CN111818087B - Block chain node access method, device, equipment and readable storage medium - Google Patents

Block chain node access method, device, equipment and readable storage medium Download PDF

Info

Publication number
CN111818087B
CN111818087B CN202010733599.5A CN202010733599A CN111818087B CN 111818087 B CN111818087 B CN 111818087B CN 202010733599 A CN202010733599 A CN 202010733599A CN 111818087 B CN111818087 B CN 111818087B
Authority
CN
China
Prior art keywords
node
block chain
terminal equipment
private key
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010733599.5A
Other languages
Chinese (zh)
Other versions
CN111818087A (en
Inventor
赖骏
高建欣
王梦寒
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OneConnect Financial Technology Co Ltd Shanghai
Original Assignee
OneConnect Financial Technology Co Ltd Shanghai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OneConnect Financial Technology Co Ltd Shanghai filed Critical OneConnect Financial Technology Co Ltd Shanghai
Priority to CN202010733599.5A priority Critical patent/CN111818087B/en
Publication of CN111818087A publication Critical patent/CN111818087A/en
Application granted granted Critical
Publication of CN111818087B publication Critical patent/CN111818087B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The application relates to the technical field of block chains, and provides a block chain node access method, a block chain node access device, a block chain node access equipment and a readable storage medium, wherein the block chain node access method comprises the following steps: acquiring a node access request sent by terminal equipment, and performing identity authentication on the terminal equipment according to the node access request; when the terminal equipment passes the identity authentication, determining a target main node of a block chain to be accessed by the terminal equipment; and accessing the terminal equipment as a sub-node of the target main node to a block chain according to the node access request, wherein the sub-node and the target main node form a complete block chain node. According to the method and the device, the terminal equipment can be used as the node of the block chain to access the block chain, so that the access threshold and the cost of the block chain are reduced, and the user experience is improved.

Description

Node access method, device and equipment of block chain and readable storage medium
Technical Field
The present application relates to the field of block chain technologies, and in particular, to a method, an apparatus, a device, and a readable storage medium for accessing a node of a block chain.
Background
The block chain is a distributed shared account book and a database, and has the characteristics of decentralization, no tampering, trace retaining in the whole process, traceability, collective maintenance, openness and transparency and the like, so that the block chain is widely applied to various fields. However, the nodes on the blockchain are usually deployed on the server and then are interfaced with the nodes deployed on the server through the application system, and for an individual user, because the cost of a scheme for deploying the nodes on the server is high, the individual user usually has difficulty in owning the blockchain nodes of the individual user, and the user experience is not good.
Disclosure of Invention
The present application mainly aims to provide a method, an apparatus, a device and a readable storage medium for accessing a node of a block chain, and aims to access the block chain by using a terminal device as the node of the block chain, so as to reduce an access threshold and cost of the block chain and improve user experience.
In a first aspect, an embodiment of the present application provides a method for accessing a node of a block chain, including:
acquiring a node access request sent by terminal equipment, and performing identity authentication on the terminal equipment according to the node access request;
when the terminal equipment passes the identity authentication, determining a target main node of a block chain to be accessed by the terminal equipment;
and taking the terminal equipment as a sub-node of the target main node to access the block chain according to the node access request, wherein the sub-node and the target main node form a complete block chain node.
In a second aspect, an embodiment of the present application further provides a node access apparatus of a block chain, where the node access apparatus of the block chain includes:
the acquisition module is used for acquiring a node access request sent by the terminal equipment;
the identity authentication module is used for performing identity authentication on the terminal equipment according to the node access request;
the determining module is used for determining a target main node of a block chain to be accessed by the terminal equipment when the terminal equipment is determined to pass identity authentication;
and the node access module is used for taking the terminal equipment as a sub-node access block chain of the target main node according to the node access request, wherein the sub-node and the target main node form a complete block chain node.
In a third aspect, an embodiment of the present application further provides a computer device, where the computer device includes a processor, a memory, and a computer program stored on the memory and executable by the processor, where the computer program, when executed by the processor, implements the steps of the node access method of the block chain as described above.
In a fourth aspect, an embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, where the computer program, when executed by a processor, implements the steps of the above method for accessing a node of a block chain.
The embodiment of the application provides a method, a device, equipment and a readable storage medium for accessing a block chain node, wherein the method comprises the steps of performing identity authentication on a terminal device based on a node access request sent by the terminal device, determining a target main node of the block chain to be accessed by the terminal device when the terminal device is determined to pass the identity authentication, and then accessing the block chain by taking the terminal device as a sub-node of the target main node according to the node access request, so that the accessed sub-node and the target main node form a complete block chain node, thereby realizing accessing the block chain by taking the terminal device as the block chain node, reducing an access threshold and cost of the block chain, and greatly improving user experience.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flowchart of a node access method of a block chain according to an embodiment of the present disclosure;
fig. 2 is a schematic flow chart illustrating sub-steps of a node access method of the block chain in fig. 1;
fig. 3 is a schematic flowchart of another node access method for a block chain according to an embodiment of the present application;
fig. 4 is a schematic block diagram of a node access apparatus of a block chain according to an embodiment of the present application;
fig. 5 is a schematic block diagram of a sub-module of a node access arrangement of the block chain in fig. 4;
fig. 6 is a schematic block diagram of a node access apparatus of another block chain according to an embodiment of the present application;
fig. 7 is a block diagram schematically illustrating a structure of a computer device according to an embodiment of the present disclosure.
The objects, features, and advantages of the present application will be further explained with reference to the accompanying drawings.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, of the embodiments of the present application. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present application without making any creative effort belong to the protection scope of the present application.
The flow diagrams depicted in the figures are merely illustrative and do not necessarily include all of the elements and operations/steps, nor do they necessarily have to be performed in the order depicted. For example, some operations/steps may be decomposed, combined or partially combined, so that the actual execution order may be changed according to the actual situation.
The embodiment of the application provides a method and a device for accessing a node of a block chain, computer equipment and a readable storage medium. The node access method of the block chain can be applied to the block chain and can also be applied to nodes on the block chain. The block chain referred by the application is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a string of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, which is used for verifying the validity (anti-counterfeiting) of the information and generating a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
Some embodiments of the present application will be described in detail below with reference to the accompanying drawings. The embodiments described below and the features of the embodiments can be combined with each other without conflict.
Referring to fig. 1, fig. 1 is a flowchart illustrating a node access method of a block chain according to an embodiment of the present application.
As shown in fig. 1, the node access method of the block chain includes steps S101 to S103.
Step S101, a node access request sent by a terminal device is obtained, and identity authentication is carried out on the terminal device according to the node access request.
The terminal device comprises a smart phone, a notebook computer, a tablet computer, a smart television, a PC computer and the like, the block chain comprises a plurality of main nodes, each main node comprises a plurality of sub-nodes, the main nodes are deployed in a server, the sub-nodes are deployed in the terminal device, one main node and one sub-node form a complete block chain node, one complete block chain node has the functions of data storage, intelligent contract operation logic, private key storage, data encryption and decryption, consensus computation, broadcasting, CA identity authentication and the like, after the complete block chain node is split into the main nodes and the sub-nodes, the main nodes have the functions of data storage, intelligent contract operation logic, consensus computation, broadcasting, CA identity authentication and the like, and the sub-nodes have the functions of private key storage, data encryption and decryption, CA identity authentication and the like.
In one embodiment, a terminal device installs an application program combined with node access SDK, and in the process of installing the application program, the terminal device generates key pair information based on a key pair generation algorithm, wherein the key pair information comprises private key information and public key information; after the terminal device completes the application program of the access block chain for the first time, the terminal device sends a node access request to the block chain under the condition that the terminal device is networked, wherein the node access request carries a digital signature of a user and the public key information, and the key pair generation algorithm includes but is not limited to an ssh algorithm, an opennsl algorithm and a gpg algorithm.
In an embodiment, the blockchain acquires a node access request sent by the terminal device, and performs identity authentication on the terminal device according to the node access request. Illustratively, a digital signature ciphertext of the terminal device is obtained from the node access request, and the digital signature ciphertext is decrypted to obtain a digital signature plaintext; processing a digital signature plaintext according to a public key in a CA (certificate authority) certificate of the terminal equipment to extract a first abstract in the digital signature, and processing the digital signature plaintext through a Hash algorithm to obtain a second abstract; and determining whether the first abstract is the same as the second abstract, if so, determining that the terminal equipment passes the identity authentication, and if not, determining that the terminal equipment does not pass the identity authentication. The block chain stores a CA certificate of the terminal device, and the CA certificate stores a public key for verifying the digital signature.
Step S102, when the terminal equipment is determined to pass the identity authentication, a target main node of a block chain to be accessed by the terminal equipment is determined.
The target main node of the block chain to be accessed by the terminal device can be determined based on the access number and/or the geographical position of the sub-nodes of each main node in the block chain, and any main node in the block chain can also be used as the target main node of the block chain to be accessed by the terminal device.
In one embodiment, the access number of child nodes of each main node on a block chain is obtained; and taking the main node with the least sub-node access quantity as a target main node of the block chain to be accessed by the terminal equipment. For example, the blockchain includes a master node 1, a master node 2, a master node 3, a master node 4, and a master node 5, and the total number of the master nodes is 5, and the access numbers of the sub-nodes of the master nodes 1, 2, 3, 4, and 5 are 10, 20, 5, 30, and 15, respectively, so that the master node 3 is used as a target master node of the blockchain to which the terminal device is to access. The main node with the least sub-node access number is used as the target main node, so that the balance of the sub-node access numbers of all the main nodes in the block chain is ensured, more sub-nodes are prevented from being accessed to a certain main node, and the stability of the main node is ensured.
In one embodiment, as shown in fig. 2, step S102 includes sub-steps S1021 through S1022.
And a substep S1021, acquiring the first geographical location of the terminal device from the node access request, and acquiring the second geographical location of each master node on the block chain.
The node access request carries a first geographical position of the terminal device, the first geographical position can be determined by a Global Positioning System (GPS), a base station Positioning technology and/or a network Positioning technology, a second geographical position of each main node can be calibrated in advance, and the calibrated second geographical position of each main node is stored, so that subsequent acquisition is facilitated.
And a substep S1022, determining a target master node of the block chain to be accessed by the terminal device according to the first geographical location and the second geographical location of each master node.
Exemplarily, the distance between the terminal device and each master node is determined according to the first geographical position and the second geographical position of each master node; and determining a target main node of the block chain to be accessed by the terminal equipment according to the distance between the terminal equipment and each main node, namely taking the main node with the minimum distance as the target main node of the block chain to be accessed by the terminal equipment. By using the master node with the minimum distance as the target master node of the block chain to be accessed by the terminal equipment, the time delay between the target master node and the sub-node can be reduced after the terminal equipment is used as the sub-node of the target master node.
In one embodiment, according to a first geographic position, a first code of a city where the terminal device is located is determined; determining a second code of a city where each main node is located according to the second geographical position of each main node; when it is determined that a second code which is the same as the first code exists in the second codes of the cities where the main nodes are located, the main node corresponding to the second code which is the same as the first code is used as a target main node of a block chain to be accessed by the terminal equipment; and when determining that a second code which is the same as the first code does not exist in the second codes of the cities where the main nodes are located, determining the distance between the terminal equipment and each main node according to the first geographical position and the second geographical position of each main node, and taking the main node with the minimum distance as a target main node of the block chain to be accessed by the terminal equipment. The main node which is the same as the city where the terminal equipment is located is used as the target main node of the block chain to be accessed by the terminal equipment, so that the time delay between the target main node and the sub-nodes can be reduced.
In an embodiment, when a plurality of second codes which are the same as the first codes exist in the second codes of the city where each main node is located, the main node corresponding to each second code which is the same as the first codes is used as a candidate main node; and acquiring the sub-node access quantity of each candidate main node, and taking the candidate main node with the minimum sub-node access quantity as a target main node of the block chain to be accessed by the terminal equipment. By taking a plurality of main nodes which are the same as the city where the terminal equipment is located as candidate main nodes and taking the candidate main node with the minimum sub-node access quantity as the target main node of the block chain to be accessed by the terminal equipment, the balance of the sub-node access quantity of each candidate main node can be ensured, and the time delay between the target main node and the sub-node can also be reduced.
Step S103, the terminal device is used as a sub-node of the target main node to access a block chain according to the node access request, wherein the sub-node and the target main node form a complete block chain node.
After a target main node of a block chain to be accessed by the terminal equipment is determined, the terminal equipment is used as a sub-node of the target main node to access the block chain based on the node access request, namely, public key information of the terminal equipment is obtained from the node access request, and the public key information is registered on the target main node, so that the terminal equipment is used as the sub-node of the target main node to access the block chain. The child nodes and the target master node form a complete block chain node. After the terminal equipment is used as a child node of the target main node to access the block chain, a user can upload data to the block chain for storage or download data from the block chain through the terminal equipment used as the child node.
Illustratively, when a user needs to upload data to a block chain for storage, data to be uploaded is acquired, the data to be uploaded is encrypted by using locally stored private key information to obtain a data ciphertext, the data ciphertext is sent to a target master node, the target master node performs CA authentication on the data ciphertext, when the data ciphertext passes the CA authentication, the data ciphertext is stored, the data is stored on the target master node and broadcasted, the remaining master nodes on the block chain store the data ciphertext, otherwise, when the user needs to check the data from the block chain, a data checking request is sent to the target master node, the target master node sends the encrypted target data to a child node, namely terminal equipment, and the terminal equipment decrypts the encrypted target data according to the locally stored private key information, so that plaintext data can be checked.
In the block chain node access method provided in the foregoing embodiment, the terminal device is authenticated based on the node access request sent by the terminal device, and when it is determined that the terminal device passes the authentication, the target master node of the block chain to be accessed by the terminal device is determined, and then the terminal device is accessed into the block chain as the child node of the target master node according to the node access request, so that the accessed child node and the target master node form a complete block chain node, thereby implementing the block chain access of the terminal device as the block chain node, reducing the access threshold and the cost of the block chain, and greatly improving the user experience.
Referring to fig. 3, fig. 3 is a flowchart illustrating another node access method for a block chain according to an embodiment of the present disclosure.
As shown in fig. 3, the node access method of the block chain includes steps S201 to S205.
Step S201, a node access request sent by a terminal device is obtained, and identity authentication is carried out on the terminal device according to the node access request.
And the block chain acquires a node access request sent by the terminal equipment and carries out identity authentication on the terminal equipment according to the node access request. Illustratively, a digital signature ciphertext of the terminal device is obtained from the node access request, and the digital signature ciphertext is decrypted to obtain a digital signature plaintext; processing a digital signature plaintext according to a public key in a CA (certificate authority) certificate of the terminal equipment to extract a first abstract in the digital signature, and processing the digital signature plaintext through a Hash algorithm to obtain a second abstract; and determining whether the first abstract is the same as the second abstract, if so, determining that the terminal equipment passes the identity authentication, and if not, determining that the terminal equipment does not pass the identity authentication. The block chain stores a CA certificate of the terminal equipment, and the CA certificate stores a public key for verifying the digital signature.
Step S202, when the terminal equipment is determined to pass the identity authentication, a target main node of the block chain to be accessed by the terminal equipment is determined.
The target main node of the block chain to be accessed by the terminal device can be determined based on the access number and/or the geographical position of the sub-nodes of each main node in the block chain, and any main node in the block chain can also be used as the target main node of the block chain to be accessed by the terminal device.
Step S203, the terminal device is used as a sub-node of the target main node to access a block chain according to the node access request, wherein the sub-node and the target main node form a complete block chain node.
After a target main node of a block chain to be accessed by the terminal equipment is determined, the terminal equipment is used as a sub-node of the target main node to access the block chain based on the node access request, namely, public key information of the terminal equipment is obtained from the node access request, and the public key information is registered on the target main node, so that the terminal equipment is used as the sub-node of the target main node to access the block chain. The child nodes and the target main node form a complete block chain node. After the terminal device is used as a child node of the target main node to access the block chain, a user can upload data to the block chain for storage or download data from the block chain through the terminal device used as the child node.
Step S204, a private key backup request sent by the child node is received through the target main node, wherein the private key backup request carries a plurality of encrypted private key fragments.
When a user needs to backup the private key information of the child node to the block chain, the child node splits the private key information into a plurality of private key fragments, encrypts each private key fragment based on a preset encryption algorithm to obtain a plurality of encrypted private key fragments, then generates a private key backup request based on the plurality of encrypted private key fragments, sends the private key backup request to a target main node on the block chain, and receives the private key backup request sent by the child node through the target main node by the block chain. The number of the private key fragments is less than or equal to the number of the master nodes of the blockchain, for example, if the number of the master nodes of the blockchain is 10, the number of the private key fragments is 8 or 6, and the preset encryption algorithm includes, but is not limited to, an MD5 algorithm, an SHA1 algorithm, an HMAC (Hash-based Message Authentication Code) algorithm, a DES algorithm, an AES algorithm, a 3DES algorithm, an RSA algorithm, or an ECC algorithm.
And S205, storing each encrypted private key fragment to different main nodes of the block chain.
After a private key backup request sent by a child node is received through a target main node, a plurality of encrypted private key fragments are obtained from the private key backup request, and each encrypted private key fragment is stored on a different main node of a block chain. When the number of the encrypted private key fragments is the same as that of the master nodes of the block chain, each master node of the block chain stores one encrypted private key fragment of the same private key information. The private key information is divided into a plurality of private key fragments, and each encrypted private key fragment is stored in different main nodes, so that subsequent recovery can be facilitated, and the safety of the private key information can be improved.
In one embodiment, a private key recovery request sent by a child node is received by a target host node; acquiring encrypted private key fragments from different main nodes storing the encrypted private key fragments of the child nodes according to the private key recovery request to obtain a plurality of encrypted private key fragments; and sending the plurality of encrypted private key fragments to the child node, so that the child node recovers the corresponding private key based on the plurality of encrypted private key fragments, namely decrypting the plurality of encrypted private key fragments to obtain the plurality of private key fragments, and splicing the plurality of private key fragments to obtain a complete private key.
In an embodiment, after the terminal device is lost or replaced, the private key of the terminal device serving as a child node needs to be recovered, so that a user can trigger a private key recovery request through the terminal device and send the private key recovery request to a block chain, when the block chain receives the private key recovery request sent by the terminal device, CA authentication is performed on the private key recovery request, when the private key recovery request passes the CA authentication, public key information is obtained from the private key recovery request, a corresponding host node in which encrypted private key fragments are stored is determined according to the public key information, the encrypted private key fragments are obtained from different corresponding host nodes, a plurality of encrypted private key fragments are obtained, and the plurality of encrypted private key fragments are sent to the child node.
In the node access method of the block chain provided in the above embodiment, the private key information is split into multiple private key fragments, and each encrypted private key fragment is stored in a different primary node, so that subsequent recovery is facilitated, and security of the private key information can also be improved.
Referring to fig. 4, fig. 4 is a schematic block diagram of a block chain node access device according to an embodiment of the present invention.
As shown in fig. 4, the node access apparatus 300 of the block chain includes: an obtaining module 310, an identity authentication module 320, a determining module 330, and a node accessing module 340, wherein:
the obtaining module 310 is configured to obtain a node access request sent by a terminal device;
the identity authentication module 320 is configured to perform identity authentication on the terminal device according to the node access request;
the determining module 330 is configured to determine a target host node of a block chain to be accessed by the terminal device when it is determined that the terminal device passes identity authentication;
the node access module 340 is configured to access the block chain by using the terminal device as a child node of the target host node according to the node access request, where the child node and the target host node form a complete block chain node.
In an embodiment, as shown in fig. 5, the determining module 330 is further configured to:
acquiring the access quantity of child nodes of each main node on the block chain;
and taking the main node with the least sub-node access number as a target main node of the block chain to be accessed by the terminal equipment.
In one embodiment, the determining module 330 includes:
the obtaining submodule 331 is configured to obtain a first geographic location of the terminal device from the node access request, and obtain a second geographic location of each master node in the block chain;
the determining submodule 332 is configured to determine, according to the first geographic location and the second geographic location of each host node, a target host node of the block chain to be accessed by the terminal device.
In an embodiment, the determining submodule 332 is further configured to:
determining the distance between the terminal equipment and each main node according to the first geographical position and the second geographical position of each main node;
and determining a target main node of the block chain to be accessed by the terminal equipment according to the distance between the terminal equipment and each main node.
Referring to fig. 6, fig. 6 is a schematic block diagram of another node access apparatus for a block chain according to an embodiment of the present disclosure.
As shown in fig. 6, the node access apparatus 400 of the block chain includes: an obtaining module 410, an identity authentication module 420, a determining module 430, a node access module 440, a receiving module 450, and a storing module 460, wherein:
the obtaining module 410 is configured to obtain a node access request sent by a terminal device;
the identity authentication module 420 is configured to perform identity authentication on the terminal device according to the node access request;
the determining module 430 is configured to determine a target host node of a block chain to be accessed by the terminal device when it is determined that the terminal device passes identity authentication;
the node access module 440 is configured to access a block chain by using the terminal device as a child node of the target master node according to the node access request, where the child node and the target master node form a complete block chain link point;
the receiving module 450 is configured to receive, by the target master node, a private key backup request sent by the child node, where the private key backup request carries multiple encrypted private key fragments;
the storage module 460 is configured to store each encrypted private key fragment to a different primary node of the blockchain.
In an embodiment, the number of the plurality of encrypted private key shards is less than or equal to the number of primary nodes of the blockchain.
In an embodiment, the receiving module 450 is further configured to receive, by the target master node, a private key recovery request sent by the child node;
the obtaining module 410 is further configured to obtain the encrypted private key fragments from different host nodes that store the encrypted private key fragments of the child node according to the private key recovery request, so as to obtain a plurality of encrypted private key fragments;
the receiving module 450 is further configured to send the plurality of encrypted fragments of the private key to the child node, so that the child node recovers the corresponding private key based on the plurality of encrypted fragments of the private key.
It should be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the apparatus and each module and unit described above may refer to the corresponding processes in the foregoing embodiment of the node access method of the block chain, and are not described herein again.
The apparatus provided by the above embodiments may be implemented in the form of a computer program that can be run on a computer device as shown in fig. 7.
Referring to fig. 7, fig. 7 is a schematic block diagram of a computer device according to an embodiment of the present disclosure. The computer device may be a server.
As shown in fig. 7, the computer device includes a processor, a memory, and a network interface connected by a system bus, wherein the memory may include a nonvolatile storage medium and an internal memory.
The non-volatile storage medium may store an operating system and a computer program. The computer program includes program instructions that, when executed, cause a processor to perform any one of the blockchain node access methods.
The processor is used to provide computing and control capabilities to support the operation of the entire computer device.
The internal memory provides an environment for execution of a computer program on a non-volatile storage medium, which when executed by the processor causes the processor to perform any of the methods for node access in a blockchain.
The network interface is used for network communication, such as sending assigned tasks. Those skilled in the art will appreciate that the architecture shown in fig. 7 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
It should be understood that the Processor may be a Central Processing Unit (CPU), and the Processor may be other general purpose processors, digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, etc. Wherein a general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
Wherein, in one embodiment, the processor is configured to execute a computer program stored in the memory to implement the steps of:
acquiring a node access request sent by terminal equipment, and performing identity authentication on the terminal equipment according to the node access request;
when the terminal equipment passes the identity authentication, determining a target main node of a block chain to be accessed by the terminal equipment;
and taking the terminal equipment as a sub-node of the target main node to access the block chain according to the node access request, wherein the sub-node and the target main node form a complete block chain node.
In an embodiment, the determining a target master node of a block chain to be accessed by the terminal device includes:
acquiring the access quantity of child nodes of each main node on the block chain;
and taking the main node with the least sub-node access number as a target main node of the block chain to be accessed by the terminal equipment.
In an embodiment, the determining a target master node of a block chain to be accessed by the terminal device includes:
acquiring a first geographical position of the terminal equipment from the node access request, and acquiring a second geographical position of each main node on the block chain;
and determining a target main node of the block chain to be accessed by the terminal equipment according to the first geographical position and the second geographical position of each main node.
In an embodiment, the determining, according to the first geographical location and the second geographical location of each host node, a target host node of a block chain to be accessed by the terminal device includes:
determining the distance between the terminal equipment and each main node according to the first geographical position and the second geographical position of each main node;
and determining a target main node of the block chain to be accessed by the terminal equipment according to the distance between the terminal equipment and each main node.
In one embodiment, the processor is further configured to implement the steps of:
receiving a private key backup request sent by the child node through the target main node, wherein the private key backup request carries a plurality of encrypted private key fragments;
storing each encrypted private key fragment to a different primary node of the blockchain.
In an embodiment, the number of the plurality of encrypted private key shards is less than or equal to the number of primary nodes of the blockchain.
In one embodiment, the processor is further configured to implement the steps of:
receiving a private key recovery request sent by the child node through the target main node;
acquiring encrypted private key fragments from different main nodes storing the encrypted private key fragments of the child nodes according to the private key recovery request to obtain a plurality of encrypted private key fragments;
and sending the plurality of encrypted private key fragments to the child node, so that the child node recovers the corresponding private key based on the plurality of encrypted private key fragments.
It should be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working process of the computer device described above may refer to the corresponding process in the foregoing embodiment of the node access method of a block chain, and details are not described herein again.
From the above description of the embodiments, it is clear to those skilled in the art that the present application can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the present application may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments of the present application.
Embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, where the computer program includes program instructions, and when the program instructions are executed, a method implemented by the computer program instructions may refer to various embodiments of a node access method of a block chain of the present application.
The computer-readable storage medium may be an internal storage unit of the computer device described in the foregoing embodiment, for example, a hard disk or a memory of the computer device. The computer readable storage medium may also be an external storage device of the computer device, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like provided on the computer device.
Further, the computer-readable storage medium may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created according to the use of the blockchain node, and the like.
The block chain referred by the application is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
It is to be understood that the terminology used in the description of the present application herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in the specification of the present application and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items. It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of other like elements in a process, method, article, or system comprising the element.
The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments. While the invention has been described with reference to specific embodiments, the scope of the invention is not limited thereto, and those skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the invention. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (10)

1. A method for accessing a node of a block chain, comprising:
acquiring a node access request sent by terminal equipment, and performing identity authentication on the terminal equipment according to the node access request;
when the terminal equipment passes the identity authentication, determining a target main node of a block chain to be accessed by the terminal equipment;
and taking the terminal equipment as a sub-node access block chain of the target main node according to the node access request, wherein the sub-node and the target main node form a complete block chain link point, the target main node is used for storing data, intelligent contract operation logic, consensus calculation, broadcasting and CA identity authentication, and the sub-node is used for private key storage, data encryption and decryption and CA identity authentication.
2. The node access method of the block chain according to claim 1, wherein the determining a target master node of the block chain to be accessed by the terminal device comprises:
acquiring the access quantity of child nodes of each main node on the block chain;
and taking the main node with the least sub-node access quantity as a target main node of the block chain to be accessed by the terminal equipment.
3. The node access method of the block chain according to claim 1, wherein the determining a target master node of the block chain to be accessed by the terminal device comprises:
acquiring a first geographical position of the terminal equipment from the node access request, and acquiring a second geographical position of each main node on the block chain;
and determining a target main node of the block chain to be accessed by the terminal equipment according to the first geographical position and the second geographical position of each main node.
4. The method according to claim 3, wherein the determining a target master node of the block chain to be accessed by the terminal device according to the first geographical location and the second geographical location of each master node comprises:
determining the distance between the terminal equipment and each main node according to the first geographical position and the second geographical position of each main node;
and determining a target main node of the block chain to be accessed by the terminal equipment according to the distance between the terminal equipment and each main node.
5. The node access method of a block chain according to any one of claims 1 to 4, characterized in that the method further comprises:
receiving a private key backup request sent by the child node through the target main node, wherein the private key backup request carries a plurality of encrypted private key fragments;
storing each encrypted private key fragment to a different primary node of the blockchain.
6. The blockchain node access method of claim 5, wherein a number of the plurality of encrypted private key shards is less than or equal to a number of primary nodes of the blockchain.
7. The node access method of a blockchain according to claim 5, wherein the method further comprises:
receiving a private key recovery request sent by the child node through the target main node;
acquiring encrypted private key fragments from different main nodes storing the encrypted private key fragments of the child nodes according to the private key recovery request to obtain a plurality of encrypted private key fragments;
and sending the plurality of encrypted private key fragments to the child node, so that the child node recovers the corresponding private key based on the plurality of encrypted private key fragments.
8. An apparatus for accessing a node of a block chain, the apparatus comprising:
the acquisition module is used for acquiring a node access request sent by the terminal equipment;
the identity authentication module is used for performing identity authentication on the terminal equipment according to the node access request;
the determining module is used for determining a target main node of a block chain to be accessed by the terminal equipment when the terminal equipment is determined to pass identity authentication;
and the node access module is used for taking the terminal equipment as a sub-node access block chain of the target main node according to the node access request, wherein the sub-node and the target main node form a complete block chain link point, the target main node is used for storing data, intelligent contract operation logic, consensus computation, broadcasting and CA identity authentication, and the sub-node is used for private key storage, data encryption and decryption and CA identity authentication.
9. A computer arrangement comprising a processor, a memory, and a computer program stored on the memory and executable by the processor, wherein the computer program, when executed by the processor, implements the steps of the block chain node access method of any one of claims 1 to 7.
10. A computer-readable storage medium, having stored thereon a computer program, wherein the computer program, when being executed by a processor, carries out the steps of the block chain node access method according to any one of claims 1 to 7.
CN202010733599.5A 2020-07-27 2020-07-27 Block chain node access method, device, equipment and readable storage medium Active CN111818087B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010733599.5A CN111818087B (en) 2020-07-27 2020-07-27 Block chain node access method, device, equipment and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010733599.5A CN111818087B (en) 2020-07-27 2020-07-27 Block chain node access method, device, equipment and readable storage medium

Publications (2)

Publication Number Publication Date
CN111818087A CN111818087A (en) 2020-10-23
CN111818087B true CN111818087B (en) 2023-01-24

Family

ID=72862678

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010733599.5A Active CN111818087B (en) 2020-07-27 2020-07-27 Block chain node access method, device, equipment and readable storage medium

Country Status (1)

Country Link
CN (1) CN111818087B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114844719B (en) * 2022-06-06 2023-09-22 广东电网有限责任公司 Cross-network terminal identity authentication method, device and system of communication network
CN115065542A (en) * 2022-06-23 2022-09-16 中国工商银行股份有限公司 Permission verification method and device, processor and electronic equipment

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109413645B (en) * 2017-08-16 2022-08-19 华为技术有限公司 Method and device for access authentication
WO2019104690A1 (en) * 2017-11-30 2019-06-06 深圳前海达闼云端智能科技有限公司 Mobile network access authentication method, device, storage medium and block chain node
CN108429640B (en) * 2018-02-27 2021-03-30 北京天元创新科技有限公司 Display method and device for nodes of network equipment
CN110875938A (en) * 2018-08-31 2020-03-10 元一科技控股有限公司 Method and device for sending information in block chain
CN109451011B (en) * 2018-10-31 2021-10-22 维沃移动通信有限公司 Information storage method based on block chain and mobile terminal
CN110049141A (en) * 2019-05-24 2019-07-23 南京工程学院 Internet of Things distributed authentication method and its framework based on block chain
CN110784506B (en) * 2019-09-05 2021-05-14 腾讯科技(深圳)有限公司 Cloud resource allocation method, device and equipment
CN110601816B (en) * 2019-09-18 2021-09-28 腾讯科技(深圳)有限公司 Lightweight node control method and device in block chain system
CN110929290B (en) * 2019-12-04 2022-03-18 南京如般量子科技有限公司 Private key threshold backup, loss reporting and recovery system and method based on alliance chain

Also Published As

Publication number Publication date
CN111818087A (en) 2020-10-23

Similar Documents

Publication Publication Date Title
CN108646983B (en) Processing method and device for storing service data on block chain
CN107077557B (en) Method and device for releasing and verifying software application program
WO2015184834A1 (en) Encryption/decryption method and device for file of embedded type storage device, and terminal
US8959659B2 (en) Software authorization system and method
CN111314172B (en) Block chain-based data processing method, device, equipment and storage medium
CN110611657A (en) File stream processing method, device and system based on block chain
CN111666564B (en) Application program safe starting method and device, computer equipment and storage medium
CN111818087B (en) Block chain node access method, device, equipment and readable storage medium
CN114157415A (en) Data processing method, computing node, system, computer device and storage medium
CN112380063A (en) Digital certificate backup method, device, equipment and storage medium
CN110661779A (en) Block chain network-based electronic certificate management method, system, device and medium
CN115374405A (en) Software authorization method, license authorization method, device, equipment and storage medium
CN113438205B (en) Block chain data access control method, node and system
CN114386058A (en) Model file encryption and decryption method and device
CN112307503B (en) Signature management method and device and electronic equipment
CN111628863B (en) Data signature method and device, electronic equipment and storage medium
CN113542187A (en) File uploading and downloading method and device, computer device and medium
CN109302442B (en) Data storage proving method and related equipment
CN109951416B (en) Credible verification method and terminal
US20220216999A1 (en) Blockchain system for supporting change of plain text data included in transaction
CN115766270A (en) File decryption method, file encryption method, key management method, device and equipment
CN113051622B (en) Index construction method, device, equipment and storage medium
CN114584347A (en) Verification short message receiving and sending method, server, terminal and storage medium
CN109948326B (en) Abnormal state backtracking method and terminal
CN111949996A (en) Generation method, encryption method, system, device and medium of security private key

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant