client.The integrality of handle system depends greatly on the overall situation
The integrality of the information of service, wherein the information of global service is serviced including local handle, includes under local handle service
Home service.Invalid global service information may not only mislead client and be serviced using unsuitable local handle, and
And the information of the invalid global service also allows attacker to forge handle server signature.In addition to this, for efficiency
The considerations of, only in the case where client specially requires, handle server just can be generated or be returned for home service response
Digital signature, also, in order to ensure the integrality of data, client must explicitly require handle server to return to number label
Name, in the case, in order to protect sensitive data not to be disclosed, client can establish communication session with handle server
Afterwards, it is desirable that handle server encrypts any data using session key.
Therefore, the safety of existing handle system in handle server each time and client interactive process all
The safety of intensity dependence handle server itself and client itself.And handle system is for efficiency, if not receiving visitor
Family end returns to the requirement of digital signature, then handle server will not generate or return number label for each home service response
Name, and in order to ensure the integrality of data, client must explicitly require handle server to return to digital signature.Work as data
When sensitive, while it is desirable to handle server reuses encrypted data after client and handle server establish session,
But still there is client explicitly requires handle system to return to digital signature, and invalid global service information can allow to attack
Person forges server signature, and therefore, there are loopholes in overall security for existing handle system.
Summary of the invention
The embodiment of the present invention provides a kind of method and device of identification forgery handle server, can be in handle system
Ensure that handle server is not tampered in the resolving for mark of uniting.
In a first aspect, providing a kind of method that handle server is forged in identification, include the following steps: to obtain client hair
The target handle code analysis request sent, wherein include target handle code in target handle code analysis request;If it is determined that mesh
Marking includes requested privacy in handle code analysis request, then obtains the target handle code stored on block chain and carry out hash conversion
Corresponding second cryptographic Hash of the first cryptographic Hash afterwards, wherein the second cryptographic Hash is target handle to prestore on block chain
The cryptographic Hash of the matched home information on services of code;Target home information on services is matched according to target handle code;By target home
Information on services carries out hash conversion, obtains third cryptographic Hash;If it is determined that the second cryptographic Hash is identical as third cryptographic Hash, it is determined that
Handle server is not forged, wherein target home information on services is used to refer to client and chooses handle server.
In above scheme, the target handle code analysis request that client is sent is obtained, wherein the parsing of target handle code
It include target handle code in request;If it is determined that including requested privacy in target handle code analysis request, then block chain is obtained
The target handle code of upper storage carries out corresponding second cryptographic Hash of the first cryptographic Hash after hash conversion, wherein the second Hash
Value be prestored on block chain be the matched home information on services of target handle code cryptographic Hash;According to target handle code
Match target home information on services;Target home information on services is subjected to hash conversion, obtains third cryptographic Hash;If it is determined that second
Cryptographic Hash is identical as third cryptographic Hash, it is determined that handle server is not forged.By hash conversion and block in the application
Chain storage combines the foundation whether being forged for judging handle server, is target handle in block chain when being stored in
The matched target home of target handle code that the second cryptographic Hash and client of the matched home information on services of code need to parse
It when the third cryptographic Hash of information on services is identical, determines that handle server is not forged, when data sensitive, can independently know
The correctness of other handle server avoids the intensity dependence in the resolving of handle system banner in the prior art
The safety of handle server itself and client itself.
Second aspect provides a kind of device of identification forgery handle server, comprising: module is obtained, for obtaining visitor
The target handle code analysis request that family end is sent, wherein include target handle code in target handle code analysis request;It obtains
Modulus block is also used to if it is determined that then obtaining the mesh stored on block chain including requested privacy in target handle code analysis request
It marks handle code and carries out corresponding second cryptographic Hash of the first cryptographic Hash after hash conversion, wherein the second cryptographic Hash is in block
Prestored on chain be the matched home information on services of target handle code cryptographic Hash;Matching module, for according to acquisition module
The target handle code of acquisition matches target home information on services;Processing module is used for the matched target home of matching module
Information on services carries out hash conversion, obtains third cryptographic Hash;Determining module, for if it is determined that obtaining the second Hash of module acquisition
Value is identical as the third cryptographic Hash that processing module obtains, it is determined that handle server is not forged, wherein target home clothes
Business information is used to refer to client and chooses handle server.
The third aspect provides a kind of device of identification forgery handle server, including communication interface, processor, storage
Device, bus;For storing computer executed instructions, processor is connect with memory by bus memory, when identification is forged
When the device operation of handle server, processor executes the computer executed instructions of memory storage, so that identification is forged
The device of handle server executes the method for forging handle server such as the identification of above-mentioned first aspect.
Fourth aspect provides a kind of computer storage medium, including instruction, when instruction is run on computers, so that
Computer executes the method for forging handle server such as above-mentioned identification.
5th aspect provides a kind of computer program product, and computer program product includes instruction code, and instruction code is used
The method for forging handle server is identified in executing above-mentioned such as.
It is to be appreciated that the device of handle server, computer storage medium are forged in any identification of above-mentioned offer
Or computer program product is used to execute the corresponding method of first aspect presented above, therefore, institute is attainable to be had
Beneficial effect can refer to the beneficial effect of corresponding scheme in the method and following detailed description of first aspect above, herein
It repeats no more.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below will be in embodiment or description of the prior art
Required attached drawing is briefly described, it should be apparent that, the accompanying drawings in the following description is only some realities of the invention
Example is applied, it for those of ordinary skill in the art, without creative efforts, can also be according to these attached drawings
Obtain other attached drawings.
Fig. 1 is a kind of handle system architecture schematic diagram that the embodiment of the present invention provides;
Fig. 2 is the method schematic diagram that handle server is forged in a kind of identification that the embodiment of the present invention provides;
Fig. 3 is the structural schematic diagram for the device that handle server is forged in a kind of identification that the embodiment of the present invention provides;
Fig. 4 is the structural representation for the device that handle server is forged in a kind of identification that another embodiment of the present invention provides
Figure.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
Handle system uses distributed management architecture, realizes each data-storage system distributed management.In Handle system
Unite under distributed management architecture, can low cost, rapidly build service platform, and not homologous ray is simple and quick docks, and support is each
Class application provides service for it.The distribution service framework of Handle system, shown referring to Fig.1, top layer is complete by one
Office's service is constituted, wherein global service is known as overall situation handle registration center (global handle registry, GHR).Under
Layer then services all locals such as 1 (local handle service, LHS), local handle service 2 by local handle
Handle service composition, wherein each local handle service possesses the sub- name space of oneself, for example, local handle takes
Business 1 possesses sub- name space 1, and local handle service 2 possesses sub- name space 2.One local handle service is by two portions
Divide and constitute: name permission (naming authority), referred to as home service, also known as prefix;And the name permission it
Under unique handle, referred to as suffix, i.e., the handle code in the application, for example, local handle service 1 is empty in sub- title
Between possess home service 11, home service 12 under 1, wherein correspond to unique handle1, home under home service 11 and services
Unique handle2 is corresponded under 12;Local handle service 2 possesses home service 21, home service under sub- name space 2
22, wherein corresponded under home service 21 and correspond to unique handle4 under unique handle3, home service 22.
Based on the distribution service framework of above-mentioned handle system, the sub- name space of any local handle service
Service can be provided simultaneously by corresponding local handle service, global service or both.Global service can be used for will be any
Handle service request is sent to responsible local handle service.The Distributed Services structure of Handle system allows will be any
Given handle service copies to the services sites under multiple home services, and each services sites can further be distributed
Into single handle server cluster.Local handle service provides parsing and management service under home service for handle
Unique device, therefore, before parsing handle, client must determine the handle home service.Each handle
Home service all global handle registration center register.Client can be ordered by inquiring in global handle registration center
Name permission handle services to find the home of each handle.Client sends handle solution to global handle registration center
Analysis request;Global handle registration center inquires home service according to handle analysis request, returns to home clothes to client
The information on services of business, i.e. home information on services, wherein home information on services lists the services sites of given home service, and
The interface of each handle server in each services sites;Client selects a services sites from information on services, in website
In find responsible handle server, and send handle server for handle analysis request.For example, it is desired to parsing
Handle code is " ncstrl.vatech_cs/te-93-35 ".Then client needs know " ncstrl.vatech_cs "
Home service.Name permission handle " 0.NA/ncstrl.vatech_cs " can be inquired in GHR to obtain by handle system
Obtain home service.Handle system will service according to home and return to home information on services.From home information on services, client can
To select a services sites, responsible handle server is found in services sites, and send analysis request to
Handle server.
Handle server is inquired in global handle registration center based on above-mentioned handle system architecture and client
Method, the application provides a kind of method that handle server is forged in identification and specifically comprises the following steps: referring to shown in Fig. 2
201, the target handle code analysis request that client is sent is obtained.
Firstly, since parsing is to be serviced to provide by home, and home service is also unique with management objectives handle code
Supplier, home information on services can be listed each in the services sites and each services sites of given home service
The interface of handle server, client select a services sites from information on services, find responsible handle in the station
Server, and handle server is sent by handle analysis request, therefore, before parsing target handle code, client
End is it needs to be determined that home information on services.
It is preferred, therefore, that for the first time in use, matching home clothes for target handle code after the application of target handle code
Business information.That is, being target in global handle registration center when handle system gets target handle code for the first time
Handle code inquires home service, and obtains home information on services.
Further, target handle code is subjected to hash conversion (hash), obtains the first cryptographic Hash, at this point, only by the overall situation
One target handle code carries out hash, generates 256 character strings that a string of current technologies cannot be cracked inversely, i.e. the first Hash
Value.
Further, home information on services is subjected to hash conversion, obtains the second cryptographic Hash.It include: if it is determined that home is serviced
The life span time-out of information, then match new home information on services again for target handle code, and new home is serviced letter
Breath carries out hash conversion, obtains the second cryptographic Hash.For example, the life span of home information on services is 24 hours, then home is serviced
After information is survived 24 hours, handle system is again that target handle code match query is new in global handle registration center
Home service, then the information on services that the home is serviced carries out hash, obtains the second cryptographic Hash.
Further, the first cryptographic Hash of association and the second cryptographic Hash generate association results.
Preferably, the first cryptographic Hash and the second cryptographic Hash can be associated using the form of traditional database table, it is raw
At contingency table.It is of course also possible to use the first cryptographic Hash and the second cryptographic Hash are associated by the key-value pair form of json, generate
It is associated with key-value pair.
Further, association results are stored in block chain.
Secondly, sending target handle code to handle system when client needs to carry out the parsing of target handle code
Analysis request, handle system obtain the target handle code analysis request that client is sent, wherein the parsing of target handle code
It include target handle code in request.
202, if it is determined that including requested privacy in target handle code analysis request, then the target stored on block chain is obtained
Handle code carries out corresponding second cryptographic Hash of the first cryptographic Hash after hash conversion.
Wherein, the second cryptographic Hash be prestored on block chain be the matched home information on services of target handle code Kazakhstan
Uncommon value, i.e., the second cryptographic Hash in step 201.
203, target home information on services is matched according to target handle code.
Specifically, handle system takes according to target handle code in global handle registration center inquiry target home
Business, and obtain target home information on services.
204, target home information on services is subjected to hash conversion, obtains third cryptographic Hash.
205, if it is determined that the second cryptographic Hash is identical as third cryptographic Hash, it is determined that handle server is not forged.
Specifically, the second cryptographic Hash is the matched home information on services of target handle code to prestore on block chain
Cryptographic Hash, third cryptographic Hash are the Hash for the newest matched target home information on services of target handle code that client is sent
Value;Due to being to match home information on services for the same target handle code twice, if the second of home information on services breathes out
Uncommon value is identical as the third cryptographic Hash of target home information on services, then can determine the service station carried in target home information on services
The interface of point and server is not modified, i.e. handle server is not forged.
Wherein, target home information on services is used to refer to client and chooses handle server.
Specifically, since target home information on services can list the services sites serviced to the home that sets the goal, and it is each
The interface of each handle server in services sites.Target home information on services is fed back to client by handle system, visitor
Family end selects a services sites from information on services, finds responsible handle server in the station, and handle is parsed
Request is sent to handle server.
Further, be associated in the application with the cryptographic Hash of target handle code or home service in its
There are the information of globally unique identifier, service for he.
In above scheme, the target handle code analysis request that client is sent is obtained, wherein the parsing of target handle code
It include target handle code in request;If it is determined that including requested privacy in target handle code analysis request, then block chain is obtained
The target handle code of upper storage carries out corresponding second cryptographic Hash of the first cryptographic Hash after hash conversion, wherein the second Hash
Value be prestored on block chain be the matched home information on services of target handle code cryptographic Hash;According to target handle code
Match target home information on services;Target home information on services is subjected to hash conversion, obtains third cryptographic Hash;If it is determined that second
Cryptographic Hash is identical as third cryptographic Hash, it is determined that handle server is not forged.By hash conversion and block in the application
Chain storage combines the foundation whether being forged for judging handle server, is target handle in block chain when being stored in
The matched target home of target handle code that the second cryptographic Hash and client of the matched home information on services of code need to parse
It when the third cryptographic Hash of information on services is identical, determines that handle server is not forged, when data sensitive, can independently know
The correctness of other handle server avoids the intensity dependence in the resolving of handle system banner in the prior art
The safety of handle server itself and client itself.
The embodiment of the present invention can be carried out according to the device that above-mentioned embodiment of the method forges handle server to identification
The division of functional module can also will be two or more for example, each functional module of each function division can be corresponded to
Function is integrated in a processing module.Above-mentioned integrated module both can take the form of hardware realization, can also use soft
The form of part functional module is realized.It should be noted that being schematically, only to the division of module in the embodiment of the present invention
A kind of logical function partition, there may be another division manner in actual implementation.
In the case where each function division of use correspondence each functional module, Fig. 3 is given involved in above-described embodiment
Identification forge handle server device a kind of possible structural schematic diagram.It is forged for implementing above-mentioned identification
The method of handle server, wherein the device that handle server is forged in identification is applied to handle system.Specifically, packet
It includes:
Module 31 is obtained, for obtaining the target handle code analysis request of client transmission, wherein the target
It include target handle code in handle code analysis request;The acquisition module 31 is also used to if it is determined that the target handle
It include requested privacy in code analysis request, then after obtaining the target handle code progress hash conversion stored on block chain
Corresponding second cryptographic Hash of first cryptographic Hash, wherein second cryptographic Hash is the mesh to prestore on the block chain
Mark the cryptographic Hash of the matched home information on services of handle code;Matching module 32, for what is obtained according to the acquisition module 31
The target handle code matches target home information on services;Processing module 33 is used for the matched institute of the matching module 32
It states target home information on services and carries out hash conversion, obtain third cryptographic Hash;Determining module 34, for if it is determined that the acquisition mould
Second cryptographic Hash that block 31 obtains is identical as the third cryptographic Hash that the processing module 33 obtains, it is determined that described
Handle server is not forged, wherein the target home information on services is used to refer to client and chooses handle service
Device.
Optionally, the acquisition module 31, is also used to obtain the target handle code;The matching module 32, is also used
In for the target handle code match home information on services;The processing module 33 is also used to the target handle code
Hash conversion is carried out, the first cryptographic Hash is obtained;The processing module 33 is also used to the home information on services carrying out Hash change
It changes, obtains the second cryptographic Hash;Relating module 35 generates association for being associated with first cryptographic Hash and second cryptographic Hash
As a result;The processing module 33 is also used to the association results being stored in block chain.
Optionally, the relating module 35, specifically in the form of traditional database table by first cryptographic Hash
It is associated with second cryptographic Hash, generates contingency table.
Optionally, the relating module 35, specifically for using json key-value pair form will first cryptographic Hash and
Second cryptographic Hash is associated, and generates association key-value pair.
Optionally, the matching module 32 is also used to the life span time-out if it is determined that the home information on services, then weighs
New home information on services is newly matched for the target handle code;The processing module 33 is also used to the new home
Information on services carries out hash conversion, obtains the second cryptographic Hash.
Using integrated module, the device that handle server is forged in identification includes: storage unit, processing
Unit and interface unit.The movement for the device that processing unit is used to forge handle server to identification carries out control management.
Interface unit forges the device of handle server and the information exchange of other equipment for identification.Storage unit, for storing
The program code and data of the device of handle server are forged in identification.
Wherein, using processing unit as processor, storage unit is memory, and interface unit is for communication interface.Wherein,
Identification forges the device of handle server referring to fig. 4, including communication interface 401, processor 402,403 and of memory
Bus 404, communication interface 401, processor 402 are connected by bus 404 with memory 403.
Processor 402 can be a general central processor (Central Processing Unit, CPU), micro process
Device, application-specific integrated circuit (Application-Specific Integrated Circuit, ASIC) or one or more
A integrated circuit executed for controlling application scheme program.
Memory 403 can be read-only memory (Read-Only Memory, ROM) or can store static information and instruction
Other kinds of static storage device, random access memory (Random Access Memory, RAM) or letter can be stored
The other kinds of dynamic memory of breath and instruction, is also possible to Electrically Erasable Programmable Read-Only Memory (Electrically
Erasable Programmable Read-only Memory, EEPROM), CD-ROM (Compact Disc Read-
Only Memory, CD-ROM) or other optical disc storages, optical disc storage (including compression optical disc, laser disc, optical disc, digital universal
Optical disc, Blu-ray Disc etc.), magnetic disk storage medium or other magnetic storage apparatus or can be used in carrying or store to have referring to
Enable or data structure form desired program code and can by any other medium of computer access, but not limited to this.
Memory, which can be, to be individually present, and is connected by bus with processor.Memory can also be integrated with processor.
Wherein, memory 403 is used to store the application code for executing application scheme, and is controlled by processor 402
System executes.Communication interface 401 is used to carry out information exchange with other equipment, such as identification is supported to forge the dress of handle server
The information exchange with other equipment is set, such as obtains data from other equipment or sends data to other equipment.Processor 402
For executing the application code stored in memory 403, to realize method described in the embodiment of the present application.
In addition, a kind of calculating storage media (or medium) is also provided, including carrying out in above-described embodiment when executed
The instruction for the method operation that the device that handle server is forged in identification executes.In addition, a kind of computer program product is also provided,
Media (or medium) is stored including above-mentioned calculating.
Wherein, all related contents for each step that above method embodiment is related to can quote corresponding function module
Function description, effect details are not described herein.
It should be understood that in various embodiments of the present invention, magnitude of the sequence numbers of the above procedures are not meant to execute suitable
Sequence it is successive, the execution of each process sequence should be determined by its function and internal logic, the implementation without coping with the embodiment of the present invention
Process constitutes any restriction.
Those of ordinary skill in the art may be aware that list described in conjunction with the examples disclosed in the embodiments of the present disclosure
Member and algorithm steps can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually
It is implemented in hardware or software, the specific application and design constraint depending on technical solution.Professional technician
Each specific application can be used different methods to achieve the described function, but this realization is it is not considered that exceed
The scope of the present invention.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description,
The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In several embodiments provided herein, it should be understood that disclosed system, apparatus and method, it can be with
It realizes by another way.For example, apparatus embodiments described above are merely indicative, for example, the unit
It divides, only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components
It can be combined or can be integrated into another system, or some features can be ignored or not executed.Another point, it is shown or
The mutual coupling, direct-coupling or communication connection discussed can be through some interfaces, the indirect coupling of equipment or unit
It closes or communicates to connect, can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product
It is stored in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially in other words
The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter
Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a
People's computer, server or network equipment etc.) it performs all or part of the steps of the method described in the various embodiments of the present invention.
And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (full name in English: read-only memory, English letter
Claim: ROM), random access memory (full name in English: random access memory, English abbreviation: RAM), magnetic disk or light
The various media that can store program code such as disk.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any
Those familiar with the art in the technical scope disclosed by the present invention, can easily think of the change or the replacement, and should all contain
Lid is within protection scope of the present invention.Therefore, protection scope of the present invention should be based on the protection scope of the described claims.
Claims (13)
1. a kind of method that handle server is forged in identification, which is characterized in that
Obtain the target handle code analysis request that client is sent, wherein include in the target handle code analysis request
Target handle code;
If it is determined that including requested privacy in the target handle code analysis request, then the target stored on block chain is obtained
Handle code carries out corresponding second cryptographic Hash of the first cryptographic Hash after hash conversion, wherein second cryptographic Hash is in institute
State prestored on block chain be the matched home information on services of the target handle code cryptographic Hash;
Target home information on services is matched according to the target handle code;
The target home information on services is subjected to hash conversion, obtains third cryptographic Hash;
If it is determined that second cryptographic Hash is identical as the third cryptographic Hash, it is determined that the handle server is not pseudo-
It makes, wherein the target home information on services is used to refer to client and chooses handle server.
2. the method that handle server is forged in identification according to claim 1, which is characterized in that obtaining client hair
Before the target handle code analysis request sent, the method also includes:
Obtain the target handle code;
Home information on services is matched for the target handle code;
The target handle code is subjected to hash conversion, obtains the first cryptographic Hash;
The home information on services is subjected to hash conversion, obtains the second cryptographic Hash;
It is associated with first cryptographic Hash and second cryptographic Hash, generates association results;
The association results are stored in block chain.
3. the method that handle server is forged in identification according to claim 2, which is characterized in that association described first is breathed out
Uncommon value and second cryptographic Hash, generate association results, comprising:
First cryptographic Hash and second cryptographic Hash are associated using the form of traditional database table, generate association
Table.
4. the method that handle server is forged in identification according to claim 2, which is characterized in that association described first is breathed out
Uncommon value and second cryptographic Hash, generate association results, comprising:
First cryptographic Hash and second cryptographic Hash are associated using the key-value pair form of json, generate association key assignments
It is right.
5. the method that handle server is forged in identification according to claim 2, which is characterized in that
If it is determined that the life span time-out of the home information on services, then match new home again for the target handle code
Information on services;
The new home information on services is subjected to hash conversion, obtains the second cryptographic Hash.
6. the device that handle server is forged in a kind of identification, which is characterized in that
Module is obtained, for obtaining the target handle code analysis request of client transmission, wherein the target handle code solution
It include target handle code in analysis request;
The acquisition module is also used to if it is determined that then obtaining area including requested privacy in the target handle code analysis request
The target handle code stored on block chain carries out corresponding second cryptographic Hash of the first cryptographic Hash after hash conversion, wherein
Second cryptographic Hash be prestored on the block chain be the matched home information on services of the target handle code Kazakhstan
Uncommon value;
Matching module, the target handle code for being obtained according to the acquisition module match target home information on services;
Processing module obtains for the matched target home information on services of the matching module to be carried out hash conversion
Three cryptographic Hash;
Determining module, for if it is determined that described obtain second cryptographic Hash that module obtains and the institute that the processing module obtains
It is identical to state third cryptographic Hash, it is determined that the handle server is not forged, wherein the target home information on services is used
To indicate that client chooses handle server.
7. the device that handle server is forged in identification according to claim 6, which is characterized in that
The acquisition module is also used to obtain the target handle code;
The matching module is also used to match home information on services for the target handle code;
The processing module is also used to the target handle code carrying out hash conversion, obtains the first cryptographic Hash;
The processing module is also used to the home information on services carrying out hash conversion, obtains the second cryptographic Hash;
Relating module generates association results for being associated with first cryptographic Hash and second cryptographic Hash;
The processing module is also used to the association results being stored in block chain.
8. the device that handle server is forged in identification according to claim 7, which is characterized in that
The relating module, specifically in the form of traditional database table by first cryptographic Hash and second Hash
Value is associated, and generates contingency table.
9. the device that handle server is forged in identification according to claim 7, which is characterized in that
The relating module, specifically for using the key-value pair form of json by first cryptographic Hash and second cryptographic Hash
It is associated, generates association key-value pair.
10. the device that handle server is forged in identification according to claim 7, which is characterized in that
The matching module is also used to the life span time-out if it is determined that the home information on services, is then again the target
Handle code matches new home information on services;
The processing module is also used to the new home information on services carrying out hash conversion, obtains the second cryptographic Hash.
11. it is a kind of identification forge handle server device, which is characterized in that including communication interface, processor, memory,
Bus;For storing computer executed instructions, the processor is connect with the memory by the bus memory,
When the device operation of handle server is forged in the identification, the computer that the processor executes the memory storage is held
Row instruction, so that the device execution identification as described in any one in claim 1-5 that handle server is forged in the identification is pseudo-
The method for making handle server.
12. a kind of computer storage medium, including instruction, which is characterized in that when described instruction is run on computers, so that
The computer executes the method that handle server is forged in identification as described in any one in claim 1-5.
13. a kind of computer program product, which is characterized in that the computer program product includes instruction code, described instruction
Code is used to execute the method that handle server is forged in identification as described in any one in claim 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910407635.6A CN110247894B (en) | 2019-05-16 | 2019-05-16 | Method and device for identifying fake handle server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910407635.6A CN110247894B (en) | 2019-05-16 | 2019-05-16 | Method and device for identifying fake handle server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110247894A true CN110247894A (en) | 2019-09-17 |
| CN110247894B CN110247894B (en) | 2021-06-18 |
Family
ID=67884530
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910407635.6A Active CN110247894B (en) | 2019-05-16 | 2019-05-16 | Method and device for identifying fake handle server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110247894B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111082941A (en) * | 2019-11-22 | 2020-04-28 | 天翼物联科技有限公司 | Internet of things data sharing method and system based on block chain technology |
| CN111209596A (en) * | 2020-04-21 | 2020-05-29 | 国网电子商务有限公司 | Block chain-based industrial internet identification analysis access control method |
| CN112256706A (en) * | 2020-11-19 | 2021-01-22 | 中国联合网络通信集团有限公司 | Method and device for determining handle reference state |
| CN112491855A (en) * | 2020-11-19 | 2021-03-12 | 中国联合网络通信集团有限公司 | Method and device for determining handle identifier analysis state |
| CN112667930A (en) * | 2020-12-18 | 2021-04-16 | 北京中数创新科技股份有限公司 | Prefix convergence method and system based on Handle system |
| CN112667929A (en) * | 2020-12-11 | 2021-04-16 | 北京中数创新科技股份有限公司 | Prefix and identification data secure pushing method and system based on Handle system |
| CN112948876A (en) * | 2021-02-26 | 2021-06-11 | 中国联合网络通信集团有限公司 | Tracing method and device |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2104305A1 (en) * | 2008-03-21 | 2009-09-23 | Koninklijke KPN N.V. | Call service handling in an IMS-based system |
| CN103546502A (en) * | 2012-07-11 | 2014-01-29 | 中国电信股份有限公司 | Metadata sharing method and cloud storage server |
| CN104219232A (en) * | 2014-08-26 | 2014-12-17 | 浙江大学 | Method for controlling file security of block distributed file system |
| CN105247529A (en) * | 2013-04-30 | 2016-01-13 | 微软技术许可有限责任公司 | Synchronizing credential hashes between directory services |
| CN107181747A (en) * | 2017-05-19 | 2017-09-19 | 北京中数创新科技股份有限公司 | A kind of Handle resolution systems comprising top mode |
| CN107197001A (en) * | 2017-05-05 | 2017-09-22 | 工业和信息化部电信研究院 | A kind of industry internet module information method |
| WO2018125989A2 (en) * | 2016-12-30 | 2018-07-05 | Intel Corporation | The internet of things |
| CN108462692A (en) * | 2018-01-30 | 2018-08-28 | 合肥工业大学 | A kind of data tamper resistant systems and its method based on block chain |
| US20180287791A1 (en) * | 2017-03-28 | 2018-10-04 | Dell Products, Lp | Chassis-Based Cryptographic Affinities |
| CN109033405A (en) * | 2018-08-03 | 2018-12-18 | 华为技术有限公司 | Safeguard method and apparatus, server and the computer readable storage medium of block chain |
| CN109714408A (en) * | 2018-12-20 | 2019-05-03 | 中国科学院沈阳自动化研究所 | A kind of semantization industrial network service interface system based on Handle mark |
-
2019
- 2019-05-16 CN CN201910407635.6A patent/CN110247894B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2104305A1 (en) * | 2008-03-21 | 2009-09-23 | Koninklijke KPN N.V. | Call service handling in an IMS-based system |
| CN103546502A (en) * | 2012-07-11 | 2014-01-29 | 中国电信股份有限公司 | Metadata sharing method and cloud storage server |
| CN105247529A (en) * | 2013-04-30 | 2016-01-13 | 微软技术许可有限责任公司 | Synchronizing credential hashes between directory services |
| CN104219232A (en) * | 2014-08-26 | 2014-12-17 | 浙江大学 | Method for controlling file security of block distributed file system |
| WO2018125989A2 (en) * | 2016-12-30 | 2018-07-05 | Intel Corporation | The internet of things |
| US20180287791A1 (en) * | 2017-03-28 | 2018-10-04 | Dell Products, Lp | Chassis-Based Cryptographic Affinities |
| CN107197001A (en) * | 2017-05-05 | 2017-09-22 | 工业和信息化部电信研究院 | A kind of industry internet module information method |
| CN107181747A (en) * | 2017-05-19 | 2017-09-19 | 北京中数创新科技股份有限公司 | A kind of Handle resolution systems comprising top mode |
| CN108462692A (en) * | 2018-01-30 | 2018-08-28 | 合肥工业大学 | A kind of data tamper resistant systems and its method based on block chain |
| CN109033405A (en) * | 2018-08-03 | 2018-12-18 | 华为技术有限公司 | Safeguard method and apparatus, server and the computer readable storage medium of block chain |
| CN109714408A (en) * | 2018-12-20 | 2019-05-03 | 中国科学院沈阳自动化研究所 | A kind of semantization industrial network service interface system based on Handle mark |
Non-Patent Citations (2)
| Title |
|---|
| SUN,ETL AL: "Handle System Namespace and Service Definition", 《IETF RFC 3651》 * |
| 张青禾: "区块链中的身份识别和访问控制技术研究", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111082941A (en) * | 2019-11-22 | 2020-04-28 | 天翼物联科技有限公司 | Internet of things data sharing method and system based on block chain technology |
| CN111082941B (en) * | 2019-11-22 | 2022-12-20 | 天翼物联科技有限公司 | Internet of things data sharing method and system based on block chain technology |
| CN111209596A (en) * | 2020-04-21 | 2020-05-29 | 国网电子商务有限公司 | Block chain-based industrial internet identification analysis access control method |
| CN112256706A (en) * | 2020-11-19 | 2021-01-22 | 中国联合网络通信集团有限公司 | Method and device for determining handle reference state |
| CN112491855A (en) * | 2020-11-19 | 2021-03-12 | 中国联合网络通信集团有限公司 | Method and device for determining handle identifier analysis state |
| CN112256706B (en) * | 2020-11-19 | 2023-01-24 | 中国联合网络通信集团有限公司 | Method and device for determining handle reference state |
| CN112667929A (en) * | 2020-12-11 | 2021-04-16 | 北京中数创新科技股份有限公司 | Prefix and identification data secure pushing method and system based on Handle system |
| CN112667929B (en) * | 2020-12-11 | 2023-11-03 | 北京中数创新科技股份有限公司 | Prefix and identification data safe pushing method and system based on Handle system |
| CN112667930A (en) * | 2020-12-18 | 2021-04-16 | 北京中数创新科技股份有限公司 | Prefix convergence method and system based on Handle system |
| CN112948876A (en) * | 2021-02-26 | 2021-06-11 | 中国联合网络通信集团有限公司 | Tracing method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110247894B (en) | 2021-06-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110247894A (en) | The method and device of handle server is forged in a kind of identification | |
| CN110268677B (en) | Cross-chain interaction using domain name scheme in blockchain system | |
| CN111434085B (en) | Domain name management scheme for cross-chain interaction in blockchain systems | |
| CN108650262B (en) | Cloud platform expansion method and system based on micro-service architecture | |
| US7603474B2 (en) | Efficient endpoint matching using a header-to-bit conversion table | |
| Ren et al. | Potential identity resolution systems for the industrial Internet of Things: A survey | |
| CN102823195B (en) | The system and method for the FTP client FTP in the software test remote maintenance electric network that utilization is carried out by virtual machine | |
| CN102769529B (en) | Dnssec signing server | |
| US6665674B1 (en) | Framework for open directory operation extensibility | |
| CN104052616B (en) | The method and system that a kind of business in Internet data center is managed | |
| CN110839029B (en) | Micro-service registration method and device | |
| CN110730225A (en) | Data processing method of Internet of things based on block chain, Internet of things and storage medium | |
| US6111883A (en) | Repeater and network system utilizing the same | |
| CN100547516C (en) | Be used to need not to provide key authentication requestor's method and system | |
| US20080109870A1 (en) | Identities Correlation Infrastructure for Passive Network Monitoring | |
| CN109472572A (en) | Contract deployment and transaction based on the more subchains of block chain main chain adduction row | |
| US20050259620A1 (en) | Linkage information management system and message transfer control system | |
| CN1761263B (en) | System and method for avoiding a network address collision | |
| US6754212B1 (en) | Repeater and network system utililzing the same | |
| CN113225407B (en) | Equipment identification information management method and device, electronic equipment and storage medium | |
| JP4802105B2 (en) | Information network operating method and system for content publication | |
| CN103477603B (en) | Secure access is distributed in the method for the data in dangerous data network, system, registration center and thesaurus | |
| CN101325493B (en) | Method and system for authenticating a user | |
| CN111225030B (en) | Method and system for selecting micro-service based on trust evaluation strategy | |
| WO2023098824A1 (en) | Vehicle data management method and apparatus, and server and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |