CN111626535B

CN111626535B - Quality authentication system and method based on block chain

Info

Publication number: CN111626535B
Application number: CN201911311061.9A
Authority: CN
Inventors: 李艳东; 侯宝存; 邹萍
Original assignee: Beijing Aerospace Intelligent Technology Development Co ltd
Current assignee: Beijing Aerospace Intelligent Technology Development Co ltd
Priority date: 2019-12-18
Filing date: 2019-12-18
Publication date: 2022-05-17
Anticipated expiration: 2039-12-18
Also published as: CN111626535A

Abstract

The application discloses quality certification system based on block chain includes: the system comprises a block chain management platform and certification authorities corresponding to certification dimensions, wherein the block chain management platform stores first keys of the certification authorities; the block chain management platform is used for providing a first key of a first authentication mechanism for an organization to be authenticated when the organization to be authenticated is determined to select the first authentication dimension and the first authentication mechanism corresponding to the first authentication dimension; the first certification authority is used for decrypting a first quality certification material according to a second secret key corresponding to the first secret key when receiving the first quality certification material which is sent by the to-be-certified authority and encrypted by the first secret key, auditing the original quality certification material obtained by decryption, and sending a first certification result of a first certification dimension to the block chain management platform; the block chain management platform is further configured to store a first authentication result of the first authentication dimension.

Description

Quality authentication system and method based on block chain

Technical Field

The present application belongs to the field of block chains, and in particular, relates to a quality authentication system and method based on a block chain.

Background

With the increasing development of industrial internet in China, more and more industrial manufacturing enterprises become one member of the industrial internet, which puts new requirements on the quality guarantee capability of the enterprises. The quality assurance capability certification of enterprises gradually becomes a foundation for establishing trust between enterprises and between the enterprises and users, ensures the authenticity, integrity and reliability of the quality assurance capability certification, and becomes an essential link in the enterprise management link in the industrial internet.

The existing enterprise quality assurance capability authentication method excessively depends on trust of individual organizations or centralized platforms, the authentication process lacks effective supervision and is difficult to backtrack, and the problems of internal transaction, data safety and the like in the authentication process can be caused, so that the enthusiasm of enterprises for participating in authentication and the credibility of enterprise authentication are influenced.

Therefore, the problems that the information between enterprises is not transparent, the communication is not smooth, the value of the enterprises is displayed without quantitative standards and credibility are the bottleneck of efficient and reliable trade among manufacturing enterprises, and the problem is also a difficult problem in each authentication field.

Disclosure of Invention

In view of this, the present application provides a quality authentication system and method based on a block chain, so as to implement secure and trusted sharing of authentication results of various authentication mechanisms.

In order to solve the above technical problem, the present application discloses a quality authentication system based on a block chain, including: the system comprises a block chain management platform and certification authorities corresponding to certification dimensions, wherein the block chain management platform stores first keys of the certification authorities; wherein the content of the first and second substances,

the block chain management platform is used for providing a first key of a first authentication mechanism for an organization to be authenticated when the organization to be authenticated selects the first authentication dimension and the first authentication mechanism corresponding to the first authentication dimension;

the first certification authority is used for decrypting a first quality certification material according to a second secret key corresponding to the first secret key when receiving the first quality certification material which is sent by the to-be-certified authority and encrypted by the first secret key, auditing the original quality certification material obtained by decryption, and sending a first certification result of a first certification dimension to the block chain management platform;

the block chain management platform is further configured to store a first authentication result of the first authentication dimension.

Optionally, the quality certification system based on the block chain further includes a supervision mechanism, then

The blockchain management platform is further used for providing a first key of a monitoring organization of the monitoring organization to the to-be-authenticated organization;

and the supervision mechanism is used for decrypting the second quality certification material according to a third key corresponding to the first key of the supervision mechanism when receiving the second quality certification material which is sent by the to-be-certified mechanism and encrypted by the first key of the supervision mechanism, and sending a supervision result to the block chain management platform based on the original quality certification material obtained by decryption and/or the first certification result obtained by original decryption.

Optionally, the first certification authority is further configured to obtain, to the blockchain management platform, a second certification result of the second certification authority for the original quality certification material, check the original quality certification material in combination with the second certification result, and send a first certification result of a first certification dimension to the blockchain management platform; wherein the second authentication mechanism is to provide an authentication result for a second authentication dimension other than the first authentication dimension.

Optionally, the blockchain management platform is further configured to receive and store a second authentication result of a second authentication mechanism for the original quality authentication material, where the second authentication mechanism is configured to provide an authentication result of a second authentication dimension other than the first authentication dimension.

Optionally, the first quality authentication material includes an encrypted quality authentication material and an encrypted encryption/decryption key, where the encrypted encryption/decryption key is obtained by encrypting an encryption/decryption key of a to-be-authenticated entity with a first key of a first authentication entity, and the encrypted quality authentication material is obtained by encrypting an original quality authentication material with the encryption/decryption key;

then

The first certification authority is specifically configured to, when receiving the first quality certification material, decrypt the encrypted encryption and decryption key according to the second key to obtain the decrypted encryption and decryption key, and decrypt the encrypted quality certification material according to the decrypted encryption and decryption key to obtain the original quality certification material.

Optionally, the first quality authentication material includes encrypted quality authentication material and encrypted encryption and decryption keys corresponding to the respective agency identifiers participating in authentication, and for each agency identifier, the encrypted encryption and decryption key corresponding to the mechanism identification is obtained by encrypting the encryption and decryption key of the mechanism to be authenticated by using the first key of the mechanism corresponding to the mechanism identification, the encrypted encryption and decryption keys comprise a first encryption and decryption key corresponding to the first certification authority identification and a second encryption and decryption key corresponding to the supervision authority identification, the first encryption and decryption key is obtained by encrypting the encryption and decryption key of the to-be-authenticated agency by using the first key of the first authentication agency, the second encryption and decryption key is obtained by encrypting the encryption and decryption key of the to-be-authenticated agency by using the first key of the supervising agency, the encrypted quality authentication material is obtained by encrypting the original quality authentication material by using the encryption and decryption key;

then

The first certification authority is specifically configured to, when receiving the first quality certification material, determine to decrypt the first encryption/decryption key using the second key according to the first certification authority identifier, obtain the decrypted encryption/decryption key, and decrypt the encrypted quality certification material according to the decrypted encryption/decryption key, to obtain the original quality certification material;

the monitoring mechanism is specifically configured to determine to decrypt the second encryption and decryption key using the third key according to the monitoring mechanism identifier when the first quality authentication material is received, obtain the decrypted encryption and decryption key, and decrypt the encrypted quality authentication material according to the decrypted encryption and decryption key to obtain the original quality authentication material.

In order to solve the above technical problem, the present application further discloses a quality authentication method based on a block chain, which is applied to a block chain management platform, and the method includes:

receiving an authentication selection request sent by an organization to be authenticated;

according to the authentication selection request, when the mechanism to be authenticated is determined to select a first authentication dimension and a first authentication mechanism corresponding to the first authentication dimension, providing a first secret key of the first authentication mechanism to the mechanism to be authenticated, so that when the first authentication mechanism receives a first quality authentication material which is sent by the mechanism to be authenticated and encrypted by the first secret key, the first quality authentication material is decrypted according to a second secret key corresponding to the first secret key, the original quality authentication material obtained through decryption is audited, and a first authentication result of the first authentication dimension is sent to the block chain management platform;

storing a first authentication result for the first authentication dimension.

Optionally, the quality authentication method based on the blockchain further includes:

providing a first secret key of a monitoring mechanism of the monitoring mechanism to the mechanism to be authenticated, so that when receiving a second quality authentication material which is sent by the mechanism to be authenticated and encrypted by the first secret key of the monitoring mechanism, the monitoring mechanism decrypts the second quality authentication material according to a third secret key corresponding to the first secret key of the monitoring mechanism, and sends a monitoring result to the blockchain management platform based on the original quality authentication material obtained by decryption and/or the first authentication result obtained by decryption;

and receiving and storing the supervision result.

receiving and storing a second authentication result of a second authentication mechanism for the decrypted original quality authentication material, wherein the second authentication mechanism is configured to provide an authentication result for a second authentication dimension other than the first authentication dimension.

In order to solve the above technical problem, the present application further discloses a quality authentication method based on a blockchain, which is applied to a first authentication mechanism that provides an authentication result of a first authentication dimension, and the method includes:

when a first quality authentication material which is sent by the mechanism to be authenticated and encrypted by a first secret key is received, decrypting the first quality authentication material according to a second secret key corresponding to the first secret key;

and auditing the original quality authentication material obtained by decryption, and sending a first authentication result of a first authentication dimension to the block chain management platform.

Optionally, the verifying the decrypted original quality authentication material, and sending a first authentication result of a first authentication dimension to the block chain management platform includes:

acquiring a second authentication result of a second authentication mechanism for the original quality authentication material obtained by decryption from the block chain management platform, auditing the original quality authentication material obtained by decryption by combining the second authentication result, and sending a first authentication result of a first authentication dimension to the block chain management platform; wherein the second authentication mechanism is to provide an authentication result for a second authentication dimension other than the first authentication dimension.

Optionally, the first quality authentication material includes an encrypted quality authentication material and an encrypted encryption/decryption key, where the encrypted encryption/decryption key is obtained by encrypting an encryption/decryption key of a to-be-authenticated agency by using a first key of a first authentication agency, and the encrypted quality authentication material is obtained by encrypting an original quality authentication material by using the encryption/decryption key;

when the first quality authentication material is received, decrypting the encrypted encryption and decryption key according to the second key to obtain the decrypted encryption and decryption key, and decrypting the encrypted quality authentication material according to the decrypted encryption and decryption key to obtain the original quality authentication material.

Optionally, the first quality authentication material includes encrypted quality authentication material and encrypted encryption and decryption keys corresponding to the respective agency identifiers participating in authentication, and for each agency identifier, the encrypted encryption and decryption key corresponding to the mechanism identification is obtained by encrypting the encryption and decryption key of the mechanism to be authenticated by using the first key of the mechanism corresponding to the mechanism identification, the encrypted encryption and decryption keys comprise a first encryption and decryption key corresponding to the first certification authority identification and a second encryption and decryption key comprising the supervision authority identification, the first encryption and decryption key is obtained by encrypting the encryption and decryption key of the to-be-authenticated agency by using the first key of the first authentication agency, the second encryption and decryption key is obtained by encrypting the encryption and decryption key of the to-be-authenticated agency by using the first key of the supervising agency, the encrypted quality authentication material is obtained by encrypting the original quality authentication material by using the encryption and decryption key;

when the first quality authentication material is received, determining that the second secret key decrypts the first encryption and decryption secret key according to the first authentication mechanism identifier to obtain the decrypted encryption and decryption secret key, and decrypting the encrypted quality authentication material according to the decrypted encryption and decryption secret key to obtain the original quality authentication material;

the monitoring mechanism is specifically configured to, when the first quality authentication material is received, determine that the third key decrypts the second encryption/decryption key according to the monitoring mechanism identifier, obtain the decrypted encryption/decryption key, and decrypt the encrypted quality authentication material according to the decrypted encryption/decryption key to obtain the original quality authentication material.

Compared with the prior art, the application can obtain the following technical effects:

the embodiment of the application provides a quality certification system under an industrial internet scene based on a blockchain, wherein a blockchain management platform provides first keys of all certification authorities for mechanisms to be certified, the mechanisms to be certified send encrypted quality certification materials to all the certification authorities, the blockchain management platform stores certification results of all the certification authorities, and all the certification authorities can check certification results of other certification authorities, so that the certification results of all parties are shared. In addition, in order to ensure the privacy of the certification material, encryption (primary encryption by using the first key of each organization or twice encryption through the encryption and decryption keys of the organization to be certified and the first key encryption and decryption keys of each organization) is required to be performed before the certification material is broadcasted to the blockchain network, so that the privacy of key data related to enterprises is ensured without sharing material information required by certification while the certification result is ensured to be shared.

Of course, it is not necessary for any one product to achieve all of the above-described technical effects simultaneously.

Drawings

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:

fig. 1-1 is a schematic diagram of a block chain based quality authentication system according to some embodiments of the present disclosure;

fig. 1-2 are schematic block chain-based quality authentication system flow diagrams provided in some embodiments of the present application;

FIGS. 1-3 are illustrations of a display interface provided by certain embodiments of the present application;

fig. 2-1 is a schematic diagram of another block chain based quality authentication system provided in some embodiments of the present application;

fig. 2-2 is a schematic flow chart of another block chain-based quality authentication system according to some embodiments of the present disclosure;

fig. 2-3 are block chain based quality authentication system flow diagrams provided by some embodiments of the present application;

fig. 3 is a schematic flowchart of a quality authentication method based on a blockchain applied to a blockchain management platform according to some embodiments of the present application;

fig. 4 is a flowchart illustrating a block chain based quality authentication method applied to a first authentication mechanism according to some embodiments of the present disclosure.

Detailed Description

Embodiments of the present application will be described in detail with reference to the drawings and examples, so that how to implement technical means to solve technical problems and achieve technical effects of the present application can be fully understood and implemented.

The inventor finds that: in most cases, the existing enterprise authentication system is provided by a centralized platform, effective participation and supervision of other mechanisms are lacked, and the authentication process of enterprise qualification and service quality is not public, transparent and traceable, so that the enterprise cannot be added into the industrial internet with great care, cannot trust other enterprises in the industrial internet platform sufficiently, and cannot achieve mutual trust in trade. Furthermore, the inventors have found that: part of data used for enterprise qualification authentication belongs to internal secrets of enterprises, and an effective mechanism is lacked to protect the safety and privacy of enterprise authentication data, so that the enterprises do not have sufficient willingness to carry out authentication of quality assurance capability, thereby seriously restricting mutual trust mechanisms and user liveness among enterprises in the industrial internet.

Therefore, the existing authentication method for the enterprise quality assurance capability excessively depends on the trust of individual organizations or centralized platforms, the authentication process lacks effective supervision and is difficult to backtrack, and the problems of internal transaction, data safety and the like in the authentication process can be caused, so that the enthusiasm of enterprises for participating in authentication and the credibility of enterprise authentication are influenced.

Referring to fig. 1-1, an embodiment of the present application discloses a quality authentication system based on a block chain, including: the blockchain management platform 100, at least one certification authority 101 (e.g., a first certification authority 1011, a second certification authority 1012, and a third certification authority 1013), and the blockchain management platform 100 is connected to each certification authority 101.

The blockchain management platform 100 stores a first key for each certification authority 101, and each certification authority 101 stores a corresponding second key for the first key stored by the blockchain management platform 100. For example, in fig. 1-1, the blockchain management platform 100 stores the first key a of the first certification authority 1011, the first key b of the second certification authority 1012, and the first key c of the third certification authority 1013, then the first certification authority 1011 stores the second key a1 corresponding to the first key a, the second certification authority 1012 stores the second key b1 corresponding to the first key b, and the third certification authority 1013 stores the second key c1 corresponding to the first key c.

Specifically, for a certification authority, the first key and the second key are used for encryption and decryption, respectively. Taking the first key a and the second key a1 of the first certification authority 1011 as examples: if the first key a is used for encryption, the second key a1 is used for decryption; if the first key a is used for decryption, then the second key a1 is used for encryption.

In one embodiment, the first key and the second key may be generated in the certification authority, and then the certification authority sends the first key to the blockchain management platform, and the blockchain management platform stores the first key and records the corresponding relationship between the certification authority and the first key. For example, a first certification authority 1011 generates a first key a and a second key a1, a second certification authority 1012 generates a first key b and a second key b1, and a third certification authority 1013 generates a first key c and a second key c 1. The first certification authority 1011 then sends the first key a to the blockchain management platform 100, the second certification authority 1012 sends the first key b to the blockchain management platform 100, and the third certification authority 1013 sends the first key b to the blockchain management platform 100. The blockchain management platform 100 records the correspondence between the first certification authority 1011 and the first key a, the correspondence between the second certification authority 1012 and the first key b, and the correspondence between the third certification authority 1013 and the first key d.

In another embodiment, the blockchain management platform may generate a corresponding first key and a corresponding second key for each certification authority, and then send the corresponding second key to each certification authority, and store the first key and record the corresponding relationship between the certification authority and the first key. For example, blockchain management platform 100 generates first key a and second key a1 for first certification authority 1011, blockchain management platform 100 generates first key b and second key b1 for second certification authority 1012, and blockchain management platform 100 generates first key c and second key c1 for third certification authority 1013. The blockchain management platform 100 records the correspondence between the first certification authority 1011 and the first key a, the correspondence between the second certification authority 1012 and the first key b, and the correspondence between the third certification authority 1013 and the first key c. Blockchain management platform 100 also sends second key a1 to first certification authority 1011, second key b1 to second certification authority 1012, and second key c1 to third certification authority 1013.

In one example, the correspondence may be as shown in table 1 below.

TABLE 1

Mechanism	First key
		First authentication mechanism 1011	First key a
Second authentication mechanism 1012	First key b
		Third authentication mechanism 1013	First secret key c

Each certification authority 101 corresponds to a certification dimension for providing a certification result for the certification dimension. In one example, different certification authorities 101 correspond to different certification dimensions, e.g., in fig. 1-1, a first certification authority 1011 provides certification services for a first certification dimension, a second certification authority 1012 provides certification services for a second certification dimension, and a third certification authority 1013 provides certification services for a third certification dimension. In another example, for each authentication dimension, there may be multiple certification authorities 101 providing authentication services, such as in fig. 1-1, a first certification authority 1011 providing authentication services for a first authentication dimension, a second certification authority 1012 providing authentication services for a second authentication dimension, and a third certification authority 1013 also providing authentication services for the first authentication dimension.

The modules are described in detail below.

The blockchain management platform 100 is configured to provide a first key of a first certification authority to the to-be-certified authority when it is determined that the to-be-certified authority selects the first certification dimension and the first certification authority corresponding to the first certification dimension.

The first certification authority 1011 is configured to, when receiving a first quality certification material encrypted by a first key of the first certification authority and sent by a to-be-certified authority, decrypt the first quality certification material according to a second key corresponding to the first key of the first certification authority, check the decrypted original quality certification material, and send a first certification result of a first certification dimension to the block chain management platform.

The blockchain management platform 100 is further configured to store a first authentication result of the first authentication dimension.

Based on the above system, please refer to fig. 1-2, some embodiments of the present application further provide a quality authentication method based on a block chain, which is as follows.

200. The certification authority 102 sends a certification selection request to the blockchain management platform 100.

Specifically, the to-be-certified institution 102 may be an enterprise. The authentication selection request includes an authentication dimension identification and an authentication authority identification. For example, the authentication selection request includes a first authentication dimension identification and a first authentication authority identification.

In one embodiment, as shown in fig. 1-3, blockchain management platform 100 provides a display interface to an entity to be authenticated 102 (e.g., an enterprise), the display interface including an authentication dimension and various authentication mechanisms under the authentication dimension. When an enterprise user selects a certification dimension (e.g., a first certification dimension) and a certification authority (e.g., a first certification authority) in the certification dimension in the display interface, the blockchain management platform receives a certification selection request.

201. Blockchain management platform 100 receives an authentication selection request sent by a to-be-authenticated entity 102. Specifically, the authentication selection request includes a first authentication dimension identifier and a first authentication mechanism identifier.

202. The blockchain management platform 100 determines that the to-be-authenticated entity 102 selects the first authentication dimension and the first authentication entity corresponding to the first authentication dimension according to the authentication selection request including the first authentication dimension identifier and the first authentication entity identifier, and provides the to-be-authenticated entity 102 with the first key of the first authentication entity.

203. The to-be-certified mechanism 102 encrypts the original quality-certified material using the first key of the first certification mechanism to obtain a first quality-certified material, and sends the first quality-certified material to the first certification mechanism 1011.

In one embodiment, the raw quality authentication material is authentication material required in a first authentication dimension. The first secret key of the first certification authority is used for encryption, so that the safety and the privacy of enterprise materials can be guaranteed.

In another embodiment, to further ensure the security and privacy of enterprise materials, two times of encryption may be performed: the authentication mechanism to be authenticated encrypts the original quality authentication material by using the encryption and decryption key of the authentication mechanism to obtain the encrypted quality authentication material, and then encrypts the encryption and decryption key of the authentication mechanism to be authenticated by using the first key of the first authentication mechanism to obtain the first quality authentication material.

204. When receiving the first quality authentication material, the first authentication mechanism 1011 decrypts the first quality authentication material according to the second key corresponding to the first key of the first authentication mechanism, and verifies the original quality authentication material obtained by decryption, and sends the first authentication result of the first authentication dimension to the block chain management platform 100.

In one embodiment, if the first quality-authentication material is obtained by encrypting the original quality-authentication material by the to-be-authenticated entity 102 using the first key of the first authentication entity, the original quality-authentication material can be obtained by the first authentication entity 1011 decrypting the first quality-authentication material using the second key.

In another embodiment, if the first quality authentication material is obtained by encrypting the to-be-authenticated entity 102 twice, the first authentication entity 1011 decrypts the encrypted encryption/decryption key according to the second key to obtain the encryption/decryption key, and decrypts the encrypted quality authentication material according to the encryption/decryption key to obtain the original quality authentication material. At this time, the first quality certification material includes the encrypted quality certification material and the encryption/decryption key encrypted by the first key of the first certification authority.

205. Blockchain management platform 100 stores a first authentication result for a first authentication dimension.

The above embodiments overcome the disadvantages of the prior art, and provide a quality authentication system based on a blockchain in an industrial internet scenario, where a blockchain management platform provides a first key of each authentication mechanism to a mechanism to be authenticated, the mechanism to be authenticated sends encrypted quality authentication material to each authentication mechanism, the blockchain management platform stores authentication results of each authentication mechanism, and each authentication mechanism can view authentication results of other authentication mechanisms, thereby implementing sharing of authentication results of each party. In addition, in order to ensure the privacy of the authentication material, encryption (primary encryption by using the first key or twice encryption by using the encryption and decryption key of the mechanism to be authenticated and the first key encryption and decryption key) needs to be performed before the authentication material is broadcast to the blockchain network, so that the privacy of key data related to enterprises is ensured without sharing material information required by authentication while the shared authentication result is ensured.

Referring to fig. 2-1, an embodiment of the present application discloses a quality authentication system based on a block chain, including: the block chain management platform 100, at least one certification authority 101 (e.g. a first certification authority 1011, a second certification authority 1012, a third certification authority 1013), and a supervising authority 103, wherein the block chain management platform 100 is connected with each certification authority 101 and the supervising authority 103.

The blockchain management platform 100 stores a first key for each certification authority 101, a first key for a supervising authority of the supervising authority 103, each certification authority 101 stores a corresponding second key for the first key stored in the blockchain management platform 100, and the supervising authority 103 stores a corresponding third key for the first key for the supervising authority stored in the blockchain management platform 100. For example, in fig. 2-1, the blockchain management platform 100 stores the first key a of the first certification authority 1011, the first key b of the second certification authority 1012, the first key c of the third certification authority 1013, and the first key d of the supervising authority 103, then the first certification authority 1011 stores the second key a1 corresponding to the first key a, the second certification authority 1012 stores the second key b1 corresponding to the first key b, the third certification authority 1013 stores the second key c1 corresponding to the first key c, and the supervising authority 103 stores the third key d1 corresponding to the first key d of the supervising authority.

Specifically, for a certification authority, the first key and the second key are used for encryption and decryption, respectively. Taking the first key a and the second key a1 of the first certificate authority 1011 as examples: if the first key a is used for encryption, the second key a1 is used for decryption; if the first key a is used for decryption, then the second key a1 is used for encryption. Similarly, for the supervising mechanism, the first key and the third key of the supervising mechanism are used for encryption and decryption respectively. For example, if the first key d of the supervising authority is used for encryption, the third key d1 is used for decryption; if the first key d of the supervising authority is used for decryption, the third key d1 is used for encryption.

In one embodiment, the first key and the second key may be generated in a certification authority, the first key and the third key of the supervision authority are generated in the supervision authority, and then the certification authority and the supervision authority respectively send the first key and the first key of the supervision authority to the blockchain management platform, and the blockchain management platform stores the first key and records the corresponding relationship between the certification authority and the first key and the corresponding relationship between the supervision authority and the first key of the supervision authority. For example, a first certification authority 1011 generates a first key a and a second key a1, a second certification authority 1012 generates a first key b and a second key b1, a third certification authority 1013 generates a first key c and a second key c1, and a supervising authority generates a first key d and a third key d1 of the supervising authority. The first certification authority 1011 then sends the first key a to the blockchain management platform 100, the second certification authority 1012 sends the first key b to the blockchain management platform 100, the third certification authority 1013 sends the first key b to the blockchain management platform 100, and the supervising authority 103 sends the first key d of the supervising authority to the blockchain management platform 100. The blockchain management platform 100 records the correspondence between the first certification authority 1011 and the first key a, the correspondence between the second certification authority 1012 and the first key b, the correspondence between the third certification authority 1013 and the first key d, and the correspondence between the supervising authority 103 and the first key d of the supervising authority.

In another embodiment, the blockchain management platform may generate a corresponding first key and a corresponding second key for each certification authority and generate a first key and a corresponding third key for the supervising authority, and then send the corresponding second key to each certification authority and the corresponding third key to the supervising authority, and store the first key and the first key of the supervising authority and record the corresponding relationship between the certification authority or the supervising authority and the first key and the corresponding relationship between the supervising authority and the first key of the supervising authority. For example, blockchain management platform 100 generates first key a and second key a1 for first certification authority 1011, blockchain management platform 100 generates first key b and second key b1 for second certification authority 1012, blockchain management platform 100 generates first key c and second key c1 for third certification authority 1013, and blockchain management platform 100 generates first key d and third key d1 for the supervisory authority 103. The blockchain management platform 100 records the correspondence between the first certification authority 1011 and the first key a, the correspondence between the second certification authority 1012 and the first key b, the correspondence between the third certification authority 1013 and the first key c, and the correspondence between the supervising authority 103 and the first key d of the supervising authority. Blockchain management platform 100 also sends second key a1 to first certification authority 1011, second key b1 to second certification authority 1012, second key c1 to third certification authority 1013, and third key d1 to supervising authority 103.

In one example, the correspondence may be as shown in table 2 below.

TABLE 2

Each certification authority 101 corresponds to a certification dimension for providing a certification result for the certification dimension. In one example, different certification authorities 101 correspond to different certification dimensions, e.g., in fig. 2-1, a first certification authority 1011 provides certification services for a first certification dimension, a second certification authority 1012 provides certification services for a second certification dimension, and a third certification authority 1013 provides certification services for a third certification dimension. In another example, for each authentication dimension, there may be multiple certification authorities 101 providing authentication services, e.g., in fig. 2-1, a first certification authority 1011 providing authentication services for a first authentication dimension, a second certification authority 1012 providing authentication services for a second authentication dimension, and a third certification authority 1013 also providing authentication services for the first authentication dimension.

The modules are described in detail below.

The blockchain management platform 100 is configured to provide, to the to-be-authenticated entity, a first key of the first authentication entity and a first key of a supervising entity of the supervising entity when it is determined that the to-be-authenticated entity selects the first authentication dimension and the first authentication entity corresponding to the first authentication dimension.

And the monitoring mechanism 103 is configured to, when receiving a second quality authentication material which is sent by the to-be-authenticated mechanism and encrypted by the first key of the monitoring mechanism, decrypt the second quality authentication material according to a third key corresponding to the first key of the monitoring mechanism, and send a monitoring result to the blockchain management platform based on the original quality authentication material and/or the first authentication result obtained by decryption.

The blockchain management platform 100 is further configured to store a first authentication result and a supervision result of the first authentication dimension.

Based on the above system, please refer to fig. 2-2, some embodiments of the present application further provide a quality authentication method based on a block chain, which is as follows.

In one embodiment, and still taking the example shown in fig. 1-3 as an example, blockchain management platform 100 provides a display interface to an entity to be authenticated 102 (e.g., an enterprise), the display interface including an authentication dimension and various authentication entities under the authentication dimension. When an enterprise user selects a certification dimension (e.g., a first certification dimension) and a certification authority (e.g., a first certification authority) in the certification dimension in the display interface, the blockchain management platform receives a certification selection request.

202. The blockchain management platform 100 determines that the to-be-authenticated entity 102 selects the first authentication dimension and the first authentication entity corresponding to the first authentication dimension according to the authentication selection request including the first authentication dimension identifier and the first authentication entity identifier, and provides the to-be-authenticated entity 102 with the first key of the first authentication entity and the first key of the supervising entity 103.

203. The to-be-certified mechanism 102 encrypts the original quality-certified material using the first key of the first certification mechanism to obtain a first quality-certified material, and sends the first quality-certified material to the first certification mechanism 1011. The to-be-authenticated entity 102 encrypts the original quality authentication material with the first key of the supervising entity to obtain a second quality authentication material, and sends the second quality authentication material to the supervising entity 103.

In another embodiment, to further ensure the security and privacy of enterprise materials, two times of encryption may be performed: the authentication mechanism to be authenticated encrypts the original quality authentication material by using the encryption and decryption key of the authentication mechanism to obtain the encrypted quality authentication material, and then encrypts the encryption and decryption key of the authentication mechanism to be authenticated by using the first key of the first authentication mechanism to obtain the first quality authentication material. At this time, the first quality certification material includes the encrypted quality certification material and the encryption/decryption key encrypted by the first key of the first certification authority.

Similarly, for the second quality authentication material, in an embodiment, the original quality authentication material is encrypted by the first key of the monitoring authority to obtain the second quality authentication material, so that the security and the privacy of the enterprise material can be ensured. In another embodiment, to further ensure the security and privacy of enterprise materials, two times of encryption may be performed: the authentication mechanism to be authenticated encrypts the original quality authentication material by using the encryption and decryption key of the authentication mechanism to obtain the encrypted quality authentication material, and then encrypts the encryption and decryption key of the authentication mechanism to be authenticated by using the first key of the supervision mechanism to obtain the second quality authentication material. At this time, the second quality certification material includes the encrypted quality certification material and the encryption/decryption key encrypted by the first key of the supervising authority.

In another embodiment, if the first quality authentication material is obtained by encrypting the to-be-authenticated entity 102 twice, the first authentication entity 1011 decrypts the encrypted encryption/decryption key according to the second key to obtain the encryption/decryption key, and decrypts the encrypted quality authentication material according to the encryption/decryption key to obtain the original quality authentication material.

205. When receiving the second quality authentication material encrypted by the first key of the monitoring organization and sent by the to-be-authenticated organization, the monitoring organization 103 decrypts the second quality authentication material according to the third key corresponding to the first key of the monitoring organization, and sends the monitoring result to the blockchain management platform 100 based on the original quality authentication material and/or the first authentication result obtained by the fourth decryption obtained by decryption.

In one embodiment, if the second quality-certification material is obtained by encrypting the original quality-certification material by the to-be-certified mechanism 102 using the first key of the supervising mechanism, the supervising mechanism 103 decrypts the second quality-certification material using the third key, so as to obtain the original quality-certification material.

In another embodiment, if the second quality authentication material is obtained by encrypting the to-be-authenticated entity 102 twice, the supervising entity 103 decrypts the second quality authentication material according to the third key to obtain the encrypted quality authentication material and the encryption/decryption key, and decrypts the encrypted quality authentication material according to the encryption/decryption key to obtain the original quality authentication material.

206. The blockchain management platform 100 stores a first authentication result and a supervision result of the first authentication dimension.

The above embodiments overcome the disadvantages of the prior art, and provide a quality authentication system based on a blockchain in an industrial internet scenario, where a blockchain management platform provides a first key of each authentication mechanism to a mechanism to be authenticated, the mechanism to be authenticated sends encrypted quality authentication material to each authentication mechanism, the blockchain management platform stores authentication results of each authentication mechanism, and each authentication mechanism can view authentication results of other authentication mechanisms, thereby implementing sharing of authentication results of each party. The regulatory body may look at the quality certification material and give a supervised result of the material and/or the first certification material, whereby endorsements may be made or unreasonable indications of certification may be indicated. In addition, in order to ensure the privacy of the authentication material, encryption (primary encryption by using the first key of each organization or twice encryption by using the encryption and decryption keys of the organization to be authenticated and the first key of each organization) is required to be performed before the authentication material is broadcasted to the blockchain network, so that the privacy of key data related to enterprises is ensured without sharing material information required by authentication while ensuring the shared authentication result.

In some optional embodiments described above, the blockchain management platform is further configured to receive and store a second authentication result of the second authentication mechanism for the decrypted original quality authentication material, wherein the second authentication mechanism is configured to provide an authentication result for a second authentication dimension other than the first authentication dimension.

In some optional embodiments described above, the first certification authority is further configured to obtain, to the blockchain management platform, a second certification result of the second certification authority for the decrypted original quality certification material, and, in combination with the second certification result, audit the decrypted original quality certification material, and send, to the blockchain management platform, a first certification result of the first certification dimension; wherein the second authentication mechanism is to provide an authentication result in a second authentication dimension other than the first authentication dimension. Based on the scheme, in the authentication process of the first authentication mechanism, the authentication results of other dimensions (such as the second authentication dimension) made by other authentication mechanisms (such as the second authentication mechanism) to the mechanism to be authenticated can be referred, so that a more objective and fair authentication result is given. The authentication result stored in the block chain management platform in the embodiment is public and transparent in the quality authentication system, and can be shared by all authentication mechanisms in the system, and the authentication mechanism can perform authentication judgment of other dimensions based on the authentication result of the authentication dimension and the authentication results corresponding to other dimensions by other authentication mechanisms, so that a reliable and effective authentication mechanism for multi-party quality assurance capability is realized.

Referring to fig. 2-3, some embodiments of the present application further provide a quality authentication method based on block chains, which is as follows.

203. The to-be-authenticated mechanism 102 encrypts the original quality authentication material by using the encryption and decryption keys to obtain an encrypted quality authentication material, and then encrypts the encryption and decryption keys of the to-be-authenticated mechanism by using the first keys of the mechanisms participating in authentication respectively to obtain encrypted encryption and decryption keys corresponding to the mechanism identifications participating in authentication. For example, the encrypted encryption and decryption keys include a first encryption and decryption key and a second encryption and decryption key, where the first encryption and decryption key corresponds to the first certification authority identifier, and the second encryption and decryption key corresponds to the monitoring authority identifier. It should be understood that the first encryption and decryption key is obtained by encrypting the encryption and decryption key of the to-be-certified authority by using the first key of the first certification authority, and the second encryption and decryption key is obtained by encrypting the encryption and decryption key of the to-be-certified authority by using the first key of the supervising authority. If the authentication participating mechanism further comprises a fourth authentication mechanism, the encrypted encryption and decryption key further comprises a third encryption and decryption key corresponding to the fourth authentication mechanism identifier, and the third encryption and decryption key is obtained by encrypting the encryption and decryption key of the authentication mechanism to be authenticated by using the first key of the fourth authentication mechanism.

Also, it should be appreciated that the raw quality certification material required may be different for different certification authorities.

For example, assuming that step 203 is original quality-certified material prepared for a first certification authority (certification-required material 1), a supervising authority (certification-required material 2), the original quality-certified material includes material 1 and material 2.

For another example, if step 203 is original quality authentication material prepared for the first certification authority (certification-required material 1), the supervising authority (certification-required material 2), and the fourth certification authority (certification-required material 4), the original quality authentication material includes material 1, material 2, and material 4. For another example, the original quality certification material is finally prepared for the first certification authority (certification-required material 1), the supervising authority (certification-required material 2), and the second certification authority (certification-required material 3), and then the original quality certification material includes material 1, material 2, and material 3.

In one embodiment, the first quality authentication material includes encrypted quality authentication material, encrypted encryption and decryption keys corresponding to respective agency identifications participating in the authentication. Specifically, the encrypted encryption and decryption keys include a first encryption and decryption key corresponding to the first certification authority identifier and a second encryption and decryption key corresponding to the supervision authority identifier.

In another embodiment, to further ensure the security and privacy of enterprise materials, a signature may be performed: the authentication mechanism to be authenticated firstly obtains a first quality authentication material comprising an encrypted quality authentication material and encrypted encryption and decryption keys corresponding to the mechanism identifications participating in authentication, and also carries out digital signature. The first quality certification material and the digital signature are then transmitted to a first certification authority and a supervising authority. Specifically, the encrypted encryption and decryption keys include a first encryption and decryption key and a second encryption and decryption key.

In one embodiment, if the first quality authentication material includes encrypted quality authentication material, a first encryption/decryption key corresponding to a first certificate authority identifier, and a second encryption/decryption key corresponding to a monitoring authority identifier, the first certificate authority 1011 determines to decrypt the first encryption/decryption key using the second key according to the first certificate authority identifier, obtains the decrypted encryption/decryption key, and decrypts the encrypted quality authentication material according to the decrypted encryption/decryption key, so as to obtain the original quality authentication material.

In another embodiment, if a digital signature is received in addition to the first quality authentication material, the first authentication entity 1011 authenticates the digital signature, and after the authentication is successful, the first authentication entity identifies that the second key is used to decrypt the first encryption/decryption key, obtains the decrypted encryption/decryption key, and decrypts the encrypted quality authentication material according to the decrypted encryption/decryption key, so as to obtain the original quality authentication material.

205. When receiving the first quality authentication material, the supervising authority 103 decrypts the first quality authentication material according to the third key corresponding to the first key of the supervising authority, and sends the supervising result to the blockchain management platform 100 based on the original quality authentication material and/or the first authentication result obtained by decryption.

In one embodiment, if the first quality authentication material includes encrypted quality authentication material, a first encryption/decryption key corresponding to the first authentication mechanism identifier, and a second encryption/decryption key corresponding to the monitoring mechanism identifier, the monitoring mechanism 103 determines to decrypt the second encryption/decryption key using the third key according to the monitoring mechanism identifier, obtains the decrypted encryption/decryption key, and decrypts the encrypted quality authentication material according to the decrypted encryption/decryption key, so as to obtain the original quality authentication material.

In another embodiment, if a digital signature is received in addition to the first quality authentication material, the supervising authority 103 verifies the digital signature, and after the verification is successful, the supervising authority 103 determines to decrypt the second encryption and decryption key by using the third key according to the supervising authority identifier, obtains the decrypted encryption and decryption key, and decrypts the encrypted quality authentication material according to the decrypted encryption and decryption key, so as to obtain the original quality authentication material.

206. The blockchain management platform 100 stores a first authentication result, a supervision result, of the first authentication dimension.

Referring to fig. 3, the present application further discloses a quality authentication method based on a block chain, which is applied to a block chain management platform and includes the following steps 300-302.

300. And receiving an authentication selection request sent by an organization to be authenticated.

301. According to the authentication selection request, when the mechanism to be authenticated selects the first authentication dimension and the first authentication mechanism corresponding to the first authentication dimension, a first secret key of the first authentication mechanism is provided for the mechanism to be authenticated, so that when the first authentication mechanism receives a first quality authentication material which is sent by the mechanism to be authenticated and encrypted by the first secret key of the first authentication mechanism, the first quality authentication material is decrypted according to a second secret key corresponding to the first secret key of the first authentication mechanism, the original quality authentication material obtained through decryption is audited, and a first authentication result of the first authentication dimension is sent to the block chain management platform.

302. A first authentication result of the first authentication dimension is stored.

Optionally, the 301 further includes:

and providing a first secret key of a monitoring mechanism of the monitoring mechanism for the mechanism to be authenticated, so that when receiving a second quality authentication material which is sent by the mechanism to be authenticated and encrypted by the first secret key of the monitoring mechanism, the monitoring mechanism decrypts the second quality authentication material according to a third secret key corresponding to the first secret key of the monitoring mechanism, and sends a monitoring result to the block chain management platform based on the original quality authentication material and/or the first authentication result obtained by decryption.

The above 302 further comprises: and receiving and storing the supervision result.

receiving and storing a second authentication result of the decrypted original quality authentication material by a second authentication mechanism, wherein the second authentication mechanism is used for providing an authentication result of a second authentication dimension except the first authentication dimension.

Referring to fig. 4, the present application further discloses a quality authentication method based on a block chain, which is applied to a first authentication mechanism for providing an authentication result of a first authentication dimension, and the method includes the following steps 400-402.

400. And when receiving a first quality authentication material which is sent by a mechanism to be authenticated and encrypted by a first secret key, decrypting the first quality authentication material according to a second secret key corresponding to the first secret key of the first authentication mechanism.

402. And auditing the decrypted original quality authentication material, and sending a first authentication result of the first authentication dimension to the block chain management platform.

Optionally, the 402 specifically includes:

acquiring a second authentication result of the original quality authentication material obtained by the decryption of the second authentication mechanism from the block chain management platform, checking the original quality authentication material obtained by the decryption by combining the second authentication result, and sending a first authentication result of the first authentication dimension to the block chain management platform; wherein the second authentication mechanism is to provide an authentication result in a second authentication dimension other than the first authentication dimension.

In another embodiment, the 402 specifically includes: the first quality authentication material includes encrypted quality authentication material, encrypted encryption/decryption keys corresponding to respective agency identifications participating in authentication, and for each agency identification, the encrypted encryption and decryption key corresponding to the mechanism identification is obtained by encrypting the encryption and decryption key of the mechanism to be authenticated by using the first key of the mechanism corresponding to the mechanism identification, the encrypted encryption and decryption keys comprise a first encryption and decryption key corresponding to the first certification authority identification and a second encryption and decryption key corresponding to the supervision authority identification, the first encryption and decryption key is obtained by encrypting the encryption and decryption key of the to-be-authenticated agency by using the first key of the first authentication agency, the second encryption and decryption key is obtained by encrypting the encryption and decryption key of the to-be-authenticated agency by using the first key of the supervising agency, the encrypted quality authentication material is obtained by encrypting the original quality authentication material by using the encryption and decryption key;

decrypting the first quality authentication material according to a second key corresponding to the first key of the first authentication mechanism includes: and when the first quality authentication material is received, determining to decrypt the first encryption and decryption key by using the second key according to the first authentication mechanism identifier to obtain the decrypted encryption and decryption key, and decrypting the encrypted quality authentication material according to the decrypted encryption and decryption key to obtain the original quality authentication material.

decrypting the first quality certification material according to a second key corresponding to a first key of the first certification authority includes: when the first quality authentication material is received, decrypting the encrypted encryption and decryption key according to the second key to obtain the decrypted encryption and decryption key, and decrypting the encrypted quality authentication material according to the decrypted encryption and decryption key to obtain the original quality authentication material

To sum up, the embodiments of the present application overcome the deficiencies of the prior art, and provide a quality certification system in an industrial internet scenario based on a blockchain, where a blockchain management platform provides a first key of each certification authority to a mechanism to be certified, the mechanism to be certified sends encrypted quality certification material to each certification authority, the blockchain management platform stores certification results of each certification authority, and each certification authority can check certification results of other certification authorities, thereby implementing sharing of certification results of each party. The regulatory body may look at the quality certification material and give a supervised result of the material and/or the first certification material, whereby endorsements may be made or unreasonable indications of certification may be indicated. In addition, in order to ensure the privacy of the authentication material, encryption (primary encryption by using the first key of each organization or twice encryption by using the encryption and decryption keys of the organization to be authenticated and the first key of each organization) is required to be performed before the authentication material is broadcasted to the blockchain network, so that the privacy of key data related to enterprises is ensured without sharing material information required by authentication while ensuring the shared authentication result.

In addition, the certification result stored in the block chain management platform by each certification authority is public and transparent in the quality certification system and can be shared by all the certification authorities in the system, and the certification authorities can perform certification judgment of other dimensions based on the certification result of the certification dimension and the certification results corresponding to other dimensions by other certification authorities, thereby realizing a reliable and effective multi-party quality assurance capability certification mechanism.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, including both permanent and non-permanent, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. As defined herein, computer readable media does not include non-transitory computer readable media (transient media), such as modulated data signals and carrier waves.

As some terms are used throughout the description and claims to refer to particular components. As one skilled in the art will appreciate, manufacturers may refer to a component by different names. The description and claims do not intend to distinguish between components that differ in name but not function. In the following description and in the claims, the terms "include" and "comprise" are used in an open-ended fashion, and thus should be interpreted to mean "include, but not limited to. "substantially" means within an acceptable error range, and a person skilled in the art can solve the technical problem within a certain error range to substantially achieve the technical effect. Furthermore, the term "coupled" is intended to encompass any direct or indirect electrical coupling. Thus, if a first device couples to a second device, that connection may be through a direct electrical coupling or through an indirect electrical coupling via other devices and couplings. The description which follows is a preferred embodiment of the present application, but is made for the purpose of illustrating the general principles of the application and not for the purpose of limiting the scope of the application. The protection scope of the present application shall be subject to the definitions of the appended claims.

It is also noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a good or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such good or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a commodity or system that includes the element.

The foregoing description shows and describes several preferred embodiments of the invention, but as aforementioned, it is to be understood that the invention is not limited to the forms disclosed herein, but is not to be construed as excluding other embodiments and is capable of use in various other combinations, modifications, and environments and is capable of changes within the scope of the inventive concept as expressed herein, commensurate with the above teachings, or the skill or knowledge of the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.

Claims

1. A blockchain-based quality authentication system, comprising: the system comprises a block chain management platform, authentication mechanisms corresponding to authentication dimensions and a monitoring mechanism, wherein the block chain management platform stores first keys of the authentication mechanisms; wherein the content of the first and second substances,

the first certification authority is used for determining to decrypt a first encryption and decryption key by using a second key corresponding to a first key of the first certification authority according to a first certification authority identifier when receiving a first quality certification material sent by the to-be-certified authority, and acquiring a decrypted encryption and decryption key, wherein the first quality certification material comprises an encrypted quality certification material and encrypted encryption and decryption keys corresponding to the authority identifiers participating in certification, and for each authority identifier, the encrypted encryption and decryption key corresponding to the authority identifier is obtained by encrypting the encryption and decryption key of the to-be-certified authority by using the first key of the authority corresponding to the authority identifier, and the encrypted encryption and decryption key comprises the first encryption and decryption key corresponding to the first certification authority identifier and the second encryption and decryption key corresponding to the supervision authority identifier, the first encryption and decryption key is obtained by encrypting the encryption and decryption key of the to-be-authenticated organization by using the first key of the first authentication organization, the second encryption and decryption key is obtained by encrypting the encryption and decryption key of the to-be-authenticated organization by using the first key of the supervising organization, and the encrypted quality authentication material is obtained by encrypting the original quality authentication material by using the encryption and decryption key; decrypting the encrypted quality authentication material according to the decrypted encryption and decryption keys to obtain an original quality authentication material, obtaining a second authentication result of a second authentication mechanism on the original quality authentication material from the block chain management platform, checking the decrypted original quality authentication material in combination with the second authentication result, and sending a first authentication result of a first authentication dimension to the block chain management platform; wherein the second authentication mechanism is to provide an authentication result for a second authentication dimension other than the first authentication dimension;

the block chain management platform is further used for storing a first authentication result of the first authentication dimension;

the monitoring mechanism is specifically configured to, when receiving the first quality certification material, determine to decrypt the second encryption/decryption key using a third key corresponding to the first key of the monitoring mechanism according to the monitoring mechanism identifier, obtain a decrypted encryption/decryption key, decrypt the encrypted quality certification material according to the decrypted encryption/decryption key, obtain the original quality certification material, and send a monitoring result to the blockchain management platform based on the decrypted original quality certification material and/or the first certification result.

2. The system of claim 1, further comprising a supervisory mechanism, then

and the monitoring mechanism is used for decrypting the second quality authentication material according to a third key corresponding to the first key of the monitoring mechanism when receiving the second quality authentication material which is sent by the mechanism to be authenticated and encrypted by the first key of the monitoring mechanism, and sending a monitoring result to the block chain management platform based on the original quality authentication material and/or the first authentication result obtained by decryption.

3. The system of claim 1,

the blockchain management platform is further configured to receive and store a second authentication result of a second authentication mechanism for the original quality authentication material, wherein the second authentication mechanism is configured to provide an authentication result for a second authentication dimension other than the first authentication dimension.

4. The system according to any one of claims 1 to 3, wherein the first quality authentication material comprises encrypted quality authentication material and an encrypted encryption/decryption key, the encrypted encryption/decryption key is obtained by encrypting an encryption/decryption key of a to-be-authenticated organization by using a first key of a first authentication organization, and the encrypted quality authentication material is obtained by encrypting original quality authentication material by using the encryption/decryption key;

then

5. A quality authentication method based on a block chain is applied to a block chain management platform, and the method comprises the following steps:

according to the authentication selection request, when the mechanism to be authenticated is determined to select a first authentication dimension and a first authentication mechanism corresponding to the first authentication dimension, a first key of the first authentication mechanism is provided for the mechanism to be authenticated, so that when the first authentication mechanism receives a first quality authentication material sent by the mechanism to be authenticated, a second key corresponding to the first key of the first authentication mechanism is determined to decrypt a first encryption and decryption key according to a first authentication mechanism identifier, and a decrypted encryption and decryption key is obtained, wherein the first quality authentication material comprises the encrypted quality authentication material and the encrypted encryption and decryption keys corresponding to the mechanism identifiers participating in authentication, and for each mechanism identifier, the encrypted encryption and decryption key corresponding to the mechanism identifier is obtained by encrypting the encryption and decryption key of the mechanism to be authenticated by using the first key of the mechanism corresponding to the mechanism identifier, the encrypted encryption and decryption keys comprise a first encryption and decryption key corresponding to a first certification authority identifier and a second encryption and decryption key corresponding to a supervision authority identifier, the first encryption and decryption key is obtained by encrypting the encryption and decryption key of the to-be-certified authority by using the first key of the first certification authority, the second encryption and decryption key is obtained by encrypting the encryption and decryption key of the to-be-certified authority by using the first key of the supervision authority, and the encrypted quality certification material is obtained by encrypting the original quality certification material by using the encryption and decryption key; decrypting the encrypted quality authentication material according to the decrypted encryption and decryption keys to obtain an original quality authentication material, obtaining a second authentication result of a second authentication mechanism on the original quality authentication material from the block chain management platform, checking the decrypted original quality authentication material in combination with the second authentication result, and sending a first authentication result of a first authentication dimension to the block chain management platform; wherein the second authentication mechanism is to provide an authentication result for a second authentication dimension other than the first authentication dimension; the monitoring mechanism is used for determining to use a third key corresponding to the first key of the monitoring mechanism to decrypt the second encryption and decryption key according to the monitoring mechanism identification when receiving the first quality authentication material, acquiring a decrypted encryption and decryption key, decrypting the encrypted quality authentication material according to the decrypted encryption and decryption key to obtain the original quality authentication material, and sending a monitoring result to the block chain management platform based on the original quality authentication material and/or the first authentication result obtained by decryption;

storing a first authentication result for the first authentication dimension.

6. The method of claim 5, further comprising:

providing a first secret key of a monitoring mechanism of the monitoring mechanism to the mechanism to be authenticated, so that when receiving a second quality authentication material which is sent by the mechanism to be authenticated and encrypted by the first secret key of the monitoring mechanism, the monitoring mechanism decrypts the second quality authentication material according to a third secret key corresponding to the first secret key of the monitoring mechanism, and sends a monitoring result to the block chain management platform based on the original quality authentication material and/or the first authentication result obtained by decryption;

and receiving and storing the supervision result.

7. The method of claim 5, further comprising:

receiving and storing a second authentication result of a second authentication mechanism for the raw quality authentication material, wherein the second authentication mechanism is configured to provide an authentication result for a second authentication dimension other than the first authentication dimension.