CN112968863A - Distributed authorization management method, device and storage medium based on R tree - Google Patents
Distributed authorization management method, device and storage medium based on R tree Download PDFInfo
- Publication number
- CN112968863A CN112968863A CN202110059051.1A CN202110059051A CN112968863A CN 112968863 A CN112968863 A CN 112968863A CN 202110059051 A CN202110059051 A CN 202110059051A CN 112968863 A CN112968863 A CN 112968863A
- Authority
- CN
- China
- Prior art keywords
- authorization
- service
- node
- tree
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
The invention discloses a distributed authorization management method, equipment and a storage medium based on an R tree, wherein the method updates a corresponding service registration list according to registration information sent by a user terminal, submits the updated service registration list to an authorization node used for managing the authorization information of the corresponding service in the R tree, receives an update state notification fed back by the authorization node, and feeds back an authorization node identifier of the authorization node to the user terminal if the update state notification indicates that the authorization node finishes updating the authorization information; the authorization node identifier is used for indicating a port of a user terminal requesting authorization. Therefore, the invention can construct the authorization framework of the R tree according to the management requirements of different service providers on fine-grained service authorization, thereby realizing layered distributed authorization and thoroughly solving the problem of single-point failure in centralized authorization.
Description
Technical Field
The present invention relates to authorization management technologies, and in particular, to a distributed authorization management method and apparatus based on an R tree, and a storage medium.
Background
Currently, the service authorization method is usually performed by a service provider to authorize the service of a service user, and once an authorization system of the service provider fails, the authorization of the service of all the service users is affected. For example, service authorization in the scenario of the internet of things will generate massive access to the service provider due to the huge number of service users, thereby causing access pressure and operation burden to the service provider.
The chinese patent application CN109088857A discloses a distributed authorization management method in the scene of internet of things, which adopts a block chain technology to realize authorization of resource services, and thoroughly solves the problem of single-point failure; however, the method realizes the authorization of resource user for resource service by running the intelligent contract of resource access on the nodes on the block chain network; in fact, in the scene of the internet of things, because the number of service users is huge, massive access can still be generated to the nodes on the blockchain network, and great burden is brought to the actual operation of the nodes on the blockchain network.
Disclosure of Invention
In view of the above-mentioned deficiencies of the prior art, the present invention aims to: the distributed authorization management method based on the R tree is provided, and an authorization framework of the R tree can be constructed according to the management requirements of different service providers on fine-grained service authorization, so that layered distributed authorization is realized, and the problem of single-point failure in centralized authorization is thoroughly solved.
In order to achieve the purpose, the invention provides the following technical scheme:
an R-tree-based distributed authorization management method applied to a service provider, the method comprising:
acquiring registration information sent by a user side, wherein the registration information comprises a user identifier and a service identifier; wherein the service identification is used for indicating a service to be registered for use;
adding the user identifier of the registration information to a service registration list corresponding to the service indicated by the service identifier of the registration information to update the service registration list; submitting the updated service registration list to an authorization node in an R tree, wherein the authorization node is used for managing authorization information of corresponding services, so that the authorization node updates the authorization information according to the service registration list;
receiving an update state notification fed back by the authorization node, and if the update state notification indicates that the authorization node completes updating the authorization information, feeding back an authorization node identifier of the authorization node to the user side; wherein, the authorization node identifier is used for indicating a port of the user terminal requesting authorization.
According to a specific implementation manner, in the distributed authorization management method based on the R tree, whether an authorization node for managing authorization information of the service exists in the R tree is detected according to the service indicated by the service identifier of the registration information; and if the authorization node does not exist, requesting to configure an authorization node for managing the authorization information of the service in the R tree, and acquiring an authorization node identifier determined according to the hierarchical relationship of the authorization node in the R tree.
Further, the authorizing node identification includes: the service identifier of the service corresponding to the authorization node and the service identifiers of the services corresponding to all the superior authorization nodes of the authorization node.
Still further, the authorization information includes: the method comprises the steps that a service provider identifier, an authorized node identifier, authorized user information and a corresponding signature abstract are obtained; wherein the authorized user information is used to indicate a user identity registered for using the service.
In another aspect of the present invention, there is also provided a terminal device, including:
a memory storing program instructions; and the number of the first and second groups,
a processor, said program instructions when executed by said processor implementing the R-tree based distributed authorization management method of the present invention.
In another aspect of the present invention, a computer readable storage medium is further provided, which stores program instructions for implementing the R-tree based distributed authorization management method of the present invention when the program instructions are executed.
Compared with the prior art, the invention has the beneficial effects that:
the distributed authorization management method based on the R tree updates a corresponding service registration list according to registration information sent by a user side, submits the updated service registration list to an authorization node used for managing authorization information of corresponding services in the R tree, receives an update state notification fed back by the authorization node, and feeds back an authorization node identifier of the authorization node to the user side if the update state notification indicates that the authorization node finishes updating the authorization information; the authorization node identifier is used for indicating a port of a user terminal requesting authorization. Therefore, the invention can construct the authorization framework of the R tree according to the management requirements of different service providers on fine-grained service authorization, thereby realizing layered distributed authorization and thoroughly solving the problem of single-point failure in centralized authorization.
Drawings
FIG. 1 is a flow chart illustrating a management method according to the present invention;
FIG. 2 is a flow chart illustrating a management method according to an embodiment of the invention;
fig. 3 is a block diagram of a terminal device used by a service provider according to the present invention.
Detailed Description
The embodiments of the present invention are described below with reference to specific embodiments, and other advantages and effects of the present invention will be easily understood by those skilled in the art from the disclosure of the present specification. The invention is capable of other and different embodiments and of being practiced or of being carried out in various ways, and its several details are capable of modification in various respects, all without departing from the spirit and scope of the present invention.
The invention discloses a distributed authorization management method based on an R tree, which is applied to a service provider and comprises the following steps:
acquiring registration information sent by a user side, wherein the registration information comprises a user identifier and a service identifier; wherein the service identification is used for indicating a service to be registered for use;
adding the user identifier of the registration information to a service registration list corresponding to the service indicated by the service identifier of the registration information to update the service registration list; submitting the updated service registration list to an authorization node in an R tree, wherein the authorization node is used for managing authorization information of corresponding services, so that the authorization node updates the authorization information according to the service registration list;
receiving an update state notification fed back by the authorization node, and if the update state notification indicates that the authorization node completes updating the authorization information, feeding back an authorization node identifier of the authorization node to the user side; wherein, the authorization node identifier is used for indicating a port of the user terminal requesting authorization.
As shown in fig. 1, an R tree is taken as an example, which is composed of a root authorization node 100, a primary authorization node 101, a primary authorization node 102, a secondary authorization node 103, and a secondary authorization node 104. Of course, in actual application, the structure of the R tree, the hierarchy of the R tree, and the number of authorized nodes in the R tree may all be adjusted by the service provider according to actual requirements.
The user terminal 1 sends registration information 1 to the service provider 1. Since the registration information 1 comprises the user identity provided by the user terminal 1 and the specified service identity oa. Then, the service provider 1 adds the user identifier provided by the user terminal 1 to the oa service registration list, that is, the user identifier provided by the user terminal 1 is added to the service registration list corresponding to the service indicated by the service identifier specified by the registration information 1. And after the addition is completed, the updating of the oa service registration list is completed.
Since the secondary authorization node 103 is used to manage authorization information of the oa service, the service provider 1 submits an oa service registration list to the secondary authorization node 103 of the R-tree. After receiving the oa service registration list, the secondary authorization node 103 updates authorization information of the oa service managed by the secondary authorization node 103, and the secondary authorization node 103 feeds back an update status notification to the service provider 1.
If the service provider 1 receives the update state notification fed back by the secondary authorization node 103, and if the update state notification indicates that the update of the authorization information is completed, the service provider 1 feeds back an authorization node identifier < oa, svc, mrray > of the secondary authorization node 103 to the user end 1; and the authorization node identifier is used for indicating a port of the user side requesting authorization.
In the present invention, the authorization information includes: the method comprises the steps that a service provider identifier, an authorized node identifier, authorized user information and a corresponding signature abstract are obtained; wherein the authorized user information is used to indicate a user identity registered for using the service. In practice, the updating of the authorization information is via a user identification provided by the registration information included in the service registration list.
In some embodiments, each service provider is configured with a pair of a public key and a private key. Furthermore, the public key of the service provider is used for performing relevant signature verification and encryption, while the public keys of the service providers are all issued to the root authorization node 100, and the private key of the service provider is used for signing and encrypting the service registration list managed by the service provider. Specifically, data interaction between the service provider and the authorization node is realized through signature and encryption, and the safety of data transmission can be guaranteed.
Moreover, each authorized node in the R-tree is configured with a pair of public and private keys. The public key of the authorization node is used for performing related signature verification and encryption, meanwhile, the public keys of the authorization nodes are all issued to the root authorization node 100, and the private key of the authorization node is used for signing and encrypting the managed authorization information, so that the security of the authorization information is ensured.
Therefore, the invention can construct the authorization framework of the R tree according to the management requirements of different service providers on fine-grained service authorization, thereby realizing layered distributed authorization and thoroughly solving the problem of single-point failure in centralized authorization.
In some embodiments, in the distributed authorization management method based on the R tree of the present invention, it is further detected whether an authorization node for managing authorization information of the service exists in the R tree according to the service indicated by the service identifier of the registration information; and if the authorization node does not exist, requesting to configure an authorization node for managing the authorization information of the service in the R tree, and acquiring an authorization node identifier determined according to the hierarchical relationship of the authorization node in the R tree.
In practice, the authorized node identification includes: the service identifier of the service corresponding to the authorization node and the service identifiers of the services corresponding to all the superior authorization nodes of the authorization node.
As shown in fig. 2, the user terminal 1 transmits registration information 2 to the service provider 1. Since the registration information 2 includes the user identifier provided by the user terminal 1 and the specified service identifier query. And the service provider 1 detects whether an authorized node for managing the query service exists in the R tree according to the service indicated by the service identifier in the registration information 2. Since there is no authorization node for managing the query service in the R tree, the service provider 1 requests to configure an authorization node for managing authorization information of the service, i.e., the secondary authorization node 105, in the R tree, and obtains an authorization node identifier determined according to a hierarchical relationship of the secondary authorization node 105 in the R tree, i.e., the authorization node identifier of the secondary authorization node 105 is < query, svc, mray >.
After configuring a secondary authorization node 105 for managing authorization information of the query service in the R tree, the service provider 1 adds the user identifier provided by the user end 1 to the query service registration list, that is, the user identifier provided by the user end 1 is added to the service registration list corresponding to the service indicated by the service identifier specified by the registration information 1. And after the addition is completed, the update of the query service registration list is completed. In implementation, the service provider 1 can provide the oa service and the query service, and establish the oa service registry and the query service registry in advance, and since the query service is not registered by the user terminal before the user terminal 1 transmits the registration information 2, an authorization node for managing authorization information of the query service does not exist in the R tree.
Since the secondary authorization node 105 is used to manage authorization information for the query service, the service provider 1 submits a query service registration list to the secondary authorization node 105 of the R-tree. After receiving the query service registration list, the secondary authorization node 105 updates the authorization information of the query service managed by the secondary authorization node 105, and the secondary authorization node 105 feeds back an update status notification to the service provider 1.
If the service provider 1 receives the update status notification fed back by the secondary authorization node 105, and if the update status notification indicates that it has completed updating the authorization information, the service provider 1 feeds back the authorization node identifier < query, svc, mray > of the secondary authorization node 105 to the user end 1.
As shown in fig. 3, the terminal device of the present invention includes:
the system comprises a registration information acquisition module, a service identification acquisition module and a registration information acquisition module, wherein the registration information acquisition module is used for acquiring registration information sent by a user side, and the registration information comprises a user identification and a service identification; wherein the service identification is used for indicating a service to be registered for use;
a service registration list updating module, configured to add the user identifier of the registration information to a service registration list corresponding to a service indicated by the service identifier of the registration information, so as to update the service registration list;
a service registration list submitting module, configured to submit the updated service registration list to an authorization node in an R tree, where the authorization node is used to manage authorization information of a corresponding service, so that the authorization node updates the authorization information according to the service registration list;
an update state notification receiving module, configured to receive an update state notification fed back by the authorization node;
an authorized node identifier sending module, configured to feed back, to the user side, an authorized node identifier of the authorized node when the update status notification indicates that the authorized node has completed updating the authorization information; wherein, the authorization node identifier is used for indicating a port of the user terminal requesting authorization.
In practice, the terminal device of the present invention further includes:
the authorization node detection module is used for detecting whether an authorization node for managing the authorization information of the service exists in the R tree or not according to the service indicated by the service identifier of the registration information;
and the authorization node request module is used for requesting to configure an authorization node for managing the authorization information of the service in the R tree and acquiring the authorization node identifier determined according to the hierarchical relationship of the authorization node in the R tree.
In some embodiments, the present invention also provides a terminal device, comprising:
a memory storing program instructions; and the number of the first and second groups,
a processor, said program instructions when executed by said processor implementing the R-tree based distributed authorization management method of the present invention.
In some embodiments, the present invention also provides a computer readable storage medium storing program instructions for implementing the R-tree based distributed authorization management method of the present invention when executed.
It should be understood that the disclosed system or apparatus may be implemented in other ways. For example, the division of the modules into only one logical function may be implemented in another way, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not implemented. In addition, the communication connection between the modules may be an indirect coupling or communication connection through some interfaces, devices or units, and may be electrical or in other forms.
In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each module may exist alone physically, or two or more modules are integrated into one processing unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
Claims (8)
1. An R-tree-based distributed authorization management method is applied to a service provider, and comprises the following steps:
acquiring registration information sent by a user side, wherein the registration information comprises a user identifier and a service identifier; wherein the service identification is used for indicating a service to be registered for use;
adding the user identifier of the registration information to a service registration list corresponding to the service indicated by the service identifier of the registration information to update the service registration list; submitting the updated service registration list to an authorization node in an R tree, wherein the authorization node is used for managing authorization information of corresponding services, so that the authorization node updates the authorization information according to the service registration list;
receiving an update state notification fed back by the authorization node, and if the update state notification indicates that the authorization node completes updating the authorization information, feeding back an authorization node identifier of the authorization node to the user side; wherein, the authorization node identifier is used for indicating a port of the user terminal requesting authorization.
2. The R-tree based distributed authorization management method according to claim 1, characterized in that, further according to the service indicated by the service identification of the registration information, it is detected whether there is an authorization node for managing authorization information of the service in the R-tree; and if the authorization node does not exist, requesting to configure an authorization node for managing the authorization information of the service in the R tree, and acquiring an authorization node identifier determined according to the hierarchical relationship of the authorization node in the R tree.
3. The R-tree based distributed authorization management method of claim 2, wherein the authorization node identification comprises: the service identifier of the service corresponding to the authorization node and the service identifiers of the services corresponding to all the superior authorization nodes of the authorization node.
4. The R-tree based distributed authorization management method according to claim 1, wherein the authorization information comprises: the method comprises the steps that a service provider identifier, an authorized node identifier, authorized user information and a corresponding signature abstract are obtained; wherein the authorized user information is used to indicate a user identity registered for using the service.
5. A terminal device, comprising:
the system comprises a registration information acquisition module, a service identification acquisition module and a registration information acquisition module, wherein the registration information acquisition module is used for acquiring registration information sent by a user side, and the registration information comprises a user identification and a service identification; wherein the service identification is used for indicating a service to be registered for use;
a service registration list updating module, configured to add the user identifier of the registration information to a service registration list corresponding to a service indicated by the service identifier of the registration information, so as to update the service registration list;
a service registration list submitting module, configured to submit the updated service registration list to an authorization node in an R tree, where the authorization node is used to manage authorization information of a corresponding service, so that the authorization node updates the authorization information according to the service registration list;
an update state notification receiving module, configured to receive an update state notification fed back by the authorization node;
an authorized node identifier sending module, configured to feed back, to the user side, an authorized node identifier of the authorized node when the update status notification indicates that the authorized node has completed updating the authorization information; wherein, the authorization node identifier is used for indicating a port of the user terminal requesting authorization.
6. The terminal device of claim 5, further comprising:
the authorization node detection module is used for detecting whether an authorization node for managing the authorization information of the service exists in the R tree or not according to the service indicated by the service identifier of the registration information;
and the authorization node request module is used for requesting to configure an authorization node for managing the authorization information of the service in the R tree and acquiring the authorization node identifier determined according to the hierarchical relationship of the authorization node in the R tree.
7. A terminal device, comprising:
a memory storing program instructions; and the number of the first and second groups,
a processor, said program instructions when executed by said processor implementing the R-tree based distributed authorization management method of any of claims 1 to 4.
8. A computer readable storage medium storing program instructions which, when executed, implement the R-tree based distributed authorization management method of any of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110059051.1A CN112968863B (en) | 2021-01-17 | 2021-01-17 | Distributed authorization management method and device based on R tree and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110059051.1A CN112968863B (en) | 2021-01-17 | 2021-01-17 | Distributed authorization management method and device based on R tree and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112968863A true CN112968863A (en) | 2021-06-15 |
| CN112968863B CN112968863B (en) | 2022-11-18 |
Family
ID=76271516
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110059051.1A Active CN112968863B (en) | 2021-01-17 | 2021-01-17 | Distributed authorization management method and device based on R tree and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112968863B (en) |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110270763A1 (en) * | 2010-04-30 | 2011-11-03 | Tobsc Inc. | Methods and apparatus for a financial document clearinghouse and secure delivery network |
| US20160134488A1 (en) * | 2014-11-12 | 2016-05-12 | Time Warner Cable Enterprises Llc | Methods and apparatus for provisioning services which require a device to be securely associated with an account |
| CN106161470A (en) * | 2016-08-31 | 2016-11-23 | 北京深思数盾科技股份有限公司 | A kind of authorization method, client, server and system |
| CN107018128A (en) * | 2017-03-07 | 2017-08-04 | 西安电子科技大学 | One kind is based on domain collaborative multi framework third-party application authorization and authentication method |
| CN107079036A (en) * | 2016-12-23 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Registration and authorization method, apparatus and system |
| CN108737348A (en) * | 2017-04-21 | 2018-11-02 | 中国科学院信息工程研究所 | A kind of internet of things equipment access control method of the intelligent contract based on block chain |
| CN108737370A (en) * | 2018-04-05 | 2018-11-02 | 西安电子科技大学 | A kind of cross-domain Verification System of Internet of Things based on block chain and method |
| CN109274652A (en) * | 2018-08-30 | 2019-01-25 | 腾讯科技(深圳)有限公司 | Identity information verifies system, method and device and computer storage medium |
| US20190036906A1 (en) * | 2017-07-28 | 2019-01-31 | SmartAxiom, Inc. | System and method for iot security |
| CN109918878A (en) * | 2019-04-24 | 2019-06-21 | 中国科学院信息工程研究所 | A kind of industrial internet of things equipment authentication and safety interacting method based on block chain |
| CN109981772A (en) * | 2019-03-22 | 2019-07-05 | 西安电子科技大学 | A kind of multiple domain data share exchange platform architecture based on block chain |
| CN110619222A (en) * | 2019-08-21 | 2019-12-27 | 上海唯链信息科技有限公司 | Authorization processing method, device, system and medium based on block chain |
| US20200106610A1 (en) * | 2018-09-28 | 2020-04-02 | Infosys Limited | System and method for decentralized identity management, authentication and authorization of applications |
| CN111464490A (en) * | 2020-02-24 | 2020-07-28 | 浙江工业大学 | Lightweight blockchain gateway and method for terminal management and control of Internet of things |
-
2021
- 2021-01-17 CN CN202110059051.1A patent/CN112968863B/en active Active
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110270763A1 (en) * | 2010-04-30 | 2011-11-03 | Tobsc Inc. | Methods and apparatus for a financial document clearinghouse and secure delivery network |
| US20160134488A1 (en) * | 2014-11-12 | 2016-05-12 | Time Warner Cable Enterprises Llc | Methods and apparatus for provisioning services which require a device to be securely associated with an account |
| CN106161470A (en) * | 2016-08-31 | 2016-11-23 | 北京深思数盾科技股份有限公司 | A kind of authorization method, client, server and system |
| CN107079036A (en) * | 2016-12-23 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Registration and authorization method, apparatus and system |
| CN107018128A (en) * | 2017-03-07 | 2017-08-04 | 西安电子科技大学 | One kind is based on domain collaborative multi framework third-party application authorization and authentication method |
| CN108737348A (en) * | 2017-04-21 | 2018-11-02 | 中国科学院信息工程研究所 | A kind of internet of things equipment access control method of the intelligent contract based on block chain |
| US20190036906A1 (en) * | 2017-07-28 | 2019-01-31 | SmartAxiom, Inc. | System and method for iot security |
| CN108737370A (en) * | 2018-04-05 | 2018-11-02 | 西安电子科技大学 | A kind of cross-domain Verification System of Internet of Things based on block chain and method |
| CN109274652A (en) * | 2018-08-30 | 2019-01-25 | 腾讯科技(深圳)有限公司 | Identity information verifies system, method and device and computer storage medium |
| US20200106610A1 (en) * | 2018-09-28 | 2020-04-02 | Infosys Limited | System and method for decentralized identity management, authentication and authorization of applications |
| CN109981772A (en) * | 2019-03-22 | 2019-07-05 | 西安电子科技大学 | A kind of multiple domain data share exchange platform architecture based on block chain |
| CN109918878A (en) * | 2019-04-24 | 2019-06-21 | 中国科学院信息工程研究所 | A kind of industrial internet of things equipment authentication and safety interacting method based on block chain |
| CN110619222A (en) * | 2019-08-21 | 2019-12-27 | 上海唯链信息科技有限公司 | Authorization processing method, device, system and medium based on block chain |
| CN111464490A (en) * | 2020-02-24 | 2020-07-28 | 浙江工业大学 | Lightweight blockchain gateway and method for terminal management and control of Internet of things |
Non-Patent Citations (2)
| Title |
|---|
| OUADDAH A ET AL: "FairAccess: a new Blockchain-based access control", 《SECURITY AND COMMUNICATION NETWORKS》 * |
| 郝飞扬: "多域物联网数据共享交换管理平台设计与实现", 《万方数据库》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112968863B (en) | 2022-11-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10027670B2 (en) | Distributed authentication | |
| US11398900B2 (en) | Cloud based key management | |
| EP2658207B1 (en) | Authorization method and terminal device | |
| US11546173B2 (en) | Methods, application server, IoT device and media for implementing IoT services | |
| CN111338906B (en) | Terminal equipment, edge node and block chain-based application supervision method and system | |
| KR20160025531A (en) | Method to enroll a certificate to a device using scep and respective management application | |
| CN108881309A (en) | Access method, device, electronic equipment and the readable storage medium storing program for executing of big data platform | |
| US9015790B2 (en) | Integrating sudo rules with entities represented in an LDAP directory | |
| CN111526013B (en) | Key distribution method and system | |
| US20090158047A1 (en) | High performance secure caching in the mid-tier | |
| CN109088858A (en) | A kind of medical system and method based on rights management | |
| CN105635321A (en) | Registration method for dynamic networking equipment | |
| CN112235290B (en) | Block chain-based Internet of things equipment management method and first Internet of things equipment | |
| CN101291220A (en) | System, device and method for identity security authentication | |
| CN111988260A (en) | Symmetric key management system, transmission method and device | |
| WO2009129719A1 (en) | Method, system and entity for bill authentication in network serving | |
| CN116527259B (en) | Cross-domain identity authentication method and system based on quantum key distribution network | |
| US20230325521A1 (en) | Data processing method and apparatus based on blockchain network, device, and storage medium | |
| CN112491845A (en) | Node admission method, consensus method, device, electronic equipment and storage medium | |
| CN112968863B (en) | Distributed authorization management method and device based on R tree and storage medium | |
| CN115550067A (en) | Industrial Internet interoperation method, system and equipment based on distributed identification | |
| CN109905365B (en) | Distributed deployed single sign-on and service authorization system and method | |
| CN112910852B (en) | Distributed authorization method, device and storage medium based on R tree | |
| CN108833396A (en) | A kind of method, apparatus really weighed, system and terminal | |
| CN112367665B (en) | Method, device and system for allowing pNF in 5G core network to pass NRF authentication cNF |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |