CN112822162A - Block chain-based equipment verification connection method and system - Google Patents
Block chain-based equipment verification connection method and system Download PDFInfo
- Publication number
- CN112822162A CN112822162A CN202011593153.3A CN202011593153A CN112822162A CN 112822162 A CN112822162 A CN 112822162A CN 202011593153 A CN202011593153 A CN 202011593153A CN 112822162 A CN112822162 A CN 112822162A
- Authority
- CN
- China
- Prior art keywords
- connection request
- identity authentication
- verification
- connection
- blockchain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a device verification connection method and system based on a block chain, comprising the following steps: the requested party applies for identity authentication according to the connection request to acquire identity authentication information; the requesting party encrypts the connection request according to the received identity authentication information, outputs the connection request to the requested party, and establishes a network link between the two parties after decryption and verification; the invention can effectively improve the safety and the data interaction efficiency of the connection between the equipment and the application service.
Description
Technical Field
The invention relates to the field of Internet of things, in particular to a device verification connection method and system based on a block chain.
Background
With the rise of the technology of internet of things, various instruments and meters for process monitoring and control are added with the formation of mutual interconnection. However, due to the fact that the types of instruments and meters are numerous, and manufacturers, physical interfaces, communication protocols, data formats and the like are different, the difficulty in constructing a universal data acquisition monitoring system compatible with a wide range of instruments and meters is high, the problems that the system processing performance is bottleneck, the system is prone to network attack and the like exist, and the popularization and application of various application services based on instrument and meter data are not facilitated under the background of the internet of things.
The existing mainstream technology has the following problems to be solved:
1. the data acquisition and monitoring server not only needs to realize acquisition, processing and storage of data of a bottom instrument and meter, but also needs to provide data service for external application, especially based on internet application.
2. Although the data collection and monitoring server is protected by a factory firewall, the data collection and monitoring server is still a 'first window' for providing services to the outside, and is directly exposed on the internet, once a network security accident occurs, all services such as whole remote diagnosis, environment monitoring, third-party settlement and the like based on instrument data are stopped, and extremely high potential safety hazards are faced.
Disclosure of Invention
In view of the problems in the prior art, the invention provides a device verification connection method and system based on a block chain, and mainly solves the problem that the network access security in the existing instrument industry is not sufficient.
In order to achieve the above and other objects, the present invention adopts the following technical solutions.
A device verification connection method based on a block chain comprises the following steps:
the requested party applies for identity authentication according to the connection request to acquire identity authentication information;
and the requesting party encrypts the connection request according to the received identity authentication information, outputs the encrypted connection request to the requested party, and establishes a network link between the two parties after decryption and verification.
Optionally, before the requested party applies for identity authentication according to the connection request, the method includes:
checking whether effective decryption verification information required for establishing the network link exists in the connection request, and if so, directly establishing the network links of the two parties; and if not, applying for identity authentication.
Optionally, the identity authentication information includes an identity certificate, wherein the identity certificate includes a private key and a public key.
Optionally, the decryption verification information comprises a public key.
Optionally, the connection request is encrypted by the private key, and the encrypted connection request and the decryption verification information are output to the requested party.
Optionally, a data acquisition and authentication center server is provided, and the data acquisition and authentication center server receives the identity authentication application and outputs identity authentication information.
Optionally, after the decoding verification is passed, the connection request is sent to the data acquisition authentication center server for storage and backup.
Optionally, the requesting party includes an application service layer, and the requested party includes an instrument.
A blockchain-based device authentication connection system, comprising:
the identity authentication module is used for the requested party to apply identity authentication according to the connection request and acquire identity authentication information;
and the verification module is used for encrypting the connection request by the requesting party according to the received identity authentication information, outputting the connection request to the requested party, and establishing a network link between the requesting party and the requested party after decryption and verification.
As described above, the method and system for verifying and connecting a device based on a block chain according to the present invention have the following advantages.
After identity authentication and encryption and decryption, a network link is established, so that the connection safety of equipment can be effectively improved.
Drawings
Fig. 1 is a schematic diagram of a device verification connection structure based on a blockchain according to an embodiment of the present invention.
Detailed Description
The embodiments of the present invention are described below with reference to specific embodiments, and other advantages and effects of the present invention will be easily understood by those skilled in the art from the disclosure of the present specification. The invention is capable of other and different embodiments and of being practiced or of being carried out in various ways, and its several details are capable of modification in various respects, all without departing from the spirit and scope of the present invention. It is to be noted that the features in the following embodiments and examples may be combined with each other without conflict.
It should be noted that the drawings provided in the following embodiments are only for illustrating the basic idea of the present invention, and the components related to the present invention are only shown in the drawings rather than drawn according to the number, shape and size of the components in actual implementation, and the type, quantity and proportion of the components in actual implementation may be changed freely, and the layout of the components may be more complicated.
Referring to fig. 1, the present invention provides a device verification connection method based on a block chain, which utilizes a decentralized concept of a block chain technology to establish a network link between an application service layer and a device side.
In an embodiment, the device internal network may be established based on an application scenario, for example, an instrument plant area is taken as an example, and the devices in the plant area may include various instruments and meters such as a flow meter, a pressure meter, a temperature meter, a level meter, an analysis meter, and an execution mechanism. The application server in the factory can be directly connected with each instrument to obtain the data required by the application service. In addition to meeting the requirements of the services inside the factory, the instruments and meters often need to communicate with external application services, wherein the external application services include remote diagnosis of devices, government environment monitoring, third party settlement and other related application services. When network communication needs to be established with an internet application service layer outside a factory, the security of various application service accesses in the application service layer needs to be verified. Taking the example of the network link verification connection between the "equipment remote diagnosis" and the "level meter" here, the specific steps are as follows:
in step 01, a connection request is initiated to a requested level meter by taking the equipment remote diagnosis service as a requesting party. Optionally, the connection request is checked first, and whether the connection request includes valid decoding verification information required for establishing the network link is judged, if yes, the connection request can be directly decoded and verified according to the decoding verification information, so that the network link between the equipment remote diagnosis service and the level instrument is established, and data interaction between the two parties is facilitated; if not, the process proceeds to step S02.
In step S02, after receiving the connection request, the level meter applies for identity authentication of the remote diagnostic service of the device. In one embodiment, a data collection and authentication center server may be provided, and the level meter issues an identity authentication request to the data collection and authentication center server. The connection request typically contains the underlying information of the requestor, such as an identification or the like. Specifically, the level meter packages basic information data of the equipment remote diagnosis service and sends the basic information data to a data acquisition and authentication center server to apply for identity authentication.
In step S03, the data collection certificate authority server checks whether the basic information of the remote diagnosis service of the device complies with a preset specification, such as whether the requested service is allowed, whether the terminal requesting the service is at risk, and the like. After the qualification is passed, an identification certificate can be generated for the equipment remote diagnosis service by using the asymmetric key technology. The identification certificate may include information such as a private key, an algorithm used for encryption of the private key, an issuer identification, a validity period, a public key holder identity, and the like. And the data acquisition authentication center server sends the generated identity certificate to the equipment remote diagnosis service.
In step S04, after receiving the identification certificate, the device remote diagnosis service encrypts the connection request by using a private key in the identification certificate, and the public key is packaged with the encrypted connection request as decryption verification information and sent to the level meter.
In step S05, the level meter uses the public key to decode and verify the connection request, and after the verification is passed, sends the connection request record to the certificate authority server for backup and establishes a network link with the diagnostic service. And a backup connection log is kept, so that problems in the future can be traced conveniently.
In an embodiment, in the process of establishing the network links of the two parties, the data acquisition authentication center server can also provide the identification certificates of the two parties, so that the non-authenticated user is prevented from accessing.
The present embodiment provides a device verification connection system based on a blockchain, which is used to execute the device verification connection method based on a blockchain described in the foregoing method embodiments. Since the technical principle of the system embodiment is similar to that of the method embodiment, repeated description of the same technical details is omitted.
In one embodiment, a blockchain-based device authentication connection system includes:
the identity authentication module is used for the requested party to apply identity authentication according to the connection request and acquire identity authentication information;
and the verification module is used for encrypting the connection request by the requesting party according to the received identity authentication information, outputting the connection request to the requested party, and establishing a network link between the requesting party and the requested party after decryption and verification.
In summary, the device verification connection method and system based on the block chain according to the present invention improve the security detection efficiency by establishing the network link end to end; the safety of connection is improved through identity authentication; the record backup is accessed, so that the follow-up problem tracing is facilitated; the application service is directly connected with the instrument, so that the intermediate process of data transmission is reduced, and the data interaction is more convenient and faster. Therefore, the invention effectively overcomes various defects in the prior art and has high industrial utilization value.
The foregoing embodiments are merely illustrative of the principles and utilities of the present invention and are not intended to limit the invention. Any person skilled in the art can modify or change the above-mentioned embodiments without departing from the spirit and scope of the present invention. Accordingly, it is intended that all equivalent modifications or changes which can be made by those skilled in the art without departing from the spirit and technical spirit of the present invention be covered by the claims of the present invention.
Claims (9)
1. A device verification connection method based on a block chain is characterized by comprising the following steps:
the requested party applies for identity authentication according to the connection request to acquire identity authentication information;
and the requesting party encrypts the connection request according to the received identity authentication information, outputs the encrypted connection request to the requested party, and establishes a network link between the two parties after decryption and verification.
2. The device verification connection method based on the blockchain as claimed in claim 1, wherein before the requested party applies for the identity authentication according to the connection request, the method comprises:
checking whether effective decryption verification information required for establishing the network link exists in the connection request, and if so, directly establishing the network links of the two parties; and if not, applying for identity authentication.
3. The blockchain-based device verification connection method of claim 1, wherein the authentication information includes an identification certificate, wherein the identification certificate includes a private key and a public key.
4. The blockchain-based device authentication connection method according to claim 2 or 3, wherein the decryption authentication information includes a public key.
5. The blockchain-based device authentication connection method according to claim 2 or 3, wherein the connection request is encrypted by the private key, and the encrypted connection request and the decryption authentication information are output to the requested party.
6. The blockchain-based device verification connection method according to claim 1, wherein a data collection and authentication center server is provided, and the data collection and authentication center server receives an identity authentication application and outputs identity authentication information.
7. The blockchain-based device verification connection method according to claim 6, wherein after the decoding verification is passed, the connection request is sent to the data collection authentication center server for backup.
8. The blockchain-based device authentication connection method of claim 1, wherein the requesting party includes an application service layer and the requested party includes an instrument.
9. A blockchain-based device authentication connection system, comprising:
the identity authentication module is used for the requested party to apply identity authentication according to the connection request and acquire identity authentication information;
and the verification module is used for encrypting the connection request by the requesting party according to the received identity authentication information, outputting the connection request to the requested party, and establishing a network link between the requesting party and the requested party after decryption and verification.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011593153.3A CN112822162B (en) | 2020-12-29 | 2020-12-29 | Equipment verification connection method and system based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011593153.3A CN112822162B (en) | 2020-12-29 | 2020-12-29 | Equipment verification connection method and system based on block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112822162A true CN112822162A (en) | 2021-05-18 |
| CN112822162B CN112822162B (en) | 2023-05-23 |
Family
ID=75855707
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011593153.3A Active CN112822162B (en) | 2020-12-29 | 2020-12-29 | Equipment verification connection method and system based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112822162B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113704723A (en) * | 2021-10-27 | 2021-11-26 | 北京微芯感知科技有限公司 | Block chain-based digital identity verification method and device and storage medium |
Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105554747A (en) * | 2016-01-29 | 2016-05-04 | 腾讯科技(深圳)有限公司 | Wireless network connecting method, device and system |
| CN106789920A (en) * | 2016-11-25 | 2017-05-31 | 深圳前海微众银行股份有限公司 | The joint connecting method and device of block chain |
| CN107645725A (en) * | 2017-09-21 | 2018-01-30 | 广东美的制冷设备有限公司 | Network collocating method and system, routing device and log equipment |
| CN108416589A (en) * | 2018-03-08 | 2018-08-17 | 深圳前海微众银行股份有限公司 | Connection method, system and the computer readable storage medium of block chain node |
| CN108667800A (en) * | 2018-03-30 | 2018-10-16 | 北京明朝万达科技股份有限公司 | A kind of authentication method and device of access rights |
| CN108684041A (en) * | 2018-05-31 | 2018-10-19 | 上海邑游网络科技有限公司 | The system and method for login authentication |
| CN109218319A (en) * | 2018-09-21 | 2019-01-15 | 四川长虹电器股份有限公司 | A kind of identity authorization system and authentication method based on block chain |
| CN109918878A (en) * | 2019-04-24 | 2019-06-21 | 中国科学院信息工程研究所 | A kind of industrial internet of things equipment authentication and safety interacting method based on block chain |
| CN110162009A (en) * | 2019-05-14 | 2019-08-23 | 中国第一汽车股份有限公司 | Method for diagnosing faults, information determine method, related device and equipment |
| US20190312877A1 (en) * | 2016-12-23 | 2019-10-10 | Cloudminds (Shenzhen) Robotics Systems Co., Ltd. | Block chain mining method, device, and node apparatus |
| CN110446177A (en) * | 2019-08-20 | 2019-11-12 | 杭州安恒信息技术股份有限公司 | Communication means, the apparatus and system of Internet of Things gauge table |
| CN110519062A (en) * | 2019-09-19 | 2019-11-29 | 腾讯科技(深圳)有限公司 | Identity identifying method, Verification System and storage medium based on block chain |
| CN111586070A (en) * | 2020-05-15 | 2020-08-25 | 北京中油瑞飞信息技术有限责任公司 | Three-phase metering device communication method and device, three-phase metering device and storage medium |
| CN111836258A (en) * | 2020-07-10 | 2020-10-27 | 国网冀北电力有限公司电力科学研究院 | Method and device for safely accessing nodes of power distribution internet of things |
| CN111835752A (en) * | 2020-07-09 | 2020-10-27 | 国网山西省电力公司信息通信分公司 | Lightweight authentication method based on equipment identity and gateway |
-
2020
- 2020-12-29 CN CN202011593153.3A patent/CN112822162B/en active Active
Patent Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105554747A (en) * | 2016-01-29 | 2016-05-04 | 腾讯科技(深圳)有限公司 | Wireless network connecting method, device and system |
| CN106789920A (en) * | 2016-11-25 | 2017-05-31 | 深圳前海微众银行股份有限公司 | The joint connecting method and device of block chain |
| US20190312877A1 (en) * | 2016-12-23 | 2019-10-10 | Cloudminds (Shenzhen) Robotics Systems Co., Ltd. | Block chain mining method, device, and node apparatus |
| CN107645725A (en) * | 2017-09-21 | 2018-01-30 | 广东美的制冷设备有限公司 | Network collocating method and system, routing device and log equipment |
| CN108416589A (en) * | 2018-03-08 | 2018-08-17 | 深圳前海微众银行股份有限公司 | Connection method, system and the computer readable storage medium of block chain node |
| CN108667800A (en) * | 2018-03-30 | 2018-10-16 | 北京明朝万达科技股份有限公司 | A kind of authentication method and device of access rights |
| CN108684041A (en) * | 2018-05-31 | 2018-10-19 | 上海邑游网络科技有限公司 | The system and method for login authentication |
| CN109218319A (en) * | 2018-09-21 | 2019-01-15 | 四川长虹电器股份有限公司 | A kind of identity authorization system and authentication method based on block chain |
| CN109918878A (en) * | 2019-04-24 | 2019-06-21 | 中国科学院信息工程研究所 | A kind of industrial internet of things equipment authentication and safety interacting method based on block chain |
| CN110162009A (en) * | 2019-05-14 | 2019-08-23 | 中国第一汽车股份有限公司 | Method for diagnosing faults, information determine method, related device and equipment |
| CN110446177A (en) * | 2019-08-20 | 2019-11-12 | 杭州安恒信息技术股份有限公司 | Communication means, the apparatus and system of Internet of Things gauge table |
| CN110519062A (en) * | 2019-09-19 | 2019-11-29 | 腾讯科技(深圳)有限公司 | Identity identifying method, Verification System and storage medium based on block chain |
| CN111586070A (en) * | 2020-05-15 | 2020-08-25 | 北京中油瑞飞信息技术有限责任公司 | Three-phase metering device communication method and device, three-phase metering device and storage medium |
| CN111835752A (en) * | 2020-07-09 | 2020-10-27 | 国网山西省电力公司信息通信分公司 | Lightweight authentication method based on equipment identity and gateway |
| CN111836258A (en) * | 2020-07-10 | 2020-10-27 | 国网冀北电力有限公司电力科学研究院 | Method and device for safely accessing nodes of power distribution internet of things |
Non-Patent Citations (2)
| Title |
|---|
| 3GPP: "ETSI TS 1133 203 V13.1.0 (201616-01)", 《ETSI TS 1133 203》 * |
| 刘廷峰等: "基于区块链的泛在电力物联网身份认证技术研究", 《网络空间安全》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113704723A (en) * | 2021-10-27 | 2021-11-26 | 北京微芯感知科技有限公司 | Block chain-based digital identity verification method and device and storage medium |
| CN113704723B (en) * | 2021-10-27 | 2022-02-08 | 北京微芯感知科技有限公司 | Block chain-based digital identity verification method and device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112822162B (en) | 2023-05-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA3052415C (en) | Verifying an identity based on multiple distributed data sources using a blockchain to safeguard the identity | |
| CN110931093B (en) | Medical information sharing system and method | |
| CN108684041B (en) | System and method for login authentication | |
| US20200177398A1 (en) | System, certification authority, vehicle-mounted computer, vehicle, public key certificate issuance method, and program | |
| KR100962399B1 (en) | Method for providing anonymous public key infrastructure and method for providing service using the same | |
| CN106603636B (en) | Error transaction standardization method and device | |
| CN107533501A (en) | Use block chain automated validation appliance integrality | |
| CN108476207B (en) | System and method for authenticating network messages | |
| CN113472790B (en) | Information transmission method, client and server based on HTTPS protocol | |
| US9443067B1 (en) | System for the distribution and deployment of applications, with provisions for security and policy conformance | |
| KR102078913B1 (en) | AUTHENTICATION METHOD AND SYSTEM OF IoT(Internet of Things) DEVICE BASED ON PUBLIC KEY INFRASTRUCTURE | |
| WO2020147426A1 (en) | Blockchain-based information authorization method and device, medium and electronic apparatus | |
| CN114125027B (en) | Communication establishment method and device, electronic equipment and storage medium | |
| CN115567312A (en) | Alliance chain data authority management system and method capable of meeting multiple scenes | |
| CN112822162A (en) | Block chain-based equipment verification connection method and system | |
| CN110149211A (en) | Entitlement method, entitlement device, medium and electronic equipment | |
| CN114091009A (en) | Method for establishing secure link by using distributed identity | |
| KR102211033B1 (en) | Agency service system for accredited certification procedures | |
| WO2024123955A1 (en) | Systems and methods for generating shell-wrapped self-executing programs for conducting cryptographically secure actions | |
| CN115409511B (en) | Personal information protection system based on block chain | |
| CN114861144A (en) | Data authority processing method based on block chain | |
| CN114386063A (en) | Authentication system, method and device for accessing data of Internet of things equipment | |
| CN114329426A (en) | Client authentication method, device, equipment and storage medium | |
| CN116318637A (en) | Method and system for secure network access communication of equipment | |
| CN114024692A (en) | Signing method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |