CN110493039A - Device management method and equipment management system based on block chain - Google Patents

Device management method and equipment management system based on block chain Download PDF

Info

Publication number
CN110493039A
CN110493039A CN201910713863.6A CN201910713863A CN110493039A CN 110493039 A CN110493039 A CN 110493039A CN 201910713863 A CN201910713863 A CN 201910713863A CN 110493039 A CN110493039 A CN 110493039A
Authority
CN
China
Prior art keywords
target device
block chain
equipment
public key
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910713863.6A
Other languages
Chinese (zh)
Other versions
CN110493039B (en
Inventor
唐小飞
申子熹
王强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201910713863.6A priority Critical patent/CN110493039B/en
Publication of CN110493039A publication Critical patent/CN110493039A/en
Application granted granted Critical
Publication of CN110493039B publication Critical patent/CN110493039B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/28Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

This application provides a kind of device management method and equipment management system based on block chain.Device management method includes: that equipment producer will be in the information public key write-in block chain network of itself, and to the key of the target device write-in affiliated group of target device, the information of target device and the key of affiliated group are signed to obtain the second data by the private key of itself and are written in block chain network;Target device is signed to obtain the first data and is written in block chain network according to the public key and information of the key pair itself of affiliated group;Public key of the equipment management side based on equipment producer verifies the second data, and the information of target device and the key of affiliated group are obtained after being verified, it is verified according to the first data of key pair of the affiliated group of target device, and the public key of target device is obtained after being verified, the information of target device and the public key of the target device are recorded, to be managed to target device.The application realizes the safety management to equipment.

Description

Device management method and equipment management system based on block chain
The application be submit on 08 06th, 2018, application No. is 201810884003.4, it is entitled " based on area The divisional application of device management method, device, medium and the electronic equipment of block chain ".
Technical field
This application involves computer and fields of communication technology, in particular to a kind of equipment management based on block chain Method and apparatus management system.
Background technique
In traditional internet of things equipment Managed Solution, internet of things equipment is only managed by simple identity, This mode be easy to cause the leakage of facility information, and then will affect the safety of entire Internet of things system.
It should be noted that information is only used for reinforcing the reason to the background of the application disclosed in above-mentioned background technology part Solution, therefore may include the information not constituted to the prior art known to persons of ordinary skill in the art.
Summary of the invention
Embodiments herein provides a kind of device management method and equipment management system based on block chain, Jin Erzhi It is few to overcome the problems, such as that equipment management safety is poor to a certain extent.
Other characteristics and advantages of the application will be apparent from by the following detailed description, or partially by the application Practice and acquistion.
According to the one aspect of the embodiment of the present application, a kind of device management method based on block chain is provided, comprising: set The public key of the information of equipment producer and the equipment producer is written in block chain network standby producer, and to the equipment The key of the affiliated group of the target device is written in the target device of producer production, passes through the private key pair of the equipment producer The key of the information of the target device and the affiliated group of the target device signed after the second data, will Second data are written in the block chain network;The target device obtains the key of affiliated group, according to the target The public key of target device described in the key pair of the affiliated group of equipment and the information of the target device are signed after obtaining signature The first data, will first data be written block chain network in;Equipment management side obtains institute from the block chain network The public key for stating the first data, second data and the equipment producer, the public key based on the equipment producer is to described Second data are verified, and obtain after being verified information and the affiliated group of the target device of the target device Key, the first data according to the key pair of the affiliated group of the target device are verified, and are obtained after being verified The public key of the target device records the information of the target device and the public key of the target device, to set to the target It is standby to be managed.
In some embodiments of the present application, aforementioned schemes are based on, the device management method based on block chain is also Include: the target device after first data are written in the block chain network, generates the first random number, according to The public key of the target device, the private key of the target device and the first generating random number authorization requests, by the authorization Request is written in the block chain network;The equipment management side obtains the authorization requests, base from the block chain network The authorization requests are verified in the public key of the target device, and based on the equipment management side after being verified Private key signed to the random number after third data, based on the third data generate be directed to the target The authorization message of equipment, and the authorization message is written in the block chain network, so that the target device is from the area The authorization message is obtained in block chain network.
In some embodiments of the present application, aforementioned schemes are based on, are set according to the public key of the target device, the target Standby private key and the first generating random number authorization requests, comprising: by the private key of the target device to described first with Machine number is signed, and generates the authorization requests based on the public key of data and the target device after signature;Or pass through institute The private key for stating target device signs to the public key of first random number and the target device, and based on the number after signature According to the generation authorization requests.
In some embodiments of the present application, aforementioned schemes are based on, the device management method based on block chain is also It include: that the target device obtains the authorization message that the equipment management side is sent, the authorization from the block chain network Include in information by the private key of the equipment management side to the second random number sign as a result, based on the equipment pipe The public key of reason side verifies the authorization message, and second random number is obtained after being verified, if described second Random number is identical as first random number, it is determined that the target device authorization success.
In some embodiments of the present application, aforementioned schemes are based on, also include to authorisation device in the authorization message Public key;The target device judges the public key of the target device with described wait award after getting the authorization message Whether the public key for weighing equipment is identical, if the public key of the target device is identical as the public key to authorisation device, is based on institute The public key for stating equipment management side verifies the authorization message.
In some embodiments of the present application, aforementioned schemes are based on, the equipment management side is also used to the equipment pipe The public key of reason side is written in the block chain network;The equipment producer is also used to get institute from the block chain network The public key of equipment management side is stated, and the public key of the equipment management side is written in the target device.
In some embodiments of the present application, aforementioned schemes are based on, the equipment producer is by the equipment producer Information be written before the block chain network, the information of the equipment producer is encrypted.
In some embodiments of the present application, aforementioned schemes are based on, the affiliated group of target device includes the target Production batch belonging to equipment.
According to the one aspect of the embodiment of the present application, a kind of equipment management system based on block chain is provided, comprising: set Standby producer, equipment management side and target device to be managed;Wherein, the equipment producer is used for the letter of equipment producer In the public key of breath and equipment producer write-in block chain network, and the target device write-in produced to the equipment producer The key of the affiliated group of target device, by the private key of the equipment producer to the information of the target device and described The key of the affiliated group of target device signed after the second data, the block is written into second data In chain network;The target device is used to obtain the key of affiliated group, according to the key pair of the affiliated group of the target device The information of the public key of the target device and the target device signed after the first data, by described first Data are written in block chain network;Equipment management side from the block chain network for obtaining first data, described the The public key of two data and the equipment producer, the public key based on the equipment producer verify second data, And the information of the target device and the key of the affiliated group of the target device are obtained after being verified, according to the target First data described in the key pair of the affiliated group of equipment are verified, and the public affairs of the target device are obtained after being verified Key records the information of the target device and the public key of the target device, to be managed to the target device.
In some embodiments of the present application, aforementioned schemes are based on, the target device is also used to count by described first After being written in the block chain network, the first random number is generated, according to the public key of the target device, the target device Private key and the first generating random number authorization requests, the authorization requests are written in the block chain network;It is described to set Standby manager is also used to obtain the authorization requests from the block chain network, and the public key based on the target device is to described Authorization requests are verified, and the private key based on the equipment management side after being verified sign to the random number Third data after to signature are generated the authorization message for being directed to the target device based on the third data, and awarded described It weighs information to be written in the block chain network, so that the target device obtains the authorization letter from the block chain network Breath.
In some embodiments of the present application, aforementioned schemes are based on, the target device is used to pass through the target device Private key sign to first random number, and based on the public key of data and the target device after signature generate described in Authorization requests;Or it is carried out for public key of the private key by the target device to first random number and the target device Signature, and the authorization requests are generated based on the data after signature.
In some embodiments of the present application, aforementioned schemes are based on, the target device is also used to from the block link network The authorization message that the equipment management side is sent is obtained in network, includes by the equipment management side in the authorization message Private key to the second random number sign as a result, the public key based on the equipment management side tests the authorization message Card, and second random number is obtained after being verified, if second random number is identical as first random number, really The fixed target device authorization success.
In some embodiments of the present application, aforementioned schemes are based on, also include to authorisation device in the authorization message Public key;The target device is also used to after getting the authorization message, judges public key and the institute of the target device State it is whether identical to the public key of authorisation device, if the public key of the target device is identical as the public key to authorisation device, Public key based on the equipment management side verifies the authorization message.
In some embodiments of the present application, aforementioned schemes are based on, the equipment management side is also used to the equipment pipe The public key of reason side is written in the block chain network;The equipment producer is also used to get institute from the block chain network The public key of equipment management side is stated, and the public key of the equipment management side is written in the target device.
In some embodiments of the present application, aforementioned schemes are based on, the equipment producer is also used to by the equipment The information of producer is written before the block chain network, and the information of the equipment producer is encrypted.
In the technical solution provided by some embodiments of the present application, target device passes through the group according to belonging to target device The public key of key pair target device and the information of target device of group are signed to obtain the first data, and are write first data into In block chain network, equipment management side is enabled to obtain first data from block chain network, and be based on first data Target device is managed, to pass through block chain network management equipment, and then effectively facility information can be avoided by illegal It distorts, ensure that the safety of facility information, realize the safety management to equipment.Equipment producer is by by equipment producer Information and equipment producer public key write-in block chain network in, and by the private key of equipment producer to the letter of target device Breath and the key of the affiliated group of target device are signed to obtain the second data, and block chain network then is written in second data In, enable equipment management side to obtain second data by block chain network, and be managed accordingly to target device, it is real Show the purpose being managed based on block chain network to target device, is conducive to the safety for improving equipment management.Equipment pipe Reason side from block chain network by obtaining the first data for passing through signature of target device write-in, the warp of equipment producer write-in The second data of signature and the public key of equipment producer are crossed, the second data are tested with the public key based on equipment producer Card, and verified based on the first data of key pair for verifying the obtained affiliated group of target device, and then record verifying and obtain Target device information and public key, make it possible to realize management to target device based on block chain network, be conducive to improve The safety of equipment management.
It should be understood that above general description and following detailed description be only it is exemplary and explanatory, not The application can be limited.
Detailed description of the invention
The drawings herein are incorporated into the specification and forms part of this specification, and shows the implementation for meeting the application Example, and together with specification it is used to explain the principle of the application.It should be evident that the accompanying drawings in the following description is only the application Some embodiments for those of ordinary skill in the art without creative efforts, can also basis These attached drawings obtain other attached drawings.In the accompanying drawings:
Fig. 1 is shown can be using device management method of the embodiment of the present application based on block chain or based on block chain The schematic diagram of the exemplary system architecture of equipment management device;
Fig. 2 shows the structural schematic diagrams of the computer system of the electronic equipment suitable for being used to realize the embodiment of the present application;
Fig. 3 diagrammatically illustrates the process of the device management method based on block chain of one embodiment according to the application Figure;
Fig. 4 diagrammatically illustrates the stream of the device management method based on block chain of another embodiment according to the application Cheng Tu;
Fig. 5 diagrammatically illustrates the stream of the device management method based on block chain of another embodiment according to the application Cheng Tu;
Fig. 6 diagrammatically illustrates the stream of the device management method based on block chain of another embodiment according to the application Cheng Tu;
Fig. 7 diagrammatically illustrates the stream of the device management method based on block chain of another embodiment according to the application Cheng Tu;
Fig. 8 diagrammatically illustrates the stream of the device management method based on block chain of another embodiment according to the application Cheng Tu;
Fig. 9 shows the application scenarios schematic diagram of the device management method of one embodiment according to the application;
Figure 10 shows the manufacturer, administrative center, edge calculations equipment and block of one embodiment according to the application Specific interactive process schematic diagram between chain network;
Figure 11 diagrammatically illustrates the flow chart of administrative center's calibration equipment information according to one embodiment of the application;
Figure 12 diagrammatically illustrates the frame of the equipment management device based on block chain of one embodiment according to the application Figure;
Figure 13 diagrammatically illustrates the equipment management device based on block chain of another embodiment according to the application Block diagram;
Figure 14 diagrammatically illustrates the equipment management device based on block chain of another embodiment according to the application Block diagram.
Specific embodiment
Example embodiment is described more fully with reference to the drawings.However, example embodiment can be with a variety of shapes Formula is implemented, and is not understood as limited to example set forth herein;On the contrary, thesing embodiments are provided so that the application will more Fully and completely, and by the design of example embodiment comprehensively it is communicated to those skilled in the art.
In addition, described feature, structure or characteristic can be incorporated in one or more implementations in any suitable manner In example.In the following description, many details are provided to provide and fully understand to embodiments herein.However, It will be appreciated by persons skilled in the art that the technical solution of the application can be practiced without one or more in specific detail, Or it can be using other methods, constituent element, device, step etc..In other cases, it is not shown in detail or describes known side Method, device, realization or operation to avoid fuzzy the application various aspects.
Block diagram shown in the drawings is only functional entity, not necessarily must be corresponding with physically separate entity. I.e., it is possible to realize these functional entitys using software form, or realized in one or more hardware modules or integrated circuit These functional entitys, or these functional entitys are realized in heterogeneous networks and/or processor device and/or microcontroller device.
Flow chart shown in the drawings is merely illustrative, it is not necessary to including all content and operation/step, It is not required to execute by described sequence.For example, some operation/steps can also decompose, and some operation/steps can close And or part merge, therefore the sequence actually executed is possible to change according to the actual situation.
Fig. 1 is shown can be using device management method of the embodiment of the present application based on block chain or based on block chain The schematic diagram of the exemplary system architecture 100 of equipment management device.
As shown in Figure 1, system architecture 100 may include the processing equipment of equipment producer (for ease of description, hereinafter referred to as Equipment producer) 101, target device 102 to be managed, equipment management side processing equipment (for ease of description, hereinafter referred to as setting Standby manager) 103 and block chain network 104.Wherein, equipment producer 101, target device 102 and equipment management side 103 are distinguished Access block chain network 104.
It should be understood that the number of equipment producer 101, target device 102 and equipment management side 103 shown in Fig. 1 is only It is only illustrative.According to needs are realized, any number of equipment producer 101, target device 102 and equipment pipe can have Reason side 103.
In one embodiment of the application, block chain network can be written in its information and public key by equipment management side 103 In 104;Equipment producer 101 its information and public key can be written in block chain network 104, and from block chain network 104 Obtain the public key of equipment management side 103.Meanwhile equipment producer 101 is by the public key of equipment management side 103 and target device 102 In public key and private key the write-in target device 102 of affiliated batch.Also, equipment producer 101 is by the private key of itself to this batch The public key and facility information of secondary device are signed, then will be in the data write-in block chain network 104 after signature.
Target device 102 can generate itself public key and private key when starting, then pass through batch belonging to target device 102 Private key signs to itself public key and facility information, and is sent and registered to block chain network 104 based on the data after signature Request.
Equipment management side 103 synchronizes corresponding data from block chain network 104, then the letter of verification object equipment 102 It whether correct ceases.Specifically, block is written to equipment producer 101 by the public key of equipment producer 101 in equipment management side 103 Data in chain network are verified, and the public key and facility information of this batch equipment are obtained after being verified.It is then based on this The data that target device 102 is written in block chain network in the public key of batch equipment are verified, and mesh is obtained after being verified The public key and facility information of marking device.And then equipment management side 103 records the public key and facility information of target device, completes equipment Registration process.
Target device 102 can generate a random number after each electrifying startup, then use the private key of target device 102 It signs to the random number, and based on the data and 102 public key of target device generation authorization requests after signature, it then will authorization In request write-in block chain network 104.Equipment management side 103 obtains the authorization requests from block chain network 104, and is based on mesh The public key of marking device 102 is verified, and the random number is obtained after being verified, and then pass through the private key of equipment management side 103 It signs to the random number, the public key for being then based on signature result and target device 102 generates authorization message, and authorization is believed In breath write-in block chain network 104.
Target device 102 can obtain the authorization message from block chain network 104, then according to equipment management side 103 Public key the signature result in authorization message is verified, if in the random number and authorization requests that are got after being verified Random number is identical, it is determined that the authorization of target device 102 passes through.
Fig. 2 shows the structural schematic diagrams of the computer system of the electronic equipment suitable for being used to realize the embodiment of the present application. Wherein, computer system shown in Fig. 2 can be adapted for equipment producer 101, target device 102 and equipment management side above-mentioned One or more of 103.
It should be noted that Fig. 2 shows the computer system 200 of electronic equipment be only an example, should not be to this Shen Please embodiment function and use scope bring any restrictions.
As shown in Fig. 2, computer system 200 includes central processing unit (Central Processing Unit, CPU) 201, it can be according to the program being stored in read-only memory (Read-Only Memory, ROM) 202 or from storage section 208 programs being loaded into random access storage device (Random Access Memory, RAM) 203 and execute various appropriate Movement and processing.In RAM 203, it is also stored with various programs and data needed for system operatio.CPU 201, ROM 202 with And RAM 203 is connected with each other by bus 204.Input/output (Input/Output, I/O) interface 205 is also connected to bus 204。
I/O interface 205 is connected to lower component: the importation 206 including keyboard, mouse etc.;It is penetrated including such as cathode Spool (Cathode Ray Tube, CRT), liquid crystal display (Liquid Crystal Display, LCD) etc. and loudspeaker Deng output par, c 207;Storage section 208 including hard disk etc.;And including such as LAN (Local Area Network, office Domain net) card, modem etc. network interface card communications portion 209.Communications portion 209 via such as internet network Execute communication process.Driver 210 is also connected to I/O interface 205 as needed.Detachable media 211, such as disk, CD, Magneto-optic disk, semiconductor memory etc. are mounted on as needed on driver 210, in order to from the computer journey read thereon Sequence is mounted into storage section 208 as needed.
Particularly, according to an embodiment of the present application, it may be implemented as computer below with reference to the process of flow chart description Software program.For example, embodiments herein includes a kind of computer program product comprising be carried on computer-readable medium On computer program, which includes the program code for method shown in execution flow chart.In such reality It applies in example, which can be downloaded and installed from network by communications portion 209, and/or from detachable media 211 are mounted.When the computer program is executed by central processing unit (CPU) 201, executes and limited in the system of the application Various functions.
It should be noted that computer-readable medium shown in the embodiment of the present application can be computer-readable signal media Or computer readable storage medium either the two any combination.Computer readable storage medium for example can be with System, device or the device of --- but being not limited to --- electricity, magnetic, optical, electromagnetic, infrared ray or semiconductor, or it is any more than Combination.The more specific example of computer readable storage medium can include but is not limited to: have one or more conducting wires Electrical connection, portable computer diskette, hard disk, random access storage device (RAM), read-only memory (ROM), erasable type are programmable Read-only memory (Erasable Programmable Read Only Memory, EPROM), flash memory, optical fiber, Portable, compact Disk read-only memory (Compact Disc Read-Only Memory, CD-ROM), light storage device, magnetic memory device or The above-mentioned any appropriate combination of person.In this application, computer readable storage medium can be it is any include or storage program Tangible medium, which can be commanded execution system, device or device use or in connection.And in this Shen Please in, computer-readable signal media may include in a base band or as carrier wave a part propagate data-signal, In carry computer-readable program code.The data-signal of this propagation can take various forms, including but not limited to Electromagnetic signal, optical signal or above-mentioned any appropriate combination.Computer-readable signal media can also be computer-readable Any computer-readable medium other than storage medium, the computer-readable medium can send, propagate or transmit for by Instruction execution system, device or device use or program in connection.The journey for including on computer-readable medium Sequence code can transmit with any suitable medium, including but not limited to: wireless, wired etc. or above-mentioned is any appropriate Combination.
Flow chart and block diagram in attached drawing are illustrated according to the system of the various embodiments of the application, method and computer journey The architecture, function and operation in the cards of sequence product.In this regard, each box in flowchart or block diagram can generation A part of one module, program segment or code of table, a part of above-mentioned module, program segment or code include one or more Executable instruction for implementing the specified logical function.It should also be noted that in some implementations as replacements, institute in box The function of mark can also occur in a different order than that indicated in the drawings.For example, two boxes succeedingly indicated are practical On can be basically executed in parallel, they can also be executed in the opposite order sometimes, and this depends on the function involved.Also it wants It is noted that the combination of each box in block diagram or flow chart and the box in block diagram or flow chart, can use and execute rule The dedicated hardware based systems of fixed functions or operations is realized, or can use the group of specialized hardware and computer instruction It closes to realize.
Being described in unit involved in the embodiment of the present application can be realized by way of software, can also be by hard The mode of part realizes that described unit also can be set in the processor.Wherein, the title of these units is in certain situation Under do not constitute restriction to the unit itself.
As on the other hand, present invention also provides a kind of computer-readable medium, which be can be Included in electronic equipment described in above-described embodiment;It is also possible to individualism, and without in the supplying electronic equipment. Above-mentioned computer-readable medium carries one or more program, when the electronics is set by one for said one or multiple programs When standby execution, so that method described in electronic equipment realization as the following examples.For example, the electronic equipment can be real Each step now as shown in Figures 3 to 8.
Individually below from the angle of target device to be managed, equipment producer and equipment management side, the application is implemented The realization details of the technical solution of example is described in detail.
It is illustrated from the angle of target device to be managed:
Fig. 3 diagrammatically illustrates the process of the device management method based on block chain of one embodiment according to the application Figure, the device management method are suitable for electronic equipment described in previous embodiment, specifically, the execution of the device management method Main body can be target device to be managed.
Referring to shown in Fig. 3, which includes at least step S310 to step S330, is described in detail as follows:
In step s310, the key of the affiliated group of target device is obtained.
In one embodiment of the application, belonging to the target device of available equipment production mode reform target device write-in The key of group.Wherein, the key of the affiliated group of target device can be symmetric key, can also be with unsymmetrical key.If target The key of the affiliated group of equipment is unsymmetrical key, then needs to get the public key and private key of the affiliated group of target device.
In one embodiment of the application, the affiliated group of target device can be production batch belonging to target device, For example equipment producer can generate corresponding key according to the equipment that the production batch of equipment is each batch.
In step s 320, the public key of the target device according to the key pair of the affiliated group of the target device and described The information of target device is signed, the first data after being signed.
It, can root if the key of the affiliated group of target device is unsymmetrical key in one embodiment of the application It signs according to the private key of the affiliated group of target device to the public key of target device and the information of target device.Wherein, target is set Standby information may include the mark of target device, such as device id.
In step S330, first data are written in block chain network, so that equipment management side is from the block First data are obtained in chain network, and the target device is managed based on first data.
In the technical solution of embodiment shown in Fig. 3, be written in block chain network by the first data after signing, with First data are obtained from block chain network for equipment management side, and target device is managed based on first data, Make it possible to be managed equipment by block chain network, and then effectively facility information can be avoided illegally to be distorted, The safety that ensure that facility information realizes the safety management to equipment.
Technical solution based on embodiment illustrated in fig. 3, as shown in figure 4, according to another embodiment of the application based on The device management method of block chain, including step S410 are described in detail as follows to step S430:
In step S410, after above-mentioned first data are written in block chain network, the first random number is generated.
In this embodiment, it in the first data write-in block chain network that target device obtains after by above-mentioned signature Afterwards, a random number can be generated, at random to initiate authorization requests based on the random number.
In the step s 420, at random according to the public key of the target device, the private key of the target device and described first Number generates authorization requests.
In one embodiment of the application, it can be signed by the private key of target device to the first random number, and Public key based on data and target device after signature generates the authorization requests.I.e. in this embodiment, due to target device Public key be disclosed, therefore sign in signature without the public key to the target device.
It, can be by the private key of target device to the first random number and target device in another embodiment of the application Public key sign, and generate the authorization requests based on the data after signature.It i.e. in this embodiment, not only can be to One random number is signed, and can be signed to the public key of target device.
In step S430, the authorization requests are written in the block chain network, for the equipment management side from It is obtained in the block chain network and responds the authorization requests.
The technical solution of embodiment illustrated in fig. 4 makes it possible to authorization requests be written in block chain network, to be based on block Chain network realizes the safety management to equipment.
The technical solution of embodiment based on shown in Fig. 4, as shown in figure 5, according to another embodiment of the application based on The device management method of block chain, including step S510 are described in detail as follows to step S530:
In step S510, after the authorization requests are written in the block chain network, from the block link network The authorization message that the equipment management side is sent is obtained in network, includes by the equipment management side in the authorization message The result that private key signs to the second random number.
In one embodiment of the application, receiving equipment to be managed, (equipment to be managed may for equipment management side Target device) send authorization requests after, authorization requests can be verified by the public key of equipment to be managed, verified The random number that can be obtained in authorization requests after (if the authorization requests received are that target device is sent, authorizes Random number in request is the first random number above-mentioned), and signed by the private key of equipment management side, to generate authorization Information.
In step S520, the public key based on the equipment management side verifies the authorization message, and is verifying Second random number is obtained by rear.
In one embodiment of the application, target device can be written in the public key of equipment management side by equipment producer In, and then target device can verify authorization message based on the public key of the equipment management side of equipment producer write-in.This Outside, target device can also get the public key of equipment management side from block chain network.
In step S530, if second random number is identical as first random number, it is determined that the target device It authorizes successfully.
In embodiments herein, since equipment management side may send authorization letter for multiple equipment to be managed Breath, and the random number for including in the authorization message sent for distinct device is different, and random in authorization message Number is identical as the random number in authorization requests, therefore target device can be got according to the first random number and from authorization message The second random number determine whether to obtain the authorization of equipment management side.
It can also include to authorisation device in one embodiment of the application, in the authorization message in previous embodiment Public key, then can also judge target device before the public key based on equipment management side verifies authorization message Whether the public key to authorisation device for including in public key and authorization message is identical, and sets in the public key of target device with wait authorize Public key when standby public key is identical, then based on equipment management side verifies authorization message, and then can guarantee according to authorization The public key to authorisation device for including in information directly determines whether the authorization message is the authorization message for being directed to target device.
It is illustrated from the angle of equipment producer:
Fig. 6 diagrammatically illustrates the stream of the device management method based on block chain of another embodiment according to the application Cheng Tu, the executing subject of the device management method can be the processing equipment of equipment producer.
Referring to shown in Fig. 6, which includes at least step S610 to step S630, is described in detail as follows:
In step S610, block chain network is written into the public key of the information of equipment producer and the equipment producer In, and the key of the affiliated group of the target device is written to the target device that the equipment producer produces.
In one embodiment of the application, the affiliated group of target device can be production batch belonging to target device, For example equipment producer can generate corresponding key according to the equipment that the production batch of equipment is each batch.Wherein, target The key of the affiliated group of equipment can be symmetric key, can also be with unsymmetrical key.
In one embodiment of the application, in order to guarantee the information security of equipment producer, it can be produced by equipment Before in the information write-in block chain network of side, the information of equipment producer is encrypted.
In one embodiment of the application, equipment producer can also get equipment management side from block chain network Public key, and will the public key of equipment management side be written target device in.
In step S620, the information of the target device and the target are set by the private key of the equipment producer The key of standby affiliated group is signed, the second data after being signed.
In step S630, second data are written in the block chain network, for the equipment management side from Second data are obtained in the block chain network, and the target device is managed based on second data.
In the technical solution of embodiment shown in Fig. 6, by by the public key of the information of equipment producer and equipment producer It is written in block chain network, and by the private key of equipment producer to the close of the affiliated group of information and target device of target device Key is signed to obtain the second data, and then second data are written in block chain network, equipment management side is led to It crosses block chain network and obtains second data, and target device is managed accordingly, realize based on block chain network to mesh The purpose that marking device is managed is conducive to the safety for improving equipment management.
It is illustrated from the angle of equipment management side:
Fig. 7 diagrammatically illustrates the stream of the device management method based on block chain of another embodiment according to the application The executing subject of Cheng Tu, the device management method can be the processing equipment of equipment management side.
Referring to shown in Fig. 7, which includes at least step S710 to step S740, is described in detail as follows:
In step S710, the first data by signature, the equipment of target device write-in are obtained from block chain network The public key by the second data and equipment producer signed of producer write-in.
In one embodiment of the application, as shown in figure 3, the first data can be according to the affiliated group of target device What the public key of key pair target device and the information of target device were signed;As shown in fig. 6, the second data can be it is logical Cross what the private key of equipment producer signed to the key of the affiliated group of information and target device of target device.
In one embodiment of the application, the affiliated group of target device can be production batch belonging to target device, For example equipment producer can generate corresponding key according to the equipment that the production batch of equipment is each batch.
In step S720, the public key based on the equipment producer verifies second data, and is verifying Pass through the key of the rear information for obtaining the target device and the affiliated group of the target device.
In one embodiment of the application, the key of the affiliated group of target device can be symmetric key, can also be non- Symmetric key.
In step S730, the first data according to the key pair of the affiliated group of the target device are verified, and The public key of the target device is obtained after being verified.
It, can root if the key of the affiliated group of target device is unsymmetrical key in one embodiment of the application The first data are verified according to the public key of the affiliated group of target device.
In step S740, the information of the target device and the public key of the target device are recorded, to the target Equipment is managed.
In the technical solution of embodiment shown in Fig. 7, by the process for obtaining target device write-in from block chain network The first data, the second data for passing through signature of equipment producer write-in and the public key of equipment producer of signature, to be based on The public key of equipment producer verifies the second data, and the key pair the of the affiliated group of target device obtained based on verifying One data are verified, and then record the information and public key of the target device that verifying obtains, are made it possible to based on block chain network It realizes the management to target device, is conducive to the safety for improving equipment management.
Technical solution based on embodiment illustrated in fig. 7, as shown in figure 8, according to another embodiment of the application based on The device management method of block chain, including step S810 are described in detail as follows to step S830:
Step S810, after the public key of the information and the target device that record the target device, from the block The authorization requests that the target device is sent are obtained in chain network, include the private through the target device in the authorization requests The random number of key signature.
Step S820, the public key based on the target device verify the authorization requests, and after being verified Private key based on equipment management side signs to the random number, the third data after being signed.
Step S830 generates the authorization message for being directed to the target device based on the third data, and by the authorization Information is written in the block chain network, so that the target device obtains the authorization message from the block chain network.
In one embodiment of the application, equipment management side is after authorization message is written in block chain network, mesh Marking device can obtain authorization message based on the technical solution of embodiment illustrated in fig. 5, and determine whether to award based on authorization message It weighs successfully.
It should be noted that public key above-mentioned is either public key itself, is also possible to the corresponding address of public key.
Above respectively from the angle of target device to be managed, equipment producer and equipment management side to the embodiment of the present application Technical solution elaborated, below by the reality from the angle of three's interaction to the technical solution of the embodiment of the present application Existing details is described in detail:
In the concrete application scene of the application, target device can be the edge calculations equipment in Internet of Things, such as With the generation of (Secure Element, the safety element) safety zone SE and key storage function, have access to block chain network Equipment and the equipment that can handle block data with CPU such as support that SGX (protect by Software Guard Extensions, software Shield extension) preposition PC machine, support TEE (Trusted execution environment, credible performing environment) ARM (Advanced RISC Machines, Advanced Reduced Instruction Set processor) chip, the M2M (Machine-to- with SE Machine, Machine To Machine) equipment etc..Equipment management side can be administrative center, and equipment producer can be manufacturer.
Specifically as shown in figure 9, manufacturer's information and this batch are written into block chain network by step S901 by manufacturer Edge device information, and by step S902 to edge calculations equipment be written data (such as can under offline environment to The initial information of edge calculations equipment and the public key information of administrative center is written in edge calculations equipment), to initialize edge calculations Equipment.Registration request and authorization requests is written to block chain network by step S903 in edge calculations equipment, and passes through step S904 obtains the authorization message of administrative center's publication from block chain network.Administrative center passes through step S905 to block chain network The information of middle write-in administrative center and publication are to the authorization message of edge calculations equipment, and by step S906 from block link network The authorization requests that edge calculations equipment is sent are obtained in network.
Below in conjunction with Figure 10, to the specific interaction between manufacturer, administrative center, edge calculations equipment and block chain network Process is described in detail, and specifically comprises the following steps that S1001 to step S1011, is illustrated in detailed below:
In step S1001, administrative center block chain network Register Authority data, i.e., by the number of administrative center According in write-in block chain network.
In one embodiment of the application, administrative center is as shown in table 1 in the data that block chain network is registered, and can wrap Include administrative center address and administrative center's information.Wherein, administrative center address is the public key address of administrative center.In the application Other embodiments in, directly the public key of administrative center can also be registered in block chain network.
Administrative center address Administrative center's information
Table 1
In step S1002, manufacturer the data of manufacturer is written in the data of block chain network registration manufacturer In block chain network.
In one embodiment of the application, manufacturer is as shown in table 2 in the data that block chain network is registered, and may include Manufacturer address and manufacturer's information.Wherein, manufacturer address is the public key address of manufacturer.In other implementations of the application In example, directly the public key of manufacturer can also be registered in block chain network.
Manufacturer address Manufacturer's information
Table 2
It, can be by manufacturer's information in order to avoid manufacturer's information is compromised in one embodiment of the application It is written before block chain network, manufacturer's information is encrypted.
In the step s 1003, key is written to edge calculations equipment produced in the environment of offline secure in manufacturer Data.
In one embodiment of the application, the key data that manufacturer is written to edge calculations equipment is as shown in table 3, packet Include the public key of this batch public key, this batch private key and administrative center.
This batch public key This batch private key Administrative center's public key
Table 3
In step S1004, the information of this batch edge calculations equipment is written to block chain network batch by manufacturer.
In one embodiment of the application, this batch edge calculations equipment of the manufacturer to block chain network batch write-in Information it is as shown in table 4, comprising: this batch address (being directed toward this batch public key in the address), facility information (such as device id) and label Name result.The signature result can be through the corresponding private key in manufacturer address (i.e. the public key of manufacturer) to this batch address (public key) and facility information (ID) carry out the result after signature operation.
This batch address (public key) Facility information (ID) Signature result
Table 4
In step S1005, edge calculations equipment initial start-up, the public key address of raw capital equipment and private key in equipment, Wherein private key can not export.
In step S1006, edge calculations equipment exports the public key address of this equipment and facility information and block chain is written In network, to be registered in block chain network.
In one embodiment of the application, the information that edge calculations equipment is written in block chain network is as shown in table 5, packet Include following content:
Registration request This equipment public key address Facility information (ID) Signature result 1
Table 5
As shown in table 5, the public key address of this equipment is the public key address of this equipment generated when equipment starting.Signature knot Fruit 1 is to carry out the result after signature operation to this equipment public key address and facility information using this batch private key.
In step S1007, simultaneously whether calibration equipment information is correct for the synchronous block chain data of administrative center.
In one embodiment of the application, whether correct administrative center's calibration equipment information process be as shown in figure 11, Include:
Step S1101 verifies this batch equipment information.
In one embodiment of the application, administrative center is by manufacturer address (public key) to (this batch address in plain text (public key), facility information (ID)) and table 4 shown in signature result verified, as pass through if this batch public key, facility information (ID) it is true, and carries out in next step.
Step S1102 verifies edge calculations facility information.
In one embodiment of the application, administrative center is obtained in back by facility information (ID) and is verified This batch address (public key), then by this batch address (public key) to (" this device address (public key) " of registration and setting in plain text It for signature result 1 shown in information (ID)) and table 5 and is verified, equipment succeeds in registration certainly if passing through, this device address (public key) effectively, and carries out in next step.
Step S1103, recording equipment information.
With continued reference to shown in Figure 10, in step S1008, initialization back edge all needs after calculating each electrifying startup of equipment Authorizing could use, and edge calculations equipment is generated random number and signed using own private key, according to random number and signature result Authorization requests are sent to block network.
In one embodiment of the application, the information that the authorization requests that edge calculations equipment is sent include is as shown in table 6, Including following content:
Authorization requests This equipment public key address The random number of request Signature result 2
Table 6
As shown in table 6, signature result 2 is the knot carried out using the private key of this equipment to the random number of request after signature operation Fruit.
In step S1009, the synchronous block chain data of administrative center, and get from synchronous block chain data wait award The authorization requests that the edge calculations equipment of power is sent.
In step S1010, public key of the administrative center based on edge calculations equipment tests the authorization requests received Card, signs to the random number in authorization requests using the private key of administrative center after being verified, and is then based on signature knot Authorization message is written into block chain network in fruit.
In one embodiment of the application, the information that authorization message includes is as shown in table 7, including following content:
Authorization message It is authorized to equipment public key address Signature result
Table 7
Signature result shown in table 7 is mainly to be done using the private key of administrative center to the random number in authorization requests Signature result.
In step S1011, the synchronous block chain data of edge calculations equipment, and the extract management center from block chain data Authorization result is tested.
In one embodiment of the application, edge calculations equipment first checks for the authorized equipment for including in authorization message Whether public key address is this device address, and in this way then by signature result shown in administrative center's public key verifications table 7, verifying is logical Later the random number in authorization message is obtained, if in the authorization requests that the random number and edge calculations equipment in authorization message are sent Random number it is identical, then confirm edge calculations device authorization success.
In one embodiment of the application, after the success of edge calculations device authorization, corresponding business can be executed Process is such as added and serves as internet of things equipment into Internet of Things.
In the technical solution of the above embodiments of the present application, information, registration process of the edge calculations equipment in production link And licensing process combines block chain network, it is ensured that the trackability of facility information.Since different manufacturers is in block There is respective address (not including sensitive information) in chain network, while being encrypted by the information to manufacturer, it can be ensured that Different manufacturers can not mutually be understood by block chain network, and the information for avoiding manufacturer is compromised.Meanwhile manufacturer The process of edge calculations equipment is produced also in relation with block chain network, so that the information of each edge calculations equipment of production can It is registered in block chain network, it is ensured that the information of edge calculations equipment carries out reliable delivery by block chain network, and each Edge calculations equipment all corresponds to an address in block chain network, can not forge.Again, due to each edge calculations equipment By avoiding and the problem of Single Point of Faliure occur in network insertion block chain.
In addition, (such as the equipment owner believes the various sensitive informations of edge calculations equipment in above-described embodiment of the application Breath etc.) it can be hidden by way of encryption, it ensure that the safety of sensitive data.And edge calculations equipment, management The interactive process of center and manufacturer and block chain network, which passes through signature, ensures the integrality and reliability of data, improves and sets The safety of standby management.
The Installation practice of the application introduced below, can be used for executing in the above embodiments of the present application based on block chain Device management method.For undisclosed details in the application Installation practice, it is above-mentioned based on block to please refer to the application The embodiment of the device management method of chain.
Figure 12 diagrammatically illustrates the frame of the equipment management device based on block chain of one embodiment according to the application Figure, the equipment management device can be set in target device to be managed.
Referring to Fig.1 shown in 2, according to the equipment management device 120 based on block chain of one embodiment of the application, packet It includes: first acquisition unit 1201, the first signature unit 1202 and the first writing unit 1203.
Wherein, first acquisition unit 1201 is used to obtain the key of the affiliated group of target device;First signature unit 1202 For the target device according to the key pair of the affiliated group of the target device public key and the target device information into Row signature, the first data after being signed;First writing unit 1203 is used to first data block chain network is written In, so that equipment management side obtains first data from the block chain network, and based on first data to described Target device is managed.
In one embodiment of the application, the equipment management device 120 shown in Figure 12 based on block chain can also be wrapped It includes: the first generation unit and the second generation unit.Wherein, the first generation unit is for generating the first random number;Second generates list Member is for generating authorization requests according to the public key of the target device, the private key of the target device and first random number; First writing unit 1203 is also used to the authorization requests be written in the block chain network, for the equipment management Side obtains from the block chain network and responds the authorization requests.
In one embodiment of the application, the second generation unit is used for: by the private key of the target device to described First random number is signed, and generates the authorization requests based on the public key of data and the target device after signature;Or It is signed by the private key of the target device to the public key of first random number and the target device, and based on signature Data afterwards generate the authorization requests.
In one embodiment of the application, the first acquisition unit 1201 is also used to: from the block chain network The authorization message that the equipment management side is sent is obtained, includes the private key by the equipment management side in the authorization message To the second random number sign as a result, the public key based on the equipment management side verifies the authorization message, and Second random number is obtained after being verified;Equipment management device 120 shown in Figure 12 can also comprise determining that unit, For when second random number is identical as first random number, determining the target device authorization success.
It also include the public key to authorisation device in one embodiment of the application, in the authorization message;Figure 12 institute The equipment management device 120 shown can also include: judging unit, for judging the public key of the target device with described wait authorize Whether the public key of equipment is identical;The first acquisition unit 1201 is configured that in the public key of the target device with described wait award When the public key of power equipment is identical, the public key based on the equipment management side verifies the authorization message.
In one embodiment of the application, the first acquisition unit 1201, which is configured that, obtains equipment production mode reform institute State the key of target device write-in.
Figure 13 diagrammatically illustrates the equipment management device based on block chain of another embodiment according to the application Block diagram, the equipment management device can be set in the processing equipment of equipment producer.
Referring to Fig.1 shown in 3, according to the equipment management device 130 based on block chain of another embodiment of the application, packet It includes: the second writing unit 1301, the second signature unit 1302 and third writing unit 1303.
Wherein, the second writing unit 1301 is used to be written the public key of the information of equipment producer and the equipment producer In block chain network, and the key of the affiliated group of the target device is written to the target device that the equipment producer produces; Second signature unit 1302 is for setting the information of the target device and the target by the private key of the equipment producer The key of standby affiliated group is signed, the second data after being signed;Third writing unit 1303 is used for described second Data are written in the block chain network, so that the equipment management side obtains second number from the block chain network According to, and the target device is managed based on second data.
In one embodiment of the application, second writing unit 1301 is also used to: by the letter of equipment producer Before in the public key of breath and equipment producer write-in block chain network, the information of the equipment producer is encrypted.
Figure 14 diagrammatically illustrates the equipment management device based on block chain of another embodiment according to the application Block diagram, the equipment management device can be set in the processing equipment of equipment management side.
Referring to Fig.1 shown in 4, according to the equipment management device 140 based on block chain of another embodiment of the application, packet It includes: second acquisition unit 1401, the first authentication unit 1402, the second authentication unit 1403 and recording unit 1404.
Wherein, second acquisition unit 1401 for obtained from block chain network target device write-in by the of signature The public key of one data, the second data for passing through signature of equipment producer write-in and the equipment producer;First verifying is single Member 1402 verifies second data for the public key based on the equipment producer, and institute is obtained after being verified State the information of target device and the key of the affiliated group of the target device;Second authentication unit 1403 is used for according to the target First data described in the key pair of the affiliated group of equipment are verified, and the public affairs of the target device are obtained after being verified Key;Recording unit 1404 is used to record the information of the target device and the public key of the target device, to set to the target It is standby to be managed.
In one embodiment of the application, the equipment management device 140 shown in Figure 14 based on block chain can also be wrapped It includes: third authentication unit, third generation unit and the 4th writing unit;The second acquisition unit 1401 is also used to from the area The authorization requests that the target device is sent are obtained in block chain network, include through the target device in the authorization requests The random number of private key signature;The third authentication unit carries out the authorization requests for the public key based on the target device Verifying, and the private key after being verified based on equipment management side signs to the random number, the third after being signed Data;The third generation unit is used to generate the authorization message for being directed to the target device based on the third data;It is described 4th writing unit is used to the authorization message be written in the block chain network, so that the target device is from the block The authorization message is obtained in chain network.
It should be noted that although being referred to several modules or list for acting the equipment executed in the above detailed description Member, but this division is not enforceable.In fact, according to presently filed embodiment, it is above-described two or more Module or the feature and function of unit can embody in a module or unit.Conversely, an above-described mould The feature and function of block or unit can be to be embodied by multiple modules or unit with further division.
Through the above description of the embodiments, those skilled in the art is it can be readily appreciated that example described herein is implemented Mode can also be realized by software realization in such a way that software is in conjunction with necessary hardware.Therefore, according to the application The technical solution of embodiment can be embodied in the form of software products, which can store non-volatile at one Property storage medium (can be CD-ROM, USB flash disk, mobile hard disk etc.) in or network on, including some instructions are so that a calculating Equipment (can be personal computer, server, touch control terminal or network equipment etc.) is executed according to the application embodiment Method.
Those skilled in the art after considering the specification and implementing the invention disclosed here, will readily occur to its of the application Its embodiment.This application is intended to cover any variations, uses, or adaptations of the application, these modifications, purposes or Person's adaptive change follows the general principle of the application and including the undocumented common knowledge in the art of the application Or conventional techniques.The description and examples are only to be considered as illustrative, and the true scope and spirit of the application are by following Claim is pointed out.
It should be understood that the application is not limited to the precise structure that has been described above and shown in the drawings, and And various modifications and changes may be made without departing from the scope thereof.Scope of the present application is only limited by the accompanying claims.

Claims (15)

1. a kind of device management method based on block chain characterized by comprising
The public key of the information of equipment producer and the equipment producer is written in block chain network equipment producer, and to institute The key of the affiliated group of the target device is written in the target device for stating the production of equipment producer, passes through the equipment producer Private key signed to the information of the target device and the key of the affiliated group of the target device after second Second data are written in the block chain network data;
The target device obtains the key of affiliated group, is set according to target described in the key pair of the affiliated group of the target device The information of standby public key and the target device signed after the first data, by first data write area In block chain network;
Equipment management side obtains first data, second data and the equipment producer from the block chain network Public key, the public key based on the equipment producer verifies second data, and described in obtaining after being verified The key of the information of target device and the affiliated group of the target device, according to the key pair institute of the affiliated group of the target device It states the first data to be verified, and obtains the public key of the target device after being verified, record the letter of the target device The public key of breath and the target device, to be managed to the target device.
2. the device management method according to claim 1 based on block chain, which is characterized in that further include:
The target device generates the first random number after first data are written in the block chain network, according to The public key of the target device, the private key of the target device and the first generating random number authorization requests, by the authorization Request is written in the block chain network;
The equipment management side obtains the authorization requests from the block chain network, the public key pair based on the target device The authorization requests are verified, and the private key based on the equipment management side after being verified signs the random number Name sign after third data, generate the authorization message for the target device based on the third data, and by institute It states authorization message to be written in the block chain network, so that the target device obtains the authorization from the block chain network Information.
3. the device management method according to claim 2 based on block chain, which is characterized in that according to the target device Public key, the target device private key and the first generating random number authorization requests, comprising:
Signed by the private key of the target device to first random number, and based on after signature data and the mesh The public key of marking device generates the authorization requests;Or
It is signed, and is based on to the public key of first random number and the target device by the private key of the target device Data after signature generate the authorization requests.
4. the device management method according to claim 2 based on block chain, which is characterized in that further include:
The target device obtains the authorization message that the equipment management side is sent, the authorization letter from the block chain network Include in breath by the private key of the equipment management side to the second random number sign as a result, based on the equipment management The public key of side verifies the authorization message, and second random number is obtained after being verified, if described second with Machine number is identical as first random number, it is determined that the target device authorization success.
5. the device management method according to claim 4 based on block chain, which is characterized in that in the authorization message also It include the public key to authorisation device;
The target device judges that the public key of the target device is set with described wait authorize after getting the authorization message Whether standby public key is identical, if the public key of the target device is identical as the public key to authorisation device, is set based on described The public key of standby manager verifies the authorization message.
6. the device management method according to claim 4 based on block chain, which is characterized in that the equipment management side is also For the public key of the equipment management side to be written in the block chain network;
The equipment producer is also used to get the public key of the equipment management side from the block chain network, and will be described The public key of equipment management side is written in the target device.
7. the device management method according to claim 1 based on block chain, which is characterized in that the equipment producer exists Before the block chain network is written in the information of the equipment producer, the information of the equipment producer is carried out at encryption Reason.
8. the device management method according to any one of claim 1 to 7 based on block chain, which is characterized in that described The affiliated group of target device includes production batch belonging to the target device.
9. a kind of equipment management system based on block chain characterized by comprising equipment producer, equipment management side and to The target device of management;
Wherein, the equipment producer is used to the public key of the information of equipment producer and equipment producer block chain is written In network, and the key of the affiliated group of the target device is written to the target device that the equipment producer produces, passes through institute The private key for stating equipment producer sign to the information of the target device and the key of the affiliated group of the target device Second data are written in the block chain network the second data after to signature;
The target device is used to obtain the key of affiliated group, according to mesh described in the key pair of the affiliated group of the target device The information of the public key of marking device and the target device signed after the first data, first data are write Enter in block chain network;
Equipment management side is raw for obtaining first data, second data and the equipment from the block chain network The public key of production side, the public key based on the equipment producer verifies second data, and obtains after being verified The key of the information of the target device and the affiliated group of the target device, according to the key of the affiliated group of the target device First data are verified, and obtain the public key of the target device after being verified, record the target device Information and the target device public key, to be managed to the target device.
10. the equipment management system according to claim 9 based on block chain, it is characterised in that:
The target device is also used to after first data are written in the block chain network, and it is random to generate first Number, according to the public key of the target device, the private key of the target device and the first generating random number authorization requests, by institute Authorization requests are stated to be written in the block chain network;
The equipment management side is also used to obtain the authorization requests from the block chain network, based on the target device Public key verifies the authorization requests, and the private key based on the equipment management side after being verified is to the random number Third data after being signed generate the authorization message for being directed to the target device based on the third data, And the authorization message is written in the block chain network, so that the target device obtains institute from the block chain network State authorization message.
11. the equipment management system according to claim 10 based on block chain, which is characterized in that the target device is used It signs in the private key by the target device to first random number, and based on the data and the target after signature The public key of equipment generates the authorization requests;Or for the private key by the target device to first random number and described The public key of target device is signed, and generates the authorization requests based on the data after signature.
12. the equipment management system according to claim 10 based on block chain, which is characterized in that the target device is also It include logical in the authorization message for obtaining the authorization message of equipment management side's transmission from the block chain network Cross the private key of the equipment management side to the second random number sign as a result, the public key based on the equipment management side to institute It states authorization message to be verified, and obtains second random number after being verified, if second random number and described the One random number is identical, it is determined that the target device authorization success.
13. the equipment management system according to claim 12 based on block chain, which is characterized in that in the authorization message It also include the public key to authorisation device;
The target device is also used to after getting the authorization message, judge the target device public key and it is described to Whether the public key of authorisation device is identical, if the public key of the target device is identical as the public key to authorisation device, is based on The public key of the equipment management side verifies the authorization message.
14. the equipment management system according to claim 12 based on block chain, which is characterized in that the equipment management side It is also used to the public key of the equipment management side be written in the block chain network;
The equipment producer is also used to get the public key of the equipment management side from the block chain network, and will be described The public key of equipment management side is written in the target device.
15. the equipment management system based on block chain according to any one of claim 9 to 14, which is characterized in that institute Equipment producer is stated to be also used to before the block chain network is written in the information of the equipment producer, it is raw to the equipment The information of production side is encrypted.
CN201910713863.6A 2018-08-06 2018-08-06 Block chain-based equipment management method and equipment management system Active CN110493039B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910713863.6A CN110493039B (en) 2018-08-06 2018-08-06 Block chain-based equipment management method and equipment management system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810884003.4A CN109104311B (en) 2018-08-06 2018-08-06 Block chain-based device management method, apparatus, medium, and electronic device
CN201910713863.6A CN110493039B (en) 2018-08-06 2018-08-06 Block chain-based equipment management method and equipment management system

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN201810884003.4A Division CN109104311B (en) 2018-08-06 2018-08-06 Block chain-based device management method, apparatus, medium, and electronic device

Publications (2)

Publication Number Publication Date
CN110493039A true CN110493039A (en) 2019-11-22
CN110493039B CN110493039B (en) 2021-06-04

Family

ID=64848786

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201910713863.6A Active CN110493039B (en) 2018-08-06 2018-08-06 Block chain-based equipment management method and equipment management system
CN201810884003.4A Active CN109104311B (en) 2018-08-06 2018-08-06 Block chain-based device management method, apparatus, medium, and electronic device

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN201810884003.4A Active CN109104311B (en) 2018-08-06 2018-08-06 Block chain-based device management method, apparatus, medium, and electronic device

Country Status (1)

Country Link
CN (2) CN110493039B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111431728A (en) * 2020-03-30 2020-07-17 腾讯科技(深圳)有限公司 User group management method of distributed application program
CN111445035A (en) * 2020-02-20 2020-07-24 江苏荣泽信息科技股份有限公司 Store equipment management system based on block chain
CN111988338A (en) * 2020-09-07 2020-11-24 华侨大学 Permission-controllable Internet of things cloud platform based on block chain and data interaction method
CN112637164A (en) * 2020-12-15 2021-04-09 国网浙江省电力有限公司双创中心 Equipment authentication management system, method and device based on block chain

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109617699A (en) * 2019-01-16 2019-04-12 北京沃东天骏信息技术有限公司 A kind of key generation method, block chain network service platform and storage medium
CN113098907B (en) * 2019-03-05 2023-07-11 深圳前海微众银行股份有限公司 Group division method and device for block chain
CN109743185B (en) * 2019-03-19 2020-12-01 全链通有限公司 Group communication method based on domain name block chain, block chain link point and medium
CN109756349B (en) * 2019-03-19 2020-12-01 全链通有限公司 Group communication method based on domain name block chain, block chain link point and medium
CN109918878B (en) * 2019-04-24 2021-03-02 中国科学院信息工程研究所 Industrial Internet of things equipment identity authentication and safe interaction method based on block chain
US20220217002A1 (en) * 2019-05-10 2022-07-07 NEC Laboratories Europe GmbH Method and system for device identification and monitoring
CN110569674B (en) * 2019-09-10 2023-11-17 腾讯科技(深圳)有限公司 Authentication method and device based on block chain network
CN111291411B (en) * 2020-02-13 2022-12-23 福州大学 Safe video anomaly detection system and method based on convolutional neural network
CN111741062B (en) * 2020-05-12 2023-04-18 湖南半岛医疗科技有限公司 Electronic equipment local area management system based on block chain technology
CN112118245B (en) * 2020-09-10 2023-01-10 中国联合网络通信集团有限公司 Key management method, system and equipment

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105635062A (en) * 2014-10-31 2016-06-01 腾讯科技(上海)有限公司 Network access equipment verification method and device
CN106130779A (en) * 2016-07-18 2016-11-16 布比(北京)网络技术有限公司 A kind of Internet of Things equipment and with the Internet of Things construction method of this equipment
US20170099138A1 (en) * 2015-10-02 2017-04-06 Orion Labs Encrypted group communications
CN106570710A (en) * 2016-10-27 2017-04-19 纸飞机(北京)科技有限公司 Commodity anti-counterfeiting method and device
US20170339152A1 (en) * 2016-05-20 2017-11-23 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Computing device configuration change management via guest keys
CN107426250A (en) * 2017-09-12 2017-12-01 大唐广电科技(武汉)有限公司 A kind of industrial digital information network platform based on block chain
CN107895111A (en) * 2017-10-11 2018-04-10 西安电子科技大学 Internet of things equipment supply chain trust systems management method, computer program, computer
US20180101844A1 (en) * 2016-10-11 2018-04-12 Coinplug, Inc. Method for issuing, using, refunding, settling and revocating electronic voucher using updated status of balance database by respective blocks in blockchain, and server using the same
CN108243182A (en) * 2017-10-26 2018-07-03 招商银行股份有限公司 Management authorization method, sub- management end, root management end and the storage medium of block chain

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104580208B (en) * 2015-01-04 2018-11-30 华为技术有限公司 A kind of identity identifying method and device
EP3271824A4 (en) * 2015-03-20 2018-09-05 Rivetz Corp. Automated attestation of device integrity using the block chain
GB201700367D0 (en) * 2017-01-10 2017-02-22 Trustonic Ltd A system for recording and attesting device lifecycle
CN107257340B (en) * 2017-06-19 2019-10-01 阿里巴巴集团控股有限公司 A kind of authentication method, authentication data processing method and equipment based on block chain
CN108055125B (en) * 2017-11-23 2020-06-30 阿里巴巴集团控股有限公司 Method and device for encrypting and decrypting product information
CN108055135B (en) * 2017-12-13 2021-03-23 杭州全视软件有限公司 Intelligent terminal authentication management method

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105635062A (en) * 2014-10-31 2016-06-01 腾讯科技(上海)有限公司 Network access equipment verification method and device
US20170099138A1 (en) * 2015-10-02 2017-04-06 Orion Labs Encrypted group communications
US20170339152A1 (en) * 2016-05-20 2017-11-23 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Computing device configuration change management via guest keys
CN106130779A (en) * 2016-07-18 2016-11-16 布比(北京)网络技术有限公司 A kind of Internet of Things equipment and with the Internet of Things construction method of this equipment
US20180101844A1 (en) * 2016-10-11 2018-04-12 Coinplug, Inc. Method for issuing, using, refunding, settling and revocating electronic voucher using updated status of balance database by respective blocks in blockchain, and server using the same
CN106570710A (en) * 2016-10-27 2017-04-19 纸飞机(北京)科技有限公司 Commodity anti-counterfeiting method and device
CN107426250A (en) * 2017-09-12 2017-12-01 大唐广电科技(武汉)有限公司 A kind of industrial digital information network platform based on block chain
CN107895111A (en) * 2017-10-11 2018-04-10 西安电子科技大学 Internet of things equipment supply chain trust systems management method, computer program, computer
CN108243182A (en) * 2017-10-26 2018-07-03 招商银行股份有限公司 Management authorization method, sub- management end, root management end and the storage medium of block chain

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111445035A (en) * 2020-02-20 2020-07-24 江苏荣泽信息科技股份有限公司 Store equipment management system based on block chain
CN111431728A (en) * 2020-03-30 2020-07-17 腾讯科技(深圳)有限公司 User group management method of distributed application program
CN111431728B (en) * 2020-03-30 2024-02-09 腾讯科技(深圳)有限公司 User group management method of distributed application program
CN111988338A (en) * 2020-09-07 2020-11-24 华侨大学 Permission-controllable Internet of things cloud platform based on block chain and data interaction method
CN111988338B (en) * 2020-09-07 2022-06-24 华侨大学 Permission-controllable Internet of things cloud platform based on block chain and data interaction method
CN112637164A (en) * 2020-12-15 2021-04-09 国网浙江省电力有限公司双创中心 Equipment authentication management system, method and device based on block chain

Also Published As

Publication number Publication date
CN110493039B (en) 2021-06-04
CN109104311A (en) 2018-12-28
CN109104311B (en) 2021-08-31

Similar Documents

Publication Publication Date Title
CN110493039A (en) Device management method and equipment management system based on block chain
JP6889967B2 (en) Methods and systems for generating advanced storage keys on mobile devices without secure elements
CN104869175B (en) Cross-platform account resource-sharing implementation method, apparatus and system
JP6497834B2 (en) Payment methods and associated payment gateway servers, mobile terminals, and time certificate issuing servers
JP6957623B2 (en) Express credential transaction system
CN101820346B (en) Secure digital signature method
CN108541318A (en) For authorizing the client terminal device, server unit and the access control system that access
CN110535648A (en) Electronic certificate is generated and verified and key controlling method, device, system and medium
CN103401844B (en) The processing method of operation requests and system
US20140019364A1 (en) Anytime validation tokens
US20140351596A1 (en) Method, system and apparatus for authenticating user identity
KR101807764B1 (en) Method and system for providing financial service
CN110073387A (en) Confirm being associated between communication equipment and user
EP2820602A1 (en) Systems and methods for mapping a mobile cloud account to a payment account
CN110535807A (en) A kind of service authentication method, device and medium
CN106716957A (en) Efficient and reliable attestation
TW201935349A (en) Methods and devices of paying vehicle riding fare and equipment
CN107924516A (en) A kind of payment authentication method of mobile terminal, device and mobile terminal
US20140136421A1 (en) Method of registering a membership for an electronic payment, system for same, and apparatus and terminal thereof
CN108241980A (en) Authorization and authentication method, system and the ebanking server of cross-terminal, Mobile Server
US11551220B2 (en) Method for processing transaction data, corresponding communications terminal, card reader and program
CN116433239A (en) Transaction payment method and device and electronic equipment
KR101976168B1 (en) Method for performing login or service use based on two channel and apparatus for performing the same
EP4113412A1 (en) Device and method for virtual authorization code-based process authorization
KR20150080658A (en) Method for authenticating goods and Apparatus therefor

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40015593

Country of ref document: HK

SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant