CN111049806B - Joint authority control method and device, electronic equipment and storage medium - Google Patents

Joint authority control method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN111049806B
CN111049806B CN201911150259.3A CN201911150259A CN111049806B CN 111049806 B CN111049806 B CN 111049806B CN 201911150259 A CN201911150259 A CN 201911150259A CN 111049806 B CN111049806 B CN 111049806B
Authority
CN
China
Prior art keywords
settlement
authority
information
user
joint
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911150259.3A
Other languages
Chinese (zh)
Other versions
CN111049806A (en
Inventor
王金华
刘啸南
宁海波
汪亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201911150259.3A priority Critical patent/CN111049806B/en
Publication of CN111049806A publication Critical patent/CN111049806A/en
Application granted granted Critical
Publication of CN111049806B publication Critical patent/CN111049806B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/60Network streaming of media packets
    • H04L65/61Network streaming of media packets for supporting one-way streaming services, e.g. Internet radio
    • H04L65/611Network streaming of media packets for supporting one-way streaming services, e.g. Internet radio for multicast or broadcast
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Abstract

The application relates to the technical field of computers, in particular to the technical field of block chains, and provides a joint authority control method, a device, electronic equipment and a storage medium, which are used for improving the safety and the reliability of joint authority control, wherein the method comprises the following steps: verifying a settlement request for settling the joint authority according to a settlement rule corresponding to the joint authority, wherein the settlement rule is determined by all nodes of the alliance chain together, and the joint authority comprises different authorities set by all nodes in the alliance chain; setting a joint authority for the user according to the verification result and the settlement request; and broadcasting the settlement pipelining information in the alliance chain, so that after other nodes in the alliance chain receive the settlement pipelining information, verifying the settlement according to the settlement pipelining information and setting an association authority for the user according to a verification result. The application stores the authority information of the joint authority through the alliance chain, and realizes joint authority control by using the block chain technology, so that the safety and the reliability of the joint authority control are ensured.

Description

Joint authority control method and device, electronic equipment and storage medium
Technical Field
The application relates to the technical field of computers, in particular to the technical field of block chains, and provides a joint authority control method and device, electronic equipment and a storage medium.
Background
At present, various platforms such as video, education, reading and the like on the internet purchase content copyright resources which are uniquely distributed in order to attract paid members. For example, in the network video industry, each video platform purchases a movie, a television play and other independent broadcasting authorities respectively to attract members to pay for watching. However, for a user, current member rights are distributed in each platform, and the user has different member privilege requirements in different service scenarios, so that VIP (member Person) rights of each home need to be purchased respectively, and content resources of a single platform are difficult to meet the viewing requirements of the user.
The combined access of each partner needs to be developed independently, and the access interface and the setting interface are private, so that the security is low.
Disclosure of Invention
The embodiment of the application provides a joint authority control method and device, electronic equipment and a storage medium, which are used for improving the safety and the credibility of joint authority control.
The combined authority control method provided by the embodiment of the application comprises the following steps:
responding to a settlement request of settlement joint permission input by a user through a joint permission customization interface, and verifying the settlement request according to a settlement rule corresponding to the joint permission, wherein the settlement rule is determined by all nodes added into the alliance chain together, and the joint permission comprises different permissions set for the user by all the nodes in the alliance chain;
setting the authority contained in the combined authority for the user according to a verification result and the settlement request; and
generating settlement running water information according to the settlement request, and storing the settlement running water information into a block of the alliance chain;
and broadcasting the settlement running information in the alliance chain so that after other nodes in the alliance chain receive the settlement running information, verifying the settlement according to the settlement running information and setting the authority contained in the united authority for the user according to a verification result.
The embodiment of the application provides a joint authority control device, includes:
the response unit is used for responding to a settlement request of settlement joint permission input by a user through a joint permission customization interface, and verifying the settlement request according to a settlement rule corresponding to the joint permission, wherein the settlement rule is determined by all nodes added into the alliance chain together, and the joint permission comprises different permissions set for the user by all the nodes in the alliance chain;
the authority control unit is used for setting the authority contained in the combined authority for the user according to a verification result and the settlement request;
the information generating unit is used for generating settlement running water information according to the settlement request and storing the settlement running water information into a block of the alliance chain;
and the broadcasting unit is used for broadcasting the settlement running information in the alliance chain so that after other nodes in the alliance chain receive the settlement running information, the settlement is verified according to the settlement running information, and the authority contained in the joint authority is set for the user according to a verification result.
Optionally, the broadcast unit is specifically configured to:
receiving settlement running information broadcasted in the alliance chain, and verifying the settlement running information;
broadcasting the verification result in the alliance chain, and receiving the verification result broadcasted by other nodes in the alliance chain;
confirming the consensus result according to the received verification result and the self verification result;
setting the authority contained in the joint authority for the user according to the consensus result and the settlement request; and storing the settlement pipeline information into a block of the federation chain.
Optionally, the broadcast unit is specifically configured to:
decrypting the signature information according to the public key to obtain a second hash value;
when the second hash value is verified to be identical to the first hash value by the hashing method, it is determined that the verification is successful.
Optionally, the broadcast unit is specifically configured to:
the confirming the consensus result according to the received verification result and the verification result of the user comprises the following steps:
and if the number of the nodes allowed to settle at this time reaches the preset threshold value according to the received verification result and the self verification result, determining that the consensus is successful.
An electronic device provided by an embodiment of the present application includes a processor and a memory, where the memory stores program codes, and when the program codes are executed by the processor, the processor is caused to execute the steps of the joint right control method.
An embodiment of the present application provides a computer-readable storage medium, which includes program code for causing an electronic device to execute the steps of the above-mentioned joint right control method when the program product runs on the electronic device.
The beneficial effect of this application is as follows:
according to the joint authority control method, the joint authority control device, the electronic equipment and the storage medium, member authorities of different platforms are packaged into one joint authority based on a block chain technology, a alliance chain is created, any one platform has a corresponding node on the alliance chain, when a user orders the joint authority on any one platform, settlement is generated, the alliance chain node responds to a settlement request and verifies the settlement request according to a settlement rule, and the settlement rule is determined by all nodes in the alliance chain together; and generating settlement running water information according to the settlement request and broadcasting the settlement running water information, verifying the validity of the settlement running water information after the members in other alliances receive the settlement running water information, verifying that the settlement running water information is stored, transmitting the settlement running water information to the next block, and finally storing the permission opening data of the user in all the blocks in the alliances. As each node added into the alliance chain needs to verify the settlement of the association authority, the authority contained in the social association authority of the user is provided with public credibility according to the verification result, the related information of the settlement is stored in the block of the alliance chain, and the safety and the credibility of the control of the association authority are ensured based on the non-falsification attribute of the block chain.
Additional features and advantages of the application will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the application. The objectives and other advantages of the application may be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
FIG. 1 is a diagram illustrating the architecture of a VIP affiliate in accordance with the present invention;
FIG. 2A is a diagram of a combined dual-open mode architecture in accordance with one related art embodiment of the present application;
FIG. 2B is a timing diagram illustrating a combined dual-open mode in accordance with one embodiment of the present invention;
FIG. 3A is a block diagram of a prize purchase mode architecture in accordance with one embodiment of the present application;
FIG. 3B is a timing diagram of a buy-away mode in a related art embodiment of the present application;
fig. 4 is a schematic view of an application scenario provided in an embodiment of the present application;
FIG. 5A is a schematic diagram of a joint permission customization interface according to an embodiment of the present application;
FIG. 5B is a schematic diagram of another federated privilege customization interface provided in an embodiment of the present application;
fig. 6 is a flowchart of a first joint right control method according to an embodiment of the present application;
fig. 7 is a schematic diagram of a method for digitally signing according to an embodiment of the present application;
fig. 8 is a schematic diagram illustrating a process of generating a public-private key and a node address according to an embodiment of the present application;
FIG. 9 is a timing diagram for a coalition officer transaction creation provided by an embodiment of the present application;
fig. 10 is a flowchart of a second joint right control method provided in the embodiment of the present application;
FIG. 11 is a schematic diagram of a transaction verification process provided by an embodiment of the present application;
FIG. 12 is a schematic diagram illustrating a transaction consensus verification provided by an embodiment of the present application;
FIG. 13 is a block chain based federated membership architecture diagram provided in an embodiment of the present application;
FIG. 14 is a schematic diagram of a verifying transaction and shipping member according to an embodiment of the present application;
fig. 15A is a schematic diagram illustrating a prompt to a user according to an embodiment of the present application;
fig. 15B is a schematic diagram of another prompt to a user according to an embodiment of the present application;
FIG. 16 is a diagram illustrating a federated membership package authentication provided in an embodiment of the present application;
fig. 17 is a schematic structural diagram of a combination right control device according to an embodiment of the present application;
fig. 18 is a schematic diagram of a hardware component of a computing device to which an embodiment of the present invention is applied.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments, but not all embodiments, of the technical solutions of the present application. All other embodiments obtained by a person skilled in the art without any inventive step based on the embodiments described in the present application are within the scope of the protection of the present application.
Some concepts related to the embodiments of the present application are described below.
1. Hashing methods, also known as hashing algorithms, are algorithms that produce hash values for some piece of data (e.g., a message or a session item). Good hashing algorithms have the property of altering the hash value result according to variations in the input data; thus, hashing is useful for detecting any changes in a large information object, such as a message. Hashing refers to the process of converting an input of arbitrary length (also called a pre-map) into a fixed length output, which is the first hash value, by a hashing algorithm. This transformation is a compression mapping, i.e. the space of hash values is usually much smaller than the space of inputs, different inputs may hash to the same output, so it is not possible to uniquely determine the input value from the hash value. In the embodiment of the present application, the Hash is also called Hash (Hash).
2. The alliance chain is used for the alliance chain among the enterprises, only aiming at members of a specific group and limited third parties, a plurality of preselected nodes are internally designated as bookkeepers, and the generation of each block is jointly determined by all the preselected nodes.
3. A consensus mechanism: federation chain transactions reach a distributed consensus algorithm. A federation chain is a decentralized, distributed ledger system that can be used to register and issue digitized assets, title certificates, credits, etc., and to transfer, pay and settle accounts in a point-to-point fashion. Compared with the traditional centralized ledger system, the alliance chain system has the advantages of complete disclosure, no tampering, multiple payment prevention and the like, and does not depend on any trusted third party. Due to the high network latency in a peer-to-peer network, the transaction order observed by each node may not be completely consistent. Thus, the federation chain system needs to design a mechanism to agree on the precedence order of transactions that occur in more or less time. This algorithm of agreeing on the precedence order of transactions within a time window is called a consensus mechanism. Pow (proof of work), workload certification, is an algorithm of consensus mechanisms.
4. In the embodiment of the application, different platforms pack their own rights into a whole, that is, the combined rights form a federation chain, and each platform, that is, a member of the federation chain, corresponds to a different blockchain node.
5. A combined permission customization interface: the combined right management system is a platform webpage facing a user and used for customizing and settling the combined right, and through the webpage, the user can inquire basic information of the combined right, and can confirm whether to settle or not and perform settlement of the combined right and the like after inquiring the right information. And the information interaction between the alliance chain and the user is completed by taking the united authority customization interface as a medium, so that the aims of inquiring the united authority information and controlling the united authority are fulfilled.
6. The computational power, also known as the hash rate, is a measure of the processing power of a bitcoin network. I.e. the speed at which the hash function output is calculated for the Computer (CPU). Bitcoin networks must perform intensive mathematical and encryption related operations for security purposes. For example, when the network reaches a hash rate of 10Th/s, it means that it can perform 10 trillion calculations per second. In the process of obtaining the bitcoin by digging, a corresponding solution m needs to be found, and for any sixty-four bit hash value, no fixed algorithm exists, the solution m can be found only by random hash collision of a computer, and how many times of hash collision can be carried out by one digging machine per second is a representative of the calculation power of the digging machine, and the unit is written as hash/s, which is a workload proving mechanism POW.
The following briefly introduces the design concept of the embodiments of the present application.
As shown in fig. 1, for a combined rights architecture diagram in the related art, in the related technical scheme, rights are packaged in a combined double-opening or gift-buying mode, and each right is set when the rights are opened, and rights data of a user are stored by each platform.
The platform 1-platform 10 correspond to each partner platform of the joint authority, the joint access of each partner needs to be developed independently, and the access interface and the setting interface are private.
In addition, the related joint double-opening or gift-buying mode is generally applicable to two-two joint or three-three joint, for example, the first video platform and the second video platform cooperate, and the joint authority is released as the first video + the second video member. Referring to fig. 2A and 2B, timing diagrams of a combined dual-open mode in the related art are shown; FIG. 3A and FIG. 3B show the timing diagrams of the gift mode in the related art. It can be seen from the figure that, no matter the combined double-opening mode or the gift-buying mode is suitable for the two-two combination mode, the access cost of the partner is high in the two-two combination mode shown in the figure, and when more than three combinations are combined, the access cost index is increased.
In view of this, embodiments of the present application provide a join authority control method, an apparatus, an electronic device, and a storage medium, where authorities of different platforms are packaged into a join authority through a join authority system based on a federation chain, so as to create the federation chain. A user orders the combined authority on any platform which joins in the alliance chain, a settlement is generated, the settlement data is sent to the alliance chain, after the settlement data is received by members in other alliances, the legality of the settlement data is verified, the settlement data is verified to pass the verification and is transmitted to the next block, and finally all the blocks in the alliance store the authority opening data of the user. Based on the attribute that the block chain can not be tampered, the safety and the reliability of the joint authority control are improved.
The preferred embodiments of the present application will be described below with reference to the accompanying drawings of the specification, it should be understood that the preferred embodiments described herein are merely for illustrating and explaining the present application, and are not intended to limit the present application, and that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.
After introducing the design idea of the embodiment of the present application, an application scenario related to the method is briefly described below.
Fig. 4 is a schematic view of an application scenario according to an embodiment of the present application. The application scenario diagram includes two terminal devices 110 and a federation chain 130, and the federation permission customization interface 120 can be logged in through the terminal devices 110. The federated privilege customization interface 120 and federation chain 130 may communicate over a communications network.
Where nodes 140 in federation chain 130 correspond to vendor platforms that sell federated privileges. Each node 140 has a node identification corresponding thereto, and each node 140 in the federation chain 130 may store the node identifications of other nodes 140 in the federation chain 130, so that the generated block may be subsequently broadcast to the other nodes 140 in the federation chain 130 based on the node identifications of the other nodes 140. Each node 140 may maintain a node identifier list as shown in the following table, and store the node name and the node identifier in the node identifier list. The node identifier may be an IP (Internet Protocol) address and any other information that can be used to identify the node, and table 1 only illustrates the IP address as an example.
TABLE 1
Node name Node identification
Node
1 117.114.151.174
Node 2 117.116.189.145
Node N 119.123.789.258
It should be noted that fig. 4 illustrates two terminal devices 110, and the number of terminal devices 110 is not limited in practice. The terminal device 110 may be a mobile phone, a tablet computer, a personal computer, and the like.
In one possible embodiment, each node 140 joining the federation chain will each set a different privilege for the user, and these different privileges are packaged to form a federation privilege, and privilege information is recorded in the federation chain. The information containing different permissions set for the user by each node in the joint permission specifically comprises the type information of the permissions, or information such as price, permission duration and purchase qualification of the joint permission. Taking the type information of the authority as an example, for example, the joint authority contains the authority of 2 video platforms and the authority of 2 music platforms, each platform corresponds to at least one node in the alliance chain, the authority type of the video platform 1 is a gold member for watching a VIP video, the authority type of the video platform 2 is a silver member for skipping all video advertisements, the authority type of the music platform 1 is a luxury VIP privilege, and the authority type of the music platform 2 is a music package privilege.
In addition, the joint authority price is priced by all platforms in a unified contract, the joint authority is the same commodity on each platform, the joint authority is priced in a unified mode, and the joint authority can be sold in each alliance member platform. When a user a wants to query basic information of a certain joint authority in the federation chain 130, a query request for querying the joint authority is input through the joint authority customization interface 120, the query request at least includes identification information of the joint authority requesting the query, a node 140 in the federation chain responds to the query request, queries authority information corresponding to the joint authority from the federation chain according to the identification information, and sends the queried authority information to the user a, so that the authority information is displayed on the joint authority customization interface 120.
As shown in fig. 5A, a schematic diagram of a joint permission customization interface provided in the embodiment of the present application is shown, where a joint permission refers to a joint member package in fig. 5A, where the joint member package includes 15 member permissions, which are VIPs of the platforms 1 to 15, respectively, and can be divided into 3 joint permissions shown in the figure according to permission durations, and different permission durations correspond to different pricing.
After the user clicks one of the affiliated member packs shown in fig. 5A, the user may jump to an interface shown on the left side of fig. 5B, which introduces the price information of the affiliated member pack selected by the user in detail, and if the user clicks on the associated member pack, the user may jump to a payment interface shown on the right side of fig. 5B, and the user may perform settlement by inputting a payment password. In addition, the user may also pay by face recognition, fingerprint verification, etc., and fig. 5B is only an alternative embodiment.
After the user confirms payment in the joint permission customization interface shown in fig. 5B, the node 140 in the federation chain responds to a joint permission settlement request input by the user a through the joint permission customization interface 120, where the node 140 is a requested node, and the settlement request at least includes identification information of the joint permission requesting settlement this time. The node 140 verifies the settlement request according to the settlement rule corresponding to the joint authority, wherein the settlement rule is determined by all the nodes 140; and sets the authority contained in the combined authority for the user A according to the verification result and the settlement request. In addition, the node 140 generates settlement pipelining information according to the settlement request, broadcasts the settlement pipelining information in the alliance chain, so that other nodes in the alliance chain can verify after receiving the settlement pipelining information, and sets the authority contained in the alliance authority for the user according to the verification result. In this way, user a can purchase the federated rights based on federation chain 130, ensuring the security of the federated rights.
Through a distributed storage mechanism of a alliance chain, a user purchases an alliance at any place, settlement flow information of the user can be diffused and stored in a Database (DB) of all other platforms, each platform stores the full amount of transactions and data of the user, each platform only provides exclusive authority service, and the user can be authenticated and enjoy corresponding service when logging in at any place. For example, a user purchases joint packaged member rights on a first shopping platform, the first video platform, a second video platform and other members in all alliances can receive settlement running information for verifying the transaction, when the alliance chain node corresponding to the first video platform receives the settlement running information and passes the authentication, the member rights of the first video platform are set for the user, and when the alliance chain node corresponding to the second video platform passes the settlement running information, the member rights of the second video platform are set for the user, namely one purchase can be carried out, and all rights in the alliances can be renewed. All nodes in the federation chain are accessed through a unified interface, see in particular fig. 13.
Based on the application scenario discussed in fig. 4, a method for joint right control based on the blockchain technology provided in the embodiment of the present application is described below from the side of the federation chain 130.
The blockchain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm. The blockchain is essentially a decentralized database, which is a string of data blocks associated by using cryptography, and each data block contains a batch of network settlement information for verifying the validity (anti-counterfeiting) of the information and generating the next block. The blockchain may include a blockchain underlying platform, a platform product services layer, and an application services layer.
The block chain underlying platform can comprise processing modules such as user management, basic service, intelligent contract and operation monitoring. The user management module is responsible for identity information management of all blockchain participants, and comprises public and private key generation maintenance (account management), key management, user real identity and blockchain address corresponding relation maintenance (authority management) and the like, and under the authorization condition, the user management module supervises and audits the settlement condition of certain real identities and provides rule configuration (wind control audit) of risk control; the basic service module is deployed on all block chain node equipment and used for verifying the validity of the service request, recording the service request to storage after consensus on the valid request is completed, for a new service request, the basic service firstly performs interface adaptation analysis and authentication processing (interface adaptation), then encrypts service information (consensus management) through a consensus algorithm, transmits the service information to a shared account (network communication) completely and consistently after encryption, and performs recording and storage; the intelligent contract module is responsible for registering and issuing contracts, triggering the contracts and executing the contracts, developers can define contract logics through a certain programming language, issue the contract logics to a block chain (contract registration), call keys or other event triggering and executing according to the logics of contract clauses, complete the contract logics and simultaneously provide the function of upgrading and canceling the contracts; the operation monitoring module is mainly responsible for deployment, configuration modification, contract setting, cloud adaptation in the product release process and visual output of real-time states in product operation, such as: alarm, monitoring network conditions, monitoring node equipment health status, and the like.
The platform product service layer provides basic capability and an implementation framework of typical application, and developers can complete block chain implementation of business logic based on the basic capability and the characteristics of the superposed business. The application service layer provides the application service based on the block chain scheme for the business participants to use.
In the embodiment of the present application, if it is desired to implement joint right control based on a block chain technology, first, right information of joint rights and corresponding settlement rules need to be stored in a federation chain, where the settlement rules may be implemented by deploying an intelligent contract.
Firstly, the creation of a federation chain requires that each federation member packs their respective permissions into an integral permission package to form a joint permission, for example, a joint member package containing 15 factory member permissions, assuming that the federation members corresponding to the joint member package are: the system comprises a first video platform, a first shopping platform, a first reading platform, a first music platform, a first friend making platform, a first sports platform, a first make-up platform, a second video platform, a second shopping platform, a second reading platform, a second music platform, a second friend making platform, a second sports platform, a third shopping platform and a third video platform, wherein the current temporary price of the joint member package is 300 yuan per month, and the trade settlement is that the members in each alliance are equally divided.
Assuming joint member prices: dividing into P as a price and n as a coalition member number (n as 15);
the members are summarized and divided into: p-1 + P2+ P3.
TABLE 2 United Member sale settlement price table
Federation member Average share price Fixed share price
First video platform 20/month p1
First shopping platform 20/month p2
First reading platform 20/month p3
First music platform 20/month p4
First friend-making platform 20/month p5
First integrated breeding platform 20/month p6
First beautiful platform 20/month p7
Second video platform 20/month p8
Second shopping platform 20/month p9
Second reading platform 20/month p10
Second music platform 20/month p11
Second friend-making platform 20/month p12
Second sports platform 20/month p13
Third shopping platform 20/month p14
Third video platform 20/month P15
In the following, the above federation chain including 15 nodes is mainly taken as an example for detailed description, where 15 federation members each have one node, and when a new member enterprise joins, for example, the 16 th node corresponding to the third reading platform needs to join the federation chain, at least 2/3 member enterprise confirmations, that is, at least 10 node confirmations in the nodes corresponding to the above 15 platforms need to be obtained. In the implementation of the present Application, a root hash of a federation chain and an Application Programming Interface (API) thereof are open to the outside, and an external API is allowed to query and acquire state information of the federation chain for a limited number of times.
The following describes the method of joint right control in detail:
referring to fig. 6, an implementation flow chart of a first join permission control method provided in the embodiment of the present application is applied to a node in a federation chain, and a specific implementation flow of the method is as follows:
s61: responding to a settlement request for settling the joint permission input by a user through a joint permission customization interface, and verifying the settlement request according to a settlement rule corresponding to the joint permission, wherein the settlement rule is determined by all nodes added into the alliance chain together, and the joint permission comprises different permissions set for the user by all the nodes in the alliance chain;
the settlement request at least includes identification information of the joint authority, and may further include settlement order information, a user account, a payment amount, payment time, a payment password, and the like, as shown in table 3.
TABLE 3 user purchase order details
Field(s) Description of the invention Size and breadth
Settlement order information Order number for user to purchase united member 32byte
User account The purchased account number is generally a mobile phone number common to all platforms 32byte
Amount of payment Amount paid by the user purchasing affiliated member 16byte
Time of payment User paymentTime of 16byte
Payment password Password for user payment 16byte
The settlement rules are determined by nodes in the federation chain together, and are used for verifying the settlement request of the user, verifying whether the user has a purchase qualification, such as whether to register each platform account, whether to authenticate by real name, or other rules. And verifying the user information, verifying whether the amount paid by the user is enough for the settlement, whether the payment password is correct, verifying whether the information input by the user is accurate, and the like.
An optional verification method is that a requested node may invoke a payment interface to verify a payment password in a settlement request, if the payment interface returns a notification message that the payment password is verified to pass, the requested node extracts a payment amount (referred to as target resource data, which is also the price of a member commodity) in the settlement request, invokes the payment interface to obtain remaining resource data of a user, that is, a balance in a user account, and returns the remaining resource data in the user account bound to the requested node to the payment interface, and if the remaining resource data is greater than the target resource data, the requested node may invoke the payment interface again to transfer the target resource data from the user account of the user to a platform account corresponding to each node in a federation chain.
When the target resource data is transferred, the settlement is performed according to a settlement mode determined by all members in the federation chain, for example, the mode of averagely dividing the members in the federation listed in the above embodiment.
S62: setting the authority contained in the combined authority for the user according to the verification result and the settlement request;
in the embodiment of the application, if the verification is successful, the joint authority of the user settlement can be determined according to the settlement request; if the verification fails, the settlement request is discarded, and the permission contained in the joint permission does not need to be set for the user.
Taking the verification success as an example, assuming that the joint right identification information in the settlement request is ID1, the joint right requested for settlement by the user is determined to be the joint member package shown in fig. 5A according to the identification information: the joint member package is opened for 31 days, assuming that the payment time of the user is 9/2019, the permission duration of the member opened by the user is 31 days, and the requested node is a node corresponding to the first video platform, the first video member permission in the joint permission is set for the user.
If the user still enjoys the membership right of the first video platform when requesting, and the time limit is as long as 2019, 10 and 1 months, after the node corresponding to the first video platform sets the first video membership right for the user, the duration range of the first video membership right of the user is from 2019, 9 months and 9 days to 2019, 11 and 1 months.
If the user does not enjoy the membership right of the first video platform when requesting, after the node corresponding to the first video platform sets the first video membership right for the user, the duration range of the first video membership right of the user is 2019, 9 th and 2019, 10th and 10 th.
S63: generating settlement running water information according to the settlement request, and storing the settlement running water information into a block of the alliance chain;
s64: and broadcasting the settlement pipelining information in the alliance chain so that after other nodes in the alliance chain receive the settlement pipelining information, verifying the settlement according to the settlement pipelining information and setting the authority contained in the association authority for the user according to the verification result.
In the embodiment of the present application, the detailed process of generating settlement pipeline information according to the settlement request is as follows:
hashing the settlement request by a hashing method to obtain a first hash value; encrypting the first hash value according to the node private key to obtain signature information; and generating settlement flow information according to the signature information, the public key of the node private key and the settlement request, wherein the public key is generated according to the node private key.
Optionally, the settlement flow information at least includes signature information, a public key, and a settlement request.
In the embodiment of the present application, a specific process of generating settlement pipeline information according to a settlement request is shown in fig. 7:
the node address is an address of a node responding to the settlement request, that is, an address of a requested node, and the original data of the transaction settlement includes joint member settlement order information and the node address, but these are not enough, and the requested node needs to digitally sign the original data with a private key and generate a public key of the transferred node, and add the roll-out signature and the roll-out public key to the original settlement data to generate formal settlement data, that is, settlement flow information, as shown in fig. 7. After the settlement pipelining information is generated, it may be broadcast into the federation chain for other nodes to verify and join their blocks.
Specifically, the digital signature process is as follows: the method comprises the steps of firstly hashing information needing to be signed to obtain a first hash value, and then carrying out encryption operation on the first hash value by using a private key to obtain signature information. The requested node combines the settlement request, the signature information and the public key to form new settlement data: and clearing the flow information, broadcasting the flow information to a alliance chain, decrypting the signature by using the public key of the requested node by other member nodes in the alliance to restore a hash value, and verifying whether the hash value of the information is consistent with the hash value restored by decrypting the signature through a hash algorithm, so as to verify whether the information comes from the requested node or whether the information is tampered, and the like, thereby ensuring the reliability of the joint authority control.
In the embodiment of the application, each node has an address which is a public key of a key pair generated by the node, when settlement is generated on the node, the node signs a settlement request by using the private key, and the public key is the address of the current node and is known by all other nodes. And the signature is the verification of ownership, the node verifies the calculation pipelining information after receiving the broadcast of the settlement pipelining information, and the calculation pipelining information is recorded into the memory and packaged into the block after passing the verification, otherwise, the signature is discarded.
In an alternative embodiment, the node private key and the public key of the node private key may be generated in the manner shown in fig. 8, and the specific process is as follows:
a node private key is first generated using a Random number generator Random. Generally, the private key of a node is a 256-bit number, and the settlement pipeline in the corresponding node can be operated by holding the string of numbers, so that the private key must be safely stored. After the node private key is generated, a 512bit public key with a prefix is obtained through the SECP256K1 algorithm processing according to the generated node private key. The SECP256K1 is an elliptic curve algorithm, and a public key is calculated by a known private key, but the public key cannot be calculated reversely when the public key is known. The method is the basis for guaranteeing the safety of the combined authority settlement based on the block chain technology.
After the public key of the node private key is generated, the node address can be further generated according to the public key, as also shown in fig. 8, the specific process is as follows:
and obtaining a 256-bit hash encryption character string through an SHA256 algorithm according to the generated public key. Then the public key hash character string is changed into 160bit through the RIPEMD 160. Linking an address version number of one byte to a header of a public key hash, for example, as shown in fig. 8, connecting an address version number 0X00 to the header of the public key hash to obtain a 0X00+ public key hash, then performing a DOUBLE SHA256 operation on the public key hash, and linking the first 4 bytes of the obtained result as a check value of the public key hash at the tail thereof to obtain a 0X00+ public key hash + check. And then encoding 0X00+ public key hash + verification by using a BASE58 algorithm to obtain a settlement order information address character string of the node, namely the node address of the requested node.
In the embodiment of the application, like the SHA256 algorithm, the ripemm 160 algorithm is also a Hash algorithm, and cannot perform inversion operation, so that the safety and reliability of the combined permission settlement are ensured.
Optionally, table 4 shows a payment settlement structure of a user, also referred to as federation chain transaction information, provided in the embodiment of the present application:
TABLE 4 alliance chain transaction information sheet
Figure BDA0002283332140000151
Figure BDA0002283332140000161
In the embodiment of the present application, when data generated in the settlement process, such as transaction information and settlement flow information of the union authority, is stored in the block of the federation chain, the above-described structure may be used for storage.
Referring to fig. 9, in order to provide a settlement sequence diagram at the requested node side according to the embodiment of the present application, a user purchases a joint member through purchase H5(HTML5.0), that is, a joint right customization interface, pays Svr (Server) performs a payment purchase pipeline, and feeds back the payment result to the purchase H5, to prompt the user of the success or failure of the payment, after the payment is successful, the node transaction generation Svr constructs transaction information according to the purchase flow, namely payment order information, and carries on digital signature, generates signature information and local node address, and generates settlement flow information according to signature information, local node address, public key, transaction information, etc, and stores in alliance chain, and broadcasting to other nodes on the alliance chain, so that the other nodes verify the settlement according to the broadcasted settlement running information, and setting the authority contained in the joint authority for the user according to the verification result.
The following describes in detail the process of receiving, verifying and setting permissions by other nodes in the federation chain, the settlement pipelining information broadcast by the requested node:
referring to fig. 10, an implementation flow chart of a second join permission control method provided in the embodiment of the present application is applied to a node in a federation chain, and a specific implementation flow of the method is as follows:
s101: receiving settlement pipelining information broadcasted in a alliance chain, and verifying the settlement pipelining information;
the settlement running information is generated by the requested node according to a settlement request of settlement joint authority input by a user through the joint authority customization interface; referring specifically to the embodiments in S61 to S64, the settlement pipeline information at least includes: signature information, a settlement request, and a public key of a node private key.
The detailed process for verifying the calculation flow information comprises the following steps:
decrypting the signature information according to the public key to obtain a second hash value, wherein the signature information is obtained by encrypting a first hash value by a requested node according to a node private key, the first hash value is obtained by hashing a settlement request by the node through a hashing method, and the public key is generated by the node according to the node private key; verifying whether the second hash value is consistent with the first hash value through a hashing method; if the verification result is consistent with the verification result, the verification is determined to be successful; otherwise, the verification is determined to fail.
Referring to fig. 11, which is a process for verifying settlement pipeline information according to an embodiment of the present application, the settlement pipeline information shown in fig. 11 further includes a node address of a requested node, and corresponds to the process for digitally signing a settlement request by the requested node shown in fig. 7, when each node except the requested node verifies a digital signature of the requested node by using a public key, first, signature information in the transaction pipeline information is decrypted according to the public key in the settlement pipeline information to obtain a second hash value, and the second hash value is compared with the first hash value to verify whether the signature information passes or not.
In the embodiment of the present application, the purpose of the verification is to ensure that the node sending the settlement pipelining information is a true requested node, and the settlement pipelining information sent by the requested node is not tampered in the broadcasting process to verify whether the settlement pipelining information is tampered.
S102: broadcasting the verification result in the alliance chain, and receiving the verification result broadcasted by other nodes in the alliance chain;
s103: confirming the consensus result according to the received verification result and the self verification result;
in the embodiment of the application, after any node successfully or unsuccessfully verifies the transaction flow information, the verification result is broadcasted in the alliance chain, and the verification results of other nodes are received.
Fig. 12 is a flowchart of verification of settlement pipeline information according to an embodiment of the present application, where a federation chain includes 15 nodes in total; wherein, the node 1 is a requested node, responds to a settlement request of settlement joint authority input by a user through a joint authority customizing interface, and generates settlement running water information, as shown in the figure, the running water 1 broadcasts the settlement running water information in a alliance chain; after receiving the broadcast, the nodes 2 to 15 verify the computation flow information, i.e. the workload certification shown in fig. 11. After the workload certification is performed, the nodes 2 to 15 broadcast the certification results and receive the certification results broadcast by other nodes. And after the verification of the pipelining information is passed, the final node creates a new block in the alliance chain and stores the settlement pipelining information.
In an optional implementation manner, when the consensus result is confirmed according to the received verification result and the verification result of the node 2, there are two optional implementation manners, which are described in detail below by taking the node 2 as an example:
in the first confirmation mode, if a certain number of nodes from the node 2 to the node 15 are successfully verified, the success of consensus can be determined.
For example, if all the nodes from the node 2 to the node 15 are successfully verified, the consensus is determined to be successful, in this way, the node 2 needs to receive the verification results of all the nodes from the node 3 to the node 15, and if all the nodes are successfully verified, the consensus is determined; or, if the node verification of 2/3 of the nodes 2 to 15 is successful, the consensus is determined to be successful, in this way, if the node 2 receives the result that the node verification of 2/3 of the nodes 1 to 15 is successful, and the node 2 verifies successfully, the consensus is determined to be successful.
In the embodiment of the application, the method is suitable for the case that the number of nodes in the federation chain is small. When the number of nodes in the alliance chain is small, consensus is achieved according to the verification results of a certain number of nodes, the reliability of the settlement can be improved, the public trust of settlement running water information is improved, and later-stage query is facilitated to carry out authentication verification or trace back the settlement process and the like.
And in the second confirmation mode, the node 2 fully trusts the verification result of the strongest computational power node, and after the verification of the node and the strongest computational power node is passed, the successful consensus is confirmed.
As shown in fig. 11, where the node 3 is the strongest node, only the node 3 sends the verification result to the other nodes, that is, after the node 3 successfully verifies, the verification result is broadcast to the nodes 2 to 15 (except for the node 3), and for the other nodes except for the node 3 in the nodes 2 to 15, if the self verification result is also successful, and the verification result received from the node 3 broadcast is successful, the common identification can be confirmed to be successful.
For the node 3, after the node 3 confirms that the verification is successful, a new block can be created to store settlement running information, and the authority corresponding to the node 3 in the joint authority is set for the user. Assuming that the node 3 corresponds to the first reading platform, the authority of the first reading platform is set for the user, and the specific authority setting mode is the same as the setting mode in the above embodiment, and is not described here again.
In the second confirmation method, the most powerful node can be contended from the nodes 2 to 15 by using workload proof. The workload proof is simply that all nodes solve the same problem, and who calculates the problem first indicates that the node is the node with the strongest computing power, i.e., the strongest computing power node. Only the strongest compute node can broadcast its verified results to the remaining nodes, subject to the verification results sent by the strongest compute node. This is because, only if a large amount of hardware resources are invested in the node that can become the strongest computationally intensive node, then the node with the strongest computational complexity is expected to be as stable as possible throughout the federation chain, and thus the verification result given by the node with the strongest computational complexity is considered to be highly trusted.
The following describes how to compete out the strongest computing node in detail:
the settlement running water information broadcasted by the node 1 carries a difficulty value, and any one of the nodes 2-N calculates a hash value in the settlement running water information through a hash algorithm. And combining the hash value, the difficulty value, the current timestamp, the block hash value of the last service block in the current alliance chain and the random number into an auxiliary character string, and calculating the hash value of the auxiliary character string to obtain the auxiliary hash value. And comparing whether the auxiliary hash value is smaller than the target value, if so, indicating that the problem solving is successful and the workload proves to be finished. If not, the random number is continuously adjusted to generate a new auxiliary character string, and the random number is continuously adjusted.
Wherein the target value is the maximum target value/hardness value. The maximum target value is a fixed value.
If one of the nodes 2 to N succeeds in solving the problem, for example, the node 3 succeeds in solving the problem, the signature verification is performed on the computation flow information (the signature verification process can be referred to above), the verification result of the computation flow information, the random number in the block header, the timestamp in the block header, and the node address of the node with successful solution problem are packaged and sent to the rest of the nodes 2 to N (except the node 3), and the rest of the nodes check the random number, so that the verification process is similar to the problem solving process, but the verification speed is much faster than the problem solving process.
If the other nodes pass the check, the node sending the check result, the random number in the block header and the timestamp in the block header is described, that is, the node 3 is the strongest computational node, and the other nodes can stop solving the problem.
In the embodiment of the present application, the second confirmation method is suitable for a case where there are many nodes in the federation chain. When there are many nodes in the federation chain, for example, there are 100 nodes, the process of reaching consensus needs to wait for the verification of most nodes to be completed, which is time-consuming in this case, and at this time, the verification result of the strongest computational power node only needs to be fully trusted by adopting the second confirmation mode, so that after the verification of the second confirmation mode passes, whether consensus is reached or not can be confirmed by combining the verification result of the strongest computational power node, thereby saving more time.
In an alternative embodiment, the information of the verification result and the consensus result is also stored in the corresponding block of the federation chain, i.e. the new block created by each node.
Taking node 2 as an example, how to generate a new block is described below:
if the verification of the settlement running water information is a confirmation method, the node 2 may calculate the hash value of the block data based on the hash algorithm, using the settlement running water information and the verification result sent by other nodes as the block data. The node 2 calculates the average value of the time stamps carried by the verification results sent by each other node, combines the hash value of the block data, the hash value of the block of the last new block of the current alliance chain and the average value of the time stamps into a block header, and combines the block data and the block header into a new block for storing settlement pipelining information.
The hash value of the block data is a hash algorithm (block data);
the block hash value of the new block is equal to the hash algorithm (block header data).
If the verification of the settlement running water information is in the second confirmation mode, the node 2 may calculate the hash value of the block data based on the hash algorithm, with the settlement running water information, the verification result of the node 2, and the verification result sent by the node 3 as the block data. The node 2 combines the hash value of the block data, the hash value of the last new block of the current alliance chain and the timestamp carried by the verification result sent by the node 3 into a block header, and combines the block data and the block header into a new block for storing settlement running water information.
S104: setting the authority contained in the joint authority for the user according to the consensus result and the settlement request;
s105: the settlement pipelining information is stored into blocks of the federation chain.
In the embodiment of the present application, the process of setting the authority included in the joint authority for the user according to the consensus result and the settlement request is similar to the embodiment in S62, taking node 2 as an example, assuming that the first shopping platform corresponding to node 2 is used, node 2 sets the member authority of the first shopping platform for the user, assuming that the user does not enjoy the member authority of the first shopping platform when requesting, and after the node 2 corresponding to the first shopping platform sets the second video member authority for the user, the member authority duration range of the first shopping platform of the user is from 2019/9 to 2019/10.
In an optional implementation manner, after verifying the settlement of the present joint permission, each node in the federation chain may perform settlement to a corresponding platform, and a specific settlement manner may adopt a fixed division settlement manner listed in table 2, and each node performs settlement to each platform according to a settlement request.
Fig. 13 is a block chain system-based joint membership architecture diagram provided in the embodiment of the present application, which is integrally divided into three parts: opening the united authority, setting the authority of the member in the alliance chain, and authenticating the authority of the member in the alliance chain. After the user pays through the unified joint authority customization interface, the member purchasing stream is verified on the alliance chain and synchronized to all members in the alliance. When one member successfully verifies one transaction flow, the corresponding delivery Svr needs to be informed to set corresponding authority for the user. If the purchase flow of a certain joint member is verified by the VIP node of the first video platform, the delivery Svr is informed to deliver the first video platform VIP to the corresponding user.
In an optional implementation manner, when a node in a federation chain sets a right included in a federation right for a user, the right can be implemented by notifying a corresponding service to perform member delivery processing, and a process of verifying settlement delivery is shown in fig. 14, wherein a purchase flow is settlement flow information, a process of losing a purchase flow of the node to perform flow transit is performed, a settlement flow sequence is actually lost, a service Svr receives the sequence, a validity check is performed on a user account, whether the user account is bound or not is verified, if yes, the verification is determined to be successful, a member is directly delivered to the account bound by the user, otherwise, the verification is determined to be failed, and at this time, the qualification of the member to be picked can be temporarily stored to a mobile phone number.
In this embodiment of the application, after the verification is successful, the shipping member may directly ship to the account number bound by the user, that is, the account of the user, wherein the shipping member operation includes authority setting, user prompt, and the like, where the authority setting is a process related in the above embodiment to set an authority included in the joint authority for the user.
In an optional embodiment, when the notification is prompted to the user, the notification can be popped up in the joint permission customization interface to prompt the user; or prompting the user through the account number bound by the user.
When prompting is carried out on a user through an account number bound by the user, if the account number bound by the user is a mobile phone number, prompting can be carried out on the user in a mode of sending a short message to the mobile phone number bound by the user; if the account number bound by the user is a WeChat account, a QQ account, a microblog account or other third party accounts, the user can be prompted through dialog boxes of the WeChat account, the QQ account, the microblog account and the like, and the like.
The prompt message can be a message for prompting the user that the permission setting is successful after the permission contained in the joint permission is set for the user; in this way, the detailed authority duration range can be prompted to the user. Referring to fig. 15A, a manner for prompting the user through the WeChat dialog box provided by the embodiment of the present application is shown, in which information of the joint authority purchased by the user, the purchased account number, the authority duration range, and the like is displayed.
In addition, the prompt interface shown in fig. 15A may further include website links of some vendor platforms that join in the joint authority, so that the user can directly jump to the corresponding platform by clicking the link to enjoy the membership authority.
Or after the verification is successful, a prompt message of successful purchase can be sent to the user, the user is directly shown by the combined authority customization interface, and the user is prompted to successfully purchase the membership authority and the like.
As shown in fig. 15B, for a manner of directly prompting a user at a joint permission customization interface provided in the embodiment of the present application, after the permission is set by the node 1, a notification message indicating that the member permission setting is successful may be sent to the corresponding terminal device, and after the terminal device receives the notification message, the prompting interface shown on the left side of fig. 15B is displayed in the screen, and a button for "jump to VIP member permission interface" is displayed in the interface. And if the user A clicks a button to jump to the VIP member authority interface, the terminal equipment jumps to a VIP video home page corresponding to the first video platform. At this time, the user a already has member VIP authority in the first video platform, and if the member VIP authority here is that all video data in the video website can be viewed, the user a clicks any video data and can view the video data. As shown on the right side of fig. 15B, user a may select a video asset for viewing by clicking.
Optionally, after the node 4 also sets the authority for the user a, a notification message that the membership authority setting is successful may be sent to the node 1, and the node 1 forwards the notification message that the membership authority setting is successful to the terminal device corresponding to the node 1. In this way, a button of "jump to the first music platform" may also be displayed in the prompt interface, if the user a clicks the button "jump to the first music platform", the terminal device jumps to the first page of the song website corresponding to the first music platform, at this time, the user a already has a member VIP permission in the song website corresponding to the first music platform, and if the member VIP permission here is that all audio data in the song website may be listened to, the user a clicks any audio data, and the user a may listen to.
Optionally, under the condition that the verification fails, a prompt message can be sent to the user to prompt that the member permission of the user is temporarily stored in the mobile phone number, and the user can use the corresponding member permission by binding the mobile phone number in the later period.
It should be noted that the above process of verifying the account of the user is applicable to all nodes in the federation chain, and when the node verifies the settlement of the user this time successfully, the account information of the user can be verified, and the authority included in the federation authority is set for the user according to the verification result.
In an alternative embodiment, all nodes in the federation chain may also authenticate the user. And when the user implements the service corresponding to the authority, sending a service request to the node in the alliance chain through the united authority service interface corresponding to the corresponding platform. For example, when a user a requests to view a member VIP video on a joint authority service interface of a first video platform, a node corresponding to the platform responds to a service request input by the user through the joint authority service interface, and the service request at least includes account information of the user. And inquiring settlement flow information corresponding to the account information in the service request by the node corresponding to the platform in the alliance chain, determining the authority duration range of the authority contained by the joint member set for the user by the node corresponding to the platform in the joint authority according to the settlement flow information, and correspondingly processing the service request of the user according to the authority duration range. By means of the non-tamper property of the block chain, the related information of the union authority stored in the union chain cannot be tampered randomly, and the reliability of the query result can be guaranteed.
Supposing that the permission duration range is from 2019, month 1 and 11, month 1 and the time for inputting the service request by the current user is 2019, month 10 and 1, so that the time for the current request of the user can be determined to be within the permission duration range, the service request of the user is successful, and further the operation of responding to the service request of the user can be executed; if the time for inputting the service request by the current user is 2019, 11, month and 2, the current time for the user to request is determined not to be in the scope of the authority duration, so that the user can be determined to fail in the service request, and at the moment, the user can be prompted not to enjoy the membership authority currently.
In the mode, the user requests to implement the service corresponding to the joint authority by inquiring the relevant information of the joint authority stored in the alliance chain, and whether the user has the authority is authenticated, and the safe use of the joint authority is ensured because the reliability of the relevant information of the joint authority stored in the alliance chain is high.
Referring to fig. 16, a schematic diagram of authentication of a joint member bundle provided in the embodiment of the present application is shown, where a federation member service Svr and a member authentication Svr are Svr corresponding to a node in a federation chain, DB refers to a block in the federation chain, and authority information of a federation authority and all settlement pipelining information generated in a settlement process and the like are stored in the block. The method comprises the steps of inquiring member information corresponding to a user account in a alliance chain, judging whether a user currently has member authority or not by the aid of the member information including an authority duration range, feeding the member information back to an alliance member service Svr, and processing a service request of the user by the aid of the alliance member service Svr according to the member information fed back by the member authentication Svr.
Optionally, in the authentication process, not only the authority duration range can be queried, but also the historical transaction record of the user can be known, and the verification result of a certain transaction record of a union link point can be queried, so that the user can conveniently trace the transaction process and the verification process.
The retrospective transaction process can be applied in the following scenarios: the user purchases a certain united member package and pays successfully, but a certain alliance link point related to the united member package is not delivered, namely the alliance link point does not set the member authority of the user. The user can inquire the transaction through the alliance chain, and even if the node is repudiated, the rest alliance chain nodes store the blocks of the transaction, so that the user can conveniently obtain evidence.
In addition, in the related art, the joint authority takes the first video platform as a center, all account binding information is stored on the first video platform side, the first video platform side is a binding center node of user binding information, and a partner depends on user binding data of the first video platform. The joint time length is controlled by the first video platform, and the time length participating in the joint is independently controlled and maintained by each family.
In the embodiment of the application, all information of the joint authority is stored in the alliance chain, all blocks in the alliance store authority opening data of the user, all alliance members can inquire relevant information of the joint authority through inquiring the alliance chain, all alliance members manage the alliance chain in a unified mode, and safety and reliability of joint authority control are guaranteed based on the property that the block chain cannot be tampered.
As shown in fig. 17, a schematic structural diagram of a first combined right control apparatus 1700 according to an embodiment of the present application may include:
a response unit 1701, configured to respond to a settlement request for settling the joint permission input by the user through the joint permission customization interface, and verify the settlement request according to a settlement rule corresponding to the joint permission, where the settlement rule is determined jointly by each node in the federation chain, and the joint permission includes different permissions set for the user by each node in the federation chain;
an authority control unit 1702, configured to set, according to the verification result and the settlement request, an authority included in the joint authority for the user;
an information generating unit 1703, configured to generate settlement pipelining information according to the settlement request, and store the settlement pipelining information in a block of the federation chain;
a broadcasting unit 1704, configured to broadcast the settlement pipelining information in the federation chain, so that after other nodes in the federation chain receive the settlement pipelining information, the settlement is verified according to the settlement pipelining information, and a right included in the joint right is set for the user according to a verification result.
Optionally, the response unit 1701 is further configured to:
responding to a query request for querying the joint permission, which is input by a user through a joint permission customization interface, and acquiring permission information corresponding to the joint permission from a alliance chain, wherein the permission information comprises information of different permissions set for the user by each node in the joint permission; and are
And sending the authority information corresponding to the joint authority to the user so as to display the authority information corresponding to the joint authority on the joint authority customization interface.
Optionally, the information generating unit 1703 is specifically configured to:
hashing the settlement request by a hashing method to obtain a first hash value;
encrypting the first hash value according to the node private key to obtain signature information;
and generating settlement flow information according to the signature information, the public key of the node private key and the settlement request, wherein the public key is generated according to the node private key.
Optionally, the broadcast unit 1704 is specifically configured to;
receiving settlement pipelining information broadcasted in a alliance chain, and verifying the settlement pipelining information;
broadcasting the verification result in the alliance chain, and receiving the verification result broadcasted by other nodes in the alliance chain;
confirming the consensus result according to the received verification result and the self verification result;
setting the authority contained in the joint authority for the user according to the consensus result and the settlement request; and
the settlement pipelining information is stored into blocks of the federation chain.
Optionally, the broadcast unit 1704 is specifically configured to:
decrypting the signature information according to the public key to obtain a second hash value;
when it is verified by the hashing method that the second hash value is identical to the first hash value, it is determined that the verification is successful.
Optionally, the broadcast unit 1704 is specifically configured to:
confirming the consensus result according to the received verification result and the verification result of the consensus result, comprising:
and if the number of the nodes allowed to settle at this time reaches the preset threshold value according to the received verification result and the self verification result, determining that the consensus is successful.
Optionally, the apparatus further comprises:
a checking unit 1705, configured to check account information of the user.
Optionally, the apparatus further comprises: an authentication unit 1706;
a response unit 1701, configured to respond to a service request input by a user through a joint authority service interface, where the service request at least includes account information of the user;
an authentication unit 1706, configured to query settlement running information corresponding to the account information in the federation chain; determining the authority duration range of the authority corresponding to the node in the joint authority according to the settlement running information; and if the current request moment of the user is within the permission duration range, determining that the service request of the user is successful.
For convenience of description, the above parts are separately described as modules (or units) according to functional division. Of course, the functionality of the various modules (or units) may be implemented in the same one or more pieces of software or hardware when implementing the present application.
After introducing the method and apparatus for joint right control according to an exemplary embodiment of the present application, an apparatus for joint right control according to another exemplary embodiment of the present application will be described next.
As will be appreciated by one skilled in the art, aspects of the present application may be embodied as a system, method or program product. Accordingly, various aspects of the present application may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
In some alternative embodiments, an electronic device according to the present application may include at least a processor and a memory. Wherein the memory stores program code which, when executed by the processor, causes the processor to perform the steps of any of the joint right control methods according to the various exemplary embodiments of the present application described in the present specification. For example, a processor may perform the steps as shown in fig. 6 or fig. 10.
The joint right control apparatus of this embodiment is similar in structure to the joint right control apparatus shown in fig. 16, and will not be described again here.
In some alternative embodiments, an electronic device according to the present application may include at least a processor and a memory. Wherein the memory stores program code which, when executed by the processor, causes the processor to perform the steps of the second joint right control method according to various exemplary embodiments of the present application described above in this specification. For example, a processor may perform the steps as shown in FIG. 10.
The joint authority control device of this embodiment is similar in structure to the joint authority control device shown in fig. 17, and will not be described again here.
The computing device 180 according to this embodiment of the present application is described below with reference to fig. 18. The computing device 180 of fig. 18 is only an example and should not impose any limitations on the functionality or scope of use of embodiments of the present application.
As in fig. 18, computing device 180 is embodied in the form of a general purpose computing device. Components of computing device 180 may include, but are not limited to: the at least one processing unit 181, the at least one memory unit 182, and a bus 183 that couples various system components including the memory unit 182 and the processing unit 181.
Bus 183 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, a processor, or a local bus using any of a variety of bus architectures.
The storage unit 182 may include readable media in the form of volatile memory, such as Random Access Memory (RAM)1818 and/or cache memory unit 1822, and may further include Read Only Memory (ROM) 1823.
The storage unit 182 may also include a program/utility 1825 having a set (at least one) of program modules 1824, such program modules 1824 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
The computing device 180 may also communicate with one or more external devices 184 (e.g., keyboard, pointing device, etc.), may also communicate with one or more devices that enable a user to interact with the computing device 180, and/or may communicate with any devices (e.g., router, modem, etc.) that enable the computing device 180 to communicate with one or more other computing devices. Such communication may occur via input/output (I/O) interfaces 185. Also, computing device 180 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) through network adapter 186. As shown, the network adapter 186 communicates with the other modules for the computing device 180 over the bus 183. It should be understood that although not shown in the figures, other hardware and/or software modules may be used in conjunction with computing device 180, including but not limited to: microcode, device drivers, redundant processors, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
In some alternative embodiments, various aspects of the joint right control method provided by the present application may also be implemented in a form of a program product including program code for causing a computer device to perform the steps in the joint right control method according to various exemplary embodiments of the present application described above in this specification when the program product is run on the computer device, for example, the computer device may perform the steps as shown in fig. 6 or fig. 10.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The joint entitlement control program product of embodiments of the present application may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a computing device. However, the program product of the present application is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with a command execution system, apparatus, or device.
A readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with a command execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.

Claims (15)

1. A joint authority control method is applied to nodes in a alliance chain and comprises the following steps:
responding to a settlement request of settlement joint permission input by a user through a joint permission customization interface, and verifying the settlement request according to a settlement rule corresponding to the joint permission, wherein the settlement rule is determined by all nodes added into the alliance chain together, and the joint permission comprises different permissions set for the user by all the nodes in the alliance chain;
setting the authority contained in the combined authority for the user according to a verification result and the settlement request;
generating settlement running water information according to the settlement request, and storing the settlement running water information into a block of the alliance chain; and
and broadcasting the settlement running information in the alliance chain so that after other nodes in the alliance chain receive the settlement running information, verifying the settlement according to the settlement running information and setting the authority contained in the united authority for the user according to a verification result.
2. The method of claim 1, further comprising:
responding to a query request for querying the joint permission, which is input by a user through the joint permission customization interface, and acquiring permission information corresponding to the joint permission from a alliance chain, wherein the permission information comprises information of different permissions set for the user by each node in the joint permission; and are
And sending the authority information corresponding to the joint authority to the user so as to display the authority information corresponding to the joint authority on the joint authority customization interface.
3. The method of claim 1 or 2, wherein generating settlement pipeline information from the settlement request comprises:
hashing the settlement request by a hashing method to obtain a first hash value;
encrypting the first hash value according to a node private key to obtain signature information;
and generating the settlement running information according to the signature information, a public key of the node private key and the settlement request, wherein the public key is generated according to the node private key.
4. The method of claim 3, wherein after receiving the settlement pipelining information, other nodes in the federation chain verify the settlement according to the settlement pipelining information and set the permissions included in the federated permissions for the user according to a verification result, comprising:
receiving settlement running information broadcasted in the alliance chain, and verifying the settlement running information;
broadcasting the verification result in the alliance chain, and receiving the verification result broadcasted by other nodes in the alliance chain;
confirming the consensus result according to the received verification result and the self verification result;
setting the authority contained in the joint authority for the user according to the consensus result and the settlement request; and
storing the settlement pipeline information into a block of the federation chain.
5. The method of claim 4, wherein said validating said settlement pipeline information comprises:
decrypting the signature information according to the public key to obtain a second hash value;
when the second hash value is verified to be identical to the first hash value by the hashing method, it is determined that the verification is successful.
6. The method of claim 4, wherein the validating the consensus result based on the received authentication result and the own authentication result comprises:
and if the number of the nodes allowed to settle at this time reaches the preset threshold value according to the received verification result and the self verification result, determining that the consensus is successful.
7. The method of claim 1, wherein the method further comprises:
and checking the account information of the user.
8. The method of claim 1 or 2, wherein the method further comprises:
responding to a service request input by a user through a joint authority service interface, wherein the service request at least comprises account information of the user;
inquiring settlement running information corresponding to the account information in the alliance chain;
determining an authority duration range corresponding to the joint authority according to the settlement running information;
and if the current request moment of the user is within the permission duration range, determining that the service request of the user is successful.
9. A join authority control device applied to a node in a federation chain includes:
the response unit is used for responding to a settlement request of settlement joint permission input by a user through a joint permission customization interface, and verifying the settlement request according to a settlement rule corresponding to the joint permission, wherein the settlement rule is determined by all nodes added into the alliance chain together, and the joint permission comprises different permissions set for the user by all the nodes in the alliance chain;
the authority control unit is used for setting the authority contained in the combined authority for the user according to a verification result and the settlement request;
the information generating unit is used for generating settlement running water information according to the settlement request and storing the settlement running water information into a block of the alliance chain;
and the broadcasting unit is used for broadcasting the settlement running information in the alliance chain so that after other nodes in the alliance chain receive the settlement running information, the settlement is verified according to the settlement running information, and the authority contained in the joint authority is set for the user according to a verification result.
10. The apparatus of claim 9, wherein the response unit is further to:
responding to a query request for querying the joint permission, which is input by a user through the joint permission customization interface, and acquiring permission information corresponding to the joint permission from a alliance chain, wherein the permission information comprises information of different permissions set for the user by each node in the joint permission; and are
And sending the authority information corresponding to the joint authority to the user so as to display the authority information corresponding to the joint authority on the joint authority customization interface.
11. The apparatus according to claim 9 or 10, wherein the information generating unit is specifically configured to:
hashing the settlement request by a hashing method to obtain a first hash value;
encrypting the first hash value according to a node private key to obtain signature information;
and generating the settlement running information according to the signature information, a public key of the node private key and the settlement request, wherein the public key is generated according to the node private key.
12. The apparatus of claim 9 or 10, wherein the apparatus further comprises:
and the checking unit is used for checking the account information of the user.
13. The apparatus of claim 9 or 10, wherein the apparatus further comprises: an authentication unit;
the response unit is further used for responding to a service request input by a user through a combined authority service interface, wherein the service request at least comprises account information of the user;
the authentication unit is used for inquiring settlement running information corresponding to the account information in the alliance chain; determining the authority duration range of the authority corresponding to the node in the joint authority according to the settlement running information; and if the current request moment of the user is within the permission duration range, determining that the service request of the user is successful.
14. An electronic device, comprising a processor and a memory, wherein the memory stores program code which, when executed by the processor, causes the processor to perform the steps of the method of any of claims 1 to 8.
15. A computer-readable storage medium, characterized in that it comprises program code for causing an electronic device to carry out the steps of the method according to any one of claims 1 to 8, when said program code is run on the electronic device.
CN201911150259.3A 2019-11-21 2019-11-21 Joint authority control method and device, electronic equipment and storage medium Active CN111049806B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911150259.3A CN111049806B (en) 2019-11-21 2019-11-21 Joint authority control method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911150259.3A CN111049806B (en) 2019-11-21 2019-11-21 Joint authority control method and device, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN111049806A CN111049806A (en) 2020-04-21
CN111049806B true CN111049806B (en) 2020-11-17

Family

ID=70232741

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911150259.3A Active CN111049806B (en) 2019-11-21 2019-11-21 Joint authority control method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN111049806B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111626850B (en) * 2020-06-05 2023-04-18 中国银行股份有限公司 Deposit information processing method and device, readable medium and equipment
CN112073413B (en) * 2020-09-08 2022-12-06 深圳市金蚁云数字科技有限公司 Online alliance chain management method and device, computer equipment and storage medium
CN114840113A (en) * 2022-05-12 2022-08-02 维沃移动通信有限公司 Application management method and device

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109636434A (en) * 2018-10-19 2019-04-16 深圳壹账通智能科技有限公司 Integration managing method, system, electronic equipment and storage medium based on block chain

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102930194A (en) * 2012-09-20 2013-02-13 无锡华御信息技术有限公司 Data security operating system and method based on authority management and control
CN107025602A (en) * 2017-02-24 2017-08-08 杭州象链网络技术有限公司 A kind of financial asset transaction system construction method based on alliance's chain
US20190304259A1 (en) * 2018-03-31 2019-10-03 Raymond Anthony Joao Sports betting apparatus and method
CN108616578A (en) * 2018-04-09 2018-10-02 上海点融信息科技有限责任公司 Method for processing business, equipment and the computer readable storage medium of transregional piece of platform chain

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109636434A (en) * 2018-10-19 2019-04-16 深圳壹账通智能科技有限公司 Integration managing method, system, electronic equipment and storage medium based on block chain

Also Published As

Publication number Publication date
CN111049806A (en) 2020-04-21

Similar Documents

Publication Publication Date Title
US11025435B2 (en) System and method for blockchain-based cross-entity authentication
US11038670B2 (en) System and method for blockchain-based cross-entity authentication
CN112214780B (en) Data processing method and device, intelligent equipment and storage medium
US11159526B2 (en) System and method for decentralized-identifier authentication
CN108256859B (en) Financial product transaction consensus method, node and system based on block chain
US11941588B2 (en) Systems and methods for blockchain virtualization and scalability
US7167985B2 (en) System and method for providing trusted browser verification
CN111049806B (en) Joint authority control method and device, electronic equipment and storage medium
CN109741068A (en) Internetbank inter-bank contracting method, apparatus and system
Li et al. A decentralized and secure blockchain platform for open fair data trading
CN115380303A (en) Trusted platform based on block chain
CN114760071B (en) Zero-knowledge proof based cross-domain digital certificate management method, system and medium
CN113302612B (en) Computer implementation method, system and device for cross-chain and cross-network data transmission
CN115705601A (en) Data processing method and device, computer equipment and storage medium
Li et al. Secure electronic ticketing system based on consortium blockchain
CN116664298A (en) Implementation method and device of block chain-based decentralization data transaction system
CN113869901B (en) Key generation method, key generation device, computer-readable storage medium and computer equipment
CN113706261A (en) Block chain-based power transaction method, device and system
US20230419285A1 (en) NFT Enforcement Control System
CN116401697A (en) Electronic bidding privacy protection method based on blockchain
CN116862508A (en) Machine learning model transaction system based on alliance blockchain
CN116975901A (en) Identity verification method, device, equipment, medium and product based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40022192

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant