CN111585985B - Business identity recognition and authentication method and system based on block chain - Google Patents
Business identity recognition and authentication method and system based on block chain Download PDFInfo
- Publication number
- CN111585985B CN111585985B CN202010334717.5A CN202010334717A CN111585985B CN 111585985 B CN111585985 B CN 111585985B CN 202010334717 A CN202010334717 A CN 202010334717A CN 111585985 B CN111585985 B CN 111585985B
- Authority
- CN
- China
- Prior art keywords
- access request
- client
- access
- block chain
- security level
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
- H04L67/1004—Server selection for load balancing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Abstract
The invention discloses a business identity identification authentication method and a system based on a block chain, wherein a website server and a plurality of authentication servers are deployed, and each authentication server is used as a block chain node; a user sends an access request to any one block chain node through a client; all the blockchain nodes verify the access request of the user by a consensus mechanism so as to judge whether the access is allowed or not; when the access is allowed, the access request of the client is transferred to the website server; the website server judges and responds to the validity of the access request of the client, effectively prevents the problems of redirection, stealing link, copying and the like, improves the access safety and stability of the website server, improves the validity of website response, and reduces the load balancing pressure of large-scale access of the server through the validity judgment of the access request.
Description
Technical Field
The disclosure relates to a technology combining a block chain and commercial identity identification and authentication, in particular to a commercial identity identification and authentication method and a commercial identity identification and authentication system based on the block chain.
Background
The business identification authentication is also called a smart card, and is an access system of a business website, and is used for introducing some basic information of the website, such as name, address, contact, home business and business information, to visitors. However, some external illegal operations cause the modes of site redirection, link stealing, copying and the like, so that the access port of the commercial website made by the enterprise is easily utilized illegally, and the security is extremely unstable. Therefore, it is imperative to improve the existing commercial identity authentication methods.
Disclosure of Invention
The present invention is directed to a method and system for business identity authentication based on a block chain, which solves one or more technical problems in the prior art and provides at least one useful choice or creation condition.
In order to solve the above problems, the present disclosure provides a technical solution of a business identity identification authentication method and system based on a blockchain, where a website server and multiple authentication servers are deployed, and each authentication server is used as a blockchain node; a user sends an access request to any one block chain node through a client; all the blockchain nodes verify the access request of the user by a consensus mechanism so as to judge whether the access is allowed or not; when the access is allowed, the access request of the client is transferred to the website server; and the website server judges the validity of the access request of the client and responds.
In order to achieve the above object, according to an aspect of the present disclosure, there is provided a block chain-based business identification authentication method, the method including the steps of:
s100, deploying a website server and a plurality of authentication servers, and taking each authentication server as a block chain node;
s200, a user sends an access request to any block chain node through a client;
s300, all the block chain nodes verify the access request of the user by a consensus mechanism so as to judge whether the access is allowed or not;
s400, when the access is allowed, the access request of the client is transferred to a website server;
and S500, the website server judges the validity of the access request of the client and responds.
Further, in S100, the website server is a server storing websites in an internet data center, and the website server is mainly used for publishing and applying websites in the internet and is an infrastructure hardware facility for network application;
the client, or called as a user side, refers to a program corresponding to a server and providing local services for a client, and is generally installed on a common client except some application programs which are only operated locally, and needs to be operated in cooperation with a website server;
the authentication server is used for verifying the security of the access request of the user, and the access to the website server is allowed after the verification.
Further, the deploying of the website server and the plurality of authentication servers is to deploy the web website to the server side and connect the website server and the plurality of authentication servers.
Further, the website server and the plurality of authentication servers constitute a server side.
Further, in S200, the access request includes: the method comprises the following steps of a user name, a password, a timestamp and a security level of a client, wherein the password is a character string formed by encryption through an MD5 algorithm, and the security level of the client comprises the following steps: the security level of the mobile device is level 1; the security level of the public network is level 2; the security level of the private network is 3 level; the timestamp is the time at which the access request was initiated.
Further, in S300, the method for verifying the access request of the user by all the blockchain nodes through the consensus mechanism to determine whether to allow the access includes:
s301, reading an access request of a user;
s302, randomly extracting one third of the block chain nodes from all the block chain nodes, connecting the block chain nodes with the client, calculating the security level of the client and reading the security level of the client, and when the read security level of all the client is consistent with the security level in the access request, judging the access request as allowing access, otherwise, not allowing access.
Further, in S500, the method for the website server to determine and respond to the validity of the access request of the client includes: obtaining the verification time length of the access request according to the time stamp of the access request, wherein the verification time length is the current time-time stamp (the verification time length is the time difference between the current time and the time stamp time), and when the verification time length is smaller than an overtime threshold, judging that the access request is valid, otherwise, judging that the access request is invalid; if the access request is valid, the website server responds to the client, and if the access request is invalid, the website server refuses the response.
The timeout threshold value ranges from [100,8000] milliseconds.
The invention also provides a business identity identification and authentication system based on the block chain, which comprises: a memory, a processor, and a computer program stored in the memory and executable on the processor, the processor executing the computer program to run in the units of the following system:
the network deployment unit is used for deploying a website server and a plurality of authentication servers, and each authentication server is used as a block chain node;
the access request unit is used for sending an access request to any block chain node by a user through a client;
the consensus verifying unit is used for verifying the access request of the user by all the block chain nodes through a consensus mechanism so as to judge whether the access is allowed or not;
the access jumping unit is used for transferring the access request of the client to the website server when the access is allowed;
and the service response unit is used for judging the validity of the access request of the client by the website server and responding.
The beneficial effect of this disclosure does: the business identity identification authentication method and system based on the block chain effectively prevent the problems of redirection, stealing, copying and the like, improve the access safety and stability of the website server, improve the effectiveness of website response, and reduce the load balancing pressure of large-scale access of the server through the effectiveness judgment of the access request.
Drawings
The foregoing and other features of the present disclosure will become more apparent from the detailed description of the embodiments shown in conjunction with the drawings in which like reference characters designate the same or similar elements throughout the several views, and it is apparent that the drawings in the following description are merely some examples of the present disclosure and that other drawings may be derived therefrom by those skilled in the art without the benefit of any inventive faculty, and in which:
FIG. 1 is a flow chart of a block chain based business identification authentication method;
fig. 2 is a block chain-based business identification authentication system diagram.
Detailed Description
The conception, specific structure and technical effects of the present disclosure will be clearly and completely described below in conjunction with the embodiments and the accompanying drawings to fully understand the objects, aspects and effects of the present disclosure. It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.
Referring to fig. 1, a flow chart of a block chain based business identification authentication method according to the present disclosure is shown, and a block chain based business identification authentication method according to an embodiment of the present disclosure is described below with reference to fig. 1.
The utility model provides a business identity identification authentication method based on block chain, which comprises the following steps:
s100, deploying a website server and a plurality of authentication servers, and taking each authentication server as a block chain node;
s200, a user sends an access request to any block chain node through a client;
s300, all the block chain nodes verify the access request of the user by a consensus mechanism so as to judge whether the access is allowed or not;
s400, when the access is allowed, the access request of the client is transferred to a website server;
and S500, the website server judges the validity of the access request of the client and responds.
Further, in S100, the website server is a server storing a website in an internet data center, and the website server is mainly used for publishing and applying the website in the internet and is an infrastructure of a network application;
the client, or called as a user side, refers to a program corresponding to a server and providing local services for a client, and is generally installed on a common client except some application programs which are only operated locally, and needs to be operated in cooperation with a website server;
the authentication server is used for verifying the security of the access request of the user, and the access to the website server is allowed after the verification.
Further, the deploying of the website server and the plurality of authentication servers is to deploy the web website to the server side and connect the website server and the plurality of authentication servers.
Further, the website server and the plurality of authentication servers constitute a server side.
Further, in S200, the access request includes: the method comprises the following steps of a user name, a password, a timestamp and a security level of a client, wherein the password is a character string formed by encryption through an MD5 algorithm, and the security level of the client comprises the following steps: the security level of the mobile device is level 1; the security level of the public network is level 2; the security level of the private network is 3 level; the timestamp is the time at which the access request was initiated.
Further, in S300, the method for verifying the access request of the user by all the blockchain nodes through the consensus mechanism to determine whether to allow the access includes:
s301, reading an access request of a user;
s302, randomly extracting one third of the block chain nodes from all the block chain nodes, connecting the block chain nodes with the client, calculating the security level of the client and reading the security level of the client, and when the read security level of all the client is consistent with the security level in the access request, judging the access request as allowing access, otherwise, not allowing access.
Further, in S500, the method for the website server to determine and respond to the validity of the access request of the client includes: obtaining the verification duration of the access request according to the timestamp of the access request, wherein the verification duration is the current time-timestamp (the verification duration is the time difference between the current time and the timestamp time), and when the verification duration is smaller than an overtime threshold, judging that the access request is valid, otherwise, judging that the access request is invalid; if the access request is valid, the website server responds to the client, and if the access request is invalid, the website server refuses the response.
The timeout threshold value is in the range of [100,8000] milliseconds.
A block chain-based business identity recognition and authentication system provided in an embodiment of the present disclosure is a block chain-based business identity recognition and authentication system diagram of the present disclosure as shown in fig. 2, and a block chain-based business identity recognition and authentication system of the embodiment includes: a processor, a memory, and a computer program stored in the memory and executable on the processor, the processor implementing the steps in one embodiment of the blockchain based commercial identity authentication system described above when executing the computer program.
The system comprises: a memory, a processor, and a computer program stored in the memory and executable on the processor, the processor executing the computer program to run in the units of the following system:
the network deployment unit is used for deploying the website server and the authentication servers and taking each authentication server as a block chain node;
the access request unit is used for sending an access request to any one block chain node by a user through a client;
the consensus verifying unit is used for verifying the access request of the user by all the block chain nodes through a consensus mechanism so as to judge whether the access is allowed or not;
the access jumping unit is used for transferring the access request of the client to the website server when the access is allowed;
and the service response unit is used for judging the validity of the access request of the client by the website server and responding.
The commercial identity recognition and authentication system based on the block chain can be operated in computing equipment such as desktop computers, notebooks, palm computers and cloud servers. The commercial identity recognition authentication system based on the block chain can be operated by a system comprising, but not limited to, a processor and a memory. It will be understood by those skilled in the art that the example is merely an example of a blockchain based commercial identity authentication system and does not constitute a limitation of a blockchain based commercial identity authentication system and may include more or less than a proportional number of components, or some components in combination, or different components, for example, the blockchain based commercial identity authentication system may further include input output devices, network access devices, buses, etc.
The Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, or the like. The general purpose processor may be a microprocessor or the processor may be any conventional processor or the like, the processor is the control center of the operational system of the blockchain based commercial identification system, and various interfaces and lines are used to connect various parts of the operational system of the entire blockchain based commercial identification system.
The memory may be used for storing the computer programs and/or modules, and the processor may implement the various functions of the block chain based commercial identity authentication system by running or executing the computer programs and/or modules stored in the memory and calling the data stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, etc. In addition, the memory may include high speed random access memory, and may also include non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), at least one magnetic disk storage device, a Flash memory device, or other volatile solid state storage device.
While the present disclosure has been described in considerable detail and with particular reference to a few illustrative embodiments thereof, it is not intended to be limited to any such details or embodiments or any particular embodiments, but it is to be construed as effectively covering the intended scope of the disclosure by providing a broad, potential interpretation of such claims in view of the prior art with reference to the appended claims. Furthermore, the foregoing describes the disclosure in terms of embodiments foreseen by the inventor for which an enabling description was available, notwithstanding that insubstantial modifications of the disclosure, not presently foreseen, may nonetheless represent equivalent modifications thereto.
Claims (5)
1. A business identity authentication method based on a blockchain, the method comprising the steps of:
s100, deploying a website server and a plurality of authentication servers, and taking each authentication server as a block chain node;
s200, a user sends an access request to any block chain node through a client;
s300, all the block chain nodes verify the access request of the user by a consensus mechanism so as to judge whether the access is allowed or not;
s400, when the access is allowed, the access request of the client is transferred to a website server;
s500, the website server judges the validity of the access request of the client and responds;
in S200, the access request includes: the method comprises the following steps of a user name, a password, a timestamp and a security level of a client, wherein the password is a character string formed by encryption through an MD5 algorithm, and the security level of the client comprises the following steps: the security level of the mobile device is level 1; the security level of the public network is level 2; the security level of the private network is 3 level; the time stamp is the time of initiating the access request;
in S300, the method for verifying the access request of the user by all the blockchain nodes through the consensus mechanism to determine whether to allow the access includes:
s301, reading an access request of a user;
s302, randomly extracting one third of the block chain nodes from all the block chain nodes, connecting the block chain nodes with the client, calculating the security level of the client and reading the security level of the client, and when the read security level of all the client is consistent with the security level in the access request, judging the access request as allowing access, otherwise, not allowing access.
2. The method as claimed in claim 1, wherein in S100, the website server is a server storing websites in an internet data center, and the website server is mainly used for publishing and applying websites in the internet and is an infrastructure of network applications.
3. The method for commercial identity recognition and authentication based on the blockchain of claim 1, wherein in S500, the method for the website server to determine and respond to the validity of the access request of the client comprises: obtaining the verification time length of the access request according to the time stamp of the access request, namely the verification time length is equal to the current time-time stamp, when the verification time length is smaller than an overtime threshold value, judging that the access request is valid, otherwise, judging that the access request is invalid; if the access request is valid, the website server responds to the client, and if the access request is invalid, the website server refuses the response.
4. The method according to claim 3, wherein the timeout threshold value is in a range of [100,8000] ms.
5. A blockchain-based business identification authentication system, the system comprising: a memory, a processor, and a computer program stored in the memory and executable on the processor, the processor executing the computer program to run in the units of the system:
the network deployment unit is used for deploying the website server and the authentication servers and taking each authentication server as a block chain node;
the access request unit is used for sending an access request to any one block chain node by a user through a client;
the consensus verifying unit is used for verifying the access request of the user by all the block chain nodes through a consensus mechanism so as to judge whether the access is allowed or not;
the access jumping unit is used for transferring the access request of the client to the website server when the access is allowed;
the service response unit is used for judging the validity of the access request of the client by the website server and responding;
the access request includes: the method comprises the following steps of a user name, a password, a timestamp and a security level of a client, wherein the password is a character string formed by encryption through an MD5 algorithm, and the security level of the client comprises the following steps: the security level of the mobile device is level 1; the security level of the public network is level 2; the security level of the private network is 3 level; the time stamp is the moment of initiating the access request;
the method for verifying the access request of the user by all the block chain nodes through the consensus mechanism so as to judge whether the access is allowed or not comprises the following steps:
s301, reading an access request of a user;
s302, randomly extracting one third of the block chain nodes from all the block chain nodes, connecting the block chain nodes with the client, calculating the security level of the client and reading the security level of the client, and when the read security level of all the client is consistent with the security level in the access request, judging the access request as allowing access, otherwise, not allowing access.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010334717.5A CN111585985B (en) | 2020-04-24 | 2020-04-24 | Business identity recognition and authentication method and system based on block chain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010334717.5A CN111585985B (en) | 2020-04-24 | 2020-04-24 | Business identity recognition and authentication method and system based on block chain |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111585985A CN111585985A (en) | 2020-08-25 |
CN111585985B true CN111585985B (en) | 2022-07-12 |
Family
ID=72116760
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010334717.5A Active CN111585985B (en) | 2020-04-24 | 2020-04-24 | Business identity recognition and authentication method and system based on block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111585985B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112822173B (en) * | 2020-12-31 | 2023-05-09 | 平安科技(深圳)有限公司 | Request processing method, device and storage medium based on hierarchical authentication |
CN115022005A (en) * | 2022-05-27 | 2022-09-06 | 中国银行股份有限公司 | Identification code processing method and device based on block chain |
CN114866462B (en) * | 2022-07-06 | 2022-09-09 | 广东新宏基信息技术有限公司 | Internet of things communication routing method and system for smart campus |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110365695A (en) * | 2019-07-24 | 2019-10-22 | 中国工商银行股份有限公司 | The block chain data interactive method and device of changeable common recognition algorithm |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101282254B (en) * | 2007-04-02 | 2011-06-01 | 华为技术有限公司 | Method, system and apparatus for managing household network equipment |
CN105873055B (en) * | 2016-04-18 | 2019-12-06 | 北京网康科技有限公司 | Wireless network access authentication method and device |
JP6547079B1 (en) * | 2016-12-23 | 2019-07-17 | 深▲セン▼前▲海▼▲達▼▲闥▼▲雲▼端智能科技有限公司Cloudminds (Shenzhen) Robotics Systems Co., Ltd. | Registration / authorization method, device and system |
CN107257340B (en) * | 2017-06-19 | 2019-10-01 | 阿里巴巴集团控股有限公司 | A kind of authentication method, authentication data processing method and equipment based on block chain |
CN108665946B (en) * | 2018-05-08 | 2023-01-17 | 创新先进技术有限公司 | Service data access method and device |
CN108989288B (en) * | 2018-06-20 | 2021-02-09 | 佛山科学技术学院 | Block chain-based mobile digital copyright protection method and device |
CN109309684A (en) * | 2018-10-30 | 2019-02-05 | 红芯时代(北京)科技有限公司 | A kind of business access method, apparatus, terminal, server and storage medium |
CN109981689B (en) * | 2019-04-29 | 2020-05-12 | 清华大学 | Cross-domain logic strong isolation and security access control method and device in scene of Internet of things |
CN111010372A (en) * | 2019-11-20 | 2020-04-14 | 国家信息中心 | Block chain network identity authentication system, data processing method and gateway equipment |
-
2020
- 2020-04-24 CN CN202010334717.5A patent/CN111585985B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110365695A (en) * | 2019-07-24 | 2019-10-22 | 中国工商银行股份有限公司 | The block chain data interactive method and device of changeable common recognition algorithm |
Also Published As
Publication number | Publication date |
---|---|
CN111585985A (en) | 2020-08-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111585985B (en) | Business identity recognition and authentication method and system based on block chain | |
AU2017242765C1 (en) | Method and device for registering biometric identity and authenticating biometric identity | |
US9038154B2 (en) | Token Registration | |
EP3552098B1 (en) | Operating system update management for enrolled devices | |
US9081948B2 (en) | Configurable smartcard | |
WO2017076193A1 (en) | Method and apparatus for processing request from client | |
CN102349061B (en) | Method and system for authenticating a user | |
US9477833B2 (en) | Systems and methods for updating possession factor credentials | |
WO2020224239A1 (en) | Block chain implementation method,device, system and storage medium | |
CN111931154B (en) | Service processing method, device and equipment based on digital certificate | |
CN110784450A (en) | Single sign-on method and device based on browser | |
CN110268406B (en) | Password security | |
CN108965250B (en) | Digital certificate installation method and system | |
CN102110200A (en) | Authentication method capable of being executed by computer | |
CN103475484B (en) | USB key authentication methods and system | |
US9888035B2 (en) | Systems and methods for detecting man-in-the-middle attacks | |
CN109995754B (en) | Method for application to access server side API and computer readable storage medium | |
CN108989288B (en) | Block chain-based mobile digital copyright protection method and device | |
CN110222535A (en) | Processing unit, method and the storage medium of block chain configuration file | |
WO2021188716A1 (en) | Systems and methods for protecting a folder from unauthorized file modification | |
JP7374112B2 (en) | secure data processing | |
CN108959405B (en) | Strong consistency reading method of data and terminal equipment | |
CN106330818B (en) | Protection method and system for embedded page of client | |
US9600508B1 (en) | Data layer service availability | |
CN113438229B (en) | Authentication method, authentication device and authentication equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |