CN113098907B - Group division method and device for block chain - Google Patents
Group division method and device for block chain Download PDFInfo
- Publication number
- CN113098907B CN113098907B CN202110505653.5A CN202110505653A CN113098907B CN 113098907 B CN113098907 B CN 113098907B CN 202110505653 A CN202110505653 A CN 202110505653A CN 113098907 B CN113098907 B CN 113098907B
- Authority
- CN
- China
- Prior art keywords
- group
- node
- organization
- certificate
- nodes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 230000008520 organization Effects 0.000 claims abstract description 198
- 230000007246 mechanism Effects 0.000 claims abstract description 66
- 238000000638 solvent extraction Methods 0.000 claims description 5
- 238000005516 engineering process Methods 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 16
- 238000012795 verification Methods 0.000 description 15
- 238000004590 computer program Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 10
- 230000008569 process Effects 0.000 description 10
- 238000012986 modification Methods 0.000 description 8
- 230000004048 modification Effects 0.000 description 8
- 238000012545 processing Methods 0.000 description 8
- 238000004422 calculation algorithm Methods 0.000 description 6
- 238000009434 installation Methods 0.000 description 5
- 238000012544 monitoring process Methods 0.000 description 5
- 230000004075 alteration Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention relates to the field of science and technology finance (Fintech), in particular to a group division method and device of a Blockchain (Blockchain), which are used for solving the problems of unequal mechanisms and low security in a alliance chain. The embodiment of the invention comprises the following steps: the first authority determining a third certificate from all certificates of the federation chain; the first institution generates a group configuration item from the third certificate; the first mechanism generates a group configuration file of the group according to the group configuration item and the third certificate; the first organization sends the group configuration file to the first organization nodes belonging to the group, so that the first organization nodes belonging to the group restart according to the group configuration file, and the first organization nodes have group attributes.
Description
The application is a divisional application with the application number of 201910165256.0, the application date of 2019, 03 month and 05 days and the name of a group division method and device of a blockchain.
Technical Field
The present invention relates to the field of technical finance (Fintech), and more particularly, to a method and apparatus for partitioning a group of blockchains.
Background
The Block chain (blockchain) technology is a brand new distributed infrastructure and computing method in the technological financial neighborhood. In the blockchain technology, blockchains can be classified into public chains, private chains and alliance chains according to the differences of blockchain network access control rights. Wherein, the nodes of the public chain are a block chain structure which can be participated by any person and can be accessed by any person; private links are blockchain structures that are open only to individual individuals (e.g., companies, schools inside); the alliance chain is a block chain structure which is widely applied at present and is very common. In this structure, the blockchain is maintained by certain organizations, is open to certain individuals, and can introduce supervisory nodes, so that the blockchain can meet corresponding supervisory requirements while being non-tamperable.
Currently, the requirements of multiple inter-authority status peering of a federated chain cannot be met at the time of federated chain initialization. Specifically, the federation chain needs to negotiate node information contained in the creation block at initialization. The existing method is that one of the institutions generates own node information, starts a blockchain, joins nodes of other institutions, and at the moment, the institutions generate certificates and private keys for the joined other institutions and send the certificates and private keys to the other institutions; or the authoritative third-party mechanism directly generates node information in all the mechanisms and sends the installation package to each mechanism. In the method, the mechanism generating the node installation package can have all information of other nodes, the security of the private key of the node is low, and the peer-to-peer and security requirements of each mechanism in the alliance chain are not met.
Disclosure of Invention
The application provides a method and a device for constructing a block chain and dividing groups, which are used for solving the problems of unequal mechanisms and low safety in a alliance chain.
The method for constructing and dividing the block chain provided by the embodiment of the invention comprises the following steps:
the first organization generates a first certificate of a node in the first organization; the first organization is any organization in a alliance chain, and the nodes in the first organization are any node in the nodes to which the first organization belongs;
the first organization broadcasts the first certificate to a second organization and receives a second certificate of a node in the second organization, wherein the second organization is an organization except the first organization in the alliance chain;
the first organization verifies the second certificate, and generates a configuration file of a alliance chain according to the first certificate and the second certificate after the second certificate passes the verification;
the first organization sends the first certificate, the first private key of the first organization node and the configuration file to the first organization node so as to enable the first organization node to be started.
In an alternative embodiment, after the first authority sends the first certificate, the first private key of the node in the first authority, and the configuration file to the node in the first authority, the method further includes:
The first in-mechanism node verifies the first certificate by using the first private key, and after verification is passed, the first in-mechanism node is started;
after the first intra-mechanism node is started, the method further comprises the following steps:
the first in-mechanism node sends a first heartbeat request to the second in-mechanism node according to the configuration file, and receives a second heartbeat request of the second in-mechanism node;
and after the first intra-institution node determines that the number of the received second heartbeat requests is greater than a first threshold value, generating an originating block of the alliance chain.
In an optional embodiment, after the first intra-institution node determines that the number of the received second heartbeat requests is greater than a threshold, generating an originating block of the federation chain further includes:
the first organization determines a third certificate from the first certificate and the N second certificates, wherein the third certificate is a certificate corresponding to a third node belonging to a group, and the first organization comprises a first organization node belonging to the group;
the first mechanism generates a group configuration item according to the third certificate, wherein the group configuration item is used for indicating node information of the third node;
The first mechanism generates a group configuration file of the group according to the third certificate and the group configuration item;
the first organization sends the group configuration file to the first organization nodes belonging to the group;
and restarting the first intra-mechanism nodes belonging to the group according to the group configuration file so as to enable the first intra-mechanism nodes to have group attributes.
In an alternative embodiment, after the first in-mechanism node belonging to the group restarts according to the group configuration file, the method further includes:
the first intra-mechanism node belonging to the group sends a third heartbeat request to a third node except the first intra-mechanism node according to the group configuration file, and receives a fourth heartbeat request;
and after the nodes in the first mechanism belonging to the group determine that the number of the received fourth heartbeat requests is larger than a second threshold value, generating a group generation block of the group.
In an alternative embodiment, the first authority generates a configuration file of a federation chain according to the first certificate and the second certificate, including:
the first organization analyzes public key information and certificate fingerprints contained in the first certificate and the second certificate to generate the configuration file, wherein the configuration file contains network connection addresses of N second nodes;
The first intra-mechanism node sends a first heartbeat request to the N second nodes according to the configuration file, and the first heartbeat request comprises:
and the first intra-mechanism node sends the first heartbeat request to the N second nodes according to the network connection addresses of the N second nodes.
The embodiment of the invention also provides a group division method of the block chain, which comprises the following steps:
the first organization determines a third certificate from all certificates of the alliance chain, wherein the third certificate is a certificate corresponding to a third node belonging to the group; the first organization is any organization in the alliance chain which comprises nodes in the first organization belonging to the group;
the first mechanism generates a group configuration item according to the third certificate, wherein the group configuration item is used for indicating node information of the third node;
the first mechanism generates a group configuration file of the group according to the group configuration item and the third certificate;
the first organization sends the group configuration file to the first organization nodes belonging to the group, so that the first organization nodes belonging to the group restart according to the group configuration file, and the first organization nodes have group attributes.
In an alternative embodiment, after the first in-mechanism node belonging to the group restarts according to the group configuration file, the method further includes:
the first intra-mechanism node belonging to the group sends a third heartbeat request to a third node except the first intra-mechanism node according to the group configuration file, and receives a fourth heartbeat request;
and after the nodes in the first mechanism belonging to the group determine that the number of the received fourth heartbeat requests is larger than a second threshold value, generating a group generation block of the group.
In an alternative embodiment, the first mechanism generates a group configuration file of the group according to the third certificate and the group configuration item, including:
the first organization analyzes public key information and certificate fingerprints contained in the third certificate, and generates a group configuration file according to the group configuration item, wherein the group configuration file contains a group serial number of the group and a network connection address of the third node;
the first intra-mechanism node belonging to the group sends a third heartbeat request to a third node except the first intra-mechanism node according to the group configuration file, and the method comprises the following steps:
And the first intra-mechanism node belonging to the group sends the third heartbeat request to a third node except the first intra-mechanism node according to the group serial number and the network connection address of the third node.
The embodiment of the invention also provides a device for constructing the block chain, which comprises the following steps:
a generation unit configured to generate a first certificate of a node in a first organization; the node in the first organization is any node in the nodes to which the first organization belongs, and the first organization is any organization in the alliance chain;
the mechanism receiving and transmitting unit is used for broadcasting the first certificate to a second mechanism and receiving a second certificate of a node in the second mechanism, wherein the second mechanism is a mechanism in the alliance chain except the first mechanism;
the configuration unit is used for verifying the second certificate and generating a configuration file of a alliance chain according to the first certificate and the second certificate after the second certificate passes the verification;
the mechanism receiving and transmitting unit is further configured to send the first certificate, the first private key of the first in-mechanism node, and the configuration file to the first in-mechanism node, so that the first in-mechanism node is started.
In an alternative embodiment, the method further comprises:
the starting unit is used for verifying the first certificate by using the first private key, and starting after the verification is passed;
the node receiving and transmitting unit is used for sending a first heartbeat request to the node in the second mechanism according to the configuration file and receiving a second heartbeat request of the node in the second mechanism;
and the consensus unit is used for generating an originating block of the alliance chain after determining that the number of the received second heartbeat requests is larger than a first threshold value.
In an optional embodiment, the method further includes a determining unit, configured to determine a third certificate from the first certificate and the N second certificates, where the third certificate is a certificate corresponding to a third node belonging to a group, and the first organization includes a first intra-organization node belonging to the group;
the configuration unit is further configured to generate a group configuration item according to the third certificate, where the group configuration item is used to indicate node information of the third node;
the configuration unit is further configured to generate a group configuration file of the group according to the third certificate and the group configuration item;
the mechanism receiving and transmitting unit is further configured to send the group configuration file to the first intra-mechanism node belonging to the group;
The starting unit is further configured to restart according to the group configuration file, so that the nodes in the first mechanism have group attributes.
In an optional embodiment, the node transceiver unit is further configured to send a third heartbeat request to a third node except for the node in the first mechanism according to the group configuration file, and receive a fourth heartbeat request;
and the consensus unit is further configured to generate a group generation block of the group after determining that the number of the received fourth heartbeat requests is greater than a second threshold.
The embodiment of the invention also provides a group dividing device of the block chain, which comprises the following steps:
a determining unit, configured to determine a third certificate from all certificates of the federation chain, where the third certificate is a certificate corresponding to a third node belonging to the group; the first organization to which the determining unit belongs is any organization in the alliance chain including nodes in the first organization belonging to the group;
a generation unit configured to generate a group configuration item according to the third certificate, where the group configuration item is used to indicate node information of the third node;
the generating unit is further configured to generate a group configuration file of the group according to the group configuration item and the third certificate;
And the mechanism receiving and transmitting unit is used for transmitting the group configuration file to the first in-mechanism nodes belonging to the group so that the first in-mechanism nodes belonging to the group restart according to the group configuration file, and the first in-mechanism nodes have group attributes.
In an alternative embodiment, the method further comprises:
the node receiving and transmitting unit is used for sending a third heartbeat request to a third node except the nodes in the first mechanism according to the group configuration file and receiving a fourth heartbeat request;
and the consensus unit is used for generating a group generation block of the group after determining that the number of the received fourth heartbeat requests is larger than a second threshold value.
The embodiment of the invention also provides electronic equipment, which comprises:
at least one processor; the method comprises the steps of,
a memory communicatively coupled to the at least one processor; wherein,,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method as described above.
Embodiments of the present invention also provide a non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the method as described above.
In the embodiment of the invention, a first organization generates a first certificate of a node in the first organization, the first organization broadcasts the generated first certificate to a second organization and receives a second certificate of the node in the second organization, wherein the first organization is any organization in a alliance chain, the node in the first organization is any node in the nodes to which the first organization belongs, and the second organization is an organization except the first organization in the alliance chain. And the first organization verifies the received second certificate, generates a configuration file of the alliance chain according to the first certificate and the second certificate after the second certificate passes the verification, and sends the first certificate, the first private key of the first organization internal node and the configuration file to the first organization internal node so as to enable the first organization internal node to be started. In the embodiment of the invention, only the certificates are required to be broadcast among the institutions, and the private keys of the nodes are generated and maintained by the institutions, so that the private keys of the nodes in the institutions cannot go out of the intranet of the institutions, and the security of the nodes among the institutions is ensured. Meanwhile, the organizations of the alliance chain respectively generate the certificates and the private keys of the corresponding nodes, instead of generating the certificates and the private keys of other organizations by one organization, so that the peer-to-peer relationship among the organizations is ensured.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments will be briefly described below, it will be apparent that the drawings in the following description are only some embodiments of the present invention, and that other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a possible system architecture according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a method for constructing a blockchain according to an embodiment of the present invention;
FIG. 3 is a flowchart of a method for constructing a federated chain according to a first embodiment of the present invention;
FIG. 4 is a flowchart of a method for partitioning a group of a federated chain according to a second embodiment of the present invention;
FIG. 5 is a schematic diagram of a block chain building apparatus according to an embodiment of the present invention;
FIG. 6 is a schematic diagram illustrating a block chain grouping apparatus according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail below with reference to the accompanying drawings, and it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
A blockchain is a chain of blocks that each record a hash value of a previous block in addition to the data of the block. The block chain has two core concepts, one is a cryptography technology, the other is a decentralization concept, and the history information on the block chain cannot be tampered based on the two concepts. However, in the federation chain, node information in all organizations is generated for a single organization, and the requirement of the decentralization idea cannot be met.
In order to solve the above problems, the embodiment of the invention provides a method for constructing a blockchain. One possible system architecture to which the method may be applied, as shown in FIG. 1, includes an organization and nodes.
The mechanism is a main body admitted by the alliance chain committee and is provided with a mechanism certificate authority and a mechanism private key authority. The organization may generate an in-organization node. The organization may issue a node certificate node. Crt for the node to which it belongs and generate a node private key. The certificate is a series of numbers for marking the identity information of each party in the communication of the Internet, and provides a way for verifying the identity of a communication entity on the Internet, wherein the digital certificate is not a digital identity card, but a seal or a stamp (or a signature added on the digital identity card) covered on the digital identity card by an identity authentication mechanism. It is issued by an authority-CA-authority, also known as a certificate authority (Certificate Authority) center, which people can use to identify the identity of each other on the internet.
In a blockchain peer-to-peer network, nodes participate in network construction and data exchange. A node refers to a participant with a unique identity that has a complete ledger copy with the ability to participate in blockchain peer-to-peer network consensus and ledger maintenance. In the embodiment of the invention, the nodes in the institutions are nodes running in the alliance chains, belong to corresponding institutions, and possibly are in one or more groups. The node has a node certificate node. Crt and a node private key node. The nodes in the organization are linked with other nodes of the group to which the nodes belong in the organization and maintain the group. Data isolation among groups, each group independently running a respective consensus algorithm, different groups may use different consensus algorithms.
The embodiment of the invention supports a multi-group architecture, the network is shared among groups, and the isolation of network messages among the account books is realized through a network access module. All organizations negotiate to finish the alliance chain root certificate, and all organizations have node certificate node. Crt and node private key node. Key of the nodes in the corresponding organizations respectively. Inter-chassis status peering, intra-chassis nodes only communicate with other nodes of the belonging group. The inter-agency nodes may negotiate credentials with each other and create a new group. One mechanism can correspond to one in-mechanism node, or can correspond to a plurality of in-mechanism nodes; the nodes in the same organization corresponding to the same organization can belong to the same group or can belong to different groups.
Based on the above architecture, the embodiment of the present invention provides a method for constructing a blockchain, as shown in fig. 2, where the method for constructing a blockchain provided by the embodiment of the present invention includes the following steps:
In the embodiment of the invention, a first organization generates a first certificate of a node in the first organization, the first organization broadcasts the generated first certificate to a second organization and receives a second certificate of the node in the second organization, wherein the first organization is any organization in a alliance chain, the node in the first organization is any node in the nodes to which the first organization belongs, and the second organization is an organization except the first organization in the alliance chain. And the first organization verifies the received second certificate, generates a configuration file of the alliance chain according to the first certificate and the second certificate after the second certificate passes the verification, and sends the first certificate, the first private key of the first organization internal node and the configuration file to the first organization internal node so as to enable the first organization internal node to be started. In the embodiment of the invention, only the certificates are required to be broadcast among the institutions, and the private keys of the nodes are generated and maintained by the institutions, so that the private keys of the nodes in the institutions cannot go out of the intranet of the institutions, and the security of the nodes among the institutions is ensured. Meanwhile, the organizations of the alliance chain respectively generate the certificates and the private keys of the corresponding nodes, instead of generating the certificates and the private keys of other organizations by one organization, so that the peer-to-peer relationship among the organizations is ensured.
Specifically, in the federation chain of the embodiment of the invention, each organization generates node certificates for nodes in the corresponding organization, and a plurality of organizations broadcast the node certificates by adopting a peer-to-peer negotiation method and perform certificate verification. The organization can generate configuration files when the alliance chain node is started according to the certificates of all the nodes, and the node private key is stored locally in the organization and is not sent to other organizations, so that the node private key cannot be revealed, and the security of the private key is ensured. Since the generated configuration files do not contain node private keys, even if the generated configuration files are revealed, these configuration files cannot be used by non-local institutions.
The node certificate can be actively sent to other institutions in the alliance chain, namely the second institution, by the first institution; or may be obtained from the first mechanism by the second mechanism. After each organization receives the node certificates broadcast by other organizations, the information such as the issuer, the user, the validity period, the key usage, the public key contained in the certificates and the like of the certificates is verified, so that whether the node certificates are legal or not is judged. If the node certificates are legal, the node certificate negotiation is successful, and the subsequent flow is continuously executed; if there is an illegal certificate, node certificate negotiation fails.
After the node certificate negotiation is successful, each organization in the alliance chain generates a configuration file of the corresponding node in the organization, and sends the configuration file of the node in each organization, the certificate and the private key of the node in the organization to the node in the organization so as to enable the node in the organization to be started. After the first organization sends the first certificate, the first private key of the node in the first organization and the configuration file to the node in the first organization, the method further comprises:
the first in-mechanism node verifies the first certificate by using the first private key, and after verification is passed, the first in-mechanism node is started;
after the first intra-mechanism node is started, the method further comprises the following steps:
the first in-mechanism node sends a first heartbeat request to the second in-mechanism node according to the configuration file, and receives a second heartbeat request of the second in-mechanism node;
and after the first intra-institution node determines that the number of the received second heartbeat requests is greater than a first threshold value, generating an originating block of the alliance chain.
In the specific implementation process, each mechanism configures the private key of the node to an installation package of the node in the corresponding mechanism, and the node is started. At present, two configuration modes are supported, namely a key type private key encryption mode and a mode of directly loading a private key into a node folder. After the first in-mechanism node receives the first certificate, the first private key and the configuration file sent by the mechanism, the first in-mechanism node verifies the first certificate by using the first private key, judges whether the first private key is matched with the first certificate, and after the verification is passed, the first in-mechanism node starts, otherwise, the initialization process of the alliance chain is ended. After the first intra-organization node is started, a first heartbeat request is sent to other nodes in the alliance chain, namely the second intra-organization node according to the received configuration file. Nodes within the first organization will only have a consensus, i.e., co-create a blockchain, of collecting heartbeat requests from a sufficient number of other nodes. In this way, the success rate of blockchain creation is guaranteed. The consensus algorithm is that each node in the blockchain peer-to-peer network confirms a batch of transactions through an algorithm and ensures that all nodes have consistent confirmation results on the batch of data.
For example, if the number of negotiated node certificates is n, i.e. the number of nodes in the organization is n, and the operations of certificate negotiation, node deployment, etc. have been completed. After each node in the alliance chain is started, the nodes are connected with other nodes in the alliance chain according to the configuration file of the alliance chain. The first thresholds in the different consensus methods are different. If the node in the organization can only generate the created blocks of the alliance chain after collecting the heartbeat requests with the number more than 2n/3 (rounding upwards) in the PBFT (Practical Byzantine Fault Tolerance) mode, the Bayesian fault-tolerant algorithm is applied, and the consensus is further completed. In the RAFT (a distributed consistency algorithm) mode, only after heartbeat requests with the number greater than n/2 (rounded up) are collected, the alliance chain groups can be identified together, and deployment is completed. To guarantee federation chain consensus efficiency, the number of node certificates n in PBFT is not recommended to exceed 40, and the number of node certificates n in raft is not recommended to exceed 100.
Further, the first organization generates a configuration file of a federation chain according to the first certificate and the second certificate, including:
the first organization analyzes public key information and certificate fingerprints contained in the first certificate and the second certificate to generate the configuration file, wherein the configuration file contains network connection addresses of N second nodes.
The first intra-mechanism node sends a first heartbeat request to the N second nodes according to the configuration file, and the first heartbeat request comprises:
and the first intra-mechanism node sends the first heartbeat request to the N second nodes according to the network connection addresses of the N second nodes.
In the implementation process, the first organization generates a configuration file according to all node certificates in the alliance chain. Specifically, public key information and certificate fingerprints contained in a certificate are analyzed to generate serial numbers of a alliance chain, and when a subsequent node generates an originating block, the serial number information is placed into the originating block. Meanwhile, the first mechanism generates configuration files such as group capacity, network connection address and the like required by the start of the block chain. Thus, when the node in the first mechanism needs to send the first heartbeat request, the first heartbeat request can be sent to the second nodes according to the network connection address of each second node.
After the alliance chain is initialized, different groups are needed to be divided among the institutions according to different services. Each group contains a plurality of nodes, and the nodes belonging to the same organization can belong to different groups or belong to the same group.
After the first intra-institution node determines that the number of the received second heartbeat requests is greater than a threshold, generating an originating block of the alliance chain further includes:
The first organization determines a third certificate from the first certificate and the N second certificates, wherein the third certificate is a certificate corresponding to a third node belonging to a group, and the first organization comprises a first organization node belonging to the group;
the first mechanism generates a group configuration item according to the third certificate, wherein the group configuration item is used for indicating node information of the third node;
the first mechanism generates a group configuration file of the group according to the third certificate and the group configuration item;
the first organization sends the group configuration file to the first organization nodes belonging to the group;
and restarting the first intra-mechanism nodes belonging to the group according to the group configuration file so as to enable the first intra-mechanism nodes to have group attributes.
Specifically, the group is divided after the alliance chain is initialized, and since all node certificates in the alliance chain are obtained by each organization, the processes of obtaining the node certificates and verifying do not need to be executed again, and since the first organization comprises the first intra-organization nodes belonging to the group, the first organization can directly determine the third certificate corresponding to the third node belonging to the group from all the node certificates. Generating a group configuration item according to the third certificate. The group configuration item may include data such as a certificate of each node in the group, an IP of the node, a port number, and the like, and may indicate which nodes are specifically the third node in the group. The first organization analyzes public key information and certificate fingerprints contained in the certificates according to the group configuration items and the node certificates in the group, and generates a group serial number when the group is started. When the subsequent node generates the group creation block, the group serial number information is put into the group creation block. Meanwhile, the first mechanism generates configuration files such as group capacity required in dividing the group and network connection addresses of nodes in the group. After each organization generates a group configuration file, the group configuration file is sent to the nodes in the organization belonging to the group, and after the group configuration file is imported into the node installation package, the nodes are restarted. Thus, the nodes in the organization belonging to the group have group attributes after restarting according to the group configuration file.
Similar to the initialization of the federation chain, after the first intra-organization node belonging to the group is restarted according to the group configuration file, the method further includes:
the first intra-mechanism node belonging to the group sends a third heartbeat request to a third node except the first intra-mechanism node according to the group configuration file, and receives a fourth heartbeat request;
and after the nodes in the first mechanism belonging to the group determine that the number of the received fourth heartbeat requests is larger than a second threshold value, generating a group generation block of the group.
That is, nodes in the first organization only have a common knowledge of the heartbeat requests collected by a sufficient number of other nodes in the group, i.e., create a group creative block. In this way, the success rate of group division is ensured.
Further, in the embodiment of the invention, the node also has a detection function. Specifically, when the node is started, a corresponding node certificate is generated, and the node configuration item contains information such as node IP, port number, group to which the node belongs, and the like, so that the availability of the generated node is ensured.
Furthermore, the embodiment of the invention also designs a monitoring function. Corresponding monitoring services can be configured, such as reporting monitoring results to user WeChat by default configuration. According to the embodiment of the invention, the RPC (Remote Procedure Call ) request can be initiated to the nodes in the mechanism through the mechanism to obtain the related parameters when the nodes in the mechanism run, meanwhile, the nodes in the mechanism are monitored through analyzing log information when the nodes in the mechanism run, and the monitoring result is reported to the service configured by the user. For example, a monitoring service is configured by default, reporting to WeChat, personal website, dedicated service settings are supported, and reporting to enterprise WeChat, etc.
In addition, the embodiment of the invention also provides a group division method of the alliance chain, which is used for carrying out peer-to-peer group division in the alliance chain initialized in any mode. The group division method of the alliance chain in the embodiment of the invention comprises the following steps:
the first organization determines a third certificate from all certificates of the alliance chain, wherein the third certificate is a certificate corresponding to a third node belonging to the group; the first organization is any organization in the federation chain that includes nodes within the first organization that belong to the group.
The first mechanism generates a group configuration item according to the third certificate, wherein the group configuration item is used for indicating node information of the third node.
The first mechanism generates a group configuration file of the group according to the group configuration item and the third certificate.
The first organization sends the group profile to the first in-organization nodes belonging to the group.
And restarting the first intra-mechanism nodes belonging to the group according to the group configuration file so as to enable the first intra-mechanism nodes to have group attributes.
And the first intra-mechanism node belonging to the group sends a third heartbeat request to a third node except the first intra-mechanism node according to the group configuration file, and receives a fourth heartbeat request.
And after the nodes in the first mechanism belonging to the group determine that the number of the received fourth heartbeat requests is larger than a second threshold value, generating a group generation block of the group.
In the embodiment of the invention, no matter how the alliance chain is initialized, for the group division of the nodes, each node belonging to the group belongs to an organization which generates a group configuration file according to all certificates in the group and configures the group configuration file to the corresponding node installation package, so that the peer-to-peer property of the group division is maintained. Meanwhile, the private key of the node does not need to be transmitted between institutions, so that the security of the private key is ensured.
Further, the first organization generates a group configuration file of the group according to the third certificate and the group configuration item, including:
the first organization analyzes public key information and certificate fingerprints contained in the third certificate, and generates a group configuration file according to the group configuration item, wherein the group configuration file contains a group serial number of the group and a network connection address of the third node;
the first intra-mechanism node belonging to the group sends a third heartbeat request to a third node except the first intra-mechanism node according to the group configuration file, and the method comprises the following steps:
And the first intra-mechanism node belonging to the group sends the third heartbeat request to a third node except the first intra-mechanism node according to the group serial number and the network connection address of the third node.
In the implementation process, the first organization analyzes public key information and certificate fingerprints contained in the third certificate to generate a group serial number, and when the nodes of the subsequent group generate a group creation block, the group serial number information is put into the group creation block. Meanwhile, the first mechanism generates group configuration files such as group capacity required by the start of the blockchain and network connection addresses of nodes in the group. Thus, when the node in the first mechanism needs to send the heartbeat request to other nodes in the group, the heartbeat request can be sent to other nodes in the group according to the group network connection address of the node.
In order to understand the present invention more clearly, the following describes the above-mentioned process in detail with a specific embodiment, where a first embodiment is an initialization process of a federation chain, and a specific scenario is that the federation chain includes 9 nodes including node 11, node 12, … … node 19 and 4 entities including 1 to 4 entities, where node 11 and node 15 are intra-entity nodes of 1, node 11 belongs to a first group, node 15 belongs to a second group, and steps of the specific embodiment are shown in fig. 3, and include:
Step 301: organization 1 generates node credentials 110 for node 11 and node credentials 150 for node 15.
Step 302: the organization 1 broadcasts the node certificates 110 and 150, that is, transmits the node certificates of the nodes 11 and 15 to the organizations 2, 3, and 4, and receives the node certificates transmitted from the organizations 2, 3, and 4.
Step 303: the organization 1 verifies the received node certificate, if it passes the execution of step 304, otherwise it executes step 311.
Step 304: the organization 1 generates a configuration file of the federation chain from the node certificates 110 to 190.
Step 305: the organization 1 sends the configuration file to the nodes 11 and 15, and the node certificate 110 and the corresponding private key to the node 11, and the node certificate 150 and the corresponding private key to the node 15.
Step 306: the node 11 verifies the node certificate 110 with the received private key, and if the verification is passed, step 307 is performed, otherwise step 311 is performed.
Step 307: node 11 starts.
Step 308: node 11 sends a first heartbeat request to nodes 12 through 19 and receives a second heartbeat request according to the configuration file.
Step 309: the node 11 determines the number of received second heartbeat requests, if it is greater than the threshold value 5, then step 310 is performed, otherwise step 309 is performed.
Step 310: the nodes 11 make consensus.
Step 311: the federation chain initialization fails.
The second embodiment is a group partitioning process of a federation chain, and still uses the scenario in the first embodiment, where the steps of the second embodiment are shown in fig. 4, and include:
step 401: organization 1 determines from node certificates 110 through 190 that nodes 11 through 14 are a first group and nodes 15 through 19 are a second group.
Step 402: the organization 1 generates a group configuration item of the first group according to the node certificates 110 to 140, and further generates a group configuration file of the first group.
Step 403: mechanism 1 sends the group profile of the first group to node 11.
Step 404: the node 11 verifies the group configuration file with the private key, if the verification is passed, step 405 is executed, otherwise step 401 is executed.
Step 405: the node 11 restarts according to the group profile of the first group.
Step 406: node 11 sends a third heartbeat request to node 12, node 13, and node 14, and receives a fourth heartbeat request.
Step 407: the node 11 determines that the number of fourth heartbeat requests is greater than 2, then step 408 is performed, otherwise step 407 is performed.
Step 408: the nodes 11 make consensus.
The embodiment of the invention also provides a device for constructing the blockchain, as shown in fig. 5, which comprises:
a generating unit 501 configured to generate a first certificate of a node in a first organization; the node in the first organization is any node in the nodes to which the first organization belongs, and the first organization is any organization in the alliance chain;
an organization transceiver unit 502, configured to broadcast the first certificate to a second organization, and receive a second certificate of a node in the second organization, where the second organization is an organization in the federation chain other than the first organization;
a configuration unit 503, configured to verify the second certificate, and generate a configuration file of a federation chain according to the first certificate and the second certificate after the second certificate passes the verification;
the mechanism transceiver unit 502 is further configured to send the first certificate, the first private key of the first intra-mechanism node, and the configuration file to the first intra-mechanism node, so that the first intra-mechanism node is started.
Further, the method further comprises the following steps:
a starting unit 504, configured to verify the first certificate by using the first private key, and start after the verification is passed;
a node transceiver unit 505, configured to send a first heartbeat request to the second intra-mechanism node according to the configuration file, and receive a second heartbeat request of the second intra-mechanism node;
And a consensus unit 506, configured to generate an originating block of the coalition chain after determining that the number of the received second heartbeat requests is greater than a first threshold.
Further, the method further includes a determining unit 507, configured to determine a third certificate from the first certificate and the N second certificates, where the third certificate is a certificate corresponding to a third node belonging to a group, and the first organization includes a first intra-organization node belonging to the group;
the configuration unit 503 is further configured to generate a group configuration item according to the third certificate, where the group configuration item is used to indicate node information of the third node;
the configuration unit 503 is further configured to generate a group configuration file of the group according to the third certificate and the group configuration item;
the mechanism transceiver 502 is further configured to send the group configuration file to the first in-mechanism node belonging to the group;
the starting unit 504 is further configured to restart according to the group configuration file, so that the nodes in the first mechanism have a group attribute.
Further, the node transceiver 505 is further configured to send a third heartbeat request to a third node except for the node in the first mechanism according to the group configuration file, and receive a fourth heartbeat request;
The consensus unit 506 is further configured to generate a group creation block of the group after determining that the number of the received fourth heartbeat requests is greater than a second threshold.
The embodiment of the invention also provides a group dividing device of the block chain, as shown in fig. 6, which comprises:
a determining unit 601, configured to determine a third certificate from all certificates of the federation chain, where the third certificate is a certificate corresponding to a third node belonging to a group; the first organization to which the determining unit belongs is any organization in the alliance chain including nodes in the first organization belonging to the group;
a generating unit 602, configured to generate a group configuration item according to the third certificate, where the group configuration item is used to indicate node information of the third node;
the generating unit 602 is further configured to generate a group configuration file of the group according to the group configuration item and the third certificate;
and the mechanism transceiver unit 603 is configured to send the group configuration file to the first in-mechanism node belonging to the group, so that the first in-mechanism node belonging to the group restarts according to the group configuration file, and the first in-mechanism node has a group attribute.
Further, the method further comprises the following steps:
a node transceiver 604, configured to send a third heartbeat request to a third node except for the nodes in the first mechanism according to the group configuration file, and receive a fourth heartbeat request;
the consensus unit 605 is configured to generate a group generation block of the group after determining that the number of the received fourth heartbeat requests is greater than a second threshold.
Based on the same principle, the present invention also provides an electronic device, as shown in fig. 7, including:
comprises a processor 701, a memory 702, a transceiver 703 and a bus interface 704, wherein the processor 701, the memory 702 and the transceiver 703 are connected through the bus interface 704;
the processor 701 is configured to read the program in the memory 702, and execute the following method:
the first organization generates a first certificate of a node in the first organization; the first organization is any organization in a alliance chain, and the nodes in the first organization are any node in the nodes to which the first organization belongs;
the first organization broadcasts the first certificate to a second organization and receives a second certificate of a node in the second organization, wherein the second organization is an organization except the first organization in the alliance chain;
The first organization verifies the second certificate, and generates a configuration file of a alliance chain according to the first certificate and the second certificate after the second certificate passes the verification;
the first organization sends the first certificate, the first private key of the first organization node and the configuration file to the first organization node so as to enable the first organization node to be started.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (8)
1. A method of group partitioning of a blockchain, comprising:
The first organization determines a third certificate from all certificates of the alliance chain, wherein the third certificate is a certificate corresponding to a third node belonging to the group; the first organization is any organization in the alliance chain which comprises nodes in the first organization belonging to the group;
the first mechanism generates a group configuration item according to the third certificate, wherein the group configuration item is used for indicating node information of the third node;
the first organization analyzes public key information and certificate fingerprints contained in the third certificate, and generates a group configuration file according to the group configuration item, wherein the group configuration file contains a group serial number of the group and a network connection address of the third node;
the first organization sends the group configuration file to the first organization nodes belonging to the group, so that the first organization nodes belonging to the group restart according to the group configuration file, and the first organization nodes have group attributes.
2. The method of claim 1, wherein after the first in-house node belonging to the group reboots according to the group profile, further comprising:
The first intra-mechanism node belonging to the group sends a third heartbeat request to a third node except the first intra-mechanism node according to the group configuration file, and receives a fourth heartbeat request;
and after the nodes in the first mechanism belonging to the group determine that the number of the received fourth heartbeat requests is larger than a second threshold value, generating a group generation block of the group.
3. The method of claim 2, wherein the first in-house node belonging to the group sends a third heartbeat request to a third node other than the first in-house node according to the group profile, comprising:
and the first intra-mechanism node belonging to the group sends the third heartbeat request to a third node except the first intra-mechanism node according to the group serial number and the network connection address of the third node.
4. A group partitioning apparatus for a blockchain, comprising:
a determining unit, configured to determine a third certificate from all certificates of the federation chain, where the third certificate is a certificate corresponding to a third node belonging to the group; the first organization to which the determining unit belongs is any organization in the alliance chain including nodes in the first organization belonging to the group;
A generation unit configured to generate a group configuration item according to the third certificate, where the group configuration item is used to indicate node information of the third node;
the generating unit is further configured to analyze public key information and a certificate fingerprint included in the third certificate, and generate, according to the group configuration item, the group configuration file, where the group configuration file includes a group serial number of the group and a network connection address of the third node;
and the mechanism receiving and transmitting unit is used for transmitting the group configuration file to the first in-mechanism nodes belonging to the group so that the first in-mechanism nodes belonging to the group restart according to the group configuration file, and the first in-mechanism nodes have group attributes.
5. The apparatus as recited in claim 4, further comprising:
the node receiving and transmitting unit is used for sending a third heartbeat request to a third node except the nodes in the first mechanism according to the group configuration file and receiving a fourth heartbeat request;
and the consensus unit is used for generating a group generation block of the group after determining that the number of the received fourth heartbeat requests is larger than a second threshold value.
6. The apparatus of claim 5, wherein the node transceiver unit is specifically configured to:
and the first intra-mechanism node belonging to the group sends the third heartbeat request to a third node except the first intra-mechanism node according to the group serial number and the network connection address of the third node.
7. An electronic device, comprising:
at least one processor; the method comprises the steps of,
a memory communicatively coupled to the at least one processor; wherein,,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-3.
8. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the method of any one of claims 1-3.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110505653.5A CN113098907B (en) | 2019-03-05 | 2019-03-05 | Group division method and device for block chain |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110505653.5A CN113098907B (en) | 2019-03-05 | 2019-03-05 | Group division method and device for block chain |
CN201910165256.0A CN110035059B (en) | 2019-03-05 | 2019-03-05 | Block chain construction method and device |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910165256.0A Division CN110035059B (en) | 2019-03-05 | 2019-03-05 | Block chain construction method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113098907A CN113098907A (en) | 2021-07-09 |
CN113098907B true CN113098907B (en) | 2023-07-11 |
Family
ID=67235767
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110505653.5A Active CN113098907B (en) | 2019-03-05 | 2019-03-05 | Group division method and device for block chain |
CN201910165256.0A Active CN110035059B (en) | 2019-03-05 | 2019-03-05 | Block chain construction method and device |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910165256.0A Active CN110035059B (en) | 2019-03-05 | 2019-03-05 | Block chain construction method and device |
Country Status (2)
Country | Link |
---|---|
CN (2) | CN113098907B (en) |
WO (1) | WO2020177508A1 (en) |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113098907B (en) * | 2019-03-05 | 2023-07-11 | 深圳前海微众银行股份有限公司 | Group division method and device for block chain |
CN112884562B (en) * | 2019-11-30 | 2024-03-19 | 腾讯科技(深圳)有限公司 | Mortgage processing method and device based on blockchain and readable storage medium |
CN111586102B (en) * | 2020-04-07 | 2021-05-18 | 浙商银行股份有限公司 | BFT consensus-based alliance chain networking method |
CN112200575B (en) * | 2020-05-28 | 2022-05-31 | 支付宝(杭州)信息技术有限公司 | Node group creating method and node group-based transaction method in alliance chain network |
CN111541724B (en) | 2020-07-08 | 2021-06-29 | 支付宝(杭州)信息技术有限公司 | Block chain all-in-one machine and automatic node adding method and device thereof |
CN111541552B (en) | 2020-07-08 | 2021-06-22 | 支付宝(杭州)信息技术有限公司 | Block chain all-in-one machine and automatic node adding method and device thereof |
CN111541727B (en) * | 2020-07-08 | 2020-10-20 | 支付宝(杭州)信息技术有限公司 | Block chain all-in-one machine and automatic chain building method and device thereof |
CN112435024B (en) * | 2020-11-17 | 2022-06-10 | 浙江大学 | Alliance chain cross-chain privacy protection method based on group signature and CA multi-party authentication |
CN112419060B (en) * | 2020-11-20 | 2024-03-22 | 上海树图区块链研究院 | Asset hosting system, asset management method, node and medium |
CN112564895B (en) * | 2020-11-26 | 2022-10-21 | 中国船舶工业系统工程研究院 | Block chain-based unmanned ship cluster trusted networking method and system and storage medium |
CN112583858B (en) * | 2021-01-05 | 2023-04-18 | 广州华资软件技术有限公司 | Unified identity authentication method based on block chain PBFT algorithm |
CN114465714B (en) * | 2021-12-23 | 2023-06-20 | 杭州溪塔科技有限公司 | Node configuration method and system in alliance chain |
CN114745189B (en) * | 2022-04-20 | 2023-10-13 | 中国工商银行股份有限公司 | Method for trunking communication and related device thereof |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101490687A (en) * | 2006-07-07 | 2009-07-22 | 桑迪士克股份有限公司 | Control system and method using identity objects |
CN107079059A (en) * | 2016-12-21 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Block chain storage method and device and node equipment |
CN107171806A (en) * | 2017-05-18 | 2017-09-15 | 北京航空航天大学 | Mobile terminal network cryptographic key negotiation method based on block chain |
CN108011885A (en) * | 2017-12-07 | 2018-05-08 | 北京科技大学 | A kind of E-mail encryption method and system based on group cipher system |
CN108881290A (en) * | 2018-07-17 | 2018-11-23 | 深圳前海微众银行股份有限公司 | Digital certificate application method, system and storage medium based on block chain |
CN109104311A (en) * | 2018-08-06 | 2018-12-28 | 腾讯科技(深圳)有限公司 | Device management method, device, medium and electronic equipment based on block chain |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017127564A1 (en) * | 2016-01-19 | 2017-07-27 | Priv8Pay, Inc. | Network node authentication |
JP6648555B2 (en) * | 2016-02-29 | 2020-02-14 | 富士ゼロックス株式会社 | Information processing device and program |
US10856122B2 (en) * | 2016-05-31 | 2020-12-01 | Intel Corporation | System, apparatus and method for scalable internet of things (IoT) device on-boarding with quarantine capabilities |
CN108052530B (en) * | 2017-11-10 | 2020-12-11 | 杭州云象网络技术有限公司 | Decentralized CA construction method and system based on alliance chain |
US10057243B1 (en) * | 2017-11-30 | 2018-08-21 | Mocana Corporation | System and method for securing data transport between a non-IP endpoint device that is connected to a gateway device and a connected service |
CN108256864B (en) * | 2018-02-13 | 2019-06-07 | 中链科技有限公司 | Foundation across chain alliance and communication means, system between a kind of block chain |
CN108416589A (en) * | 2018-03-08 | 2018-08-17 | 深圳前海微众银行股份有限公司 | Connection method, system and the computer readable storage medium of block chain node |
CN111901121B (en) * | 2018-04-03 | 2023-09-29 | 创新先进技术有限公司 | Cross-blockchain authentication method and device and electronic equipment |
CN109189962B (en) * | 2018-08-17 | 2021-12-21 | 福建南威软件有限公司 | License service implementation system based on block chain |
CN109040279B (en) * | 2018-08-21 | 2020-06-23 | 京东数字科技控股有限公司 | Block chain network networking method, device, equipment and readable storage medium |
CN109167771B (en) * | 2018-08-21 | 2020-06-05 | 京东数字科技控股有限公司 | Authentication method, device and equipment based on alliance chain and readable storage medium |
CN109242467B (en) * | 2018-09-17 | 2021-01-01 | 金蝶软件(中国)有限公司 | Block chain-based networking method and device, computer equipment and storage medium |
CN109067553B (en) * | 2018-10-17 | 2021-06-25 | 杭州趣链科技有限公司 | Block chain distributed certificate management method based on intelligent contracts |
CN113098907B (en) * | 2019-03-05 | 2023-07-11 | 深圳前海微众银行股份有限公司 | Group division method and device for block chain |
-
2019
- 2019-03-05 CN CN202110505653.5A patent/CN113098907B/en active Active
- 2019-03-05 CN CN201910165256.0A patent/CN110035059B/en active Active
-
2020
- 2020-02-11 WO PCT/CN2020/074750 patent/WO2020177508A1/en active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101490687A (en) * | 2006-07-07 | 2009-07-22 | 桑迪士克股份有限公司 | Control system and method using identity objects |
CN107079059A (en) * | 2016-12-21 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Block chain storage method and device and node equipment |
CN107171806A (en) * | 2017-05-18 | 2017-09-15 | 北京航空航天大学 | Mobile terminal network cryptographic key negotiation method based on block chain |
CN108011885A (en) * | 2017-12-07 | 2018-05-08 | 北京科技大学 | A kind of E-mail encryption method and system based on group cipher system |
CN108881290A (en) * | 2018-07-17 | 2018-11-23 | 深圳前海微众银行股份有限公司 | Digital certificate application method, system and storage medium based on block chain |
CN109104311A (en) * | 2018-08-06 | 2018-12-28 | 腾讯科技(深圳)有限公司 | Device management method, device, medium and electronic equipment based on block chain |
Non-Patent Citations (2)
Title |
---|
"Building Redactable Consortium Blockchain for Industrial Internet-of-Things";Ke Huang、Xiaosong Zhang、Yi Mu;《IEEE Transactions on Industrial Informatics》;20190222;第15卷(第6期);全文 * |
"分布式网络环境下基于区块链的密钥管理方案";戴千一、徐开勇、郭松、蔡国明、周致成;《网络与信息安全学报》;20180915;第4卷(第09期);第23-35页 * |
Also Published As
Publication number | Publication date |
---|---|
CN113098907A (en) | 2021-07-09 |
WO2020177508A1 (en) | 2020-09-10 |
CN110035059B (en) | 2021-09-28 |
CN110035059A (en) | 2019-07-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113098907B (en) | Group division method and device for block chain | |
CN109462587B (en) | Block chain layered consensus method, block chain network system and block chain node | |
US11128522B2 (en) | Changing a master node in a blockchain system | |
EP3540628B1 (en) | Mechanism for efficient validation of finality proof in lightweight distributed ledger clients | |
CN111556120B (en) | Data processing method and device based on block chain, storage medium and equipment | |
US20180308091A1 (en) | Fairness preserving byzantine agreements | |
CN110769035B (en) | Block chain asset issuing method, platform, service node and storage medium | |
Cai et al. | Towards private, robust, and verifiable crowdsensing systems via public blockchains | |
CN113328997B (en) | Alliance chain crossing system and method | |
CN110569251A (en) | Data processing method, related equipment and computer readable storage medium | |
CN115210741A (en) | Partially ordered block chain | |
CN110417790B (en) | Block chain real-name system queuing system and method | |
CN111861477A (en) | Block chain-based post-transaction data processing method and device and computer equipment | |
JP7479393B2 (en) | SYSTEM AND METHOD FOR A VIRTUAL DISTRIBUTED LEDGER NETWORK | |
CN112152778B (en) | Node management method and device and electronic equipment | |
CN112527912A (en) | Data processing method and device based on block chain network and computer equipment | |
JP2024509666A (en) | Blockchain data segregation | |
CN112231755A (en) | Data authorization method, device and system based on block chain | |
CN110008739B (en) | Block chain system based on group, group management method and device | |
CN116583833A (en) | Self-auditing blockchain | |
CN112926983A (en) | Block chain-based deposit certificate transaction encryption system and method | |
CN116866340A (en) | Method, device, equipment and storage medium for capacity sharing cooperation based on block chain | |
CN114448639B (en) | Decentralized identity system with uniqueness and secret key safety and implementation method | |
CN111988202B (en) | Node switching method, device and storage medium | |
CN114710362A (en) | Identity authentication method and device based on block chain and electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |