CN112769817A - Block chain network based on trusted network, construction method and construction system - Google Patents

Block chain network based on trusted network, construction method and construction system Download PDF

Info

Publication number
CN112769817A
CN112769817A CN202110008316.5A CN202110008316A CN112769817A CN 112769817 A CN112769817 A CN 112769817A CN 202110008316 A CN202110008316 A CN 202110008316A CN 112769817 A CN112769817 A CN 112769817A
Authority
CN
China
Prior art keywords
trusted
node
service
network
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110008316.5A
Other languages
Chinese (zh)
Other versions
CN112769817B (en
Inventor
蒋文保
刘颖慧
郭阳楠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Information Science and Technology University
Original Assignee
Beijing Information Science and Technology University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Information Science and Technology University filed Critical Beijing Information Science and Technology University
Priority to CN202110008316.5A priority Critical patent/CN112769817B/en
Publication of CN112769817A publication Critical patent/CN112769817A/en
Application granted granted Critical
Publication of CN112769817B publication Critical patent/CN112769817B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/164Implementing security features at a particular protocol layer at the network layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a block chain network based on a trusted network, a construction method and a construction system, and solves the technical problem that the system architecture is lack of integral security guarantee. The system comprises: the trusted node is used for forming a business process according to a business identity, and the trusted node and the business identity are formed through a trust process of a trust anchor to a common node; the trusted network channel is used for responding to business requirements and establishing among the trusted nodes, and the trusted network channel forms a special data transmission link corresponding to the business type; and forming a block chain network between the credible nodes in the credible network channel through a data processing consensus process and a service data synchronization process. An internal security mechanism is formed in an application layer and a network layer, the network layer identity authentication and management functions of network users and access terminals are realized, the network security problems of address spoofing, route hijacking, service denial and the like are fundamentally solved from the source, and the construction of an autonomous, controllable, safe and credible public network environment is facilitated.

Description

Block chain network based on trusted network, construction method and construction system
Technical Field
The invention relates to the technical field of block chains, in particular to a block chain network based on a trusted network, a construction method and a construction system.
Background
Under the current network environment, the IP address of the service node has two functions of addressing and identity authentication, and the authenticity and the safety of the traditional identity authentication cannot be guaranteed. Therefore, under a PKI (Public Key Infrastructure) system, two communicating parties need to verify the authenticity of the identity of the Public Key owner through a Public Key certificate issued by a third party ca (certificate authority), and the authentication of the identity of the certificate owner is realized by verifying the authenticity of the identification information. Due to the centralized feature of the CA, once the root CA is attacked maliciously, the CA may be untrusted and the certificate may be stolen, which may reduce the authority and fairness of the identity authentication. The block chain system can be used for realizing a decentralized authentication system based on a traditional network structure, a whole-network unified identity registration authentication system constructed by adopting a decentralized trusted alliance structure exists in the prior art, different regions for registering and applying users in different authentication identity structure regions can be designed according to different authentication alliances and aiming at different countries and regions, and a distributed authentication tree structure for user registration application is formed aiming at different country regions. The decentralized authentication structure can solve the problems existing in the traditional PKI system, such as the problem of single point of failure caused by the self-security of the CA and the problem of compatibility and credibility existing between the CAs. However, the conventional block chain authentication system solves the security problem of node identity authentication in an Application Layer (Application Layer) part, but is limited by a network structure foundation and cannot solve the security problem from a bottom Layer source.
Disclosure of Invention
In view of the above problems, embodiments of the present invention provide a block chain network based on a trusted network, a building method, and a building system, which solve the technical problem that the architecture of the existing service block chain system lacks an overall security guarantee.
The block chain network based on the trusted network of the embodiment of the invention comprises:
the trusted node is used for forming a business process according to a business identity, and the trusted node and the business identity are formed through a trust process of a trust anchor to a common node;
the trusted network channel is used for responding to business requirements and establishing among the trusted nodes, and the trusted network channel forms a special data transmission link corresponding to the business type;
and forming a block chain network between the credible nodes in the credible network channel through a data processing consensus process and a service data synchronization process.
The block chain network construction method based on the trusted network comprises the following steps:
registering personal identity information submitted by a common node through a trust anchor;
storing the personal identity information of the ordinary node which passes the registration in the trust anchor to form a unique identity of the ordinary node;
at least loading a trusted drive module and a shared book module on the common node to form a trusted node;
the trusted nodes establish a trusted network channel between the trusted nodes according to the service types and determine the service identities, data transmission of determined services is formed in the trusted network channel, and a block chain network is formed between the trusted nodes.
The block chain network construction system based on the trusted network of the embodiment of the invention comprises:
the memory is used for storing program codes corresponding to the processing procedures of the construction method of the block chain network based on the trusted network;
a processor for executing the program code.
The block chain network construction system based on the trusted network of the embodiment of the invention comprises:
the node authentication device is used for authenticating the personal identity information submitted by the common node through the trust anchor;
the identification forming device is used for storing the personal identity information of the ordinary node passing the authentication in the trust anchor to form the unique identity of the ordinary node;
the node forming device is used for at least loading a trusted driving model and a shared book module on the common node to form a trusted node;
and the network forming device is used for forming a block chain network among the trusted nodes, the trusted nodes establish a trusted network channel among the trusted nodes according to the service types and determine the service identities, and data transmission for determining the services is formed in the trusted network channel.
According to the block chain network based on the trusted network, the construction method and the construction system, the network configuration among the trusted nodes has the block chain characteristic by utilizing the block chain technology. Meanwhile, networking characteristics of a data transmission topological structure formed among the credible nodes according to the service types are established through the controlled definition of the credible network channel, and the network security foundation with the service block chain is provided. And then a block chain network of the service multiplexing credible node is formed by combining the block chain basic characteristics and the service networking characteristics. The block chain network can adapt to complex service logic, a flexible network composite structure formed by service channels corresponding to service types is constructed according to the service logic, and reliable guarantee of safety from a network layer to an application layer is provided for a service system. An internal security mechanism is formed in an application layer and a network layer, the network layer identity authentication and management functions of network users and access terminals are realized, the network security problems of address spoofing, route hijacking, service denial and the like are fundamentally solved from the source, and the construction of an autonomous, controllable, safe and credible public network environment is facilitated.
Drawings
Fig. 1 is a schematic diagram illustrating an architecture of a block chain network based on a trusted network according to an embodiment of the present invention.
Fig. 2 is a flowchart illustrating a method for building a blockchain network based on a trusted network according to an embodiment of the present invention.
Fig. 3 is a flowchart illustrating a node registration process of a service in a block chain network construction method based on a trusted network according to an embodiment of the present invention.
Fig. 4 is a flowchart illustrating a network node interaction process in a block chain network construction method based on a trusted network according to an embodiment of the present invention.
Fig. 5 is a schematic diagram illustrating a network node interaction process in the trusted network based block chain network construction method according to an embodiment of the present invention.
Fig. 6 is a flowchart illustrating a service interaction process in a block chain network construction method based on a trusted network according to an embodiment of the present invention.
Fig. 7 is a schematic diagram illustrating a service interaction process in a block chain network construction method based on a trusted network according to an embodiment of the present invention.
Fig. 8 is a schematic diagram illustrating an architecture of a block chain network building system based on a trusted network according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer and more obvious, the present invention is further described below with reference to the accompanying drawings and the detailed description. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
An embodiment of a trusted network based blockchain network is shown in fig. 1. In fig. 1, the present embodiment includes:
the trusted node is used for forming a business process according to the business identity, and the trusted node and the business identity are formed through a trust process of the trust anchor to the common node.
The generic node includes the corresponding service (or transaction) process logic and service initiation data. The business identity includes the business role (request or response, etc.) and the functional role (inspection or monitoring, etc.) in the business process. The business process includes, but is not limited to, business processes such as business initialization, business request and business response.
The trust anchor includes a registration authentication system that provides a universal interfacing, trust-forming process. Those skilled in the art will appreciate that the enrollment authentication system may preferably employ a web-wide, unified identity enrollment authentication system constructed using a decentralized trusted federation architecture.
The credit granting process comprises node registration, node authentication, service identity registration, service identity authentication and other credit granting processes. The common node obtains the determined unique identity through the node registration process, so that the trust anchor can provide effective verification according to the authentication requirement, and the trust process of forming the trusted node is realized. The trusted node obtains the determined service identity from the service through the service registration process, so that the trust anchor can provide effective verification according to the authentication requirement, and the trust process of forming the service identity is realized. The business process and the trust process can be realized by an intelligent contract or a business processing process.
The trusted network channel is used for responding to the service requirement and established between the trusted nodes, and the trusted network channel forms a special data transmission link corresponding to the service type.
The data transmission link may be identified by registration information or authentication information of the trusted node. The authentication information includes, but is not limited to, node authentication information, service identity information, and the like.
-forming a block chain network between said trusted nodes in a trusted network channel by means of a data processing consensus process and a traffic data synchronization process.
Those skilled in the art will appreciate that the data processing consensus process may employ a consensus processing mechanism in the field of blockchain technology, and the service data synchronization may employ a distributed span synchronization accounting mechanism in the field of blockchain technology.
According to the block chain network based on the trusted network, the common service node is registered and authenticated through the trust anchor to form the trusted node, and the expansion process of the service node is effectively separated from the registration and authentication process, so that the service scale adjustment and the service type setting are more flexible. The network configuration between the credible nodes has the block chain characteristics by utilizing the block chain technology. Meanwhile, networking characteristics of a data transmission topological structure formed among the credible nodes according to the service types are established through the controlled definition of the credible network channel, and the network security foundation with the service block chain is provided. And then a block chain network of the service multiplexing credible node is formed by combining the block chain basic characteristics and the service networking characteristics. The block chain network can adapt to complex service logic, a flexible network composite structure formed by service channels corresponding to service types is constructed according to the service logic, and reliable guarantee of safety from a network layer to an application layer is provided for a service system. An internal security mechanism is formed in an application layer and a network layer, the network layer identity authentication and management functions of network users and access terminals are realized, the network security problems of address spoofing, route hijacking, service denial and the like are fundamentally solved from the source, and the construction of an autonomous, controllable, safe and credible public network environment is facilitated.
As shown in fig. 1, in an embodiment of the present invention, a trusted node at least includes:
and the trusted driver module is used for loading the trusted network protocol stack to form a trusted network channel, and forming an identity identifier of a trusted node in service data transmission in the trusted network channel.
And the shared account book module is used for synchronously recording service data broadcasted among the credible nodes in the life cycle of the credible nodes to form service transaction logs of corresponding services.
According to the difference of the processing mechanisms, in an embodiment of the present invention, the system further includes a consensus processing module, configured to participate in a decision vote of the service processing logic between the trusted nodes in the service processing process.
The block chain network based on the trusted network realizes the technical basis of constructing the service block chain between the trusted nodes and the bottom layer guarantee of the authenticity, integrity and non-repudiation of service data by arranging the functional module in the trusted nodes.
In an embodiment of the present invention, the dividing of the trusted nodes according to the service functions includes:
and the general node is used for forming a service request or a service processing process.
And the main node is used for establishing a trusted network channel, controlling the node identity in the trusted network channel, exchanging data with other network channels according to the sequenced broadcast service blocks and monitoring a determined service process.
And the sequencing node is used for forming the service blocks according to the service request and sequencing the service blocks.
And the endorsement node is used for checking the service request and determining the legality of the service request.
The block chain network based on the trusted network establishes and determines the service function identity of the trusted node in the service processing process by using the formed block chain network, and adapts the guarantee processing process in the service process according to the identity type. The block chain network as a basic framework can make adjustment of the guarantee processing process aiming at different service types, and system availability and service safety of the block chain network in the service processing process of complex service types are realized.
Fig. 2 shows a block chain network construction method based on a trusted network according to an embodiment of the present invention. In fig. 2, the present embodiment includes:
step 110: and registering the personal identity information submitted by the common node through the trust anchor.
The common node can firstly generate a key pair with a specified format by using a cryptographic algorithm locally, or can directly use the key pair generated by the trust anchor, and the generated private key is stored locally in the node. The personal identity information is then signed with a private key and a registration request is sent to the trust anchor. The registration request comprises the authentication and verification processes of the registration information, and if the authentication and verification fails, the registration fails.
Step 120: and storing the personal identity information of the ordinary node which passes the registration in the trust anchor to form the unique identity of the ordinary node.
The personal identity information of the common node generates a unique identity ID and is stored in the trust anchor in a one-to-one correspondence with the public key of the common node to serve as the unique identity of the node.
Step 130: and at least loading a trusted drive module and a shared ledger module on the common node to form a trusted node.
Forming a trusted node means that the node authenticates, completing the registration process in the trust anchor.
Step 140: the trusted nodes establish a trusted network channel between the trusted nodes according to the service types and determine the service identities, data transmission of determined services is formed in the trusted network channel, and a block chain network is formed between the trusted nodes.
The service process is carried by the determined credible nodes, and the service data is transmitted by the credible network channels which are established between the determined credible nodes and correspond to the service types.
The block chain network construction method based on the trusted network realizes the registration process of the identity of the common node in the trust anchor by utilizing the mature encryption technology, so that the common node has the trusted identity and the authentication basis. Meanwhile, a normal node is formed into a credible node by utilizing a mature block chain structure and a credible channel connection, and the credible node becomes a physical composition node of the block chain network. Effectively forming a block chain network which can bear different service block chains.
Fig. 3 shows a node registration process of a service in a block chain network construction method based on a trusted network according to an embodiment of the present invention. In fig. 3, the node registration process includes:
step 210: determining that the trusted node requests the unique identity from the trust anchor.
Step 220: determining that the trusted node provides the unique identity to a Management Service Provider (MSP) requesting a business identity.
Step 230: and after the management service provider identifies the unique identity, the management service provider allocates a service identity to the determined trusted node.
Step 240: and determining that the trusted node joins the trusted network channel of the corresponding service according to the service identity.
The block chain network construction method based on the trusted network of the embodiment of the invention utilizes the trust anchor to provide the identity for the trusted nodes in different services, and obtains the service identity through the identity and adds the service identity into the trusted network channel of the corresponding service. The trusted nodes in the block chain network can bear different service identities, and multiplexing of the trusted nodes and integration among services are realized.
Fig. 4 shows a network node interaction process in the block chain network construction method based on the trusted network according to an embodiment of the present invention. With reference to fig. 5, the network node interaction process includes:
step 310: the trusted node A sends a query request to the trust anchor to acquire the unique identity ID of the trusted node BB
Step 320: after confirming the identity of the trusted node A, the trust anchor sends the unique identity ID of the trusted node B to the trusted node BB
Step 330: the credible node A of the service writes the transaction request into the data packet, and the credible node A is utilizedThe private key Pri _ KA signs the data packet, and the unique identity ID of the trusted node A is identifiedAAnd a unique identity ID of the trusted target node BBAnd writing a message header to form a credible data packet.
Step 340: a trusted request node A sends a trusted data packet to a target node B through a trusted network channel of a service, the target node B sends an inquiry request to a trust anchor, and the public key Pub _ K of the trusted request node A is inquired according to the unique identity IDA of the trusted request node AA
Step 350: after the trust anchor confirms the identity of the target node B, the public key Pub _ K of the trusted node A is sentATo the target node B.
Step 360: target node B uses public key Pub _ K of trusted node AAAnd after the signature of the credible data packet is verified to be correct, the transaction request is accepted.
The block chain network construction method based on the trusted network establishes a determined business process between trusted nodes in a trusted network channel by utilizing a trust anchor from an application layer. The service process is determined through the credible network channel matched with the service type, so that the safety and the usability of the service data are ensured.
Fig. 6 shows a service interaction process in the block chain network construction method based on the trusted network according to an embodiment of the present invention. With reference to fig. 7, the service interaction process includes:
step 410: the trusted node A sends a service request to the endorsement node;
step 420: the endorsement node simulates a business process, checks whether the business is correct and returns a response value to A;
step 430: after the trusted node A collects the determined response data, a legal service request is sent to the sequencing node;
step 440: sequencing all the service requests in a credible network channel corresponding to the service according to the time sequence by the sequencing node to form a block, and sending the block to the main node;
step 450: the main node checks the service process again and writes the service process into the local database;
step 460: the master node broadcasts the service block to the target node B and all other trusted nodes in the trusted network channel.
The block chain network construction method based on the trusted network forms a service guarantee mechanism of the service process by utilizing the identity function of the participating nodes in the service process. The authenticity and the non-falsification of the complete business process are met. The block chain system based on the trusted network can establish an internal security mechanism in an application layer and a network layer, realize network layer identity authentication and management functions for a network user access terminal, radically solve network security problems of address spoofing, route hijacking, service denial and the like from the source and is beneficial to establishing an autonomous, controllable, safe and trusted public network environment.
The block chain network construction system based on the trusted network in one embodiment of the invention comprises:
the memory is used for storing program codes corresponding to the processing procedures of the block chain network construction method based on the trusted network in the embodiment;
and the processor is used for executing the program codes corresponding to the processing procedures of the block chain network construction method based on the trusted network in the embodiment.
The processor may be a DSP (digital Signal processor), an FPGA (Field-Programmable Gate Array), an MCU (micro controller Unit) system board, an SoC (System on a chip) system board, or a PLC (Programmable Logic controller) minimum system including I/O.
Fig. 8 shows a block chain network construction system based on a trusted network according to an embodiment of the present invention. In fig. 8, the present embodiment includes:
the node authentication device 11 is used for registering personal identity information submitted by a common node through a trust anchor;
the identification forming device 12 is used for storing the personal identity information of the ordinary nodes which pass the registration in the trust anchor to form the unique identity identification of the ordinary nodes;
the node forming device 13 is used for loading at least a trusted driver module and a shared ledger module on a common node to form a trusted node;
and the network forming device 14 is used for establishing a trusted network channel between the trusted nodes according to the service types and determining the service identities, forming data transmission of determined services in the trusted network channel, and forming a block chain network between the trusted nodes.
As shown in fig. 8, in an embodiment of the present invention, registering for a node further includes:
identification request means 21 for determining that the trusted node requests the unique identity from the trust anchor;
identity requesting means 22 for determining that the trusted node provides the unique identity to a Management Service Provider (MSP), requesting a business identity;
the identity binding device 23 is used for the management service provider to identify the unique identity and then to determine the service identity of the trusted node;
and the channel binding device 24 is used for determining that the trusted node joins the trusted network channel of the corresponding service according to the service identity.
As shown in fig. 8, in an embodiment of the present invention, the node interaction further includes:
target identification request device 31, which is used for trusted node A to initiate inquiry request to trust anchor to obtain the unique identification ID of trusted node BB
A target identifier feedback device 32, configured to send the unique identifier ID of the trusted node B to the trusted node B after the trusted anchor confirms the identity of the trusted node aB
The data trusted packaging device 33 is used for writing the transaction request into a data packet by the trusted node A of the service, signing the data packet by using a private key Pri _ KA of the trusted node A, and identifying the unique identity ID of the trusted node AAAnd a unique identity ID of the trusted target node BBWriting a message header to form a credible data packet;
a request identifier request device 34, configured to send a trusted data packet of the trusted request node a to the target node B through a trusted network channel of the service, where the target node B sends an inquiry request to the trust anchor, and inquires about a public key Pub _ K of the trusted request node a according to the unique identity identifier IDA of the trusted request node aA
Request mark feedback device35, after the trust anchor confirms the identity of the target node B, the trust anchor sends the public key Pub _ K of the trusted node aATo the target node B;
request data verification means 36 for the target node B to use the public key Pub _ K of the trusted node AAAnd after the signature of the credible data packet is verified to be correct, the transaction request is accepted.
As shown in fig. 8, in an embodiment of the present invention, the method further includes, for service interaction:
a service request device 41, configured to send a service request to the endorsement node by the trusted node a;
the endorsement simulation device 42 is used for the endorsement node to simulate the business process, check whether the business is correct and return a response value to A;
a request sequencing device 43, configured to send the legal service request to the sequencing node after the trusted node a collects the determined response data
The block forming device 44 is used for the sequencing node to sequence and package all the service requests in the trusted network channel corresponding to the service according to the time sequence to form a block, and send the block to the master node;
the block verification device 45 is used for writing the error-free business process into the local database after the main node verifies the error-free business process again;
a block synchronization device 46, configured to broadcast the service block to the target node B and all other trusted nodes in the trusted network channel by the master node.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. A trusted network based blockchain network, comprising:
the trusted node is used for forming a business process according to a business identity, and the trusted node and the business identity are formed through a trust process of a trust anchor to a common node;
the trusted network channel is used for responding to business requirements and establishing among the trusted nodes, and the trusted network channel forms a special data transmission link corresponding to the business type;
and forming a block chain network between the credible nodes in the credible network channel through a data processing consensus process and a service data synchronization process.
2. The trusted network-based blockchain network of claim 1, wherein the trusted node includes at least:
the trusted driver module is used for loading a trusted network protocol stack to form the trusted network channel and forming an identity mark of a trusted node in service data transmission in the trusted network channel;
and the shared account book module is used for synchronously recording the service data broadcasted among the credible nodes in the life cycle of the credible nodes to form a service transaction log of the corresponding service.
3. A trusted network-based blockchain network as claimed in claim 1, wherein said trusted node comprises:
the general node is used for forming a service request or a service processing process;
the main node is used for establishing a trusted network channel, controlling the node identity in the trusted network channel, exchanging data with other network channels according to the sequenced broadcast service blocks and monitoring a determined service process;
the sequencing node is used for forming a service block according to the service request and sequencing the service block;
and the endorsement node is used for checking the service request and determining the legality of the service request.
4. A block chain network construction method based on a trusted network is characterized by comprising the following steps:
registering personal identity information submitted by a common node through a trust anchor;
storing the personal identity information of the ordinary node which passes the registration in the trust anchor to form a unique identity of the ordinary node;
at least loading a trusted drive module and a shared book module on the common node to form a trusted node;
the trusted nodes establish a trusted network channel between the trusted nodes according to the service types and determine the service identities, data transmission of determined services is formed in the trusted network channel, and a block chain network is formed between the trusted nodes.
5. The method of claim 4, comprising the node registration process of:
determining that a trusted node requests a unique identity from a trust anchor;
determining that the trusted node provides the unique identity to the management service provider to request a service identity;
and after the management service provider identifies the unique identity, the management service provider allocates a service identity to the determined trusted node.
And determining that the trusted node joins the trusted network channel of the corresponding service according to the service identity.
6. The method of claim 4, comprising the network node interaction process of:
the trusted node A sends a query request to the trust anchor to acquire the unique identity ID of the trusted node BB
After confirming the identity of the trusted node A, the trust anchor sends the unique identity ID of the trusted node B to the trusted node BB
The credible node A of the service writes the transaction request into a data packet, signs the data packet by using a private key Pri _ KA of the credible node A, and identifies the unique ID of the credible node AAAnd a unique identity ID of the trusted target node BBAnd writing a message header to form a credible data packet.
Trusted request node A is trustedThe data packet is sent to a target node B through a credible network channel of a service, the target node B sends an inquiry request to a trust anchor, and a public key Pub _ K of the target node B is inquired according to a unique identity IDA of the credible node AA
After the trust anchor confirms the identity of the target node B, the public key Pub _ K of the trusted node A is sentATo the target node B.
Target node B uses public key Pub _ K of trusted node AAAnd after the signature of the credible data packet is verified to be correct, the transaction request is accepted.
7. The method for building a blockchain network based on a trusted network according to claim 4, comprising the following business interaction process:
the trusted node A sends a service request to the endorsement node;
the endorsement node simulates a business process, checks whether the business is correct and returns a response value to A;
after the trusted node A collects the determined response data, the legal service request is sent to a sequencing node to sequence and package all service requests in a trusted network channel corresponding to the service according to a time sequence to form a block, and the block is sent to the master node;
the main node checks the service process again and writes the service process into the local database;
the master node broadcasts the service block to the target node B and all other trusted nodes in the trusted network channel.
8. The method according to claim 4, wherein the trusted node accesses at least two trusted network channels for two service types according to service requirements, and has two service identities for the two service types.
9. A block chain network construction system based on a trusted network is characterized by comprising:
a memory for storing program codes corresponding to the procedures of the building method of the trusted network based blockchain network according to any one of claims 4 to 8;
a processor for executing the program code.
10. A block chain network construction system based on a trusted network is characterized by comprising:
the node authentication device is used for authenticating the personal identity information submitted by the common node through the trust anchor;
the identification forming device is used for storing the personal identity information of the ordinary node passing the authentication in the trust anchor to form the unique identity of the ordinary node;
the node forming device is used for loading a trusted driving module, a shared account book module and a consensus processing module on the common node to form a trusted node;
and the network forming device is used for forming a block chain network among the trusted nodes, the trusted nodes establish a trusted network channel among the trusted nodes according to the service types and determine the service identities, and data transmission for determining the services is formed in the trusted network channel.
CN202110008316.5A 2021-01-05 2021-01-05 Block chain network based on trusted network, construction method and construction system Active CN112769817B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110008316.5A CN112769817B (en) 2021-01-05 2021-01-05 Block chain network based on trusted network, construction method and construction system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110008316.5A CN112769817B (en) 2021-01-05 2021-01-05 Block chain network based on trusted network, construction method and construction system

Publications (2)

Publication Number Publication Date
CN112769817A true CN112769817A (en) 2021-05-07
CN112769817B CN112769817B (en) 2023-06-02

Family

ID=75699332

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110008316.5A Active CN112769817B (en) 2021-01-05 2021-01-05 Block chain network based on trusted network, construction method and construction system

Country Status (1)

Country Link
CN (1) CN112769817B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180109541A1 (en) * 2016-10-17 2018-04-19 Arm Ltd. Blockchain mining using trusted nodes
CN108769010A (en) * 2018-05-29 2018-11-06 中国联合网络通信集团有限公司 The method and apparatus that node is invited to registration
CN109104415A (en) * 2018-07-21 2018-12-28 江苏飞搏软件股份有限公司 Construct the system and method for trusted node network
CN111383021A (en) * 2020-05-29 2020-07-07 腾讯科技(深圳)有限公司 Node management method, device, equipment and medium based on block chain network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180109541A1 (en) * 2016-10-17 2018-04-19 Arm Ltd. Blockchain mining using trusted nodes
CN108769010A (en) * 2018-05-29 2018-11-06 中国联合网络通信集团有限公司 The method and apparatus that node is invited to registration
CN109104415A (en) * 2018-07-21 2018-12-28 江苏飞搏软件股份有限公司 Construct the system and method for trusted node network
CN111383021A (en) * 2020-05-29 2020-07-07 腾讯科技(深圳)有限公司 Node management method, device, equipment and medium based on block chain network

Also Published As

Publication number Publication date
CN112769817B (en) 2023-06-02

Similar Documents

Publication Publication Date Title
CN106789090B (en) Public key infrastructure system based on block chain and semi-random combined certificate signature method
CN106972931B (en) Method for transparentizing certificate in PKI
CN109788482B (en) Method and system for anonymous authentication of messages between vehicles in Internet of vehicles environment
CN113194469B (en) 5G unmanned aerial vehicle cross-domain identity authentication method, system and terminal based on block chain
CN112311735B (en) Credible authentication method, network equipment, system and storage medium
CN108881169A (en) Time distribution and synchronous method and system, data processing system based on block chain
CN114186248B (en) Zero-knowledge proof verifiable certificate digital identity management system and method based on block chain intelligent contracts
CN112055025A (en) Privacy data protection method based on block chain
CN101193103B (en) A method and system for allocating and validating identity identifier
Terzi et al. Securing emission data of smart vehicles with blockchain and self-sovereign identities
CN111818056B (en) Industrial Internet identity authentication method based on block chain
CN111740989A (en) Block chain-oriented Internet of things chip lightweight data encryption method
CN112583858B (en) Unified identity authentication method based on block chain PBFT algorithm
CN110636051B (en) Block chain transaction method based on multi-user CA digital certificate
CN113746858B (en) Cross-chain communication method based on verifiable random function
JP2022530601A (en) How to replace identity certificates in blockchain networks, equipment, storage media and computer equipment
CN101374159A (en) Credible control method and system for P2P network
CN115378604A (en) Identity authentication method of edge computing terminal equipment based on credit value mechanism
CN112565294B (en) Identity authentication method based on block chain electronic signature
JPWO2020010279A5 (en)
CN113328997A (en) Alliance chain cross-chain system and method
CN111989892B (en) Authentication system and computer-readable recording medium
CN114125773A (en) Vehicle networking identity management system and management method based on block chain and identification password
CN114338242A (en) Cross-domain single sign-on access method and system based on block chain technology
CN108683506A (en) A kind of applying digital certificate method, system, mist node and certificate authority

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant