CN111818167B - High-security resource transfer method based on block chain - Google Patents
High-security resource transfer method based on block chain Download PDFInfo
- Publication number
- CN111818167B CN111818167B CN202010658812.0A CN202010658812A CN111818167B CN 111818167 B CN111818167 B CN 111818167B CN 202010658812 A CN202010658812 A CN 202010658812A CN 111818167 B CN111818167 B CN 111818167B
- Authority
- CN
- China
- Prior art keywords
- node
- data
- evidence
- credential
- resource
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012546 transfer Methods 0.000 title claims abstract description 30
- 238000000034 method Methods 0.000 title claims abstract description 25
- 230000005540 biological transmission Effects 0.000 claims abstract description 27
- 230000002085 persistent effect Effects 0.000 claims abstract description 17
- 238000012790 confirmation Methods 0.000 claims description 52
- 238000012795 verification Methods 0.000 claims description 26
- 230000002688 persistence Effects 0.000 claims description 14
- 230000007246 mechanism Effects 0.000 abstract description 7
- 101100517192 Arabidopsis thaliana NRPD1 gene Proteins 0.000 description 31
- 101100038200 Arabidopsis thaliana RPD1 gene Proteins 0.000 description 31
- 101100473190 Saccharomyces cerevisiae (strain ATCC 204508 / S288c) RPN1 gene Proteins 0.000 description 31
- 101100042631 Saccharomyces cerevisiae (strain ATCC 204508 / S288c) SIN3 gene Proteins 0.000 description 31
- 230000004044 response Effects 0.000 description 8
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000001960 triggered effect Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 235000014510 cooky Nutrition 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 101001046894 Homo sapiens Protein HID1 Proteins 0.000 description 1
- 102100022877 Protein HID1 Human genes 0.000 description 1
- 230000003190 augmentative effect Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000013479 data entry Methods 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/563—Data redirection of data network streams
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/18—Legal services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- Tourism & Hospitality (AREA)
- Computer Hardware Design (AREA)
- Marketing (AREA)
- Technology Law (AREA)
- Computing Systems (AREA)
- Power Engineering (AREA)
- Health & Medical Sciences (AREA)
- Economics (AREA)
- General Health & Medical Sciences (AREA)
- Human Resources & Organizations (AREA)
- General Engineering & Computer Science (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a high-security resource transfer method based on a block chain, which comprises the following steps: receiving the resource data and the credential data through the primary gateway node; when the voucher data is in a correct state and an effective state, the main gateway node sends a transmission time parameter of the resource data to the password distribution node; generating temporary password data by a password distribution node; the password distribution node sends temporary password data to the master gateway node; the common identification signature node generates a block hash value by using a hash function according to the resource data, the temporary password data and the user private key data which are sent by the main gateway node; and sending the block hash value to a persistent node by using the common identification signature node for storage and whole network broadcasting. The invention provides a high-security resource transfer method based on a block chain, which can prevent the problem that a consensus signature end forges a signature, ensure that only an evidence providing terminal is authorized to obtain a temporary password, and generate a mechanism for resisting the denial of uploaded details of the evidence.
Description
Technical Field
The invention relates to a block chain, in particular to a high-security resource transfer method based on the block chain.
Background
In recent years, due to the popularization of the internet, as a law litigation mode formed through the internet is more mature, an automatic evidence collection mode is more easily accepted by internet courts, and the public only needs to upload and obtain electronic evidence through a terminal. However, at present, electronic evidence has natural properties of easy deletion and easy tampering, and authenticity and integrity of the electronic evidence are difficult to guarantee if evidence resources and user operation processes are not stored according to relevant regulations. For example, under a centralized online evidence collection platform, the problem that single server key escrow is easy to forge exists, once the evidence encounters disputes of authenticity and integrity, the internet court is difficult to confirm the legal effectiveness of the evidence provided by the public, and the legal rights and interests of related parties are also irrevocably protected.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides a high-security resource transfer method based on a block chain, which comprises the following steps:
receiving resource data and credential data through a master gateway node, the master gateway node judging the state of the credential data;
when the credential data is in a correct state and the state node verifies that the credential data is in a valid state, the master gateway node sends a transmission time parameter of the resource data to a password distribution node;
receiving a temporary password through the password distribution node and generating temporary password data; sending the temporary password data to the primary gateway node through the password distribution node;
sending the resource data, the temporary password data and user private key data to a common identification signature node through the main gateway node, so that the common identification signature node generates a block hash value by using a hash function according to the resource data, the temporary password data and the user private key data; and
and sending the block hash value to a persistent node for storage and whole-network broadcasting by using the consensus signature node, generating a successful accounting mark, and sending the successful accounting mark to the master gateway node by using the consensus signature node.
Preferably, before the step of the primary gateway node receiving the resource data and the credential data, further comprising:
receiving a request of a terminal through the consensus signature node to generate credential request data; sending the certificate request data to a certificate management node through the consensus signing node, and generating the certificate data by the certificate management node according to the certificate request data;
sending the credential data to the state node by using the credential management node, generating request completion data, and sending the request completion data to the consensus signature node by using the credential management node;
sending temporary request data and the certificate data to the password distribution node through the consensus signing node so that the password distribution node generates the temporary password, and sending the temporary password to the consensus signing node by the password distribution node; and
and sending the temporary password to the user terminal through the common identification signature node.
Preferably, after the step of sending the successful accounting mark to the primary gateway node by the consensus signing node, the method further comprises:
receiving consistency confirmation request data sent by a user terminal through a consistency confirmation node, wherein the consistency confirmation node generates transmission request data according to a resource uploading verification time parameter of the consistency confirmation request data; the transmission request data is sent to the persistent node through the consistency confirmation node, and when a block in the persistent node comparison chain has the block hash value which accords with the corresponding resource uploading verification time parameter, the persistent node sends a first block hash value to the consistency confirmation node; sending starting temporary password data to the user terminal through the consistency confirmation node; and sending the temporary password to the password distribution node through the user terminal.
Preferably, the consistency confirmation node is used for sending the resource upload verification time parameter to the password distribution node so that the password distribution node generates the temporary password data, and the password distribution node sends the temporary password data to the consistency confirmation node;
generating, by the consistency check node, a second block hash value with the hash function based on the provisional password data, the user private key data, and the consistency check request data,
the consistency confirmation node compares the second block hash value with the first block hash value to generate comparison result data; and
and sending the comparison result data to the user terminal by using the consistency confirmation node.
Compared with the prior art, the invention has the following advantages:
the invention provides a high-security resource transfer method based on a block chain, which is characterized in that a temporary password is added in each evidence providing process in a consensus signature mechanism to prevent a problem that a consensus signature end forges a signature, only an evidence providing terminal is guaranteed to have the right to obtain the temporary password, block writing is carried out on electronic evidence in a block chain network by a hash function, and a mechanism for resisting the denial is generated on the details uploaded by the evidence.
Drawings
Fig. 1 is a flowchart of a block chain-based high security resource transfer method according to an embodiment of the present invention.
Detailed Description
A detailed description of one or more embodiments of the invention is provided below along with accompanying figures that illustrate the principles of the invention. The invention is described in connection with such embodiments, but the invention is not limited to any embodiment. The scope of the invention is limited only by the claims and the invention encompasses numerous alternatives, modifications and equivalents. Numerous specific details are set forth in the following description in order to provide a thorough understanding of the invention. These details are provided for the purpose of example and the invention may be practiced according to the claims without some or all of these specific details.
One aspect of the present invention provides a high security resource transfer method based on a block chain. Fig. 1 is a flowchart of a block chain-based high-security resource transfer method according to an embodiment of the present invention.
The evidence resource acquisition system comprises a master gateway node, a password distribution node, a common identification signature node, a persistence node and a state node. And the main gateway node receives the evidence resource data and the evidence data sent by the evidence providing terminal. The password distribution node is communicably connected to the master gateway node, receives the provisional password transmitted from the evidence providing terminal, and generates provisional password data. The common identification signature node can be connected with the password distribution node in a communication mode, the persistence node can be connected with the common identification signature node in a communication mode, and the state node can be connected with the master gateway node in a communication mode. When the master gateway node judges that the credential data is in a correct state and verifies that the credential data is in an effective state through the state node, the master gateway node sends an evidence transmission time parameter of evidence resource data to the password distribution node, and the password distribution node sends temporary password data to the master gateway node; the main gateway node sends the evidence resource data, the temporary password data and the user private key data to the consensus signing node, so that the consensus signing node generates a block hash value through a hash function according to the evidence resource data, the temporary password data and the user private key data, the consensus signing node sends the block hash value to the persistence node for storage and whole network broadcasting, a successful accounting mark is generated after the whole network broadcasting, and the consensus signing node sends the successful accounting mark to the main gateway node.
Specifically, after the user logs in the main gateway node through the evidence providing terminal to upload and complete the evidence, the main gateway node is requested to check the evidence, and at this time, the main gateway node checks the correctness of the credential data of the evidence providing terminal and checks the validity of the credential data to the state node. If the credential data is correct, the primary gateway node provides an evidence transfer time parameter to the password distribution node. And then, the password distribution node generates temporary password data and provides the temporary password data to the master gateway node, the master gateway node requires the common identification signature node to carry out signature by using the temporary password data, the evidence transmission time of the user and the uploaded evidence resource by using the private key data of the user, at the moment, the common identification signature node carries out block writing by using the temporary password data, the evidence transmission time of the user and the uploaded evidence resource together by using a hash function, and then, the hash value of the block is sent to the persistence node. And after the persistent node stores the block hash value, the common identification signature node is informed of finishing the block hash value storage, and the main gateway node is simultaneously informed of the evidence using party of completing the evidence resource transfer and the evidence verification signature.
Preferably, the evidence resource collecting system may further include a credential management node, which may be communicatively connected to the consensus signing node, and when the consensus signing node receives and generates the credential request data according to the application of the evidence providing terminal, and the consensus signing node sends the credential request data to the credential management node, the credential management node generates the credential data according to the credential request data. When the state node receives the certificate data sent by the certificate management node, the state node generates request completion data and sends the request completion data to the consensus signature node, the consensus signature node sends the temporary request data and the certificate data to the password distribution node so that the password distribution node generates a temporary password, and the password distribution node sends the temporary password to the evidence providing terminal through the consensus signature node.
For example, when a user applies for establishing a dynamic resource transfer credential, the user first applies for credential pre-authorization to the consensus signing node, so that the consensus signing node generates a key pair, manages a private key, and generates credential request data. Then, the common identification signing node applies for the certificate to the certificate management node, the certificate management node issues the certificate data, and the certificate management node issues the certificate data applied by the user to the state node, so that a certificate inquiring source of the electronic evidence obtaining system is provided. Thereafter, the state node notifies the credential management node that the issuance of the credential is complete, and the credential management node notifies the consensus-signed node that the user credential request is complete.
When the consensus signature node applies to the password distribution node for generating temporary password data, the password distribution node confirms the credential data of the user, and after the confirmation is correct, the password distribution node informs the consensus signature node to complete the user application.
Therefore, the invention provides a user for applying for establishing the dynamic resource transfer certificate, the user can entrust the consensus signing node to apply for the certificate from the certificate management node, and the certificate of the evidence user is issued to the whole network, and then the temporary password is applied from the password distribution node.
In an optional embodiment, the evidence resource collecting system preferably further includes a consistency confirmation node, which is communicably connected to the password distribution node and the persistence node, and when the consistency confirmation node receives the consistency confirmation request data sent by the evidence providing terminal, the consistency confirmation node generates the transmission request data according to the resource upload verification time parameter of the consistency confirmation request data, and when the consistency confirmation node sends the transmission request data to the persistence node and a block hash value that matches the corresponding resource upload verification time parameter exists in a block in the comparison chain of the persistence node, the persistence node sends the first block hash value to the consistency confirmation node, so that the consistency confirmation node sends the start temporary password data to the evidence providing terminal. When the evidence providing terminal sends a temporary password to the password distribution node and the consistency confirmation node sends a resource uploading verification time parameter to the password distribution node, the password distribution node generates temporary password data and sends the temporary password data to the consistency confirmation node; and the consistency confirmation node generates a second block hash value by a hash function according to the temporary password data, the user private key data and the consistency confirmation request data, compares the second block hash value with the first block hash value to generate comparison result data, and sends the comparison result data to the evidence providing terminal.
Specifically, when an evidence using party puts forward a tracing requirement, the time when the evidence tracing requirement occurs is taken as a starting point, the consistency confirmation node is required to verify the correctness of obtaining a certain evidence, and the consistency confirmation node is required to provide the content of the block chain data of the evidence transmission time for the persistence node. After the persistent node provides the content of the blockchain data of the evidence transmission time for the consistency confirmation node, the consistency confirmation node requires a user to start the password distribution node by using a temporary password, and then the consistency confirmation node provides the evidence acquisition time for the password distribution node, so that the password distribution node generates the temporary password data with the same evidence transmission time.
And then the password distribution node provides the temporary password data to a consistency confirmation node, the consistency confirmation node generates a second block hash value by a hash function according to the temporary password data, the user private key data, the historical evidence transmission time and the historical uploaded evidence resources, and then compares the second block hash value with the first block hash value of the block chain of the persistent node, namely the persistent hash value data during evidence uploading. The comparison result is sent back to the evidence consumer.
Therefore, the invention provides a mechanism for verifying the persistence of the data of the transfer result of all evidence resources, when a user requires to verify the correctness provided by some evidence, the consistency confirmation node generates a hash value by a temporary password, the transmission time of historical evidence and the historical uploaded evidence resources through a hash function, and then compares the hash value with the persistent hash value data of the block chain in the record server when the evidence is uploaded, thereby establishing a mechanism for resisting the persistence of the data transmission.
Correspondingly, the dynamic consensus signature method of the invention may comprise the following steps:
a1: the method comprises the steps that evidence resource data and credential data are received through a master gateway node, and when the master gateway node judges that the credential data are in a correct state and a state node verifies that the credential data are in an effective state, the master gateway node sends an evidence transmission time parameter of the evidence resource data to a password distribution node;
a2: receiving the temporary password through a password distribution node and generating temporary password data;
a3: sending temporary password data to a master gateway node through a password distribution node;
a4: sending the evidence resource data, the temporary password data and the user private key data to the consensus signature node through the main gateway node, so that the consensus signature node generates a block hash value through a hash function according to the evidence resource data, the temporary password data and the user private key data; and
a5: and sending the block hash value to a persistence node by using the consensus signature node for storage and whole-network broadcasting, generating a successful accounting mark after the completion, and sending the successful accounting mark to the main gateway node by using the consensus signature node.
Preferably, before the step a1 of receiving the evidence resource data and the credential data by the primary gateway node, the method further comprises the following steps:
b0: receiving a request of a terminal according to evidence through a consensus signature node to generate certificate request data;
b1: sending the certificate request data to a certificate management node through the consensus signing node, and generating the certificate data by the certificate management node according to the certificate request data;
b2: the certificate management node is used for sending certificate data to the state node and generating request completion data, and the certificate management node sends the request completion data to the consensus signature node; and
b3: sending temporary request data and credential data to a password distribution node through a consensus signature node so that the password distribution node generates a temporary password, and sending the temporary password to the consensus signature node by the password distribution node; and
b4: and sending the temporary password to the evidence providing terminal through the consensus signing node.
Preferably, after the step of sending the successful accounting mark to the main gateway node by the consensus signing node, the method further comprises the following steps:
c0: the consistency confirmation request data sent by the evidence providing terminal is received through the consistency confirmation node, and the consistency confirmation node uploads the verification time parameter according to the resource of the consistency confirmation request data to generate transmission request data;
c1: the consistency confirmation node sends transmission request data to the persistent node, and when the blocks in the comparison chain of the persistent node have block hash values which accord with the corresponding resource uploading verification time parameters, the persistent node sends the first block hash values to the consistency confirmation node;
c2: sending starting temporary password data to an evidence providing terminal through a consistency confirming node;
c3: sending a temporary password to a password distribution node through an evidence providing terminal; and
c4: the consistency confirmation node is used for sending a resource uploading verification time parameter to the password distribution node so that the password distribution node generates temporary password data, and the password distribution node sends the temporary password data to the consistency confirmation node;
c5: generating a second block hash value by a hash function according to the temporary password data, the user private key data and the consistency confirmation request data through a consistency confirmation node, and comparing the second block hash value with the first block hash value by the consistency confirmation node to generate comparison result data; and
c6: and sending the comparison result data to the evidence providing terminal by using the consistency confirming node.
In an optional embodiment, the evidence resource collecting system of the present invention includes a plurality of different resource transmission services, and further provides evidence resource data of the user by using an identity digest in a block chain registered for the user in order to determine a transaction of the same user in the plurality of resource transmission services, so as to track the evidence resource data of the user in the plurality of different resource transmission services by using the identity digest.
In this case, for example, the user terminal issues a public key from the blockchain network in response to a request from the user, and transfers the address of the blockchain wallet corresponding to the issued public key as an identity digest over the entire network, so that the identity digest can be associated with the user account registered in the entire network. Preferably, the identity digest may be generated by applying a hashing algorithm to the public key. Or the public key may be the address of the blockchain wallet that keeps the token in the blockchain network, and the public key itself may become the identity digest. The token may be a data unit uploaded as evidence by multiple participants of the blockchain network, and may be defined according to a blockchain protocol.
In other words, the evidence providing terminal may associate the identity digest with a user account registered in the entire network. Moreover, since the conventional technology has no inherent key capable of identifying the user online, the user cannot track the collection and utilization process of the data. However, according to embodiments of the present invention, if evidence resource data is collected over a blockchain network using the identity digest described above, the data may be tracked.
According to the embodiment of the invention, in the case that the transactions and/or data of the users in the plurality of resource transmission services are uploaded to the blockchain network through the identity digest of each user, each resource transmission service can bind the transactions and/or data of the plurality of users associated with other services into one identity digest to generate stereoscopic user data. Thus, the respective resource transfer service may provide the accounting node with more detailed user data for each resource transfer service.
As described above, a user may receive an identity digest from a blockchain network and may associate the received identity digest with an account for each resource transfer service desired by the user. Optionally, the user requests an association between a user account registered in the resource transfer service and the received identity digest in the form of entering the identity digest. Optionally, the evidence resource collecting system may store the sent identity digest and the user identifier in an associated manner. The user identification may include a user ID pre-registered in the resource transfer service and/or a browser cookie value pre-issued to the user. For example, for a logged-in user, the evidence resource collection system associates the user's identity digest with the logged-in user ID registered in the resource transfer service. On the other hand, for the unregistered user, the evidence resource collection system associates the content of the browser cookie issued to the unregistered user in advance with the identity abstract, so that the identification of the actual user is realized through the identity abstract for the unregistered user.
The method can realize the safe sharing of the data owned by the user in the block chain network based on the intelligent contract. If the first user U1 uses the above-described resource transfer service of the present invention, the first user U1 may perform a user registration operation through the first evidence provider E1. The first evidence providing terminal E1 is operated by the first user U1. First, a user contract SC1 associated with the first user U1 is deployed at the first blockchain. In various embodiments, user contracts SC1 may be used to store one or more resource pointers, which may be used to access various data entries belonging to first user U1. Identity contracts MC1 are then pre-deployed in the first blockchain, which can be used to record the user identities of different users. In response to the user registration operation of the first user U1, the system may correspondingly add a user identity record UR1 corresponding to the first user U1 to the identity contract MC 1. The user identity record UR1 may include an identity digest IS1 of the first user U1, a blockchain address AS1, and a first user contract address UCA1, where the first user contract address UCA1 points to a user contract SC1 of the first user U1, and the identity digest IS1 IS generated based on the identity information of the first user U1.
It should be appreciated that the deployment and modification operations of the various intelligent contracts described above are each communicated in the form of transactions to the various nodes of the first blockchain that is the public ledger.
The first evidence consumer H1 pre-deploys an evidence consumer user contract UC2 in the first blockchain, which may be used to record evidence consumer identity records of different evidence consumers. Accordingly, the evidence consumer identity record HR1 corresponding to the first evidence consumer H1 is added to the evidence consumer user contract UC2 accordingly. In this embodiment, the evidence consumer identity record HR1 may include the identity HID1 of the first evidence consumer H1, the name HN, and a second intelligent contract address CA2, where the second intelligent contract address CA2 points to the user contract SC2 of the first evidence consumer H1.
After the evidence usage body D1 downloads, the evidence usage body D1 may create the first resource data RPD1 associated with the first user U1 from the download record, and the first evidence consumer H1 may add the first resource data RPD1 to the local cache of the first evidence consumer H1. And then the purpose that the first user U1 shares the first resource data RPD1 for other evidence using terminals is realized. As will be further explained below.
First, in response to the first evidence consumer H1 adding the first resource data RPD1 associated with the first user U1, the first evidence consumer H1 may deploy the resource contract RC in the first blockchain. In the present embodiment, the first resource data RPD1 is stored in a local cache of the first evidence consumer H1, and the first resource data RPD1 has a first profile MD that is recordable in the resource contract DC.
In one embodiment, the first profile MD may further include a hash value field that may record a data hash value generated based on the first resource data RPD 1. Thus, if any terminal attempts to access the first resource data RPD1, it can be verified whether the first resource data RPD1 has been tampered with based on the data hash value.
In another embodiment, the first profile MD may further comprise an access permission field recording a terminal name accessible to the first resource data RPD 1. Since the first resource data RPD1 belongs to the first user U1 and is augmented by the first evidence consumer H1, the access permission field in the first profile MD can record the name of the first evidence consumer H1 and the name of the first user U1 to indicate that the first evidence consumer H1 and the first user U1 have the right to access the first resource data RPD 1.
Thereafter, the first evidence consumer H1 increments the first resource pointer AD1 in the user contract SC2 and provides the first resource pointer AD1 to the first evidence provider E1 of the first user U1. The first resource pointer AD1 points to the resource contract DC.
The first evidence provider E1 adds a first resource pointer AD1 in the user contract SC1 of the first user. After the first resource pointer AD1 is added to the first evidence providing terminal E1, the profile MD of the first resource data RPD1 is acquired based on the first resource pointer AD 1.
For example, assuming that the first user U1 needs to share the first resource data RPD1 to the second evidence consumer H2, the first user U1 may select the second evidence consumer H2 as the object of sharing the first resource data RPD1 after selecting the first resource data RPD 1.
In response to the first user U1 selecting the first resource data RPD1 at the first evidence provider E1 and accordingly selecting the second evidence provider H2 from the plurality of evidence providers as the object of sharing the first resource data RPD1, the first evidence provider E1 determines that the first resource data RPD1 is authorized to be shared to the second evidence provider H2.
Thereafter, in response to the first resource data RPD1 being authorized to be shared to the second evidence consumer H2, the first evidence provider E1 may provide the first resource pointer AD1 to the second evidence consumer H2 to allow the second evidence consumer H2 to access the first resource data RPD1 through the first resource pointer AD 1. The second evidence consumer H2 may add a first resource pointer AD1 in the user contract SC3 of the second evidence consumer H2.
In this case, the evidence using subject D2 acquires the profile MD of the first resource data RPD1 through the first pointer AD1 recorded by the user contract SC3 of the second evidence using terminal H2. Also, the evidence usage subject D2 may attempt to access the content of the first resource data RPD1 by triggering the first resource pointer AD 1.
In response to the first resource pointer AD1 in the user contract SC3 of the second evidence consumer H2 being triggered, the second evidence consumer H2 sends an access request for accessing the first resource data RPD1 to the first evidence provider E1. The first evidence provider E1 then forwards the access request to the first evidence consumer H1.
Accordingly, the first evidence consumer H1 may perform a verification operation on at least one of the second evidence consumer H2 and the first resource data RPD 1. In one embodiment, assuming that the profile MD includes an access permission field, in response to the first resource data RPD1 being authorized to be shared to the second evidence consumer H2, the first evidence consumer H1 may add the name of the second evidence consumer H2 to the access permission field of the profile MD.
If the first evidence consumer H1 receives an access request from the first evidence provider E1 that the second evidence consumer H2 accesses the first resource data RPD1, the first evidence consumer H1 may determine whether the name of the second evidence consumer H2 is present in the access permission field of the profile MD. If so, the first evidence consumer H1 determines that the second evidence consumer H2 is a legitimate visitor of the first resource data RPD1 and accordingly determines that the second evidence consumer H2 has passed the verification operation. In contrast, if the name of the second evidence consumer H2 does not exist in the access permission field of the profile MD, the first evidence consumer H1 determines that the second evidence consumer H2 does not belong to a legitimate visitor of the first resource data RPD1, and accordingly determines that the second evidence consumer H2 fails the authentication operation.
After determining that the second evidence consumer H2 passes the verification operation, the first evidence consumer H1 may provide the first resource data RPD1 in the local cache to the second evidence consumer H2 through the first evidence provider E1. Specifically, the first evidence consumer H1 may forward the first resource data RPD1 to the first evidence provider E1, and the first evidence provider E1 may forward the first resource data RPD1 to the second evidence consumer H2.
If the hash value field is included in the profile MD, after the second evidence using terminal H2 acquires the first resource data RPD1 from the first evidence providing terminal E1, a reference hash value is calculated based on the first resource data RPD 1. In response to the reference hash value matching the data hash value in the hash value field, the second evidence consumer H2 determines that the first resource data RPD1 was not tampered with. Conversely, if the reference hash value does not match the data hash value, then the second evidence consumer H2 determines that the first resource data RPD1 has been tampered with. Thus, the second evidence consumer H2 can further verify the correctness of the first resource data RPD1, thereby avoiding the relevant subject from downloading the data that has been tampered with.
In addition, branch hash values may also be generated periodically based on a plurality of tiles in a first blockchain and published to a second blockchain in the form of a transaction. Under the framework of the invention, better transaction throughput can be generated because the related main body of the first block chain can adopt a more efficient consensus generation mode. Moreover, the correctness of each item of data in the first block chain can be ensured by recording the branched chain hash value in the second block chain.
By adopting the method of the invention, the first block chain, namely the public ledger, only stores the pointer pointing to the resource contract and does not store actual data, thereby realizing privacy protection. The invention can also lead the user to select the data which is expected to be shared by himself, thereby realizing accountability and transparency of the shared data.
For the blockchain network executing the intelligent contract, when the main gateway node receives a resource transfer service request of a user, the main gateway node can also request credential data from the user first, and then queries the intelligent contract corresponding to the specific credential data from the blockchain network for verification.
When the intelligent contract is broadcasted to the block chain network and the issuing of the intelligent contract is completed, the corresponding intelligent contract is executed according to the contract address, and the state of the intelligent contract in the block chain is changed through different instructions.
When the proof provides that the user transmits the credential data, the credential data may further include a signature and a public key. The contract issuing end comprises an initialization module and a block updating module. The initialization module is used for issuing a certificate registration contract through the block during initialization, and the certificate registration contract comprises a certificate registration flow code and a certificate registration success event. In implementation, the contract issuing end may be a server provided in the authority, and optionally may also be a common node in the blockchain network.
The block update module is used for receiving the credential data from the user to issue a corresponding credential contract, issuing the credential contract to the block chain network through a block update operation to obtain a credential contract address, executing the credential registration flow code to register the credential contract address to the credential registration contract, and triggering a credential registration success event when the registration is completed. Thus, when receiving the credential data transmitted from the user, the contract issuing end issues the credential contract corresponding to the credential data and registers the credential contract in the credential registration contract according to the credential contract address. If the credential registration contract describes all credential contract addresses, all accounting nodes can query the corresponding credential contract with the credential contract addresses.
The main gateway node comprises a contract module, a verification module and a processing module. The contract module is used for issuing a service contract in advance through a block updating operation before providing the resource transfer service, and the service contract comprises service flow codes and service events. In implementation, the primary gateway node is preferably a lightweight node that does not need to download a complete blockchain or state, only needs to download a blockhead, and then can download and authenticate the node of the merkel root from the network. The verification module is used for requesting the credential data from the user when receiving the resource transfer service request of the user, and inquiring the credential contract of the corresponding user from the credential registration contract to verify the signature and the public key after receiving the credential data. And the processing module is used for executing the service flow codes and triggering corresponding service events after the certificate data passes the verification, so that the main gateway node provides service for the user.
It should be noted that, the contract issuing end may further include an identity auditing program, and after the user executes the identity auditing program, the credential signature request contract issued by the user is allowed to be registered, otherwise, if the user does not execute the identity auditing program, the contract issuing end will not allow the credential signature request contract issued by the user to be registered in the credential signature request contract.
In one embodiment, a credential issuance and contract validation flow incorporating blockchains includes:
step 10, providing a user, a contract issuing end and accounting nodes as nodes of a block chain network, wherein each accounting node issues a service contract in advance through block updating operation before providing services, and the service contract comprises service flow codes and service events;
step 20, when the contract issuing end is started, issuing a certificate registration contract through block updating operation to provide a certificate contract for registration, wherein the certificate registration contract comprises a certificate registration flow code and a certificate registration success event;
step 30, the user transmits the certificate data, wherein the certificate data comprises a signature and a public key;
step 40, the contract issuing end receives the credential data from the user to issue a corresponding credential contract, issues the credential contract to the blockchain network through the block updating operation to obtain a credential contract address, executes the credential registration flow code to register the credential contract address to the credential registration contract, and triggers a credential registration success event when the registration is completed;
step 50, when receiving the service request of the user, the main gateway node requests the credential data from the user, and after receiving the credential data, queries the credential contract of the corresponding user from the credential registration contract to verify the signature and the public key;
step 60, after the credential data passes the verification, the primary gateway node executes the service flow code and triggers a corresponding service event, so that the blockchain network provides the resource transfer service for the user.
Through the steps, the certificate data and the block chain network for executing the intelligent contract are combined through the contract issuing end, so that the verification of the certificate data is converted into decentralized verification, when the main gateway node receives a resource transfer service request of a user, the certificate data is requested from the user, and then the intelligent contract corresponding to the certificate data is inquired from the block chain network for verification, so that the corresponding service is provided after the verification is passed.
Furthermore, after the step of issuing the credential registration contract through the block update operation to provide the credential contract for registration, the contract issuing end may further provide an identity auditing program, and allow the credential signature issued by the user to request the contract for registration after the user executes the identity auditing program.
Under the condition that a user has credential data, a contract issuing end issues a credential registration contract only through block updating operation, the user transmits the credential data to the contract issuing end so that the contract issuing end issues the credential contract corresponding to the credential data, and executes credential registration flow codes to register the credential contract address of the credential contract to the credential registration contract, and when the registration is completed, a credential registration success event is triggered. At this time, the user may detect the credential registration success event to determine whether credential data has been registered in the blockchain network, assuming that detecting the credential registration success event is triggered to represent that the registration is successful; otherwise, the registration is not successful. The main gateway node can request the certificate data from the user when receiving the service request of the user, and after receiving the certificate data, queries the certificate contract of the corresponding user from the certificate registration contract to verify the signature and the public key, and after passing the verification, executes the service flow code and triggers the corresponding service event.
In the case where the user does not have credential data yet, the contract issuing end issues a credential signing request contract at the time of initialization, in addition to issuing a credential registration contract through the block update operation. Credential signing request information is generated to apply for credential data to a contract issuer. After a user generates credential signing request information, issuing a corresponding credential signing request contract through a block update operation to store the credential signing request information and obtain a credential signing request contract address, and registering the credential signing request contract address into the credential signing request contract, and triggering a request success event upon completion of the registration. When the contract issuing end detects that a request success event is triggered, verifying a corresponding certificate signing request contract, and when the contract issuing end passes the verification, issuing a corresponding certificate contract through a block updating operation to obtain a certificate contract address, executing a certificate registration flow code to register the certificate contract address to the certificate registration contract, and triggering a certificate registration success event and generating certificate data of the corresponding certificate contract when the registration is completed so as to provide the certificate data for a user. At this point, the contract issuing end completes issuing credential data on the blockchain network.
In summary, the present invention provides a high security resource transfer method based on a block chain, in which a temporary password is added to each evidence providing process in a common identification signature mechanism to prevent the common identification signature end from forging a signature, so as to ensure that only an evidence providing terminal is authorized to obtain the temporary password, and a hash function is used to perform block writing on an electronic evidence in a block chain network to generate a mechanism for resisting the denial of uploaded details of the evidence.
It will be apparent to those skilled in the art that the modules or steps of the present invention described above may be implemented in a general purpose computing system, centralized on a single computing system, or distributed across a network of computing systems, and optionally implemented in program code that is executable by the computing system, such that the program code is stored in a storage system and executed by the computing system. Thus, the present invention is not limited to any specific combination of hardware and software.
It is to be understood that the above-described embodiments of the present invention are merely illustrative of or explaining the principles of the invention and are not to be construed as limiting the invention. Therefore, any modification, equivalent replacement, improvement and the like made without departing from the spirit and scope of the present invention shall be included in the protection scope of the present invention. Further, it is intended that the appended claims cover all such variations and modifications as fall within the scope and boundaries of the appended claims or the equivalents of such scope and boundaries.
Claims (3)
1. A high-security resource transfer method based on a block chain is characterized by comprising the following steps:
receiving resource data and credential data through a master gateway node, the master gateway node judging the state of the credential data;
when the credential data is in a correct state and the state node verifies that the credential data is in a valid state, the master gateway node sends a transmission time parameter of the resource data to a password distribution node;
receiving a temporary password through the password distribution node and generating temporary password data; sending the temporary password data to the primary gateway node through the password distribution node;
sending the resource data, the temporary password data and user private key data to a common identification signature node through the main gateway node, so that the common identification signature node generates a block hash value by using a hash function according to the resource data, the temporary password data and the user private key data; and
sending the block hash value to a persistent node for storage and whole-network broadcasting by using the consensus signature node, generating a successful accounting mark, and sending the successful accounting mark to the master gateway node by using the consensus signature node;
the password distribution node provides the temporary password data to a consistency confirmation node, the consistency confirmation node generates a second block hash value by a hash function according to the temporary password data, user private key data, historical evidence transmission time and historical uploaded evidence resources, and then compares the second block hash value with a first block hash value of a persistence node, namely persistence hash value data during evidence uploading; the comparison result is sent back to the evidence consumer.
2. The method of claim 1, wherein before the step of the primary gateway node receiving the resource data and the credential data, further comprising:
receiving a request of a terminal through the consensus signature node to generate credential request data; sending the certificate request data to a certificate management node through the consensus signing node, and generating the certificate data by the certificate management node according to the certificate request data;
sending the credential data to the state node by using the credential management node, generating request completion data, and sending the request completion data to the consensus signature node by using the credential management node;
sending temporary request data and the certificate data to the password distribution node through the consensus signing node so that the password distribution node generates the temporary password data, and sending the temporary password data to the consensus signing node by the password distribution node; and
and sending the temporary password data to the user terminal through the common identification signature node.
3. The method of claim 1, wherein after the step of the consensus signing node sending the successful accounting mark to the master gateway node, further comprising:
receiving consistency confirmation request data sent by a user terminal through a consistency confirmation node, wherein the consistency confirmation node generates transmission request data according to a resource uploading verification time parameter of the consistency confirmation request data; the transmission request data is sent to the persistent node through the consistency confirmation node, and when a block in the persistent node comparison chain has the first block hash value which accords with the corresponding resource uploading verification time parameter, the persistent node sends the first block hash value to the consistency confirmation node; sending starting temporary password data to the user terminal through the consistency confirmation node; and sending the temporary password to the password distribution node through the user terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010658812.0A CN111818167B (en) | 2020-07-09 | 2020-07-09 | High-security resource transfer method based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010658812.0A CN111818167B (en) | 2020-07-09 | 2020-07-09 | High-security resource transfer method based on block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111818167A CN111818167A (en) | 2020-10-23 |
| CN111818167B true CN111818167B (en) | 2021-09-07 |
Family
ID=72842194
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010658812.0A Active CN111818167B (en) | 2020-07-09 | 2020-07-09 | High-security resource transfer method based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111818167B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107710258A (en) * | 2015-03-27 | 2018-02-16 | 黑金币公司 | System and method for personal identification and checking |
| CN108292331A (en) * | 2015-12-22 | 2018-07-17 | 汤森路透全球资源无限公司 | Method and system for creating, verifying and managing identity |
| CN108390891A (en) * | 2018-03-28 | 2018-08-10 | 电子科技大学天府协同创新中心 | Information protecting method based on privately owned block chain |
| CN109726229A (en) * | 2018-11-30 | 2019-05-07 | 深圳市元征科技股份有限公司 | A kind of block chain date storage method and device |
| CN109783569A (en) * | 2018-12-06 | 2019-05-21 | 深圳市极致游科技有限公司 | A kind of account book recording method, device and terminal device based on block chain |
| CN109962890A (en) * | 2017-12-25 | 2019-07-02 | 中国科学院信息工程研究所 | A kind of the authentication service device and node access, user authen method of block chain |
| US10402594B2 (en) * | 2016-02-29 | 2019-09-03 | Fuji Xerox Co., Ltd. | Information processing apparatus and non-transitory computer readable medium |
| CN110837491A (en) * | 2019-11-25 | 2020-02-25 | 广州知弘科技有限公司 | Block chain financial big data processing system and method |
| CN111163109A (en) * | 2020-02-04 | 2020-05-15 | 广州知弘科技有限公司 | Block chain center-removing type node anti-counterfeiting method |
-
2020
- 2020-07-09 CN CN202010658812.0A patent/CN111818167B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107710258A (en) * | 2015-03-27 | 2018-02-16 | 黑金币公司 | System and method for personal identification and checking |
| CN108292331A (en) * | 2015-12-22 | 2018-07-17 | 汤森路透全球资源无限公司 | Method and system for creating, verifying and managing identity |
| US10402594B2 (en) * | 2016-02-29 | 2019-09-03 | Fuji Xerox Co., Ltd. | Information processing apparatus and non-transitory computer readable medium |
| CN109962890A (en) * | 2017-12-25 | 2019-07-02 | 中国科学院信息工程研究所 | A kind of the authentication service device and node access, user authen method of block chain |
| CN108390891A (en) * | 2018-03-28 | 2018-08-10 | 电子科技大学天府协同创新中心 | Information protecting method based on privately owned block chain |
| CN109726229A (en) * | 2018-11-30 | 2019-05-07 | 深圳市元征科技股份有限公司 | A kind of block chain date storage method and device |
| CN109783569A (en) * | 2018-12-06 | 2019-05-21 | 深圳市极致游科技有限公司 | A kind of account book recording method, device and terminal device based on block chain |
| CN110837491A (en) * | 2019-11-25 | 2020-02-25 | 广州知弘科技有限公司 | Block chain financial big data processing system and method |
| CN111163109A (en) * | 2020-02-04 | 2020-05-15 | 广州知弘科技有限公司 | Block chain center-removing type node anti-counterfeiting method |
Non-Patent Citations (1)
| Title |
|---|
| 王童.基于区块链的隐私保护机制研究.《中国优秀硕士学位论文全文数据库 信息科技辑》.2020,(第2期),I138-154. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111818167A (en) | 2020-10-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10682981B2 (en) | Systems and methods for networked device security | |
| CN110059503B (en) | Traceable social information anti-leakage method | |
| CN100542092C (en) | Distributed access control method in multistage securities | |
| CN111079136B (en) | Fog computing intrusion detection feature sharing system based on block chain technology | |
| KR20190075772A (en) | AuthenticationSystem Using Block Chain Through Combination of Data after Separating Personal Information | |
| CN115758444A (en) | Method and system for realizing block chain | |
| CN110191153B (en) | Social communication method based on block chain | |
| CN113129518B (en) | Electric vehicle charging system and resource management method thereof | |
| CN112165382B (en) | Software authorization method and device, authorization server side and terminal equipment | |
| CN111818056B (en) | Industrial Internet identity authentication method based on block chain | |
| CN105516110A (en) | Mobile equipment secure data transmission method | |
| CN111934870B (en) | Method, apparatus, device and medium for updating root certificate in block chain network | |
| CN113256297B (en) | Data processing method, device and equipment based on block chain and readable storage medium | |
| US20230412400A1 (en) | Method for suspending protection of an object achieved by a protection device | |
| CN112448946B (en) | Log auditing method and device based on block chain | |
| CN106899548B (en) | IP address correction method and device | |
| CN105450750A (en) | Secure interaction method for intelligent terminal | |
| US11962698B2 (en) | Token node locking with fingerprints authenticated by digital certificates | |
| CN115811406A (en) | Internet of things block chain authentication method and system based on ring signature consensus mechanism | |
| CN108701308B (en) | System for issuing public certificate based on blockchain, and method for issuing public certificate based on blockchain using same | |
| CN114499876A (en) | Internet of things data evidence storing method based on block chain and NB-IoT chip | |
| CN116980163A (en) | Data processing method, device, equipment and medium based on trusted execution environment | |
| CN111241188A (en) | Consensus method in block chain network, node and storage medium | |
| CN111818167B (en) | High-security resource transfer method based on block chain | |
| CN113992336B (en) | Encryption network offline data trusted exchange method and device based on block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |