CN112565303A

CN112565303A - Method and device for performing authentication connection between block chain nodes and related product

Info

Publication number: CN112565303A
Application number: CN202011642999.1A
Authority: CN
Inventors: 阮安邦; 陈凯; 魏明; 陈旭明
Original assignee: Beijing Octa Innovations Information Technology Co Ltd
Current assignee: Beijing Octa Innovations Information Technology Co Ltd
Priority date: 2020-12-30
Filing date: 2020-12-30
Publication date: 2021-03-26
Anticipated expiration: 2040-12-30
Also published as: CN112565303B

Abstract

The method, the device and the related products for authentication connection between the block chain nodes provided by the embodiment of the application monitor whether communication is carried out between two block chain nodes in a block chain system; if so, the authentication system on the block chain link point at the opposite end in the two block chain nodes carries out integrity detection on the authentication system on the block chain link point at the other end; if the authentication system on the block chain link point at the other end is complete, the two block chain nodes establish authentication connection, so that authentication is performed based on the authentication connection during authentication, the authentication process of the block chain nodes is simplified, and the authentication efficiency of the block chain nodes is improved.

Description

Method and device for performing authentication connection between block chain nodes and related product

Technical Field

The present application relates to the field of block chain technologies, and in particular, to a method and an apparatus for performing authenticated connection between block link points, and a related product.

Background

The blockchain system (essentially a big data system) is an integrated application mode of technologies such as a distributed data storage system, point-to-point transmission, a consensus mechanism and an encryption algorithm, and can realize trust and value transfer which cannot be realized by the traditional internet on the internet. The blockchain system comprises a plurality of blockchain nodes, and because the blockchain system is a decentralized system, if the normal and safe operation of the blockchain system is ensured, the blockchain nodes (essentially the blockchain nodes) must be authenticated, and the blockchain nodes can participate in the operation only if the state of the blockchain nodes passes the authentication. However, in the prior art, the authentication between the block chain nodes has no logical relationship, so that the authentication needs to be performed according to a single block chain node as a unit during the authentication, which results in a relatively complex authentication process, resulting in low authentication efficiency, and greatly affecting the operation of the block chain system.

Disclosure of Invention

Based on the above problems, embodiments of the present application provide a method and an apparatus for performing authenticated connection between block link points, and a related product.

In a first aspect, an embodiment of the present application provides a method for performing authenticated connection between block link points, including:

monitoring whether communication is carried out between two blockchain nodes in a blockchain system;

if so, the authentication system on the block chain link point at the opposite end in the two block chain nodes carries out integrity detection on the authentication system on the block chain link point at the other end;

and if the authentication system on the block chain link point at the other end is complete, the two block chain nodes establish authentication connection.

Optionally, in a specific embodiment, network traffic generated between two blockchain nodes in the blockchain system is monitored to monitor whether communication is performed between the two blockchain nodes in the blockchain system.

Optionally, in a specific embodiment, network traffic generated between two blockchain nodes in the blockchain system is monitored by means of traffic interception.

In a second aspect, an embodiment of the present application provides an apparatus for performing authenticated connection between block link points, including:

the monitoring unit is used for monitoring whether communication is carried out between two block chain nodes in the block chain system;

the integrity detection unit is used for enabling the authentication system on the block chain link point at the opposite end of the two block chain nodes to carry out integrity detection on the authentication system on the block chain link point at the other end when the communication between the two block chain nodes is monitored;

Optionally, in a specific embodiment, the monitoring unit is further configured to monitor network traffic generated between two blockchain nodes in the blockchain system to monitor whether communication is performed between the two blockchain nodes in the blockchain system.

Optionally, in a specific embodiment, the monitoring unit is further configured to monitor network traffic generated between two blockchain nodes in the blockchain system by means of traffic interception.

Optionally, in a specific embodiment, the communication between two blockchain nodes is initiated based on an upper layer service component.

In a third aspect, an embodiment of the present application provides a blockchain system, including: a plurality of block chain nodes are provided with the device that carries out the authentication between the block chain node on every block chain node, and it includes:

In a fourth aspect, an embodiment of the present application provides an electronic device, including: a memory having computer-executable instructions stored thereon and a processor for executing the computer-executable instructions to perform the steps of:

In a fifth aspect, an embodiment of the present application provides a computer storage medium having computer-executable instructions stored thereon, where the computer-executable instructions, when executed, implement the following steps:

In the technical scheme of the embodiment of the application, whether communication is carried out between two block chain nodes in a block chain system is monitored; if so, the authentication system on the block chain link point at the opposite end in the two block chain nodes carries out integrity detection on the authentication system on the block chain link point at the other end; if the authentication system on the block chain link point at the other end is complete, the two block chain nodes establish authentication connection, so that authentication is performed based on the authentication connection during authentication, the authentication process of the block chain nodes is simplified, and the authentication efficiency of the block chain nodes is improved.

Drawings

In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without inventive exercise.

Fig. 1 is a flowchart of a method for performing authenticated connection between internet nodes according to an embodiment of the present disclosure;

fig. 2 is a schematic diagram of an apparatus for performing authenticated connection between internet nodes according to an embodiment of the present disclosure;

fig. 3 is a schematic diagram of a blockchain system according to an embodiment of the present disclosure;

fig. 4 is a schematic diagram of an electronic device according to an embodiment of the present application;

fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure;

fig. 6 is a schematic diagram of a computer storage medium according to an embodiment of the present application.

Detailed Description

It is not necessary for any particular embodiment of the invention to achieve all of the above advantages at the same time.

In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The first embodiment,

Referring to fig. 1, an embodiment of the present application provides a method for performing authenticated connection between block link points, including:

s101: monitoring whether communication is carried out between two blockchain nodes in a blockchain system;

optionally, in this embodiment, a plurality of blockchain nodes may form a blockchain system, such as a federation chain, a private chain, or a public chain; optionally, in this embodiment, the block link points include block chain nodes, and the block chain node may be a block chain light node and a block chain full node. The block chain whole node is a node which possesses all transaction data of the whole network, and the block chain light node is a node which only possesses the transaction data related to the light node.

In this embodiment, it should be noted that, when a plurality of blockchain nodes form a blockchain system, the authentication system may be deployed only on a part of blockchain nodes, or the authentication system may be deployed on all blockchain nodes. For example, for a private chain, since the number of blockchain nodes is relatively small, the authentication system may be deployed on all blockchain nodes in order to ensure safe operation of the blockchain system. For another example, for a federation chain, the authentication system may be deployed on all blockchain nodes with reference to a private chain. For example, for a private chain, since the number of blockchain nodes is relatively large, to ensure safe operation of the blockchain system, the authentication system may be deployed at some blockchain link points, for example, the authentication system is deployed at all the blockchain nodes, and the authentication system is deployed at some blockchain light nodes; alternatively, the authentication system is deployed on a small number of blockchain full nodes, and the authentication system is deployed on all blockchain light nodes.

Optionally, in this embodiment, by monitoring the network traffic, it may be quickly monitored whether communication is performed between two blockchain nodes, that is, whether data interaction is about to occur or is being performed between two blockchain nodes.

Optionally, in this embodiment, by intercepting the network traffic, it may be quickly monitored whether communication is performed between two blockchain nodes, that is, whether data interaction is about to occur or is being performed between two blockchain nodes.

Optionally, in this embodiment, the monitored communication is communication between two block chain nodes based on the last service component, so that accuracy of authentication on an object is ensured, and further, availability and referential of an authentication result are ensured when authentication is performed.

S102: if so, the authentication system on the block chain link point at the opposite end in the two block chain nodes carries out integrity detection on the authentication system on the block chain link point at the other end;

optionally, in a specific embodiment, the integrity detection of the authentication system at the block link point at the opposite end of the two block chain nodes by the authentication system at the block link point at the other end includes: and judging whether a trust evaluation core matrix is stored in the authentication system or not, judging whether the trust evaluation core matrix needs to be updated or not, and if the trust evaluation core matrix exists and needs to be updated, judging that the authentication system on the block chain link point at the other end is complete.

Optionally, in a specific embodiment, the determining whether the authentication system stores the trust evaluation core matrix includes: judging whether an authentication kernel exists in the authentication system or not, and judging whether a trust evaluation kernel matrix is stored in the authentication kernel or not;

judging whether the trust evaluation core matrix needs to be updated or not, comprising the following steps: and judging whether the trust evaluation kernel matrix in the authentication kernel is updated through the kernel maintenance module.

In this embodiment, the trust evaluation core matrix is used to record trust authentication data of block link points to block link nodes, where it needs to be described that the block link points in the block link system may be grouped, and each group of block link points records trust authentication data between all block link nodes in the group; for the groups, one block link node can be selected from one group of block link points as an external connection node, the external connection node simultaneously belongs to another group of block link nodes, namely, the two groups of block link points have a common block link point, the number of the common block link point can be one or multiple, and the specific number of the common block link points can be flexibly configured according to the requirements of application scenes. For example, if the blockchain system is a public chain, the number of blockchain nodes in common in two groups of blockchain nodes is large because the blockchain system has higher visibility on the internet and is likely to have a security risk due to network attack. For the private chain and the alliance chain, the potential of security risk caused by network attack is small due to the fact that visibility of the private chain and the alliance chain on the internet is low, and therefore the number of the two groups of block link points which have the same block link point is one.

As mentioned above, the authentication is performed in this application to ensure that the blockchain node participates in the system operation as a component of the internet system, how to ensure the safe operation of the whole system based on the safety of the block chain nodes, therefore, when only two block chain link points have data interaction, this security issue is only to be considered, and for this reason, in the present embodiment, by configuring the monitoring unit to monitor whether or not to communicate between the blockchain nodes, if communication exists, it is indicated that data interaction is about to occur between two block chain nodes or data interaction is being performed, and therefore, an authentication system of an opposite terminal in the two block chain nodes of the authentication kernel is triggered to perform authentication to obtain the trust evaluation kernel matrix, otherwise, the authentication system of the opposite terminal in the two block chain nodes of the authentication kernel is not required to be triggered to perform authentication to obtain the trust evaluation kernel matrix.

Optionally, in a specific embodiment, the determining whether to update the trust evaluation core matrix in the authentication core through the core maintenance module includes: and judging whether the kernel maintenance module updates the trust evaluation kernel matrix or not through an exchange mode.

Optionally, in this embodiment, when the kernel maintenance module switches the trust kernel matrix to the opposite-end block chain node, it preferably switches to the neighbor block chain node, that is, other block chain nodes are neighbor block chain nodes, and the neighbor block chain nodes may be directly adjacent or indirectly adjacent. When indirectly adjacent, the number of neighbors can be controlled by setting the adjacent step size or the adjacent distance.

Further, when all the blockchain nodes in the blockchain system are divided into a plurality of groups, the core maintenance module judges whether the opposite-end blockchain node and the other-end blockchain node are in the same group when the trust core matrix is switched to the opposite-end blockchain node.

Further, as mentioned above, when two adjacent groups of blockchain nodes have a common blockchain node, the trust kernel matrix can be exchanged between the two adjacent groups of blockchain nodes through the common blockchain node.

Optionally, in a specific embodiment, when the trust kernel matrix is updated, the updating is implemented by a distributed authentication framework.

Optionally, in this embodiment, decentralized authentication may be implemented through a decentralized authentication framework, so that rapid authentication may be performed between two block chain nodes without any third party, thereby ensuring an update speed of the trust kernel matrix.

Optionally, in a specific embodiment, the method for performing authenticated connection between block link points further includes: and deriving the trust core matrix so that the kernel maintenance module updates the trust core matrix between the two block chain nodes.

Optionally, in this embodiment, the trust kernel matrix may be derived by a virtualized trusted management module (VTPMS) so that the kernel maintenance module updates the trust kernel matrix between two block chain nodes, and the virtualized trusted management module may ensure that the two block chain nodes perform fast execution when performing exchange of the trust kernel matrix, thereby ensuring that the trust kernel matrix at any one block chain node is updated in real time, and ensuring real-time performance and rapidity of the exchange.

Optionally, in one embodiment, an authentication system disposed on a block link point acts as a neuron.

Optionally, in a specific embodiment, the kernel maintenance module is further configured to enable the frequently communicated plurality of block chain nodes to form a neuron authentication network, and all neurons in the neuron authentication network share an upper layer service component.

Optionally, in this embodiment, by enabling a plurality of block chain nodes that communicate frequently to form a neuron authentication network and enabling all neurons in the neuron authentication network to share an upper layer service component, there may be an emphasis on determining an object to which an authentication is directed, so that it is preferable to authenticate only those block chain nodes that communicate frequently, and compared with authenticating all block chain nodes that communicate only in a block chain system, implementation efficiency of authentication is ensured.

Optionally, in this embodiment, since the communication behavior between the blockchain nodes changes in real time, and for this reason, the communication frequency also changes continuously, the composition of the neuron authentication network also changes dynamically.

Optionally, in a specific embodiment, the neuron authentication network has a uniform interface for providing proof of interaction services hosted between neurons in the neuron authentication network.

Optionally, in this embodiment, the unified interface may be configured on a blockchain node of the neuron authentication network having a higher authority or a higher security.

S103: and if the authentication system on the block chain link point at the other end is complete, the two block chain nodes establish authentication connection.

Example II,

Referring to fig. 2, an embodiment of the present application provides an apparatus 20 for authenticated connection between block link points, including:

a monitoring unit 201, configured to monitor whether communication is performed between two blockchain nodes in a blockchain system;

an integrity detection unit 202, configured to, when communication between two block chain nodes is monitored, enable an authentication system at an opposite-end block chain link point of the two block chain nodes to perform integrity detection on an authentication system at another-end block chain link point;

The following is a detailed description:

Optionally, in a specific embodiment, the monitoring unit 201 is further configured to monitor network traffic generated between two blockchain nodes in the blockchain system, so as to monitor whether communication is performed between the two blockchain nodes in the blockchain system.

Optionally, in this embodiment, the monitoring unit 201 may quickly monitor whether communication is performed between two blockchain nodes, that is, whether data interaction is about to occur or is being performed between the two blockchain nodes, by monitoring network traffic.

Optionally, in a specific embodiment, the monitoring unit 201 is further configured to monitor network traffic generated between two blockchain nodes in the blockchain system by means of traffic interception.

Optionally, in this embodiment, the monitoring unit 201 may quickly monitor whether communication is performed between two blockchain nodes, that is, whether data interaction is about to occur or is being performed between the two blockchain nodes, by intercepting the network traffic.

Optionally, in this embodiment, the communication monitored by the monitoring unit 201 is communication between two block chain nodes based on the last service component, so as to ensure accuracy of authentication for an object, and further ensure availability and referential of an authentication result when performing authentication.

optionally, in a specific embodiment, the integrity detection unit 202 is further configured to determine whether the trust evaluation core matrix is stored in the authentication system, and whether the trust evaluation core matrix needs to be updated, and if the trust evaluation core matrix exists and needs to be updated, determine that the authentication system on the block link point at the other end is complete.

Optionally, in a specific embodiment, the integrity detection unit 202 is further configured to determine whether an authentication kernel exists in the authentication system, and whether the trust evaluation kernel matrix is stored in the authentication kernel;

the integrity detection unit 202 is further configured to determine whether to update the trust evaluation core matrix in the authentication core through the core maintenance module.

In this embodiment, the trust evaluation core matrix is used to record trust authentication data of the block chain link points to the block chain nodes, where it should be noted that the integrity detection unit 202 may also be used to group the block chain link points in the block chain system, and each group of block chain link points records trust authentication data between all block chain nodes in the group; for the groups, one block link node can be selected from one group of block link points as an external connection node, the external connection node simultaneously belongs to another group of block link nodes, namely, the two groups of block link points have a common block link point, the number of the common block link point can be one or multiple, and the specific number of the common block link points can be flexibly configured according to the requirements of application scenes. For example, if the blockchain system is a public chain, the number of blockchain nodes in common in two groups of blockchain nodes is large because the blockchain system has higher visibility on the internet and is likely to have a security risk due to network attack. For the private chain and the alliance chain, the potential of security risk caused by network attack is small due to the fact that visibility of the private chain and the alliance chain on the internet is low, and therefore the number of the two groups of block link points which have the same block link point is one.

As mentioned above, the authentication is performed in this application to ensure that the blockchain node participates in the system operation as a component of the internet system, how to ensure the safe operation of the whole system based on the safety of the block chain nodes, therefore, when only two block chain link points have data interaction, this security issue is only to be considered, and for this reason, in the present embodiment, by configuring the monitoring unit 201 to monitor whether or not to communicate between blockchain nodes, if communication exists, it is indicated that data interaction is about to occur between two block chain nodes or data interaction is being performed, and therefore, an authentication system of an opposite terminal in the two block chain nodes of the authentication kernel is triggered to perform authentication to obtain the trust evaluation kernel matrix, otherwise, the authentication system of the opposite terminal in the two block chain nodes of the authentication kernel is not required to be triggered to perform authentication to obtain the trust evaluation kernel matrix.

Optionally, in a specific embodiment, the integrity detection unit 202 is further configured to determine whether the kernel maintenance module updates the trust evaluation kernel matrix in a switching manner.

Optionally, in a specific embodiment, the integrity detection unit 202 is further configured to perform an update of the trust kernel matrix by means of a decentralized authentication framework.

Optionally, in a specific embodiment, the apparatus 20 for performing authenticated connection between block link points further comprises: and the virtualized trusted management module is used for deriving the trust kernel matrix so that the kernel maintenance module updates the trust kernel matrix between the two block chain nodes.

Optionally, in this embodiment, a virtualized trusted-platform management module (VTPMS) may ensure that two block chain nodes perform fast switching of the trust kernel matrix, so as to ensure that the trust kernel matrix on any one block chain node is updated in real time, and ensure real-time performance and rapidity of switching.

Example III,

Referring to fig. 3, an embodiment of the present application provides a block chain system, including: a plurality of block chain nodes 301, each block chain node is provided with a device 20 for authentication connection between block chain nodes, which includes:

The following is a detailed description:

Example four,

Referring to fig. 4, an embodiment of the present application provides an electronic device 40, including: a memory 401 and a processor 402, the memory 401 having computer-executable instructions stored thereon, the processor 402 being configured to execute the computer-executable instructions to perform the steps of:

The following is a detailed description:

Referring to fig. 5, fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure; as shown in fig. 5, the hardware structure of the electronic device may include: a processor 501, a communication interface 502, a memory 503, and a communication bus 504;

the processor 501, the communication interface 502 and the memory 503 complete mutual communication through the communication bus 504;

optionally, the communication interface 502 may be an interface of a communication module, such as an interface of a GSM module;

the processor 501 may be specifically configured to run the executable program stored in the memory 503, so as to perform all or part of the processing steps of any of the above method embodiments.

The Processor 501 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; but may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components. The various methods, steps, and logic blocks disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.

The electronic device of the embodiments of the present application exists in various forms, including but not limited to:

(1) mobile communication devices, which are characterized by mobile communication capabilities and are primarily targeted at providing voice and data communications. Such terminals include smart phones (e.g., iphones), multimedia phones, functional phones, and low-end phones, among others.

(2) The ultra-mobile personal computer equipment belongs to the category of personal computers, has calculation and processing functions and generally has the characteristic of mobile internet access. Such terminals include PDA, MID, and UMPC devices, such as ipads.

(3) Portable entertainment devices such devices may display and play multimedia content. Such devices include audio and video players (e.g., ipods), handheld game consoles, electronic books, as well as smart toys and portable car navigation devices.

(4) The server is similar to a general computer architecture, but has higher requirements on processing capability, stability, reliability, safety, expandability, manageability and the like because of the need of providing highly reliable services.

(5) And other electronic devices with data interaction functions.

In embodiments of the present Application, the processor 501 may take the form of, for example, a microprocessor or a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic processor, and an embedded microprocessor, examples of which include, but are not limited to, the following microprocessors: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory processor may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing a processor as pure computer readable program code, the same functions may be implemented entirely by logically programming method steps such that the processor is in the form of logic gates, switches, application specific integrated circuits, programmable logic processors, embedded microprocessors, etc. Such a processor may thus be regarded as a hardware component and the means for performing the various functions included therein may also be regarded as structures within the hardware component. Or even means for performing the functions may be regarded as being both a software module for performing the method and a structure within a hardware component.

Example V,

Referring to fig. 6, an embodiment of the present application provides a computer storage medium having computer-executable instructions stored thereon, where the computer-executable instructions, when executed, implement the following steps:

The following is a detailed description:

In addition, computer storage media, including both permanent and non-permanent, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, computer storage media does not include transitory computer readable media (transient media) such as modulated data signals and carrier waves.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular transactions or implement particular abstract data types. The application may also be practiced in distributed computing environments where transactions are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

It should be noted that, in the present specification, all the embodiments are described in a progressive manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus and system embodiments, since they are substantially similar to the method embodiments, they are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related points. The above-described embodiments of the apparatus and system are merely illustrative, and the modules illustrated as separate components may or may not be physically separate, and the components suggested as modules may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.

The above description is only one specific embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present application should be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims

1. A method for authenticated connection between block link points, comprising:

if so, the authentication system on the block chain link point at the opposite end of the two block chain nodes carries out integrity detection on the authentication system on the block chain link point at the other end;

and if the authentication system on the block link point at the other end is complete, establishing authentication connection between the two block link points.

2. A method for authenticated connection between blockchain nodes according to claim 1, wherein network traffic generated between the two blockchain nodes in the blockchain system is monitored to monitor whether communication is performed between the two blockchain nodes in the blockchain system.

3. A method for authenticated connection between blockchain nodes according to claim 2, wherein network traffic generated between the two blockchain nodes in the blockchain system is monitored by means of traffic interception.

4. An apparatus for authenticated connection between block link points, comprising:

5. The apparatus according to claim 4, wherein the monitoring unit is further configured to monitor network traffic generated between the two blockchain nodes in the blockchain system to monitor whether communication is performed between the two blockchain nodes in the blockchain system.

6. The apparatus according to claim 5, wherein the monitoring unit is further configured to monitor network traffic generated between the two blockchain nodes in the blockchain system by means of traffic interception.

7. An arrangement for authenticated connection between blockchain nodes according to any of claims 4-6, characterised in that communication between the two blockchain nodes is initiated based on an upper layer service component.

8. A blockchain system, comprising: a plurality of block chain nodes are provided with the device that carries out the authentication between the block chain node on every block chain node, and it includes:

9. An electronic device, comprising: a memory having computer-executable instructions stored thereon and a processor for executing the computer-executable instructions to perform the steps of:

10. A computer storage medium having computer-executable instructions stored thereon that, when executed, perform the steps of: