CN110290111B - Operation authority management method and device, block chain node and storage medium - Google Patents
Operation authority management method and device, block chain node and storage medium Download PDFInfo
- Publication number
- CN110290111B CN110290111B CN201910459400.1A CN201910459400A CN110290111B CN 110290111 B CN110290111 B CN 110290111B CN 201910459400 A CN201910459400 A CN 201910459400A CN 110290111 B CN110290111 B CN 110290111B
- Authority
- CN
- China
- Prior art keywords
- block
- sequence
- operation behavior
- blocks
- legal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The disclosure provides an operation authority management method and device, a block chain node and a storage medium, and relates to the technical field of communication. The operation authority management method comprises the steps of determining a block for executing authority management; then, according to the intelligent contract stored in the determined block, determining whether the operation behavior of the authority management object on the block chain is legal or not; and finally, when the operation behavior of the right management object on the block chain is determined to be legal, allowing the right management object to execute the operation behavior on the block chain, so that the problem of leakage of an encryption password of data does not exist, meanwhile, malicious node attack is avoided, and the safety of the data is improved.
Description
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to an operation authority management method and apparatus, a block chain node, and a storage medium.
Background
At the level of application scenario, the blockchain may be divided into a public chain, a private chain, a federation chain, and so on. The public chain means that anyone can join in the consensus and can read and write in the consensus data; the consensus of the alliance chain is controlled by some preselected block chain nodes, and the block chain nodes have a mutual cooperation and mutual untrusty relationship; while private chain means that the write right is controlled by the initiator of the chain, with restricted readability. For the private chain and the alliance chain, if isolation control or legal verification is not performed on the operation behaviors of the block chain, the private chain and the alliance chain are usually easy to attack by a malicious node with little calculation power and difficult to track an attack source, and the data security is low.
In the prior art, modes such as network isolation, data encryption, communication encryption and the like are usually used to reduce the risk that a private chain and a federation chain are attacked by a malicious node with little computing power, however, once the private chain and the federation chain are disclosed due to incomplete network isolation or leakage of a password, the security of data in the private chain and the federation chain is still low.
Disclosure of Invention
In order to overcome the problems in the related art, the present disclosure provides an operation authority management method, an apparatus, a block chain node, and a storage medium.
According to a first aspect of the embodiments of the present disclosure, there is provided an operation authority management method applied to a blockchain node in a blockchain network, the method including:
determining a block for performing rights management;
determining whether the operation behavior of the authority management object on the block chain is legal or not according to the intelligent contract stored in the determined block;
when the operation behavior of the rights management object on the block chain is determined to be legal, allowing the rights management object to execute the operation behavior on the block chain.
According to a second aspect of the embodiments of the present disclosure, there is further provided an operation behavior authority management apparatus, applied to a blockchain node in a blockchain network, where the apparatus includes:
a block determination module configured to determine a block to perform rights management;
the legality determining module is configured to determine whether the operation behavior of the authority management object on the block chain is legal or not according to the intelligent contracts stored in the determined blocks;
and the operation behavior execution module is configured to allow the authority management object to execute the operation behavior on the block chain when the operation behavior of the authority management object on the block chain is determined to be legal.
According to a third aspect of the embodiments of the present disclosure, there is further provided a block link point, which is applied in a block chain network, and includes:
a processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to:
determining a block for performing authority management;
determining whether the operation behavior of the authority management object on the block chain is legal or not according to the intelligent contract stored in the determined block;
when the operation behavior of the authority management object on the block chain is determined to be legal, the authority management object is allowed to execute the operation behavior on the block chain.
According to a fourth aspect of embodiments of the present disclosure, there is provided a computer-readable storage medium having stored thereon computer program instructions which, when executed by a processor, implement the steps of the above-described method.
By the technical scheme, the operation authority management method provided by the disclosure is realized by determining a block for executing authority management; then, according to the intelligent contract stored in the determined block, determining whether the operation behavior of the authority management object on the block chain is legal or not; and finally, when the operation behavior of the right management object on the block chain is determined to be legal, allowing the right management object to execute the operation behavior on the block chain, so that the problem of leakage of an encryption password of data does not exist, meanwhile, malicious node attack is avoided, and the safety of the data is improved.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure and are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description serve to explain the disclosure without limiting the disclosure. In the drawings:
FIG. 1 is a schematic diagram of an implementation environment shown in accordance with an exemplary embodiment;
FIG. 2 is a flow diagram illustrating a method of operating rights management in accordance with an exemplary embodiment;
FIG. 3 is a detailed flow diagram illustrating a method of operating rights management in accordance with an exemplary embodiment;
FIG. 4 is a detailed flow diagram illustrating a method of operating rights management in accordance with an exemplary embodiment;
FIG. 5 is a flow diagram illustrating a method of operating rights management in accordance with an exemplary embodiment;
fig. 6 is a block diagram illustrating an operation right management apparatus according to another exemplary embodiment;
FIG. 7 is a detailed block diagram of the block determination module of FIG. 6;
FIG. 8 is a block diagram illustrating a block link point in accordance with an exemplary embodiment.
Detailed Description
The following detailed description of the embodiments of the disclosure refers to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the present disclosure, are given by way of illustration and explanation only, not limitation.
The block chain is a decentralized distributed database system which is jointly maintained by all nodes in a block chain network and consists of a series of data blocks generated based on a cryptography method, wherein each data block is one block in the block chain. The blocks are linked together in order according to the chronological order of the generation times, forming a chain of data, which is referred to visually as a chain of blocks. The blockchain has the security characteristics of being unchangeable, unforgeable and completely traceable due to the special blockchain and the transaction generation and verification protocol.
Description of related concepts involved in blockchain technology:
block chain node: the blockchain network is based on a P2P (Peer to Peer) network, and each P2P network node participating in transaction and block storage, authentication, and forwarding is a node in the blockchain network.
Block chain data writing: blockchain nodes implement writing data to blockchains by issuing "transactions" to the blockchain network. The transaction comprises the signature of the user on the transaction by using the private key of the user so as to prove the identity of the user. Transactions are recorded into the generated new block by a miner (a block chain link point performing a block chain consensus competition mechanism), then are issued to a block chain network, and are verified and accepted by other block chain link points, and then transaction data are written into the block chain.
Intelligent contract: from a technical point of view, intelligent contracts are considered as network servers, except that the servers are not bridged on the internet using IP addresses, but on blockchains, so that specific contract programs can be run thereon. Unlike a web server, however, a smart contract does not rely on a particular hardware device, and in fact, the code of the smart contract is executed by all devices participating in the computation.
The intelligent contracts are assembly language programmed on the blockchain, and the intelligent contracts are preset when the blockchain is created, for example, by using a special language like Solidity or Javascript. These bytecodes do provide guidance to the functionality of the blockchain so that the code can easily interact with it, such as transferring cryptographic currency and recording events.
The blockchain has the characteristics of:
decentralization: the whole block chain system has no centralized hardware or management mechanism, the rights and obligations between any nodes are equal, and the damage or loss of any node does not affect the operation of the whole system. The block chain can also be considered to have excellent robustness.
Distrust: the data exchange between each node participating in the whole blockchain system does not need to trust each other, the operation rule of the whole system is public and transparent, and all data contents are also public, so that other nodes cannot be spoofed or cannot be spoofed between the nodes within the rule range and the time range specified by the system.
Based on the blockchain technology, the embodiment of the present disclosure provides an operation authority management method, which may be applied to blockchain nodes in a blockchain network 101 as shown in fig. 1. As shown in fig. 2, the method includes:
s11: a block for performing rights management is determined.
Wherein the rights management includes the scope of rights management: for example, the validity of the newly created block, the validity of the transaction execution of the block, the validity of the content communicable by the node ID, and so on. Rights managed object: including, for example, whether the producer of the block is legitimate, whether both or more parties to the execution of the transaction are legitimate, whether the intelligent contract account is legitimate, and so forth. Authentication mode of authority management: for example, authentication at the time of P2P connection or communication, authentication at the time of creation of a block, authentication at the time of execution of a transaction, authentication at a custom contract. Hierarchy of rights management: e.g. rights rules, rights content.
For the blocks in the blockchain node, iterative update may occur at any time, and the content of the intelligent contract existing in the block may also be updated, so that the block in the current blockchain node in the latest state after iteration needs to be found as the block for performing the rights management.
S12: determining whether the operation behavior of the authority management object on the block chain is legal or not according to the intelligent contract stored in the determined block; if so, S13 is performed.
The intelligent contract can be written into the created block when the block chain is in an initial state, the address of the code of the intelligent contract can be specified only in the created block, the intelligent contract can be inquired through the address, and the intelligent contract can also be written into the configuration outside the block chain and is issued to all block chain link points participating in consensus.
The operation behavior of the rights management object on the block chain may be: for example, a miners newly create a block in the blockchain, newly add a blockchain node, modify the contents of the intelligent contracts stored in the blockchain node, and so on. The process of determining whether the operation behavior of the rights management object on the block chain is legal may be: for example, when the account number of the a miners is not included in the account numbers for generating new blocks agreed in the intelligent contract, and therefore, if the operation behavior on the block chain node is that the a miners generate a new block in the block chain, it is determined that the operation behavior is illegal. For another example, the ID information agreed to allow joining of the blockchain node in the intelligent contract includes ID information of the B blockchain node, and when the operation behavior for the blockchain is that the B blockchain node sends a joining request to the blockchain, it is determined that the operation behavior is legal.
S13: and allowing the permission management object to execute the operation action on the block chain.
The operation authority management method provided by the disclosure comprises the steps of determining a block for executing authority management; then, according to the intelligent contract stored in the determined block, determining whether the operation behavior of the authority management object on the block chain is legal or not; and finally, when the operation behavior of the right management object on the block chain is determined to be legal, allowing the right management object to execute the operation behavior on the block chain, so that the problem of leakage of an encryption password of data does not exist, meanwhile, malicious node attack is avoided, and the safety of the data is improved.
Optionally, the block link point comprises a first sequence of blocks comprising a founder block and a plurality of blocks in a different order after iteration by the founder block. The first block in a chain of blocks node that is constructed earliest is called a created block, and for subsequently created blocks each contains two ID numbers, one is the ID number of the block itself and the other is the ID number of the preceding block.
As shown in fig. 3, S11 includes:
s111: and judging whether a second block sequence containing a plurality of blocks sent by another blockchain node is received, if so, executing S112, and if not, executing S114.
S112: and inquiring the preamble block of the block iterated earliest in the second block sequence from the first block sequence according to the ID of the block iterated earliest in the second block sequence.
Wherein, in the first block sequence, the number of blocks of the post-preamble block iteration is smaller than the number of blocks in the second block sequence (normally, a block chain node receives only the second block sequence with the number of blocks larger than the number of blocks of the post-preamble block iteration).
S113: determining the preamble block as a block for performing rights management.
S12 specifically verifies whether the received second block sequence is legal according to the intelligent contract stored in the preamble block.
For example, the first block sequence includes an A1 block, an A2 block, an A3 block, an A4 block, and an A5 block according to the sequence of block creation, and the second block sequence includes a B1 block, a B2 block, and a B3 block according to the sequence of block creation, where the block that the second block sequence iterates earliest is the B1 block, the preamble block of the B1 block in the first block sequence is the A3 block, the number of blocks that iterate after the A3 block in the first block sequence is 2, and the number of blocks that iterate after A3 in the second block sequence is 3, so that the second block sequence is computationally strong, the state of the block that iterates latest in the second block sequence can be used as the current world view, but it is necessary to verify whether the second block sequence is legal, and therefore, it is necessary to verify whether the second block sequence is legal by using the A3 block as the block for performing authority management in advance (e.g., verify whether the ID of the B1 block is legal or not).
S114: and determining the block iterated at the latest in the first block sequence as the block for executing the authority management.
Optionally, as shown in fig. 4, the method further includes:
s14: and determining the block iterated latest in the second block sequence as the block for executing the authority management.
When the second block sequence is verified to be legal, the block iterated latest in the second block sequence may be determined as the block for performing the authority management, and then the operation returns to S12. The latest iterated block stores the latest updated intelligent contract, so that the requirement on the authority management at the current moment is better met.
The latest iterated block stores the most updated intelligent contract, so that the requirement on the authority management at the current moment is better met.
Optionally, as shown in fig. 5, the intelligent contract includes a right assignment rule and right content, and S12 includes:
and determining whether the operation behavior of the authority management object on the block chain is legal or not according to the authority endowing rule and the authority content.
It is assumed that the only object of the rights management is the producer of the block, i.e. the rights assignment rule is how to assign the computational rights of the account of a certain block producer. The initialized authority giving rule is 'ring label', and the initialized authority content is that the producer account of the B block is given calculation authority.
When the calculation authority needs to be given to the block a producer, the block producer accounts of the block a, the block B and the block C on the block chain are subjected to ring sign confirmation (that is, the block producer accounts of the block a, the block B and the block C all achieve consensus), and then the authority content is that the producer accounts of the block a and the block B are given the calculation authority.
When the authority endowing rule is 'voting', the initialized authority content is B with the calculation authority.
When the calculation authority is given to the block A, the block generator accounts A, B, C in the block chain are confirmed to be effective after voting (namely two of the block generator accounts of the block A, the block B and the block C achieve consensus), and the calculation authority is given to the block generator accounts of the block A and the block B.
Fig. 6 is a block diagram illustrating an operation authority management apparatus 600, according to an exemplary embodiment, applied to a blockchain node in a blockchain network, for implementing the above method embodiments. It should be noted that the basic principle and the technical effects of the operation right management device 600 provided by the embodiment of the present invention are the same as those of the above embodiment, and for the sake of brief description, no part of this embodiment is mentioned, and reference may be made to the corresponding contents in the above embodiment. As shown in fig. 6, the apparatus at least includes a block determination module 601, a validity determination module 602, and an operation behavior execution module 603.
The block determination module 601 is configured to determine a block for performing rights management.
The legitimacy determination module 602 is configured to determine whether the operation behavior of the rights management object on the block chain is legitimate according to the intelligent contracts stored in the determined blocks.
The operation behavior execution module 603 is configured to allow the rights management object to execute the operation behavior on the blockchain when the operation behavior of the rights management object on the blockchain is determined to be legal.
The present disclosure provides an operation right management apparatus 600, which determines a block for performing right management when executing the above function module; then, according to the intelligent contract stored in the determined block, determining whether the operation behavior of the authority management object on the block chain is legal or not; and finally, when the operation behavior of the right management object on the block chain is determined to be legal, allowing the right management object to execute the operation behavior on the block chain, so that the problem of leakage of an encryption password of data does not exist, meanwhile, malicious node attack is avoided, and the safety of the data is improved.
Optionally, as shown in fig. 7, as an embodiment, the blockchain node includes a first block sequence, where the first block sequence includes a created block and a plurality of blocks iterated by the created block and in different orders, and the block determining module 601 includes:
the query submodule 701 is configured to, when a second block sequence including a plurality of blocks and sent by another blockchain node is received, query a preamble block of an earliest iterated block in the second block sequence from the first block sequence according to an ID of the earliest iterated block in the second block sequence, where in the first block sequence, the number of blocks iterated after the preamble block is smaller than the number of blocks in the second block sequence.
A block determination submodule 702 configured to determine the preamble block as a block for performing rights management.
The validity determination module 602 is specifically configured to verify whether the received second sequence of blocks is valid according to the intelligent contracts stored in the preamble blocks.
Optionally, the block determining module 601 is further configured to determine a block iterated latest in the second block sequence as the block for performing rights management.
Optionally, the block link node includes a first block sequence including a created block and a plurality of blocks in different orders after being iterated by the created block, and the block determination module 601 is further configured to determine, when a second block sequence including the plurality of blocks sent by another block link node is not received, a block iterated latest in the first block sequence as the block for performing the right management.
Specifically, the intelligent contract comprises the authority endowing rule and the authority content,
the validity determination module 602 is configured to determine whether the operation behavior of the rights management object on the block chain is valid according to the rights assignment rule and the rights content.
With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.
Fig. 8 is a block diagram illustrating a block link point 800 according to an exemplary embodiment. For example, blockchain node 800 may be provided as a server. Referring to fig. 8, block link point 800 includes a processor 822, which may be one or more in number, and a memory 832 for storing computer programs executable by processor 822. The computer program stored in memory 832 may include one or more modules that each correspond to a set of instructions. Further, the processor 822 may be configured to execute the computer program to perform the above-described operation right management method. For example, the processor 822 may perform the determination of the blocks to perform rights management; determining whether the operation behavior of the authority management object on the block chain is legal or not according to the intelligent contract stored in the determined block; when the operation behavior of the authority management object on the block chain is determined to be legal, the authority management object is allowed to execute the operation behavior on the block chain.
Additionally, blockchain node 800 may also include a power component 826 and a communication component 850, the power component 826 may be configured to perform power management of blockchain node 800, and the communication component 850 may be configured to enable communication, e.g., wired or wireless communication, of blockchain node 800. In addition, the block link point 800 may also include an input/output (I/O) interface 858. Block chain node 800 may operate based on an operating system stored in memory 832, such as Windows Server, mac OS XTM, unixTM, linux, etc.
In another exemplary embodiment, there is also provided a computer readable storage medium including program instructions which, when executed by a processor, implement the steps of the operation right management method described above. For example, the computer readable storage medium may be the memory 832 including program instructions executable by the processor 822 of the block link point 800 to perform the operation right management method described above.
In another exemplary embodiment, a computer program product is also provided, which contains a computer program executable by a programmable apparatus, the computer program having code portions for performing the above-described method of operation rights management when executed by the programmable apparatus.
The preferred embodiments of the present disclosure are described in detail with reference to the accompanying drawings, however, the present disclosure is not limited to the specific details of the above embodiments, and various simple modifications may be made to the technical solution of the present disclosure within the technical idea of the present disclosure, and these simple modifications all belong to the protection scope of the present disclosure.
It should be noted that the various features described in the above embodiments may be combined in any suitable manner without departing from the scope of the invention.
In addition, any combination of various embodiments of the present disclosure may be made, and the same should be considered as the disclosure of the present disclosure as long as it does not depart from the gist of the present disclosure.
Claims (5)
1. An operation authority management method applied to a blockchain node in a blockchain network, the method comprising:
determining a block for performing rights management;
determining whether the operation behavior of the authority management object on the block chain is legal or not according to the intelligent contract stored in the determined block;
when the operation behavior of the authority management object on the block chain is determined to be legal, allowing the authority management object to execute the operation behavior on the block chain;
the block link point comprises a first block sequence comprising a founder block and a plurality of blocks in different orders after iteration by the founder block, and the determining the blocks for performing the authority management comprises:
when a second block sequence comprising a plurality of blocks and sent by another block chain node is received, inquiring a preamble block of the block iterated earliest in the second block sequence from the first block sequence according to the ID of the block iterated earliest in the second block sequence, wherein in the first block sequence, the number of blocks iterated after the preamble block is smaller than that in the second block sequence;
determining the preamble block as a block for performing rights management;
the determining whether the operation behavior of the rights management object on the block chain is legal includes:
verifying whether the received second block sequence is legal or not according to the intelligent contract stored in the preamble block;
after allowing the rights management object to perform the operation behavior on the blockchain when the operation behavior of the rights management object on the blockchain is determined to be legal, the method further comprises:
determining a block iterated at the latest in the second block sequence as the block for executing the authority management;
the intelligent contract comprises an authority endowing rule and authority content, and the step of determining whether the operation behavior of the authority management object on the block chain is legal or not according to the intelligent contract stored in the determined block comprises the following steps:
and determining whether the operation behavior of the authority management object on the block chain is legal or not according to the authority endowing rule and the authority content.
2. The method of claim 1, wherein the blockchain node comprises a first sequence of blocks, wherein the first sequence of blocks comprises a founder block and a plurality of blocks in a different order after iteration by the founder block, and wherein determining the blocks to perform rights management comprises:
when a second block sequence comprising a plurality of blocks sent by another block chain node is not received, determining a block iterated latest in the first block sequence as the block for executing the authority management.
3. An apparatus for operation behavior authority management, applied to a blockchain node in a blockchain network, the apparatus comprising:
a block determination module configured to determine a block to perform rights management;
a legality determining module configured to determine whether an operation behavior of the rights management object on the block chain is legal according to the intelligent contract stored in the determined block;
an operation behavior execution module configured to allow the rights management object to execute an operation behavior on a block chain when the operation behavior of the rights management object on the block chain is determined to be legal;
the block link point comprises a first sequence of blocks comprising a founder block and a plurality of blocks in a different order after iteration by the founder block, the block determination module comprising:
a query submodule configured to, when a second block sequence including a plurality of blocks and sent by another block chain node is received, query a preamble block of an earliest iterated block in the second block sequence from the first block sequence according to an ID of the earliest iterated block in the second block sequence, where in the first block sequence, the number of blocks iterated after the preamble block is smaller than the number of blocks in the second block sequence;
a block determination submodule configured to determine the preamble block as a block for performing rights management;
the validity determination module is specifically configured to verify whether the received second sequence of blocks is valid according to an intelligent contract stored in the preamble block;
the block determination module is further configured to determine a block in the second sequence of blocks that is iterated latest as the block for performing rights management;
the intelligent contract comprises a permission endowing rule and permission content, and the step of determining whether the operation behavior of the permission management object on the block chain is legal or not according to the intelligent contract stored in the determined block comprises the following steps:
and determining whether the operation behavior of the authority management object on the block chain is legal or not according to the authority endowing rule and the authority content.
4. A block link point for use in a block chain network, the block link point comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to:
determining a block for performing authority management;
determining whether the operation behavior of the authority management object on the block chain is legal or not according to the intelligent contract stored in the determined block;
when the operation behavior of the authority management object on the block chain is determined to be legal, allowing the authority management object to execute the operation behavior on the block chain;
the block link point comprises a first block sequence comprising a founder block and a plurality of blocks in different orders after iteration by the founder block, and the determining the blocks for performing the authority management comprises:
when a second block sequence comprising a plurality of blocks and sent by another block chain node is received, inquiring a preamble block of the block iterated earliest in the second block sequence from the first block sequence according to the ID of the block iterated earliest in the second block sequence, wherein in the first block sequence, the number of blocks iterated after the preamble block is smaller than that in the second block sequence;
determining the preamble block as a block for performing rights management;
the determining whether the operation behavior of the rights management object on the block chain is legal includes:
verifying whether the received second block sequence is legal or not according to the intelligent contract stored in the preamble block;
after allowing the rights management object to perform the operation behavior on the blockchain when the operation behavior of the rights management object on the blockchain is determined to be legal, the blockchain node further includes:
determining a block iterated latest in the second block sequence as the block for executing the authority management;
the intelligent contract comprises a permission endowing rule and permission content, and the step of determining whether the operation behavior of the permission management object on the block chain is legal or not according to the intelligent contract stored in the determined block comprises the following steps:
and determining whether the operation behavior of the authority management object on the block chain is legal or not according to the authority endowing rule and the authority content.
5. A computer-readable storage medium, on which computer program instructions are stored, which program instructions, when executed by a processor, carry out the steps of the method according to any one of claims 1 to 2.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910459400.1A CN110290111B (en) | 2019-05-29 | 2019-05-29 | Operation authority management method and device, block chain node and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910459400.1A CN110290111B (en) | 2019-05-29 | 2019-05-29 | Operation authority management method and device, block chain node and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110290111A CN110290111A (en) | 2019-09-27 |
| CN110290111B true CN110290111B (en) | 2022-11-04 |
Family
ID=68002966
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910459400.1A Active CN110290111B (en) | 2019-05-29 | 2019-05-29 | Operation authority management method and device, block chain node and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110290111B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110855777B (en) * | 2019-11-12 | 2022-09-13 | 腾讯科技(深圳)有限公司 | Node management method and device based on block chain |
| CN111291420B (en) * | 2020-01-21 | 2022-11-11 | 国家市场监督管理总局信息中心 | Distributed off-link data storage method based on block chain |
| CN111897795A (en) * | 2020-06-24 | 2020-11-06 | 苏宁金融科技(南京)有限公司 | Management method, device and system of alliance chain |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018119585A1 (en) * | 2016-12-26 | 2018-07-05 | 深圳前海达闼云端智能科技有限公司 | Permission control method, apparatus and system for block chain, and node device |
| WO2018137316A1 (en) * | 2017-01-24 | 2018-08-02 | 上海亿账通区块链科技有限公司 | Secure transaction method based on block chain, electronic device, system, and storage medium |
| CN108416226A (en) * | 2018-02-26 | 2018-08-17 | 深圳智乾区块链科技有限公司 | Right management method, device and the computer readable storage medium of block chain |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105488431B (en) * | 2015-11-30 | 2019-12-13 | 布比(北京)网络技术有限公司 | Block chain system authority management method and device |
| WO2018120121A1 (en) * | 2016-12-30 | 2018-07-05 | 深圳前海达闼云端智能科技有限公司 | Block chain permission control method, device, and node apparatus |
| US10452998B2 (en) * | 2017-03-19 | 2019-10-22 | International Business Machines Corporation | Cognitive blockchain automation and management |
| CN107332847B (en) * | 2017-07-05 | 2019-04-26 | 武汉凤链科技有限公司 | A kind of access control method and system based on block chain |
| CN107911373B (en) * | 2017-11-24 | 2019-09-06 | 中钞信用卡产业发展有限公司杭州区块链技术研究院 | A kind of block chain right management method and system |
| CN108846755A (en) * | 2018-06-22 | 2018-11-20 | 中链科技有限公司 | A kind of right management method and device based on intelligent contract |
-
2019
- 2019-05-29 CN CN201910459400.1A patent/CN110290111B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018119585A1 (en) * | 2016-12-26 | 2018-07-05 | 深圳前海达闼云端智能科技有限公司 | Permission control method, apparatus and system for block chain, and node device |
| WO2018137316A1 (en) * | 2017-01-24 | 2018-08-02 | 上海亿账通区块链科技有限公司 | Secure transaction method based on block chain, electronic device, system, and storage medium |
| CN108416226A (en) * | 2018-02-26 | 2018-08-17 | 深圳智乾区块链科技有限公司 | Right management method, device and the computer readable storage medium of block chain |
Non-Patent Citations (2)
| Title |
|---|
| Efficient and Secure Device Clustering for Networked Home Domains;Daeyoub Kim;Jihoon Lee;《IEEE Transactions on Consumer Electronics》;20190301;第65卷(第2期);224-232页 * |
| 物流用户隐私数据保护和访问权限管理研究;张克落;《中国优秀硕士学位论文全文数据库 信息科技辑》;20190515;I138-148页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110290111A (en) | 2019-09-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Javaid et al. | Blockpro: Blockchain based data provenance and integrity for secure iot environments | |
| CN111429254B (en) | Business data processing method and device and readable storage medium | |
| JP6217728B2 (en) | Vehicle system and authentication method | |
| Yavari et al. | An Improved Blockchain‐Based Authentication Protocol for IoT Network Management | |
| CN112311735B (en) | Credible authentication method, network equipment, system and storage medium | |
| CN109889498B (en) | Calculation verification method and system based on block chain | |
| EP3563553A1 (en) | Method for signing a new block in a decentralized blockchain consensus network | |
| Zhong et al. | Distributed blockchain‐based authentication and authorization protocol for smart grid | |
| CN110290111B (en) | Operation authority management method and device, block chain node and storage medium | |
| CN110601844B (en) | System and method for guaranteeing safety and authentication of Internet of things equipment by using block chain technology | |
| CN113940032A (en) | Method and apparatus for recording work history and certifying reputation in blockchain networks | |
| CN111222160B (en) | Intelligent contract execution method and system | |
| CN114503146A (en) | Method and apparatus for registration and authentication of miner identity in a blockchain network | |
| KR102151746B1 (en) | Data storage method using block chain based IoT platform | |
| CN112313908B (en) | Method and control system for controlling and/or monitoring a device | |
| CN113301022A (en) | Internet of things equipment identity security authentication method based on block chain and fog calculation | |
| CN115865418B (en) | Cross-domain access control method based on block chain and Bayesian fault-tolerant algorithm | |
| CN113328997A (en) | Alliance chain cross-chain system and method | |
| CN113261253A (en) | Method and system for controlling release of resources | |
| US11146961B2 (en) | Third party certificate management for native mobile apps and internet of things apps | |
| Riad et al. | A blockchain‐based key‐revocation access control for open banking | |
| CN116975901A (en) | Identity verification method, device, equipment, medium and product based on block chain | |
| Panwar et al. | A research on different type of possible attacks on blockchain: susceptibilities of the utmost secure technology | |
| Park et al. | Beyond the blockchain address: Zero-knowledge address abstraction | |
| US11991189B2 (en) | Intrusion detection for computer systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20210305 Address after: 201111 2nd floor, building 2, no.1508, Kunyang Road, Minhang District, Shanghai Applicant after: Dalu Robot Co.,Ltd. Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.) Applicant before: CLOUDMINDS (SHENZHEN) ROBOTICS SYSTEMS Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 201111 Building 8, No. 207, Zhongqing Road, Minhang District, Shanghai Applicant after: Dayu robot Co.,Ltd. Address before: 201111 2nd floor, building 2, no.1508, Kunyang Road, Minhang District, Shanghai Applicant before: Dalu Robot Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |