CN110910143A - Identity identification generation method, device, related node and medium - Google Patents

Identity identification generation method, device, related node and medium Download PDF

Info

Publication number
CN110910143A
CN110910143A CN201911149679.XA CN201911149679A CN110910143A CN 110910143 A CN110910143 A CN 110910143A CN 201911149679 A CN201911149679 A CN 201911149679A CN 110910143 A CN110910143 A CN 110910143A
Authority
CN
China
Prior art keywords
identity
generator
target
target object
generation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911149679.XA
Other languages
Chinese (zh)
Inventor
李茂材
刘区城
王宗友
张劲松
黄焕坤
廖志勇
周开班
时一防
刘攀
蓝虎
孔利
朱耿良
杨常青
崔嘉辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201911149679.XA priority Critical patent/CN110910143A/en
Publication of CN110910143A publication Critical patent/CN110910143A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Abstract

The embodiment of the invention provides an identity generating method, an identity generating device, a related node and a readable storage medium, wherein the method comprises the following steps: acquiring an identity generation request, wherein the identity generation request is used for requesting to configure a corresponding identity for a target object; selecting a target generator from the at least one identity generator in response to the identity generation request; and generating a corresponding identity for the target object according to an identity generation mechanism adopted by the target generator. By implementing the invention, the centralized management and maintenance of the identification can be realized, and the uniqueness of the identification of different objects in the block chain system is ensured.

Description

Identity identification generation method, device, related node and medium
Technical Field
The present invention relates to the field of block chain technologies, and in particular, to a method and an apparatus for generating an identity, a related node, and a readable storage medium.
Background
Smart contracts are computer protocols that are intended to propagate, validate or execute contracts in an informational manner, allowing for trusted transactions without third parties. During specific implementation, the Ethernet workshop platform executes contract codes customized by any contract writer through the Ethernet workshop virtual machine, so that intelligent contracts are realized.
Currently, when a contract writer writes an intelligent contract, the self-increment of unsigned numeric type variables needs to be added into a contract code to realize the function of generating an Identity (ID). However, the self-defined generated identity of the contract writer cannot realize centralized management and maintenance, which may cause the identity between different objects to be repeated, etc.; and when the identity is needed, the identity generation method is customized once, so that the development efficiency is low.
Disclosure of Invention
The embodiment of the invention discloses an identity generating method, an identity generating device, related nodes and a readable storage medium.
In a first aspect, an embodiment of the present invention provides an identity generation method, an identity generation device, a related node, and a readable storage medium, where the identity generation method includes: receiving an identity generation request, wherein the identity generation request is used for requesting to configure a corresponding identity for a target object; selecting a target generator from at least one type of identity generator in response to the identity generation request; and generating a corresponding identity for the target object according to an identity generation mechanism adopted by the target generator.
In one implementation, the identity generation request carries security attributes of the target object, and selecting the target generator from the at least one identity generator includes: selecting a target generator matched with the security attribute from at least one identity generator according to the attribute information of the target object; wherein the security attribute of the target object is used to indicate the need of the target object for information security.
In one implementation, at least one of the identity generators includes a numeric generator and a string generator, and the requirement of information security corresponding to the numeric generator is lower than that corresponding to the string generator; selecting a target generator matching the security attribute from the at least one identity generator according to the attribute information of the target object comprises: if the security attribute of the target object is the first attribute, selecting a character string type generator from at least one identity identifier generator as a target generator; if the security attribute of the target object is the second attribute, selecting a digital generator from at least one identity generator as a target generator; the requirement of information security corresponding to the indication of the first attribute is higher than that corresponding to the indication of the second attribute.
In one implementation, the identifier generation request carries an identifier type, and selecting a target generator from at least one identifier generator in response to the identifier generation request includes: selecting a target generator matched with the identity type from at least one identity generator according to the identity type; the identity identifier generator corresponds to the identity identifier types one by one.
In one implementation, generating a corresponding identity for a target object according to an identity generation mechanism adopted by a target generator includes: acquiring generation parameters required by a target generator; and generating a corresponding identity for the target object by using the generation parameters according to an identity generation mechanism adopted by the target generator.
In one implementation, the generation parameters are carried with the id generation request and/or the generation parameters are recorded in the id manager.
In one implementation, generating the parameter includes at least one of: identity name, identity type, prefix, starting number, increment, random number, length, address, transaction times, block height, transaction index.
In a second aspect, embodiments of the present invention provide a block link point, including:
a memory comprising computer readable instructions;
a processor coupled to the memory for executing the computer readable instructions, thereby causing the computer device to perform the method as described in the first aspect or any possible implementation of the first aspect.
In a third aspect, an embodiment of the present invention provides an identity generation apparatus, where the identity generation apparatus includes:
a receiving unit: the system comprises a receiving module, a generating module and a sending module, wherein the receiving module is used for receiving an identity generating request which is used for requesting to configure a corresponding identity for a target object;
a response unit: the system comprises a target generator, a target generator and a plurality of identity generators, wherein the target generator is used for responding to identity generation requests and selecting the target generator from at least one identity generator;
a generation unit: and the system is used for generating a corresponding identity for the target object according to an identity generation mechanism adopted by the target generator.
In a fourth aspect, embodiments of the present invention provide a computer-readable storage medium storing one or more instructions adapted to be loaded by a processor and to perform a method as described in the first aspect or any possible implementation manner of the first aspect.
In the implementation of the invention, a block chain node is deployed with an identity management contract, the block chain node acquires an identity generation request, and the identity generation request is used for requesting to configure a corresponding identity for a target object; the block chain node responds to the identity generation request and selects a target generator from at least one identity generator; and the block chain node generates a corresponding identity for the target object according to the identity generation mechanism adopted by the target generator. By implementing the invention, the centralized management and maintenance of the identity can be realized, the uniqueness of the identity of different objects in the block connection system is ensured, and the generation of the centralized management and maintenance identity can improve the development efficiency of research and development personnel.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a distributed blockchain system according to an embodiment of the present invention;
FIG. 2 is an identity management contract architecture diagram provided by an embodiment of the present invention;
fig. 3 is a schematic flow chart of an identity generation method according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of an ID generator class according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an identification generating apparatus according to an embodiment of the present invention;
fig. 6 is a schematic diagram of a block link point structure according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention. In addition, the features in the embodiments and the examples described below may be combined with each other without conflict.
The system related to the embodiment of the invention can be a distributed system formed by connecting a client, a plurality of nodes (any form of computing equipment in an access network, such as a server and a user terminal) through a network communication mode.
Taking a distributed system as an example of a blockchain system, referring To fig. 1, fig. 1 is an optional structural schematic diagram of a distributed system 100 applied To a blockchain system, which is provided by an embodiment of the present invention and is formed by a plurality of nodes 102 (computing devices in any form in an access network, such as servers and user terminals) and clients, a Peer-To-Peer (P2P, Peer To Peer) network is formed between the nodes 102, and a P2P protocol is an application layer protocol operating on top of a Transmission Control Protocol (TCP). In a distributed system, any machine, such as a server, a terminal, may join to become a node 102.
Referring to the functions of each node in the blockchain system shown in fig. 1, the functions involved include:
1) routing, a basic function that a node has, is used to support communication between nodes.
Besides the routing function, the node may also have the following functions:
2) the application is used for being deployed in a block chain, realizing specific services according to actual service requirements, recording data related to the realization functions to form recording data, carrying a digital signature in the recording data to represent a source of task data, and sending the recording data to other nodes in the block chain system, so that the other nodes add the recording data to a temporary block when the source and integrity of the recording data are verified successfully.
For example, the services implemented by the application include wallets, shared ledgers, intelligent contracts, and the like. The intelligent contract, computerized agreement, can carry out the terms of a certain contract, is realized by codes which are deployed on a shared account and are used for carrying out when certain conditions are met, and is used for completing automated transaction according to actual business demand codes, such as inquiring the logistics state of goods purchased by a buyer and transferring the electronic money of the buyer to the address of a merchant after the buyer signs the goods; of course, smart contracts are not limited to executing contracts for trading, but may also execute contracts that process received information.
3) And the Block chain comprises a series of blocks (blocks) which are mutually connected according to the generated chronological order, new blocks cannot be removed once being added into the Block chain, and recorded data submitted by nodes in the Block chain system are recorded in the blocks.
Based on the block chain system, the embodiment of the invention provides an identity generation scheme. The id generation scheme is mainly applied to the blockchain system, which is described in detail below as an example. Referring to fig. 2, fig. 2 is an architecture diagram of an ID management contract according to an embodiment of the present invention, as shown in the diagram, at least one ID generator 2001(ID generator) and an ID manager 2002(ID manager) are deployed in an ID management contract 200, and the ID management contract may be deployed in the form of an intelligent contract on a blockchain node, which is run by an ethernet virtual machine, and the blockchain node is any node 102 in a blockchain system. The identity management contract 200 provides the function of generating the identity for the target object, can realize centralized management of the identities of all objects, and ensures the uniqueness of the identities. Specifically, the identity generator 2001 is used to generate an identity for the target object; the identity manager 2002 is used to manage identity generators (e.g., identity generator registration, management, and attribute maintenance) and rights control. Based on the id management contract 200, the embodiment of the present invention provides an id generation scheme. At least one application 202 sends a request to register an id generator, and the id manager 2002 receives the id generator request and records generation parameters carried by the id generator request and an identifier of the application 202. Further, the application 202 sends an identity generation request, where the identity generation request is used to request to configure a corresponding identity for a target object in the application 202; the identity management contract 200 receives an identity generation request, and selects a target generator from at least one identity generator in response to the identity generation request; and generating a corresponding identity for the target object according to an identity generation mechanism adopted by the target generator.
The block link node of the present invention may specifically be a terminal device, and the terminal device includes, but is not limited to, a mobile phone, a tablet personal computer (tablet personal computer), a Personal Digital Assistant (PDA), a Mobile Internet Device (MID), a wearable device (wearable device), a vehicle-mounted device, and other devices supporting network communication.
Alternatively, the block node may be the same node as the node where the application 202 is deployed, or may be a different node.
Referring to fig. 3, fig. 3 is a schematic flow chart of an identity generation method according to an embodiment of the present invention, where the identity generation method specifically includes steps S301 to S303:
step S301: identity management contract 200 receives an identity generation request requesting that a corresponding identity be configured for a target object.
Specifically, the identity manager 2002 in the identity management contract 200 receives an identity generation request to generate an identity for a target object. The id generation request is sent by the application 202 where the target object is located, and is used to request to configure a corresponding id for the target object. The target object may be any object that the target user participates in the transaction in the block connection system through the application 202, such as any object that needs to be identified by an identity, such as an intelligent contract, the target user, a transaction event, and the like; for example, applications may include, but are not limited to, Tencent music, Tencent games, etc., and target objects corresponding to Tencent music may include, but are not limited to, album name, singer name, etc.; the target object corresponding to the Tencent game may include, but is not limited to, the name of the skin glowing by the prince, the name of the prop, etc.
Further, the id manager 2002 performs authority control on the id generation request. The identity generation request carries an identifier of the application 202, where the identifier may be a specific name of the application 202, an address of a terminal device deployed by the application 202, or the like. The id manager 2002 implements permission control on the id generation request sent by the application 202 by verifying the id. Specifically, before the application 202 sends the id generation request for the first time, a registration id generator request is sent, where the registration id generator request carries the id of the application 202, and the id manager 2002 receives the id generator request and stores the id of the application 202. In order to prevent the identifier of the application 202 from being tampered, the identifier is signed and carried in the identifier generation request, and after receiving the identifier generation request, the identifier manager 2002 decrypts the signed identifier to obtain the identifier of the application 202, and compares the identifier with the identifier of the application 202 stored in the identifier manager 2002. If the identification information of the application 202 is correct, it indicates that the application 202 has the right to request identification.
Step S302: identity management contract 200 selects a target producer from at least one type of identity producer in response to an identity production request.
In response to an identity generation request, the identity manager 2002 in the identity management contract 200 selects a target generator from at least one type of identity generator. The identity generator is deployed in the identity management contract, and the type and number of the identity generators are not limited, and may include but not limited to at least one of a numeric generator and a string generator. And the specific implementation of selecting the target generator is not limited, two possible implementations are described below.
In one embodiment, the id generation request carries security attributes of the target object, and therefore, the id manager 2002 selects the target generator from the at least one id generator, and may select the target generator matching the security attributes from the at least one id generator according to the attribute information of the target object. Wherein the security attribute of the target object is used to indicate the need of the target object for information security. Specifically, the information security requirement for the numeric type generator is lower than that for the string type generator. If the security attribute of the target object is a first attribute, selecting a character string type generator from at least one identity identifier generator as the target generator; if the security attribute of the target object is the second attribute, selecting a digital generator from at least one identity generator as a target generator; and the requirement of the information security corresponding to the indication of the first attribute is higher than that of the information security corresponding to the indication of the second attribute. For example, if the target object is a user participating in a transaction, and the id is used to identify different users, the need for information security is low in order to traverse the specific details of the user participating in the transaction. Therefore, the safety attribute of the user participating in the transaction is the second attribute, and the digital generator is selected as the target generator. If the target object is a transaction, the identity is used for identifying the transactions generated at different time points, and in order to prevent specific information of the transactions from being maliciously traversed, the requirement on information security is high. Therefore, the safety attribute of the transaction is the first attribute, and the character string type generator is selected as the target generator.
In another embodiment, the id generation request carries an id type, so that the id manager 2002 selects a target generator from at least one id generator, and selects a target generator matching the id type from at least one id generator according to the id type; the identity identifier generator corresponds to the identity identifier types one by one. For example, a numeric generator is denoted by S, a string generator is denoted by Z; the id type S may be carried in the id generation request, and a digital type generator matching the id type is selected from at least one id generator according to the id type S.
Further, the identity generator may employ different identity generation mechanisms. The type of the id generation mechanism is not limited, and five different id generation mechanisms are exemplarily provided in the embodiment of the present invention. Thus, the identity generators can be divided into five categories depending on the identity generation mechanism. As shown in fig. 4, the numeric generators are classified into two types according to the identity generation mechanism, and the string type is classified into three types according to the identity generation mechanism. As shown in table 1, table 1 is a classification table of the identity generation mechanism provided in the embodiment of the present invention.
TABLE 1 ID Generation mechanism Classification sheet
Figure BDA0002283194440000071
As shown in table 1, T1 represents an identity generation mechanism adopted by the first type of digital generator, where the identity generation mechanism is an identity that adopts a fixed-length number as a target object; t2 denotes an identification generation mechanism adopted by the second type of digital generator, which is an identification that adopts a specified prefix and a fixed-length number as a target object; t3 represents an identification generation mechanism adopted by the first-type string generator, where the identification generation mechanism is an identification in which a hash value obtained by performing hash operation on an address and transaction times is used as a target object; t4 denotes an identification generation mechanism used by the second type string generator, where the identification generation mechanism is an identification in which a hash value obtained by performing hash operation on an address, transaction times, and a random number is used as a target object; t5 denotes an id generation mechanism adopted by the third type of string generator, where the id generation mechanism is a hash value obtained by performing hash operation on an address, a block height, and a transaction index, and is used as an id of a target object. Therefore, in the id management contract, the above-described five kinds of id generators are provided.
Alternatively, each identity generation mechanism may correspond to one security attribute, i.e., each identity generator may correspond to one security attribute. The first type of digital generator corresponds to security attribute 1; the second type of digital generator corresponds to the security attribute 2; the first type of string generator corresponds to security attribute 3; the second type of character string type generator corresponds to a security attribute 4; the third type of string generator corresponds to security attribute 5. Wherein the indicated information security requirements for security attributes 1-5 are sequentially increasing. Thus, the target object may select a target generator from the at least one identity generator that matches the security attribute based on the attribute information.
Alternatively, the identity manager may manage the identity generator, such as deleting, freezing, and enabling the identity generator. If the identity generator freezes, the target user who registered application 202 cannot be assigned an identity, and thus cannot register application 202.
Step S303: the identity management contract 200 generates a corresponding identity for the target object according to the identity generation mechanism employed by the target generator.
The id management contract is deployed with five id generators in step S202, where the five id generators may adopt different id generation mechanisms, and each id generator corresponds to one id generation mechanism. The identity management contract 200 generates a corresponding identity for the target object according to the identity generation mechanism employed by the target generator.
Specifically, the id management contract 200 obtains generation parameters required by the target generator, and generates a corresponding id for the target object by using the generation parameters according to the id generation mechanism adopted by the target generator. Wherein, the generation parameter is not limited, and comprises at least one of the following: the method comprises the following steps of identification Name (Name), identification type (IDType), prefix (prefix), starting number (start), increment (increment), length (length), counter (counter), random number (salt), address (address), Transaction times (nonce), Block height (Block height) and Transaction index (Transaction index). Wherein:
the identity name represents the name of the identity; the identity of an external account, such as an intelligent contract a, may be named AE and the identity of a contract account may be named AC.
The identity type represents the type of an identity generation mechanism; such as T1, T2, etc.
The prefix is a prefix field included in the identity of the target object; the settings can be customized by the system.
The initial number represents the initial number of the identity mark generated by the number generator for the target object; the setting can be customized by the system, such as default to 0.
The increment represents the increment of the fixed-length number generated by the digital type generator; if the increment is 1, the identity of the next target object is added with 1 on the basis of the identity of the current target object.
The length represents the length of the fixed-length number generated by the digital type generator; the configuration can be customized, for example, the default is 10, and if the field length is not enough, zero can be automatically filled left or right.
The counter is used for recording the number of the generated identity marks in the digital generator; if each identity is generated for the same kind of target object, the counter is increased by 1.
The random number (salt) represents a randomly generated number; may be randomly generated by the identity management contract 200 or carried in the identity generation request.
The address represents an address of the target object; for example, an intelligent contract may be deployed to generate a contract address.
The transaction times represent the times of transactions of the target object; if the external account of the smart contract includes a nonce field, the nonce is increased by 1 each time a new transaction occurs in the external account.
The height of a block represents the height of the block where the target object is located, i.e., the index of the block on the blockchain.
The transaction index indicates an index of a transaction when the target object is a transaction.
Each target generator requires different generation parameters, please refer to table 2(a) -table 2(b), where table 2(a) is a generation parameter table of a digital generator provided by an embodiment of the present invention; table 2(b) is a generation parameter table of a string generator according to an embodiment of the present invention. In the table, M is a necessary-to-generate parameter field, O is an optional-to-generate parameter field (a number in parentheses represents a default value), and a null indicates that the default value of the corresponding type of the generated parameter field is filled, an owner indicates a target object that can request an identity, and the authority control of the owner is realized by the identity manager 101, which may be specifically referred to step S201; by default all objects can apply for identity.
Table 2(a) table of generation parameters of digital type generator
Name IDType prefix counter length start increment owner
T1 M M O(10) O(0) O(1)
T2 M M M O(10) O(0) O(1)
Table 2(b) generation parameter table of character string type generator
Name IDType address nonce Block height salt Transaction index owner
M M M M
M M M M M
M M M M M
As shown in table 2, the mandatory generation parameter fields of the first type of numeric generator include an id name and an id type, and the optional generation parameter fields are length, start number, and increment. The id generator 2001 obtains the above generated parameters, and generates a corresponding id for the target object according to the id generation mechanism T1 adopted by the first type of digital generator. For example, a length of 10, a starting number of 0, and an increment of 1, with a length of 10, 0 may be complemented on the left. The identity generated for the first target object may therefore be 0000000000 and the identity generated for the next target object 0000000001. The counter records the number of generated ids, and adds 1 for each new id, so the id generated for the 200 th target object may be 0000000200.
The first type of digital generator generates a plurality of digital words according to the length, the initial number and the increment of the first type of digital generator. The id generator 2001 obtains the above generated parameters, and generates a corresponding id for the target object according to the id generation mechanism T2 adopted by the second type of digital generator. For example, a length of 10, a starting number of 0, an increment of 1, and a prefix of B, since the length is 10, 0 may be complemented on the left side. The identity generated for the first target object may be B000000000, and similarly the identity generated for the 200 th target object may be B000000200.
The mandatory-fill generation parameter field of the first type of string generator includes an id name, an id type, an address, and transaction times, and the id generator 2001 obtains the above generation parameters, and generates a corresponding id for the target object according to the id generation mechanism T3 adopted by the first type of string generator. Specifically, the identity generator 2001 performs hash operation on the address and the transaction frequency by using a hash function SHA3, and the obtained hash value is the identity of the target object. The hash function is not limited, and in practical application, the hash function may be any function in the series of SHA-0, SHA-1, SHA-2, SHA-3, or the like.
The mandatory-fill generation parameter field of the second type string generator includes an id name, an id type, an address, transaction times, and a random number, and the id generator 2001 obtains the generation parameters, and generates a corresponding id for the target object according to the id generation mechanism T4 adopted by the second type string generator. Specifically, the id generator 2001 performs hash operation on the address, the transaction frequency, and the random number by using a hash function SHA3, and the obtained hash value is the id of the target object. The hash function is not limited, and in practical application, the hash function may be any function in the series of SHA-0, SHA-1, SHA-2, SHA-3, or the like.
The mandatory-fill generation parameter field of the third type of string generator includes an id name, an id type, an address, a block height, and a transaction index, and the id generator 2001 obtains the generation parameters, and generates a corresponding id for the target object according to the id generation mechanism T5 adopted by the third type of digital generator. Specifically, the id generator 2001 performs hash operation on the address, the height of the block, and the transaction index by using a hash function SHA3, and the obtained hash value is the id of the target object. The hash function is not limited, and in practical application, the hash function may be any function in the series of SHA-0, SHA-1, SHA-2, SHA-3, or the like. For example, if a user a calls the smart contract B to perform a transaction, a target object is the transaction of the user a, and an identity is generated for the target object, it is necessary to obtain an address of the user a, and record a height of a target block of the transaction of the user a and a transaction index. If the address is 172.168.11.1, the height of the target chunk is 100, and the transaction index is xxx, the identity of the target object is the hash value f8cdb04495ded47615258f9dc6a3f4707fd2405434fefc3cbf4ef4e 6.
Optionally, the obtaining manner of the generation parameter is not limited, for example, the generation parameter is carried in the id generation request, and/or the generation parameter is recorded in the id management contract. For example, the string generator may require different generation parameters depending on the target object, and thus the generation parameters may be carried in the id generation request of the target object. As another example of a digital type generator, generation parameters may be recorded in the identity management contract 200 because they do not change significantly from target object to target object. The specific embodiment in which the generation parameters are recorded in the identity management contract 200 is as follows. The application 202 sends a request for a registration id generator, where the request for the registration id generator carries generation parameters, including but not limited to an id name, an id type, and the like; the id manager 2002 receives the id generator request and records the generation parameters carried by the id generator request. The identity generator 2001 may therefore obtain generation parameters directly from the identity manager 2002. And the identity types are in one-to-one correspondence with the identity generators, the application 202 may request multiple identity generators 2001 to generate identities for the target object at the same time. For Tencent music, the first type of digital generator may generate an identification for the album name; a second type of numeric generator may generate an identification for the name of the singer.
Optionally, the identity manager 2002 records the number of times the identity generator is invoked. The identity manager 2002 maintains a mapping between the identity name of the identity and the target generator when the target generator generates the identity for a new target object in the application 202. If there is a next target object of the same type as the target object, the target generator may be called according to the mapping relationship, and only the object under the same application 202 may call the target generator. And, each identity generator provides a means for generating an identity for the next target object; for example, the ID manager 2002 counter may record the number of times the number generator is called, and the number generator may generate an ID for the next target object based on the increment and counter. The following exemplary method provides an identification for the next target object in the actual application.
Next ID(ID id);
return (id newid); // newId is the ID generated for the target object;
{switch id.IDType;
case T1; selecting a generator corresponding to a T1 generation mechanism according to the id type;
get next T1 id (id); generating specific IDs for target objects according to the T1 generation mechanism
}
For example, the target object is a first registered user 1 of an application H in the block connection system, the identity generation request of the registered user 1 carries a security attribute, the second type of digital generator is selected as the target generator according to the security attribute, and assuming that the identity generated by the target generator is H000000000, the identity management contract is that the identity name allocated to the identity is SH. And storing the mapping relation between the identity identification name SH and the target generator. If the second registered user 2 applying the H needs to generate the identity, the identity generation request can carry an identity name, the target generator is selected according to the identity name, the target generator is called to generate the identity for the registered user 2, and the identity generated by the registered user 2 is H000000001 according to the record of the counter being 1 and the increment being 1. Similarly, if the registered user of the application F needs to generate the id, the same target generator may be selected, but the id names are different, for example, the id name is SF for distinguishing.
In the implementation of the invention, a block chain node is deployed with an identity management contract, the block chain node acquires an identity generation request, and the identity generation request is used for requesting to configure a corresponding identity for a target object; the block chain node responds to the identity generation request and selects a target generator from at least one identity generator; and the block chain node generates a corresponding identity for the target object according to the identity generation mechanism adopted by the target generator. By implementing the invention, the centralized management and maintenance of the identity can be realized, the uniqueness of the identity of different objects in the block connection system is ensured, and the generation of the centralized management and maintenance identity can improve the development efficiency of research and development personnel.
Referring to fig. 5, fig. 5 is a schematic structural diagram of an identity generating apparatus according to an embodiment of the present invention, where the identity generating apparatus may specifically be a terminal device deployed with an identity management contract, and is configured to execute the method steps shown in fig. 3, and the identity generating apparatus 50 may include a receiving unit 501, a response unit 502, and a generating unit 503. Wherein:
the receiving unit 501: the system comprises a receiving module, a generating module and a sending module, wherein the receiving module is used for receiving an identity generating request which is used for requesting to configure a corresponding identity for a target object;
the response unit 502: the system comprises a target generator, a target generator and a plurality of identity generators, wherein the target generator is used for responding to identity generation requests and selecting the target generator from at least one identity generator;
the generation unit 503: and the system is used for generating a corresponding identity for the target object according to an identity generation mechanism adopted by the target generator.
In an implementation manner, the response unit 502 is configured to, when the identity generation request carries a security attribute of a target object and a target generator is selected from at least one identity generator, specifically:
selecting a target generator matched with the security attribute from at least one identity generator according to the attribute information of the target object; wherein the security attribute of the target object is used to indicate the need of the target object for information security.
In one implementation, at least one of the identity generators includes a numeric generator and a string generator, and the requirement of information security corresponding to the numeric generator is lower than that corresponding to the string generator; the response unit 502 is specifically configured to, when selecting a target generator matching the security attribute from the at least one identity generator according to the attribute information of the target object:
if the security attribute of the target object is the first attribute, selecting a character string type generator from at least one identity identifier generator as a target generator;
if the security attribute of the target object is the second attribute, selecting a digital generator from at least one identity generator as a target generator;
the requirement of information security corresponding to the indication of the first attribute is higher than that corresponding to the indication of the second attribute.
In an implementation manner, the identity generation request carries an identity type, and the response unit 502 is configured to respond to the identity generation request, and when a target generator is selected from at least one identity generator, specifically configured to:
selecting a target generator matched with the identity type from at least one identity generator according to the identity type; the identity identifier generator corresponds to the identity identifier types one by one.
In an implementation manner, the generating unit 503 is specifically configured to, when generating a corresponding identity for a target object according to an identity generation mechanism adopted by a target generator,:
acquiring generation parameters required by a target generator;
and generating a corresponding identity for the target object by using the generation parameters according to an identity generation mechanism adopted by the target generator.
In one implementation, the generation parameters are carried with the id generation request and/or the generation parameters are recorded in the id manager.
In one implementation, generating the parameter includes at least one of: identity name, identity type, prefix, starting number, increment, random number, length, address, transaction times, block height, transaction index.
According to another embodiment of the present invention, the units in the identification generation apparatus shown in fig. 5 may be respectively or entirely combined into one or several other units to form another unit, or some unit(s) therein may be further split into multiple units with smaller functions to form another unit, which may implement the same operation without affecting implementation of technical effects of embodiments of the present invention. The units are divided based on logic functions, and in practical application, the functions of one unit can be realized by a plurality of units, or the functions of a plurality of units can be realized by one unit. In other embodiments of the present invention, the apparatus based on the id generation method may also include other units, and in practical applications, these functions may also be implemented by being assisted by other units, and may be implemented by cooperation of multiple units.
In the implementation of the invention, a block chain node is deployed with an identity management contract, the block chain node acquires an identity generation request, and the identity generation request is used for requesting to configure a corresponding identity for a target object; the block chain node responds to the identity generation request and selects a target generator from at least one identity generator; and the block chain node generates a corresponding identity for the target object according to the identity generation mechanism adopted by the target generator. By implementing the invention, the centralized management and maintenance of the identity can be realized, the uniqueness of the identity of different objects in the block chain system is ensured, and the generation of the centralized management and maintenance identity can improve the development efficiency of research personnel.
Based on the description of the method embodiment and the apparatus embodiment, the embodiment of the present invention further provides a schematic structural diagram of a blockchain node. Referring to fig. 6, the daily blockchain node 60 includes at least a processor 601, an input device 602, an output device 603, and a computer storage medium 604. The processor 601, input device 602, output device 603, and computer storage medium 604 within a block chain node may be connected by a bus or other means.
A computer storage medium 604 may be stored in the memory of the block link points, the computer storage medium 604 being for storing a computer program comprising program instructions, the processor 601 being for executing the program instructions stored by the computer storage medium 604. The processor 601 (or CPU) is a computing core and a control core of the terminal, and is adapted to implement one or more instructions, and specifically, adapted to load and execute one or more instructions so as to implement a corresponding method flow or a corresponding function.
The embodiment of the invention also provides a computer storage medium (Memory), which is Memory terminal equipment in the first node and is used for storing programs and data. It will be appreciated that the computer storage media herein may comprise both built-in storage media in blockchain nodes and, of course, extended storage media supported by blockchain nodes. The computer storage medium provides storage space that stores operating systems for the block chain nodes. Also, one or more instructions, which may be one or more computer programs (including program code), are stored in the memory space and are adapted to be loaded and executed by the processor 601. The computer storage medium may be a high-speed RAM memory, or may be a non-volatile memory (non-volatile memory), such as at least one disk memory; and optionally at least one computer storage medium located remotely from the processor.
In one embodiment, one or more instructions stored in a computer storage medium may be loaded and executed by processor 601 to implement the corresponding steps of the method described above in relation to the embodiment of the identity generation method; in a particular implementation, one or more instructions in the computer storage medium are loaded by the processor 601 and perform the following steps:
receiving an identity generation request, wherein the identity generation request is used for requesting to configure a corresponding identity for a target object;
selecting a target generator from at least one type of identity generator in response to the identity generation request;
and generating a corresponding identity for the target object according to an identity generation mechanism adopted by the target generator.
In one implementation, when the identity generation request carries the security attribute of the target object and a target generator is selected from at least one identity generator, one or more instructions in the computer storage medium are loaded by the processor 601 and perform the following steps:
selecting a target generator matched with the security attribute from at least one identity generator according to the attribute information of the target object; wherein the security attribute of the target object is used to indicate the need of the target object for information security.
In one implementation, at least one of the identity generators includes a numeric generator and a string generator, and the requirement of information security corresponding to the numeric generator is lower than that corresponding to the string generator; upon selecting a target generator from the at least one identity generator that matches the security attribute based on the attribute information of the target object, one or more instructions in the computer storage medium are loaded by the processor 601 and perform the steps of:
if the security attribute of the target object is the first attribute, selecting a character string type generator from at least one identity identifier generator as a target generator;
if the security attribute of the target object is the second attribute, selecting a digital generator from at least one identity generator as a target generator;
the requirement of information security corresponding to the indication of the first attribute is higher than that corresponding to the indication of the second attribute.
In one implementation, the id generation request carries an id type, and when a target generator is selected from at least one id generator in response to the id generation request, one or more instructions in the computer storage medium are loaded by the processor 601 and perform the following steps:
selecting a target generator matched with the identity type from at least one identity generator according to the identity type; the identity identifier generator corresponds to the identity identifier types one by one.
In one implementation, when generating a corresponding id for a target object according to an id generation mechanism employed by a target generator, one or more instructions in a computer storage medium are loaded by the processor 601 and perform the following steps:
acquiring generation parameters required by a target generator;
and generating a corresponding identity for the target object by using the generation parameters according to an identity generation mechanism adopted by the target generator.
In one implementation, the generation parameters are carried with the id generation request and/or the generation parameters are recorded in the id manager.
In one implementation, generating the parameter includes at least one of: identity name, identity type, prefix, starting number, increment, random number, length, address, transaction times, block height, transaction index.
In the implementation of the invention, a block chain node is deployed with an identity management contract, the block chain node acquires an identity generation request, and the identity generation request is used for requesting to configure a corresponding identity for a target object; the block chain node responds to the identity generation request and selects a target generator from at least one identity generator; and the block chain node generates a corresponding identity for the target object according to the identity generation mechanism adopted by the target generator. By implementing the invention, the centralized management and maintenance of the identity can be realized, the uniqueness of the identity of different objects in the block chain system is ensured, and the generation of the centralized management and maintenance identity can improve the development efficiency of research personnel.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention, and it is therefore to be understood that the invention is not limited by the scope of the appended claims.

Claims (10)

1. An identity generation method applied to a block chain node point deployed with an identity management contract, wherein at least one identity generator is deployed in the identity management contract, and the method comprises the following steps:
receiving an identity generation request, wherein the identity generation request is used for requesting to configure a corresponding identity for a target object;
selecting a target generator from the at least one identity generator in response to the identity generation request;
and generating a corresponding identity for the target object according to an identity generation mechanism adopted by the target generator.
2. The method of claim 1, wherein the identity generation request carries security attributes of the target object, and wherein selecting the target generator from the at least one identity generator comprises:
selecting a target generator matched with the security attribute from the at least one identity generator according to the attribute information of the target object; wherein the security attribute of the target object is used to indicate the target object's need for information security.
3. The method of claim 2, wherein said at least one identity generator comprises a numeric generator and a string generator, and wherein said numeric generator has a lower requirement for information security than said string generator;
the selecting a target generator matching the security attribute from the at least one identity generator according to the attribute information of the target object comprises:
if the security attribute of the target object is a first attribute, selecting the character string type generator from the at least one identity generator as the target generator;
if the security attribute of the target object is a second attribute, selecting the digital generator from the at least one identity generator as the target generator;
the requirement of information security corresponding to the indication of the first attribute is higher than that corresponding to the indication of the second attribute.
4. The method of claim 1, wherein the id generation request carries an id type, and wherein selecting a target generator from the at least one id generator in response to the id generation request comprises:
according to the identity type, selecting a target generator matched with the identity type from the at least one identity generator; and the identity identifier generator corresponds to the identity identifier types one by one.
5. The method of claim 1, wherein generating the corresponding identity for the target object according to the identity generation mechanism employed by the target generator comprises:
acquiring generation parameters required by the target generator;
and generating a corresponding identity for the target object by using the generation parameters according to an identity generation mechanism adopted by the target generator.
6. The method of claim 5, wherein the generation parameters are carried with the identity generation request and/or the generation parameters are recorded in the identity management contract.
7. The method of claim 5, wherein the generation parameters comprise at least one of: identity name, identity type, prefix, starting number, increment, random number, length, address, transaction times, block height, transaction index.
8. An apparatus for generating an identification, the apparatus comprising:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring an identity generation request which is used for requesting to configure a corresponding identity for a target object;
a response unit, responding to the identification mark generation request, and selecting a target generator from the at least one identification mark generator;
and the generating unit is used for generating a corresponding identity for the target object according to an identity generating mechanism adopted by the target generator.
9. A block link node, comprising:
a memory comprising computer readable instructions;
a processor coupled to the memory, the processor configured to execute the computer-readable instructions to cause the device to perform the identity generation method of any of claims 1-7.
10. A computer-readable storage medium having stored thereon instructions which, when run on a computer, cause the computer to perform the method of generating an identity label of any one of claims 1-7.
CN201911149679.XA 2019-11-21 2019-11-21 Identity identification generation method, device, related node and medium Pending CN110910143A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911149679.XA CN110910143A (en) 2019-11-21 2019-11-21 Identity identification generation method, device, related node and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911149679.XA CN110910143A (en) 2019-11-21 2019-11-21 Identity identification generation method, device, related node and medium

Publications (1)

Publication Number Publication Date
CN110910143A true CN110910143A (en) 2020-03-24

Family

ID=69818419

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911149679.XA Pending CN110910143A (en) 2019-11-21 2019-11-21 Identity identification generation method, device, related node and medium

Country Status (1)

Country Link
CN (1) CN110910143A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112104705A (en) * 2020-08-21 2020-12-18 达闼机器人有限公司 Identification generation method and device, storage medium and electronic equipment
CN112270160A (en) * 2020-10-10 2021-01-26 中国信息通信研究院 Method and device for distributing identifiers based on intelligent contracts
CN112270161A (en) * 2020-10-10 2021-01-26 中国信息通信研究院 Method and device for supporting trusted identifier of custom coding rule
CN116501804A (en) * 2023-06-26 2023-07-28 南京亚信软件有限公司 Identification generation method and device, electronic equipment and storage medium

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112104705A (en) * 2020-08-21 2020-12-18 达闼机器人有限公司 Identification generation method and device, storage medium and electronic equipment
CN112104705B (en) * 2020-08-21 2023-10-24 达闼机器人股份有限公司 Identification generation method and device, storage medium and electronic equipment
CN112270160A (en) * 2020-10-10 2021-01-26 中国信息通信研究院 Method and device for distributing identifiers based on intelligent contracts
CN112270161A (en) * 2020-10-10 2021-01-26 中国信息通信研究院 Method and device for supporting trusted identifier of custom coding rule
CN116501804A (en) * 2023-06-26 2023-07-28 南京亚信软件有限公司 Identification generation method and device, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
CN107480475B (en) Resource sharing method and system based on block chain network
CN110910143A (en) Identity identification generation method, device, related node and medium
CN108734028B (en) Data management method based on block chain, block chain link point and storage medium
JP2022501752A (en) How to assign electronic bill identifiers, how to generate electronic bills, their devices and systems, as well as storage media and computer programs.
CN111163130B (en) Network service system and data transmission method thereof
CN108596627B (en) Big data calculation method and system based on block chain and fog calculation
CN109146490A (en) block generation method, device and system
CN110597922A (en) Data processing method, device, terminal and storage medium
CN111488372A (en) Data processing method, device and storage medium
CN111984735A (en) Data archiving method and device, electronic equipment and storage medium
CN111488626A (en) Data processing method, device, equipment and medium based on block chain
CN111639080A (en) Data processing method and device, node equipment and storage medium
CN111416709B (en) Voting method, device, equipment and storage medium based on block chain system
CN109948370A (en) A kind of method for processing business based on block chain, device and electronic equipment
CN111597264A (en) Block chain accounting method and device
CN112200680B (en) Block link point management method, device, computer and readable storage medium
CN112040015B (en) Consensus node list generation method and related device
CN111222885B (en) Data processing request endorsement method and device, computer equipment and storage medium
CN109828832B (en) Block chain-based data circulation method, device, equipment and medium
CN111667255A (en) Digital asset transfer system and method based on alliance chain
CN109525550A (en) A kind of processing method of data message, device and system
CN112039893B (en) Private transaction processing method and device, electronic equipment and readable storage medium
CN117010889A (en) Data processing method, device, equipment, medium and product
CN111008251A (en) Data processing method and equipment
CN110599272A (en) Method for issuing electronic invoice and related product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination