CN110598375A - Data processing method, device and storage medium - Google Patents
Data processing method, device and storage medium Download PDFInfo
- Publication number
- CN110598375A CN110598375A CN201910893997.0A CN201910893997A CN110598375A CN 110598375 A CN110598375 A CN 110598375A CN 201910893997 A CN201910893997 A CN 201910893997A CN 110598375 A CN110598375 A CN 110598375A
- Authority
- CN
- China
- Prior art keywords
- root certificate
- block
- node
- old
- new
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 19
- 238000000034 method Methods 0.000 claims abstract description 38
- 238000012545 processing Methods 0.000 claims abstract description 29
- 238000013475 authorization Methods 0.000 claims abstract description 25
- 238000004891 communication Methods 0.000 claims description 9
- 238000012795 verification Methods 0.000 claims description 8
- 230000009286 beneficial effect Effects 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 10
- 238000007726 management method Methods 0.000 description 10
- 230000015654 memory Effects 0.000 description 9
- 230000008569 process Effects 0.000 description 9
- 238000012544 monitoring process Methods 0.000 description 4
- 230000006978 adaptation Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 238000012550 audit Methods 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000003862 health status Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012954 risk control Methods 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Abstract
The embodiment of the invention discloses a data processing method, a data processing device and a storage medium, wherein the method comprises the following steps: the consensus node receives a root certificate issuing transaction sent by the authentication authorization node, wherein the root certificate issuing transaction comprises a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate and the height of a failure block of the old root certificate; the consensus node writes a root certificate issuance transaction into the latest block of the blockchain to instruct the service nodes and routing nodes in the blockchain network to synchronize the root certificate issuance transaction from the latest block of the blockchain, replaces the old root certificate based on the byte stream of the new root certificate, and deletes the old root certificate from the root certificate pool when the block height of the latest block is equal to the failing block height. The invention is beneficial to improving the security of the root certificate.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a data processing method, an apparatus, and a storage medium.
Background
A digital certificate is a Certification document issued by an Authority for certifying the identity of a user over a network, and the process of issuing a digital certificate may also be referred to as a Certification Authority (CA) process. Conventional certificate authorities include a root CA, which is the most trusted certificate authority in the certificate authority and can issue certificates independently, and a multi-level CA under the root CA, which generates certificates by self-signing without issuing certificates for other CA authorities. The other CA authorities at each level may issue certificates for themselves by their superior CA authorities, as well as certificates for their subordinate CA authorities and their customers, which may be various network entities, such as websites (websites). Since the number of CA authorities is large and the hierarchy is different, in the conventional CA authentication process, in order to authenticate the authenticity of a certificate, not only the certificate needs to be signed and verified, but also the authority issuing the certificate needs to be verified, and if the authority issuing the certificate has a higher CA authority, the higher CA authority needs to be further verified until reaching the root CA.
In order to prevent the root certificate from being maliciously tampered, the result of the whole verification process is affected, and the root certificate is usually required to be replaced. At present, when a new root certificate needs to be replaced, a CA authority is usually going to download the latest root certificate and replace the old root certificate with the latest root certificate, thereby completing the replacement of the root certificate. In this way, when the CA authority is attacked (e.g., the root certificate is maliciously tampered with or the root certificate is forged, etc.), the security of the latest root certificate is seriously affected.
Disclosure of Invention
Embodiments of the present invention provide a data processing method, an apparatus, and a storage medium, which utilize the characteristics of a blockchain that data cannot be tampered and counterfeited, and directly link the content of a new root certificate, thereby reducing the dependence on a CA node, preventing the new root certificate from being tampered or counterfeited, and facilitating the improvement of the security of the new root certificate.
In one aspect, an embodiment of the present invention provides a data processing method, where the method is applied to a consensus node in a blockchain network, where the blockchain network further includes a routing node and a service node, and the method includes:
receiving a root certificate issuing transaction sent by an authentication authorization node, wherein the root certificate issuing transaction comprises a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate and a failure block height of the old root certificate;
writing the root certificate issuance transaction into a latest block of a blockchain to instruct the service node and the routing node in the blockchain network to synchronize the root certificate issuance transaction from the latest block of the blockchain, replacing the old root certificate based on a byte stream of the new root certificate, and deleting the old root certificate from a root certificate pool when a block height of the latest block is equal to the failure block height.
In another aspect, an embodiment of the present invention provides a data processing apparatus, where the apparatus is configured at a consensus node in a blockchain network, where the blockchain network further includes a routing node and a service node, and the apparatus includes:
the communication module is used for receiving a root certificate issuing transaction sent by an authentication authorization node, wherein the root certificate issuing transaction comprises a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate and a failure block height of the old root certificate;
a processing module to write the root certificate issuance transaction into a latest block of a block chain to instruct the service node and the routing node in the block chain network to synchronize the root certificate issuance transaction from the latest block of the block chain, replace the old root certificate based on a byte stream of the new root certificate, and delete the old root certificate from a root certificate pool when a block height of the latest block is equal to the failure block height.
In another aspect, an embodiment of the present invention provides another data processing method, where the method is applied to a service node in a blockchain network, where the blockchain network further includes a routing node and a consensus node, and the method includes:
synchronizing a root certificate issuance transaction from a latest block of the blockchain, the root certificate issuance transaction including a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate, and a height of a failed block of the old root certificate, the root certificate issuance transaction being written into the latest block by the consensus node;
replacing the old root certificate based on the byte stream of the new root certificate;
deleting the old root certificate from the root certificate pool of the service node upon detecting that a block height of a latest block of the block chain is equal to the failed block height.
In another aspect, an embodiment of the present invention provides another data processing apparatus, where the apparatus is configured at a service node in a blockchain network, where the blockchain network further includes a routing node and a consensus node, and the apparatus includes:
a synchronization module, configured to synchronize a root certificate issuance transaction from a latest block of the block chain, where the root certificate issuance transaction includes a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate, and a height of a failure block of the old root certificate, and the root certificate issuance transaction is written into the latest block by the consensus node;
a processing module to replace the old root certificate based on the byte stream of the new root certificate;
the processing module is further configured to delete the old root certificate from the root certificate pool of the service node when detecting that the block height of the latest block of the block chain is equal to the failed block height.
Correspondingly, an embodiment of the present invention further provides an electronic device, including: a processor and a storage device; the storage device is used for storing program instructions; the processor calls the program instructions to perform: receiving a root certificate issuing transaction sent by an authentication authorization node, wherein the root certificate issuing transaction comprises a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate and a failure block height of the old root certificate; writing the root certificate issuance transaction into a latest block of a blockchain to instruct the service node and the routing node in the blockchain network to synchronize the root certificate issuance transaction from the latest block of the blockchain, replacing the old root certificate based on a byte stream of the new root certificate, and deleting the old root certificate from a root certificate pool when a block height of the latest block is equal to the failure block height.
In one embodiment, the processor may further invoke program instructions to perform synchronizing a root certificate issuance transaction from a latest block of the chain of blocks, the root certificate issuance transaction including a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate, and a height of a failed block of the old root certificate, the root certificate issuance transaction being written to the latest block by the consensus node; replacing the old root certificate based on the byte stream of the new root certificate; deleting the old root certificate from the root certificate pool of the service node upon detecting that a block height of a latest block of the block chain is equal to the failed block height.
Accordingly, the embodiment of the present invention further provides a computer storage medium, in which program instructions are stored, and when the program instructions are executed, the computer storage medium is used for implementing the above methods.
In the embodiment of the invention, the consensus node can receive the root certificate issuing transaction sent by the authentication authorization node, wherein the root certificate issuing transaction comprises the byte stream of the new root certificate, the signature information of the old root certificate on the new root certificate and the height of the failure block of the old root certificate. Further, the consensus node may write a root certificate issuance transaction in a latest block of the blockchain to instruct traffic nodes and routing nodes in the blockchain network to synchronize the root certificate issuance transaction from the latest block of the blockchain, replace the old root certificate based on a byte stream of the new root certificate, and delete the old root certificate from the root certificate pool when a block height of the latest block is equal to a failed block height. By adopting the mode, on one hand, the characteristics of incapability of tampering and counterfeiting of data of the blockchain are utilized, the content of the new root certificate is directly linked, the dependence on a CA node is reduced, the new root certificate is prevented from being tampered or forged, and the safety of the new root certificate is improved; on the other hand, replacement of the CA root certificate can be safely and efficiently achieved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a blockchain network according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a routing layer according to an embodiment of the present invention;
FIG. 3 is a flow chart of a data processing method according to an embodiment of the present invention;
FIG. 4 is a flow chart illustrating another data processing method according to an embodiment of the present invention;
FIG. 5 is a flow chart illustrating a further data processing method according to an embodiment of the present invention;
fig. 6 is an interaction flow diagram of a data processing method according to an embodiment of the present invention.
FIG. 7 is a block diagram of a data processing apparatus according to an embodiment of the present invention;
FIG. 8 is a block diagram of another data processing apparatus according to an embodiment of the present invention;
fig. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The embodiment of the invention provides a data processing method, which can be applied to a consensus node in a block chain network, wherein the block chain network further comprises a routing node and a service node, and the consensus node, the routing node and the service node can be any type of computing equipment such as a server and a user terminal in an access block chain network. In one embodiment, the consensus node may receive a root certificate issuance transaction sent by the authentication authorization node, the root certificate issuance transaction including a byte stream of the new root certificate, signature information of the old root certificate to the new root certificate, and a height of a failure block of the old root certificate. Further, the consensus node may write a root certificate issuance transaction in a latest block of the blockchain to instruct traffic nodes and routing nodes in the blockchain network to synchronize the root certificate issuance transaction from the latest block of the blockchain, replace the old root certificate based on a byte stream of the new root certificate, and delete the old root certificate from the root certificate pool when a block height of the latest block is equal to a failed block height. By adopting the mode, on one hand, the characteristics of incapability of tampering and counterfeiting of data of the blockchain are utilized, the content of the new root certificate is directly linked, the dependence on a CA node is reduced, the new root certificate is prevented from being tampered or forged, and the safety of the new root certificate is improved; on the other hand, replacement of the CA root certificate can be safely and efficiently achieved.
The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product services layer, and an application services layer.
The block chain underlying platform can comprise processing modules such as user management, basic service, intelligent contract and operation monitoring. The user management module is responsible for identity information management of all blockchain participants, and comprises public and private key generation maintenance (account management), key management, user real identity and blockchain address corresponding relation maintenance (authority management) and the like, and under the authorization condition, the user management module supervises and audits the transaction condition of certain real identities and provides rule configuration (wind control audit) of risk control; the basic service module is deployed on all block chain node equipment and used for verifying the validity of the service request, recording the service request to storage after consensus on the valid request is completed, for a new service request, the basic service firstly performs interface adaptation analysis and authentication processing (interface adaptation), then encrypts service information (consensus management) through a consensus algorithm, transmits the service information to a shared account (network communication) completely and consistently after encryption, and performs recording and storage; the intelligent contract module is responsible for registering and issuing contracts, triggering the contracts and executing the contracts, developers can define contract logics through a certain programming language, issue the contract logics to a block chain (contract registration), call keys or other event triggering and executing according to the logics of contract clauses, complete the contract logics and simultaneously provide the function of upgrading and canceling the contracts; the operation monitoring module is mainly responsible for deployment, configuration modification, contract setting, cloud adaptation in the product release process and visual output of real-time states in product operation, such as: alarm, monitoring network conditions, monitoring node equipment health status, and the like.
The platform product service layer provides basic capability and an implementation framework of typical application, and developers can complete block chain implementation of business logic based on the basic capability and the characteristics of the superposed business. The application service layer provides the application service based on the block chain scheme for the business participants to use.
In an embodiment, referring to fig. 1, the blockchain network may be a layered blockchain network, where the layered blockchain network includes a service network, a consensus network, and a routing Layer, where the routing Layer separates the service network and the consensus network, and the service network and the consensus network are isolated by a routing service, and communication between the service network and the consensus network needs to pass through an identity certificate and Secure Socket Layer (SSL) Secure communication is to be performed. The service nodes are deployed in a service network in a public network, the consensus nodes are deployed in a private consensus network, the routing nodes are deployed in a routing layer, and the service nodes and the consensus nodes are interacted through the routing nodes. Because the consensus network is in a relatively safe private cloud, the mutual access of the consensus network can be guaranteed by the consensus mechanism, and the identity management and the network control do not need to be added additionally. The service node is in the public network and may be accessed by other uncertain network terminals, so the access behaviors of the service node and other possible nodes in the consensus network need to be strictly controlled. The hierarchical block chain network can help safely and effectively replace the CA root certificate and dynamically replace the root certificate, can ensure the encryption communication safety of the system, and avoids the risk that a single root certificate is broken or leaked.
As shown in fig. 2, the routing layer maintains states of nodes in a plurality of child chains through a configuration and state maintenance module, and provides a routing service. After any routing node in the routing layer receives the request of the service node, firstly, the chain information in the request can be used for distinguishing which chain the service node needs to initiate the request to, further, the access authority of the service node is verified, and finally, the request is forwarded.
Please refer to a flow diagram of a data processing method shown in fig. 3, where the method is applied to a blockchain network, the blockchain network includes at least one routing node, at least one service node, and at least one consensus node, each routing node, each service node, and each consensus node maintain a same blockchain together, and the consensus node, the routing node, and the service node may be any type of computing device in an access blockchain network, such as a server, a user terminal, and the like. In one embodiment, in the normal operation process of the service, since the CA root certificate needs to be replaced safely, in this case, the CA node triggers root certificate replacement in step S301, specifically, when detecting a triggering event of root certificate replacement, the CA node may mark all existing root certificates as "old root certificates" and still may use them normally, and after adding a new root certificate into the root certificate pool of the CA, in the subsequent process, a new certificate issuance request uses the new root certificate for signature issuance. The triggering event for replacing the root certificate may be a triggering instruction for replacing a new root certificate input by a user or an event related to a preset service in a business. Further, the CA node sends a root certificate issue transaction to any consensus node in the consensus network in step S301, and after receiving the root certificate issue transaction, the any consensus node may write the root certificate issue transaction into the latest block of the block chain to complete the uplink of the root certificate issue transaction, where the root certificate issue transaction includes a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate, and a height of a failure block of the old root certificate. The CA node may be a node in an access blockchain network, the node may be any type of computing device, such as a server, a user terminal, or a computing device deployed outside the blockchain network, and may perform data interaction with the node in the blockchain network.
Further, after the root certificate issuing transaction is linked up, each routing node in the routing layer and each service node in the service network may directly synchronize the root certificate issuing transaction in the latest block of the block chain in step S303, replace its old root certificate based on the byte stream of the new root certificate, and delete its old root certificate from its root certificate pool when detecting that the block height of the latest block of the block chain is equal to the height of the failed block, so that the old root certificate fails.
On one hand, the embodiment of the invention can directly acquire the new root certificate from the chain so as to finish the replacement of the old root certificate, and because the blockchain has the characteristics of data non-falsification and non-falsification, the adoption of the acquisition mode can reduce the dependence on the CA node, prevent the new root certificate from being falsified or falsified and is beneficial to improving the safety of the new root certificate; on the other hand, when the block height of the latest block of the block chain is detected to be equal to the height of the failure block, the old root certificate of the block chain is deleted from the root certificate pool of the block chain, so that the transition of the new root certificate and the old root certificate can be effectively ensured, and when the new root certificate and the old root certificate are replaced, the nodes adopting the new root certificate and the old root certificate can continue normal communication.
Referring to fig. 4, it is a flowchart of a data processing method according to an embodiment of the present invention, where the method according to the embodiment of the present invention may be executed by a consensus node in a blockchain network, and the blockchain network further includes a routing node and a service node. The method of an embodiment of the present invention includes the following steps.
S401: and receiving a root certificate issuing transaction sent by the authentication authorization node, wherein the root certificate issuing transaction comprises a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate and the height of a failure block of the old root certificate. The consensus node includes at least one, and the node performing steps S401 to S402 may be any one of the at least one consensus node.
In one embodiment, the traffic is in a normal operation flow, because the CA root certificate needs to be replaced safely, in this case, the CA node may mark all existing root certificates as "old root certificates" when detecting a triggering event of root certificate replacement, but may still use the root certificates normally, and add a new root certificate to its own root certificate pool. The triggering event of the root certificate replacement may be a triggering instruction for replacing a new root certificate input by a user or an event related to a preset service in the service. Further, the CA node may send a root certificate issuing transaction to any of the consensus nodes in the consensus network.
S402: writing a root certificate issuance transaction into a latest block of the blockchain to instruct a service node and a routing node in the blockchain network to synchronize the root certificate issuance transaction from the latest block of the blockchain, replacing an old root certificate based on a byte stream of the new root certificate, and deleting the old root certificate from the root certificate pool when the block height of the latest block is equal to the height of the failure block.
In one embodiment, after any of the consensus nodes receives a root certificate issuing transaction sent by the authentication and authorization node, the root certificate issuing transaction may be written into a latest block of the block chain to complete uplink of the root certificate issuing transaction, where the root certificate issuing transaction includes a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate, and a height of a failure block of the old root certificate.
In one embodiment, before writing the root certificate issue transaction into the latest block of the blockchain, any consensus node may further obtain historical signature information of an old root certificate prestored from the blockchain, verify the signature information based on the historical signature information, and if the verification is passed, trigger execution of the step of writing the root certificate issue transaction into the latest block of the blockchain.
In an embodiment, the historical signature information may be compared with the signature information, and if the two signatures are consistent, it is determined that the signature information is verified, that is, the CA node may be determined to be a trusted node.
In one embodiment, the byte stream of the original root certificate may be written directly into the founder block of the block chain, and the original root certificate is obtained directly from the founder block when the service node and the routing node start.
It can be seen that, in the embodiment of the present invention, when a new root certificate and an old root certificate are replaced, a new root certificate is signed by using the old root certificate, which can effectively prevent a forged CA from issuing a fake root certificate, and further improve the security of the root certificate.
In the embodiment of the invention, the consensus node can receive the root certificate issuing transaction sent by the authentication authorization node, wherein the root certificate issuing transaction comprises the byte stream of the new root certificate, the signature information of the old root certificate on the new root certificate and the height of the failure block of the old root certificate. Further, the consensus node may write a root certificate issuance transaction in a latest block of the blockchain to instruct traffic nodes and routing nodes in the blockchain network to synchronize the root certificate issuance transaction from the latest block of the blockchain, replace the old root certificate based on a byte stream of the new root certificate, and delete the old root certificate from the root certificate pool when a block height of the latest block is equal to a failed block height. By adopting the mode, on one hand, the characteristics of incapability of tampering and counterfeiting of data of the blockchain are utilized, the content of the new root certificate is directly linked, the dependence on a CA node is reduced, the new root certificate is prevented from being tampered or forged, and the safety of the new root certificate is improved; on the other hand, replacement of the CA root certificate can be safely and efficiently achieved.
Referring to fig. 5, it is a flowchart of another data processing method according to an embodiment of the present invention, where the method according to the embodiment of the present invention may be executed by a service node in a blockchain network, and the blockchain network further includes a routing node and a consensus node. The method of an embodiment of the present invention includes the following steps.
S501: synchronizing a root certificate issuing transaction from a latest block of a blockchain, wherein the root certificate issuing transaction comprises a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate and a failure block height of the old root certificate, and the root certificate issuing transaction is written into the latest block by a consensus node.
In one embodiment, any common node in the blockchain network may receive a root certificate issuing transaction sent by the authentication authorization node, and write the root certificate issuing transaction into the latest block of the blockchain, and further, since the service node and the common node in the blockchain network maintain the same blockchain, each service node in the blockchain network may synchronize the root certificate issuing transaction directly from the latest block of the blockchain.
S502: the byte stream based on the new root certificate replaces the old root certificate.
S503: upon detecting that the block height of the newest block of the block chain is equal to the failed block height, the old root certificate is deleted from the root certificate pool of the service node.
In one embodiment, any service node in the blockchain network may replace its old root certificate based on the byte stream of the new root certificate, communicate through the new root certificate, but the old root certificate still remains in its root certificate pool, and delete the old root certificate from the root certificate pool of the service node when detecting that the block height of the latest block of the blockchain is equal to the height of the failed block. The height of the failure block is preset by a developer according to experimental measurement and calculation data, and can be adjusted subsequently according to actual requirements, which is not specifically limited in the embodiment of the present invention.
The block height is the number of blocks linked to the main chain, i.e. the number of blocks connected to the block chain. For example, assuming that the height of the failed block is 100, if the service node detects that the block height of the newest block of the block chain is 100, and the block height of the newest block is equal to the height of the failed block, the old root certificate may be deleted from the root certificate pool of the service node, that is, the old root certificate is failed.
Or, in a certain system time, if the service node detects that the block height of the latest block of the block chain is smaller than the height of the failed block, the service node may continue to wait for the detection of the block height of the latest block at the next time, and if the block height of the latest block of the block chain is detected to be equal to the height of the failed block, the old root certificate is deleted from the root certificate pool of the service node.
In one embodiment, after synchronizing the root certificate issue transaction from the latest block of the blockchain, any service node may further send a service certificate issue application to the authentication and authorization node to instruct the authentication and authorization node to issue a new service certificate based on the new root certificate, and return the new service certificate to the service node. Further, the any service node may receive a new service certificate and replace its old service certificate based on the new service certificate.
In one embodiment, the root certificate issuing transaction further includes indication information indicating that the height of the valid block of the new root certificate is equal to the height of the latest block, and after any service node replaces the old root certificate based on the byte stream of the new root certificate, the height of the latest block can be obtained, and the height of the valid block of the new root certificate is recorded as the height of the latest block. Illustratively, for example, the latest block in step S501 is 98, and after the any service node replaces the old root certificate based on the byte stream of the new root certificate, the effective block height of the new root certificate may be recorded as 98.
In the embodiment of the invention, a service node synchronizes a root certificate issuing transaction from a latest block of a block chain, wherein the root certificate issuing transaction comprises a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate and a failure block height of the old root certificate, and the root certificate issuing transaction is written into the latest block by a consensus node. Further, the service node replaces the old root certificate based on the byte stream of the new root certificate, and deletes the old root certificate from the root certificate pool of the service node when detecting that the block height of the latest block of the block chain is equal to the height of the failed block. The effective time and the invalid time of the new and old root certificates are limited in the block height mode, and compared with a timestamp mode, the method is more stable and controllable, and meanwhile, the problem that clock consistency is needed is avoided.
Referring to fig. 6, it is a schematic view of an interaction flow of a data processing method according to an embodiment of the present invention, where the method according to the embodiment of the present invention is applied to a blockchain network, where the blockchain network includes a consensus node, a routing node, and a service node.
S601: and the consensus node receives the root certificate issuing transaction sent by the authentication authorization node.
S602: the consensus node writes a root certificate issuance transaction in the latest block of the blockchain, the root certificate issuance transaction including a byte stream of the new root certificate, signature information of the old root certificate on the new root certificate, and a height of the failed block of the old root certificate. For specific implementation of steps S601 to S602, reference may be made to the related description of steps S401 to S402 in the foregoing embodiment, and details are not repeated here.
S603: the service node synchronizes the root certificate issuing transaction from the newest chunk of the blockchain and replaces the old root certificate based on the byte stream of the new root certificate.
S604: the service node deletes the old root certificate from the root certificate pool when detecting that the block height of the latest block of the block chain is equal to the height of the failed block. For specific implementation of steps S603 to S604, reference may be made to the related description of steps S501 to S503 in the foregoing embodiment, and details are not repeated here.
In one embodiment, the consensus node may further obtain historical signature information of an old root certificate prestored in the blockchain, verify the signature information based on the historical signature information, and if the verification is passed, trigger execution of the step of writing the root certificate issue transaction into the latest block of the blockchain.
In one embodiment, after the consensus node writes the root certificate issue transaction into the latest block of the block chain, the routing node may also synchronize the root certificate issue transaction from the latest block of the block chain, replace the old root certificate based on the byte stream of the new root certificate, and delete the old root certificate from its own root certificate pool when detecting that the block height of the latest block of the block chain is equal to the height of the failed block, at which point the old certificate fails.
Wherein, for the routing node, only the old certificate is supported before the block height of the newest block is smaller than the height of the failed block, but the server certificate of the routing node is not replaced. Further, the routing node may send a server certificate issuance application to the CA node when detecting that the block height of the latest block is equal to the height of the failed block, to instruct the CA node to issue a new server certificate based on the new root certificate, and return the new server certificate to the routing node. Further, after receiving the new server certificate, the routing node may replace its old server certificate based on the new server certificate to complete the replacement of its own server certificate.
In one embodiment, the CA node has the functionality to download the latest root certificate without verification and to change the certificate of the application service from an old certificate signature to a new certificate signature. When some service nodes start from different states and find that the existing certificate can not initiate a request to the route, the functions of replacing the certificate and downloading a new root certificate can be initiated to the CA node. If a connection has not been initiated to a CA node, service management or human assistance is required to re-apply for a certificate by the service node.
Embodiments of the present invention further provide a computer storage medium, in which program instructions are stored, and when the program instructions are executed, the computer storage medium is configured to implement the corresponding method described in the above embodiments.
Referring to fig. 7, it is a schematic structural diagram of a data processing apparatus according to an embodiment of the present invention, where the data processing apparatus according to an embodiment of the present invention may be disposed in a consensus node of a blockchain network, and the blockchain network further includes a routing node and a service node.
In one implementation of the apparatus of the embodiment of the present invention, the apparatus includes the following structure.
The communication module 71 is configured to receive a root certificate issuing transaction sent by an authentication authorization node, where the root certificate issuing transaction includes a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate, and a height of a failure block of the old root certificate;
a processing module 72, configured to write the root certificate issuance transaction into a latest block of a block chain, to instruct the service node and the routing node in the block chain network to synchronize the root certificate issuance transaction from the latest block of the block chain, replace the old root certificate based on the byte stream of the new root certificate, and delete the old root certificate from a root certificate pool when a block height of the latest block is equal to the failure block height.
In one embodiment, the processing module 72 is further configured to obtain pre-stored historical signature information of the old root certificate from the blockchain; verifying the signature information based on the historical signature information; and if the verification is passed, triggering and executing the writing of the root certificate issuing transaction into the latest block of the block chain.
In the embodiment of the present invention, reference may be made to the description of relevant contents in the embodiments corresponding to the foregoing drawings for specific implementations of the above modules.
Referring to fig. 8, it is a schematic structural diagram of another data processing apparatus according to an embodiment of the present invention, where the data processing apparatus according to the embodiment of the present invention may be disposed at a service node of a blockchain network, and the blockchain network further includes a routing node and a consensus node.
In one implementation of the apparatus of the embodiment of the present invention, the apparatus includes the following structure.
A synchronization module 80, configured to synchronize a root certificate issuance transaction from a latest block of the block chain, where the root certificate issuance transaction includes a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate, and a height of a failure block of the old root certificate, and the root certificate issuance transaction is written into the latest block by the common node;
a processing module 81 for replacing the old root certificate based on the byte stream of the new root certificate;
the processing module 81 is further configured to delete the old root certificate from the root certificate pool of the service node when detecting that the block height of the latest block of the block chain is equal to the failed block height.
In one embodiment, the apparatus further includes a communication module 82, configured to send a service certificate issuance application to an authentication and authorization node, to instruct the authentication and authorization node to issue a new service certificate based on the new root certificate, and to return the new service certificate to the service node; receiving the new service certificate; the processing module 81 is further configured to replace the old service certificate of the service node based on the new service certificate.
In one embodiment, the root certificate issuing transaction further includes indication information indicating that the valid block height of the new root certificate is equal to the latest block, and the processing module 81 is further configured to obtain the block height of the latest block; recording the validated block height of the new root certificate as the block height of the latest block.
Referring to fig. 9 again, it is a schematic structural diagram of an electronic device according to an embodiment of the present invention, where the electronic device according to an embodiment of the present invention includes a power supply module and other structures, and includes a processor 901, a storage 902, and a network interface 903. The processor 901, the storage 902 and the network interface 903 may interact with each other, and the processor 901 implements a corresponding data processing function. The electronic device may be used as a consensus node in a blockchain network, or may be used as a service node in the blockchain network, which is not specifically limited in the embodiments of the present invention.
The storage 902 may include a volatile memory (volatile memory), such as a random-access memory (RAM); the storage 902 may also include a non-volatile memory (non-volatile memory), such as a flash memory (flash memory), a solid-state drive (SSD), etc.; the storage 902 may also comprise a combination of memories of the kind described above.
The processor 901 may be a Central Processing Unit (CPU) 901. In one embodiment, the processor 901 may also be a Graphics Processing Unit (GPU) 901. The processor 901 may also be a combination of a CPU and a GPU. In the electronic device, a plurality of CPUs and GPUs may be included as necessary to perform corresponding data processing. In one embodiment, the storage 902 is used to store program instructions. The processor 901 may call the program instructions to implement the various methods as described above in the embodiments of the present invention.
In a first possible implementation manner, the processor 901 of the electronic device calls a program instruction stored in the storage 902, and is configured to receive, through the network interface 903, a root certificate issue transaction sent by an authentication authorization node, where the root certificate issue transaction includes a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate, and a height of a failure block of the old root certificate; writing the root certificate issuance transaction into a latest block of a blockchain to instruct the service node and the routing node in the blockchain network to synchronize the root certificate issuance transaction from the latest block of the blockchain, replacing the old root certificate based on a byte stream of the new root certificate, and deleting the old root certificate from a root certificate pool when a block height of the latest block is equal to the failure block height.
In an embodiment, the processor 901 is further configured to obtain pre-stored historical signature information of the old root certificate from the blockchain; verifying the signature information based on the historical signature information; and if the verification is passed, triggering and executing the writing of the root certificate issuing transaction into the latest block of the block chain.
In one embodiment, the processor 901 may further invoke program instructions stored in the storage 902 for synchronizing a root certificate issuance transaction from a latest chunk of the chunk chain, where the root certificate issuance transaction includes a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate, and a height of a failure chunk of the old root certificate, and the root certificate issuance transaction is written into the latest chunk by the consensus node; replacing the old root certificate based on the byte stream of the new root certificate; deleting the old root certificate from the root certificate pool of the service node upon detecting that a block height of a latest block of the block chain is equal to the failed block height.
In an embodiment, the processor 901 is further configured to send a service certificate issuance application to an authentication and authorization node through the network interface 903, so as to instruct the authentication and authorization node to issue a new service certificate based on the new root certificate, return the new service certificate to the service node, receive the new service certificate, and replace the old service certificate of the service node based on the new service certificate.
In one embodiment, the root certificate issuing transaction further includes indication information indicating that the effective block height of the new root certificate is equal to the latest block, and the processor 901 is further configured to obtain the block height of the latest block and record the effective block height of the new root certificate as the block height of the latest block.
In the embodiment of the present invention, the processor 901 may be implemented by referring to the description of relevant contents in the embodiments corresponding to the foregoing drawings.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
While the invention has been described with reference to a number of embodiments, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (10)
1. A data processing method, applied to a consensus node in a blockchain network, the blockchain network further including a routing node and a service node, the method comprising:
receiving a root certificate issuing transaction sent by an authentication authorization node, wherein the root certificate issuing transaction comprises a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate and a failure block height of the old root certificate;
writing the root certificate issuance transaction into a latest block of a blockchain to instruct the service node and the routing node in the blockchain network to synchronize the root certificate issuance transaction from the latest block of the blockchain, replacing the old root certificate based on a byte stream of the new root certificate, and deleting the old root certificate from a root certificate pool when a block height of the latest block is equal to the failure block height.
2. The method of claim 1, wherein prior to writing the root certificate issue transaction into the most recent chunk of a blockchain, the method further comprises:
acquiring pre-stored historical signature information of the old root certificate from the blockchain;
verifying the signature information based on the historical signature information;
and if the verification is passed, triggering and executing the step of writing the root certificate issuing transaction into the latest block of the block chain.
3. A data processing method applied to a service node in a blockchain network, wherein the blockchain network further includes a routing node and a consensus node, the method comprising:
synchronizing a root certificate issuance transaction from a latest block of the blockchain, the root certificate issuance transaction including a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate, and a height of a failed block of the old root certificate, the root certificate issuance transaction being written into the latest block by the consensus node;
replacing the old root certificate based on the byte stream of the new root certificate;
deleting the old root certificate from the root certificate pool of the service node upon detecting that a block height of a latest block of the block chain is equal to the failed block height.
4. The method of claim 3, wherein after synchronizing a root certificate issuance transaction from a latest chunk of the blockchain, the method further comprises:
sending a service certificate issuing application to an authentication and authorization node to indicate the authentication and authorization node to issue a new service certificate based on the new root certificate and return the new service certificate to the service node;
receiving the new service certificate;
and replacing the old service certificate of the service node based on the new service certificate.
5. The method of claim 3, wherein the root certificate issuance transaction further includes indication information indicating that a height of a valid chunk of the new root certificate is equal to the latest chunk, and wherein after replacing the old root certificate based on the byte stream of the new root certificate, the method further comprises:
acquiring the block height of the latest block;
recording the validated block height of the new root certificate as the block height of the latest block.
6. A data processing method applied to a blockchain network including a consensus node, a routing node and a service node, the method comprising:
the consensus node receives a root certificate issuing transaction sent by an authentication authorization node, and writes the root certificate issuing transaction into a latest block of a block chain, wherein the root certificate issuing transaction comprises a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate, and a failure block height of the old root certificate;
and the service node synchronizes a root certificate issuing transaction from the latest block of the block chain, replaces the old root certificate based on the byte stream of the new root certificate, and deletes the old root certificate from the root certificate pool when detecting that the block height of the latest block of the block chain is equal to the height of the failed block.
7. The method of claim 6, further comprising:
and the consensus node acquires pre-stored historical signature information of the old root certificate from the block chain, verifies the signature information based on the historical signature information, and if the verification is passed, triggers the step of writing the root certificate issue transaction into the latest block of the block chain.
8. A data processing apparatus configured at a consensus node in a blockchain network, the blockchain network further comprising a routing node and a service node, the apparatus comprising:
the communication module is used for receiving a root certificate issuing transaction sent by an authentication authorization node, wherein the root certificate issuing transaction comprises a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate and a failure block height of the old root certificate;
a processing module to write the root certificate issuance transaction into a latest block of a block chain to instruct the service node and the routing node in the block chain network to synchronize the root certificate issuance transaction from the latest block of the block chain, replace the old root certificate based on a byte stream of the new root certificate, and delete the old root certificate from a root certificate pool when a block height of the latest block is equal to the failure block height.
9. A data processing apparatus configured for a service node in a blockchain network, the blockchain network further including a routing node and a consensus node, the apparatus comprising:
a synchronization module, configured to synchronize a root certificate issuance transaction from a latest block of the block chain, where the root certificate issuance transaction includes a byte stream of a new root certificate, signature information of an old root certificate on the new root certificate, and a height of a failure block of the old root certificate, and the root certificate issuance transaction is written into the latest block by the consensus node;
a processing module to replace the old root certificate based on the byte stream of the new root certificate;
the processing module is further configured to delete the old root certificate from the root certificate pool of the service node when detecting that the block height of the latest block of the block chain is equal to the failed block height.
10. A computer storage medium having stored thereon program instructions for implementing a method according to any one of claims 1 to 7 when executed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910893997.0A CN110598375B (en) | 2019-09-20 | 2019-09-20 | Data processing method, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910893997.0A CN110598375B (en) | 2019-09-20 | 2019-09-20 | Data processing method, device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110598375A true CN110598375A (en) | 2019-12-20 |
| CN110598375B CN110598375B (en) | 2021-03-16 |
Family
ID=68861964
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910893997.0A Active CN110598375B (en) | 2019-09-20 | 2019-09-20 | Data processing method, device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110598375B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111460458A (en) * | 2020-03-31 | 2020-07-28 | 腾讯科技(深圳)有限公司 | Data processing method, related device and computer storage medium |
| CN111612456A (en) * | 2020-04-27 | 2020-09-01 | 深圳壹账通智能科技有限公司 | Expired digital certificate management and control method, system, device and storage medium |
| CN111988150A (en) * | 2020-09-03 | 2020-11-24 | 深圳壹账通智能科技有限公司 | Block chain certificate updating method and device, computer equipment and storage medium |
| CN112150146A (en) * | 2020-09-22 | 2020-12-29 | 京东数字科技控股股份有限公司 | Block processing method, device and equipment of block chain and storage medium |
| CN113704742A (en) * | 2021-09-23 | 2021-11-26 | 北京国民安盾科技有限公司 | Method and system for preventing user privacy leakage through equipment verification |
| CN113704742B (en) * | 2021-09-23 | 2024-04-26 | 北京国民安盾科技有限公司 | Method and system for preventing device verification from leaking user privacy |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060039564A1 (en) * | 2000-11-17 | 2006-02-23 | Bindu Rama Rao | Security for device management and firmware updates in an operator network |
| CN102064939A (en) * | 2009-11-13 | 2011-05-18 | 福建联迪商用设备有限公司 | Method for authenticating point of sail (POS) file and method for maintaining authentication certificate |
| CN106372941A (en) * | 2016-08-31 | 2017-02-01 | 江苏通付盾科技有限公司 | CA authentication management method, device and system based on block chain |
| US20170353320A1 (en) * | 2016-02-26 | 2017-12-07 | Apple Inc. | Obtaining and using time information on a secure element (se) |
| US20180060496A1 (en) * | 2016-08-23 | 2018-03-01 | BBM Health LLC | Blockchain-based mechanisms for secure health information resource exchange |
| CN107888382A (en) * | 2017-11-24 | 2018-04-06 | 中钞信用卡产业发展有限公司杭州区块链技术研究院 | A kind of methods, devices and systems of the digital identity checking based on block chain |
| CN108964924A (en) * | 2018-07-24 | 2018-12-07 | 腾讯科技(深圳)有限公司 | Digital certificate method of calibration, device, computer equipment and storage medium |
| CN109067543A (en) * | 2018-07-24 | 2018-12-21 | 腾讯科技(深圳)有限公司 | Digital certificate management method, device, computer equipment and storage medium |
| CN109067539A (en) * | 2018-06-13 | 2018-12-21 | 深圳前海微众银行股份有限公司 | Alliance's chain method of commerce, equipment and computer readable storage medium |
| CN109948371A (en) * | 2019-03-07 | 2019-06-28 | 深圳市智税链科技有限公司 | The method and relevant apparatus of letter of identity are provided for block chain node |
| CN110035052A (en) * | 2018-12-28 | 2019-07-19 | 阿里巴巴集团控股有限公司 | A kind of method, apparatus that checking historical transactional information and electronic equipment |
| CN110058878A (en) * | 2019-04-04 | 2019-07-26 | 交通银行股份有限公司 | Fabric block chain configuration method and system based on intelligent contract |
| CN110061851A (en) * | 2019-04-28 | 2019-07-26 | 广州大学 | A kind of across trust domain authentication method and system of decentralization |
| US20190281465A1 (en) * | 2017-12-04 | 2019-09-12 | Kevin K Moshir | Blockchain for validating communications archiving |
-
2019
- 2019-09-20 CN CN201910893997.0A patent/CN110598375B/en active Active
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060039564A1 (en) * | 2000-11-17 | 2006-02-23 | Bindu Rama Rao | Security for device management and firmware updates in an operator network |
| CN102064939A (en) * | 2009-11-13 | 2011-05-18 | 福建联迪商用设备有限公司 | Method for authenticating point of sail (POS) file and method for maintaining authentication certificate |
| US20170353320A1 (en) * | 2016-02-26 | 2017-12-07 | Apple Inc. | Obtaining and using time information on a secure element (se) |
| US20180060496A1 (en) * | 2016-08-23 | 2018-03-01 | BBM Health LLC | Blockchain-based mechanisms for secure health information resource exchange |
| CN106372941A (en) * | 2016-08-31 | 2017-02-01 | 江苏通付盾科技有限公司 | CA authentication management method, device and system based on block chain |
| CN107888382A (en) * | 2017-11-24 | 2018-04-06 | 中钞信用卡产业发展有限公司杭州区块链技术研究院 | A kind of methods, devices and systems of the digital identity checking based on block chain |
| US20190281465A1 (en) * | 2017-12-04 | 2019-09-12 | Kevin K Moshir | Blockchain for validating communications archiving |
| CN109067539A (en) * | 2018-06-13 | 2018-12-21 | 深圳前海微众银行股份有限公司 | Alliance's chain method of commerce, equipment and computer readable storage medium |
| CN108964924A (en) * | 2018-07-24 | 2018-12-07 | 腾讯科技(深圳)有限公司 | Digital certificate method of calibration, device, computer equipment and storage medium |
| CN109067543A (en) * | 2018-07-24 | 2018-12-21 | 腾讯科技(深圳)有限公司 | Digital certificate management method, device, computer equipment and storage medium |
| CN110035052A (en) * | 2018-12-28 | 2019-07-19 | 阿里巴巴集团控股有限公司 | A kind of method, apparatus that checking historical transactional information and electronic equipment |
| CN109948371A (en) * | 2019-03-07 | 2019-06-28 | 深圳市智税链科技有限公司 | The method and relevant apparatus of letter of identity are provided for block chain node |
| CN110058878A (en) * | 2019-04-04 | 2019-07-26 | 交通银行股份有限公司 | Fabric block chain configuration method and system based on intelligent contract |
| CN110061851A (en) * | 2019-04-28 | 2019-07-26 | 广州大学 | A kind of across trust domain authentication method and system of decentralization |
Non-Patent Citations (1)
| Title |
|---|
| 朱慧芳 等: ""一种基于证书属性的根证书更新方法研究"", 《信息安全与通信保密》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111460458A (en) * | 2020-03-31 | 2020-07-28 | 腾讯科技(深圳)有限公司 | Data processing method, related device and computer storage medium |
| CN111460458B (en) * | 2020-03-31 | 2022-05-27 | 腾讯科技(深圳)有限公司 | Data processing method, related device and computer storage medium |
| CN111612456A (en) * | 2020-04-27 | 2020-09-01 | 深圳壹账通智能科技有限公司 | Expired digital certificate management and control method, system, device and storage medium |
| WO2021218334A1 (en) * | 2020-04-27 | 2021-11-04 | 深圳壹账通智能科技有限公司 | Method, system, and apparatus for managing expired digital certificate, and storage medium |
| CN111988150A (en) * | 2020-09-03 | 2020-11-24 | 深圳壹账通智能科技有限公司 | Block chain certificate updating method and device, computer equipment and storage medium |
| CN111988150B (en) * | 2020-09-03 | 2023-04-18 | 深圳壹账通智能科技有限公司 | Block chain certificate updating method and device, computer equipment and storage medium |
| CN112150146A (en) * | 2020-09-22 | 2020-12-29 | 京东数字科技控股股份有限公司 | Block processing method, device and equipment of block chain and storage medium |
| CN112150146B (en) * | 2020-09-22 | 2023-11-03 | 京东科技控股股份有限公司 | Block processing method, device, equipment and storage medium of block chain |
| CN113704742A (en) * | 2021-09-23 | 2021-11-26 | 北京国民安盾科技有限公司 | Method and system for preventing user privacy leakage through equipment verification |
| CN113704742B (en) * | 2021-09-23 | 2024-04-26 | 北京国民安盾科技有限公司 | Method and system for preventing device verification from leaking user privacy |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110598375B (en) | 2021-03-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110598375B (en) | Data processing method, device and storage medium | |
| CN111681003B (en) | Resource cross-chain transfer method and device, computer equipment and storage medium | |
| US11336455B2 (en) | Consensus protocol for blockchain DAG structure | |
| CN110933163B (en) | Block chain contract deployment method, device, equipment and storage medium | |
| US9652755B2 (en) | Method and system for securely updating field upgradeable units | |
| CN113141259B (en) | Method and device for replacing identity certificate in block chain network | |
| US11593316B2 (en) | Database snapshot for managing state synchronization | |
| CN111934870B (en) | Method, apparatus, device and medium for updating root certificate in block chain network | |
| CN113723962B (en) | Block chain authority management method and block chain system | |
| JP2023520859A (en) | Faster view change for blockchain | |
| JP2022541048A (en) | Security layer for configuring blockchain | |
| US11757884B2 (en) | Method and system for controlling the release of a resource | |
| CN112241919A (en) | Multi-domain blockchain network with data flow control | |
| CN110597541B (en) | Interface updating processing method, device, equipment and storage medium based on block chain | |
| CN112527912A (en) | Data processing method and device based on block chain network and computer equipment | |
| CN113495920A (en) | Content auditing system, method and device based on block chain and storage medium | |
| CN112700246B (en) | Block chain-based data processing method, device, equipment and readable storage medium | |
| US20210117381A1 (en) | Probabilistic verification of linked data | |
| US20200394162A1 (en) | Operation management method for distributed ledger system, operation management system for distributed ledger system, and operation management program for distributed ledger system | |
| CN113037827B (en) | Voting method based on block chain, self-organization management method and computer equipment | |
| CN108540447B (en) | Block chain-based certificate verification method and system | |
| CN112131041A (en) | Method, apparatus and computer program product for managing data placement | |
| CN112699406A (en) | Block chain-based medical image data security management method and system | |
| CN115280347A (en) | Computing services for a platform of services associated with a blockchain | |
| CN111177171A (en) | Service data authentication and management method and system based on block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |