CN112822162B - Equipment verification connection method and system based on block chain - Google Patents
Equipment verification connection method and system based on block chain Download PDFInfo
- Publication number
- CN112822162B CN112822162B CN202011593153.3A CN202011593153A CN112822162B CN 112822162 B CN112822162 B CN 112822162B CN 202011593153 A CN202011593153 A CN 202011593153A CN 112822162 B CN112822162 B CN 112822162B
- Authority
- CN
- China
- Prior art keywords
- connection request
- identity authentication
- verification
- requested party
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a device verification connection method and a system based on a block chain, comprising the following steps: the requested party applies for identity authentication according to the connection request, and obtains identity authentication information; the requester encrypts the connection request according to the received identity authentication information, outputs the connection request to the requested party, and establishes a network link of both parties after decryption and verification; the invention can effectively improve the safety and the data interaction efficiency of the connection between the equipment and the application service.
Description
Technical Field
The invention relates to the field of Internet of things, in particular to a device verification connection method and system based on a blockchain.
Background
With the rise of the internet of things technology, various instruments and meters for process monitoring and control are added into a matrix of internet of everything in a dispute. However, because of various instruments and meters, manufacturers, physical interfaces, communication protocols, data formats and the like, the difficulty of constructing a universal data acquisition monitoring system compatible with wide instruments and meters is high, the problems of bottleneck in system processing performance, easiness in network attack and the like exist, and the popularization and application of various application services based on the instrument and meter data are not facilitated under the background of the Internet of things.
The current mainstream technology has the following problems to be solved:
1. the data acquisition and monitoring server is not only required to realize acquisition, processing and storage of the bottom instrument and meter data, but also is required to provide data service for the outside, especially based on internet application, and the data acquisition and monitoring server is still a main bottleneck in the whole business system in the architecture although the mode of laterally expanding the number of servers can balance performance load.
2. The data acquisition and monitoring server is protected by a factory firewall, but is still a first window for providing service to the outside, and is directly exposed on the Internet, so that once network security accidents occur, all businesses such as remote diagnosis, environment monitoring, third party settlement and the like based on the whole instrument data are stopped, and extremely high potential safety hazards are faced.
Disclosure of Invention
In view of the problems in the prior art, the invention provides a device verification connection method and a device verification connection system based on a block chain, which mainly solve the problem of insufficient network access security in the existing instrument industry.
In order to achieve the above and other objects, the present invention adopts the following technical scheme.
A blockchain-based device authentication connection method, comprising:
the requested party applies for identity authentication according to the connection request, and obtains identity authentication information;
the requester encrypts the connection request according to the received identity authentication information, outputs the connection request to the requested party, and establishes a network link of both parties after decryption and verification.
Optionally, before the requested party applies for identity authentication according to the connection request, the method includes:
checking whether effective decryption verification information required for establishing a network link exists in the connection request, and if so, directly establishing the network links of both parties; if not, applying for identity authentication.
Optionally, the identity authentication information includes an identity document, wherein the identity document includes a private key and a public key.
Optionally, the decryption validation information includes a public key.
Optionally, the connection request is encrypted by the private key, and the encrypted connection request and the decryption verification information are output to the requested party together.
Optionally, a data acquisition authentication center server is provided, and the data acquisition authentication center server receives an identity authentication application and outputs identity authentication information.
Optionally, after the decoding verification is passed, the connection request is sent to the data acquisition authentication center server for retention backup.
Optionally, the requesting party includes an application service layer, and the requested party includes an instrument.
A blockchain-based device authentication connection system, comprising:
the identity authentication module is used for the requested party to apply for identity authentication according to the connection request and acquire identity authentication information;
and the verification module is used for encrypting the connection request according to the received identity authentication information by the requester, outputting the encrypted connection request to the requested party, and establishing a network link of the two parties after decryption and verification.
As described above, the device verification connection method and system based on the blockchain have the following beneficial effects.
After identity authentication, encryption and decryption, a network link is established, so that the safety of equipment connection can be effectively improved.
Drawings
FIG. 1 is a schematic diagram of a device verification connection structure based on a blockchain in an embodiment of the invention.
Detailed Description
Other advantages and effects of the present invention will become apparent to those skilled in the art from the following disclosure, which describes the embodiments of the present invention with reference to specific examples. The invention may be practiced or carried out in other embodiments that depart from the specific details, and the details of the present description may be modified or varied from the spirit and scope of the present invention. It should be noted that the following embodiments and features in the embodiments may be combined with each other without conflict.
It should be noted that the illustrations provided in the following embodiments merely illustrate the basic concept of the present invention by way of illustration, and only the components related to the present invention are shown in the drawings and are not drawn according to the number, shape and size of the components in actual implementation, and the form, number and proportion of the components in actual implementation may be arbitrarily changed, and the layout of the components may be more complicated.
Referring to fig. 1, the present invention provides a device verification connection method based on a blockchain, which uses the concept of decentralization of blockchain technology to establish a network link between an application service layer and a device side.
In an embodiment, an internal network of the device may be established based on an application scenario, for example, an instrument factory is taken as an example, and the devices in the factory may include various instruments such as a flow meter, a pressure meter, a temperature meter, a level meter, an analysis meter, an execution mechanism, and the like. The application server in the factory can be directly connected with each instrument and meter to acquire the data required by the application service. In addition to meeting factory floor internal service requirements, instrumentation often needs to communicate with external application services, including equipment remote diagnostics, government environmental monitoring, third party accounting, and other related application services. When network communication needs to be established with an internet application service layer outside a factory, the security of access of various application services in the application service layer needs to be verified. Taking the network link verification connection between the equipment remote diagnosis and the material level instrument as an example, the specific steps are as follows:
in step 01, a connection request is initiated to a requested level meter with a device remote diagnostic service as a requesting party. Optionally, firstly checking the connection request, judging whether the connection request contains effective decoding verification information required by establishing a network link, if so, directly decoding and verifying the connection request according to the decoding verification information, and further establishing the network link between the equipment remote diagnosis service and the level instrument so as to facilitate data interaction between the two parties; if not, the process proceeds to step S02.
In step S02, after receiving the connection request, the level meter applies for identity authentication for the remote diagnosis service of the device. In an embodiment, a data collection and authentication center server may be provided, and the level meter may apply for identity authentication to the data collection and authentication center server. The connection request typically contains basic information of the requesting party, such as an identification or the like. Specifically, the material level instrument packages and sends basic information data of the equipment remote diagnosis service to the data acquisition authentication center server to apply for identity authentication.
In step S03, the data collection authentication center server checks whether basic information of the device remote diagnosis service meets a preset specification, such as whether the requested service is allowed, whether a terminal requesting the service has a risk, and the like. After passing the eligibility check, an asymmetric key technique may be utilized to generate an identification document for the device remote diagnostic service. The identification book may include information such as a private key, an algorithm used for encryption of the private key, an issuer identification, a validity period, a public key holder identity, and the like. The data acquisition authentication center server sends the generated identification book to the equipment remote diagnosis service.
In step S04, after receiving the identification document, the remote diagnosis service encrypts the connection request by using the private key in the identification document, and the public key is used as decryption verification information and packaged together with the encrypted connection request and sent to the level meter.
In step S05, the level meter uses the public key to decode and verify the connection request, and after the connection request passes the verification, sends the connection request record to the authentication center server for a retention backup, and establishes a network link with the diagnostic service. The backup connection log is kept, so that the future problem tracing can be facilitated.
In an embodiment, during the process of establishing the network links of the two parties, the data acquisition authentication center server can also provide the identity of the two parties to prevent the non-authentication user from accessing.
The embodiment provides a device verification connection system based on a block chain, which is used for executing the device verification connection method based on the block chain in the embodiment of the method. Since the technical principle of the system embodiment is similar to that of the foregoing method embodiment, the same technical details will not be repeated.
In one embodiment, a blockchain-based device authentication connection system includes:
the identity authentication module is used for the requested party to apply for identity authentication according to the connection request and acquire identity authentication information;
and the verification module is used for encrypting the connection request according to the received identity authentication information by the requester, outputting the encrypted connection request to the requested party, and establishing a network link of the two parties after decryption and verification.
In summary, according to the equipment verification connection method and system based on the blockchain, the network link is established from end to end, so that the safety detection efficiency is improved; the security of the connection is improved through identity authentication; the record backup is accessed, so that the follow-up problem tracing is convenient; the application service is directly connected with the instrument and meter, the intermediate process of data transmission is reduced, and the data interaction is more convenient and quicker. Therefore, the invention effectively overcomes various defects in the prior art and has high industrial utilization value.
The above embodiments are merely illustrative of the principles of the present invention and its effectiveness, and are not intended to limit the invention. Modifications and variations may be made to the above-described embodiments by those skilled in the art without departing from the spirit and scope of the invention. Accordingly, it is intended that all equivalent modifications and variations of the invention be covered by the claims, which are within the ordinary skill of the art, be within the spirit and scope of the present disclosure.
Claims (5)
1. A blockchain-based device authentication connection method, comprising:
the requested party applies for identity authentication according to the connection request, acquires identity authentication information, and before the requested party applies for identity authentication according to the connection request, the method comprises the following steps: checking whether effective decryption verification information required for establishing a network link exists in the connection request, and if so, directly establishing the network links of both parties; if the public key does not exist, applying for identity authentication, wherein the identity authentication information comprises an identity certificate, the identity certificate comprises a private key and a public key, and the decryption verification information comprises the public key;
the requester encrypts the connection request according to the received identity authentication information, outputs the encrypted connection request to the requested party, encrypts the connection request through the private key, outputs the encrypted connection request and decryption verification information to the requested party, and establishes a network link of both parties after decryption verification.
2. The blockchain-based device verification connection method of claim 1, wherein a data collection authentication center server is provided, and the data collection authentication center server receives an identity authentication application and outputs identity authentication information.
3. The blockchain-based device verification connection method of claim 1, wherein after decoding verification is passed, the connection request is sent to a data collection authentication center server for a retention backup.
4. The blockchain-based device verification connection method of claim 1, wherein the requestor includes an application service layer and the requested party includes an instrument.
5. A blockchain-based device verification connection system, comprising:
the identity authentication module is used for the requested party to apply for identity authentication according to the connection request, acquires identity authentication information, and comprises: checking whether effective decryption verification information required for establishing a network link exists in the connection request, and if so, directly establishing the network links of both parties; if the public key does not exist, applying for identity authentication, wherein the identity authentication information comprises an identity certificate, the identity certificate comprises a private key and a public key, and the decryption verification information comprises the public key;
and the verification module is used for encrypting the connection request according to the received identity authentication information by the requester, outputting the encrypted connection request to the requested party, encrypting the connection request through the private key, outputting the encrypted connection request and decryption verification information to the requested party, and establishing a network link of the two parties after decryption verification.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011593153.3A CN112822162B (en) | 2020-12-29 | 2020-12-29 | Equipment verification connection method and system based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011593153.3A CN112822162B (en) | 2020-12-29 | 2020-12-29 | Equipment verification connection method and system based on block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112822162A CN112822162A (en) | 2021-05-18 |
| CN112822162B true CN112822162B (en) | 2023-05-23 |
Family
ID=75855707
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011593153.3A Active CN112822162B (en) | 2020-12-29 | 2020-12-29 | Equipment verification connection method and system based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112822162B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113704723B (en) * | 2021-10-27 | 2022-02-08 | 北京微芯感知科技有限公司 | Block chain-based digital identity verification method and device and storage medium |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105554747A (en) * | 2016-01-29 | 2016-05-04 | 腾讯科技(深圳)有限公司 | Wireless network connecting method, device and system |
| CN106789920A (en) * | 2016-11-25 | 2017-05-31 | 深圳前海微众银行股份有限公司 | The joint connecting method and device of block chain |
| CN107645725A (en) * | 2017-09-21 | 2018-01-30 | 广东美的制冷设备有限公司 | Network collocating method and system, routing device and log equipment |
| CN108416589A (en) * | 2018-03-08 | 2018-08-17 | 深圳前海微众银行股份有限公司 | Connection method, system and the computer readable storage medium of block chain node |
| CN108667800A (en) * | 2018-03-30 | 2018-10-16 | 北京明朝万达科技股份有限公司 | A kind of authentication method and device of access rights |
| CN108684041A (en) * | 2018-05-31 | 2018-10-19 | 上海邑游网络科技有限公司 | The system and method for login authentication |
| CN109218319A (en) * | 2018-09-21 | 2019-01-15 | 四川长虹电器股份有限公司 | A kind of identity authorization system and authentication method based on block chain |
| CN109918878A (en) * | 2019-04-24 | 2019-06-21 | 中国科学院信息工程研究所 | A kind of industrial internet of things equipment authentication and safety interacting method based on block chain |
| CN110162009A (en) * | 2019-05-14 | 2019-08-23 | 中国第一汽车股份有限公司 | Method for diagnosing faults, information determine method, related device and equipment |
| CN110446177A (en) * | 2019-08-20 | 2019-11-12 | 杭州安恒信息技术股份有限公司 | Communication means, the apparatus and system of Internet of Things gauge table |
| CN110519062A (en) * | 2019-09-19 | 2019-11-29 | 腾讯科技(深圳)有限公司 | Identity identifying method, Verification System and storage medium based on block chain |
| CN111586070A (en) * | 2020-05-15 | 2020-08-25 | 北京中油瑞飞信息技术有限责任公司 | Three-phase metering device communication method and device, three-phase metering device and storage medium |
| CN111835752A (en) * | 2020-07-09 | 2020-10-27 | 国网山西省电力公司信息通信分公司 | Lightweight authentication method based on equipment identity and gateway |
| CN111836258A (en) * | 2020-07-10 | 2020-10-27 | 国网冀北电力有限公司电力科学研究院 | Method and device for safely accessing nodes of power distribution internet of things |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107079036A (en) * | 2016-12-23 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Registration and authorization method, apparatus and system |
-
2020
- 2020-12-29 CN CN202011593153.3A patent/CN112822162B/en active Active
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105554747A (en) * | 2016-01-29 | 2016-05-04 | 腾讯科技(深圳)有限公司 | Wireless network connecting method, device and system |
| CN106789920A (en) * | 2016-11-25 | 2017-05-31 | 深圳前海微众银行股份有限公司 | The joint connecting method and device of block chain |
| CN107645725A (en) * | 2017-09-21 | 2018-01-30 | 广东美的制冷设备有限公司 | Network collocating method and system, routing device and log equipment |
| CN108416589A (en) * | 2018-03-08 | 2018-08-17 | 深圳前海微众银行股份有限公司 | Connection method, system and the computer readable storage medium of block chain node |
| CN108667800A (en) * | 2018-03-30 | 2018-10-16 | 北京明朝万达科技股份有限公司 | A kind of authentication method and device of access rights |
| CN108684041A (en) * | 2018-05-31 | 2018-10-19 | 上海邑游网络科技有限公司 | The system and method for login authentication |
| CN109218319A (en) * | 2018-09-21 | 2019-01-15 | 四川长虹电器股份有限公司 | A kind of identity authorization system and authentication method based on block chain |
| CN109918878A (en) * | 2019-04-24 | 2019-06-21 | 中国科学院信息工程研究所 | A kind of industrial internet of things equipment authentication and safety interacting method based on block chain |
| CN110162009A (en) * | 2019-05-14 | 2019-08-23 | 中国第一汽车股份有限公司 | Method for diagnosing faults, information determine method, related device and equipment |
| CN110446177A (en) * | 2019-08-20 | 2019-11-12 | 杭州安恒信息技术股份有限公司 | Communication means, the apparatus and system of Internet of Things gauge table |
| CN110519062A (en) * | 2019-09-19 | 2019-11-29 | 腾讯科技(深圳)有限公司 | Identity identifying method, Verification System and storage medium based on block chain |
| CN111586070A (en) * | 2020-05-15 | 2020-08-25 | 北京中油瑞飞信息技术有限责任公司 | Three-phase metering device communication method and device, three-phase metering device and storage medium |
| CN111835752A (en) * | 2020-07-09 | 2020-10-27 | 国网山西省电力公司信息通信分公司 | Lightweight authentication method based on equipment identity and gateway |
| CN111836258A (en) * | 2020-07-10 | 2020-10-27 | 国网冀北电力有限公司电力科学研究院 | Method and device for safely accessing nodes of power distribution internet of things |
Non-Patent Citations (2)
| Title |
|---|
| ETSI TS 1133 203 V13.1.0 (201616-01);3GPP;《ETSI TS 1133 203》;20160131;全文 * |
| 基于区块链的泛在电力物联网身份认证技术研究;刘廷峰等;《网络空间安全》;20190725(第07期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112822162A (en) | 2021-05-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA3052415C (en) | Verifying an identity based on multiple distributed data sources using a blockchain to safeguard the identity | |
| CN108684041B (en) | System and method for login authentication | |
| CN106603636B (en) | Error transaction standardization method and device | |
| WO2018026488A1 (en) | Token based network service among iot applications | |
| CN112333198A (en) | Secure cross-domain login method, system and server | |
| CN112801663B (en) | Blockchain certification method, device, system, equipment and medium | |
| TW202203062A (en) | Blockchain-based identity verification method and related hardware | |
| CN110190958A (en) | A kind of auth method of vehicle, device, electronic equipment and storage medium | |
| CN114500093B (en) | Safe interaction method and system for message information | |
| CN112202794A (en) | Transaction data protection method and device, electronic equipment and medium | |
| CN112074835A (en) | Techniques to perform secure operations | |
| CN114513373B (en) | Trusted data exchange method, device, system, electronic equipment and storage medium | |
| CN112822162B (en) | Equipment verification connection method and system based on block chain | |
| CN114125027B (en) | Communication establishment method and device, electronic equipment and storage medium | |
| CN114584381A (en) | Security authentication method and device based on gateway, electronic equipment and storage medium | |
| Martinez Jurado et al. | Applying assurance levels when issuing and verifying credentials using Trust Frameworks | |
| KR102211033B1 (en) | Agency service system for accredited certification procedures | |
| CN113592625A (en) | Credit report generation method and device and electronic equipment | |
| CN109495458A (en) | A kind of method, system and the associated component of data transmission | |
| CN115409511B (en) | Personal information protection system based on block chain | |
| CN114861144A (en) | Data authority processing method based on block chain | |
| CN112541199A (en) | Block chain-based electronic storage certificate integrity verification method and electronic equipment | |
| CN112333176B (en) | Data transmission method, system, equipment and storage medium based on data receiving party | |
| CN112767147A (en) | Creditor right information processing method and device | |
| CN110490003B (en) | User trusted data generation method, user trusted data acquisition method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |