CN113179311A - Block chain authority multiple control method and system - Google Patents
Block chain authority multiple control method and system Download PDFInfo
- Publication number
- CN113179311A CN113179311A CN202110444528.8A CN202110444528A CN113179311A CN 113179311 A CN113179311 A CN 113179311A CN 202110444528 A CN202110444528 A CN 202110444528A CN 113179311 A CN113179311 A CN 113179311A
- Authority
- CN
- China
- Prior art keywords
- authority
- data
- control
- node
- control information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000013475 authorization Methods 0.000 claims abstract description 43
- 238000012545 processing Methods 0.000 claims description 15
- 238000004891 communication Methods 0.000 claims description 6
- 238000004590 computer program Methods 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 8
- 230000008569 process Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000003993 interaction Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a block chain authority multiple control method and a block chain authority multiple control system, and relates to the field of block chains. A block chain authority multiple control method comprises the following steps: receiving a data control request about authority encryption data, which is initiated by a data authority party; executing a data control request to verify the control authority of the data authority; issuing the authority control information to each node of the block chain network through an intelligent contract, and decrypting a secret key of the authority control information by using a decryption parameter corresponding to the secret parameter after an authorization node corresponding to an authorizer receives the authority control information through the intelligent contract; and decrypting the authority control information based on the decrypted secret key and the public encryption and decryption parameters so as to decrypt and authorize the authority control information to the authorization node. Which enables efficient multiple control of permissions in a blockchain network. The invention also provides a block chain authority multiple control system, which comprises: the device comprises a request receiving module, an execution module, a decryption module and an authorization module.
Description
Technical Field
The invention relates to the field of block chains, in particular to a block chain authority multiple control method and a block chain authority multiple control system.
Background
The blockchain is essentially a distributed database, and information on the blockchain is shared by the P2P (Peer-to-Peer) network to all nodes. The problem with this information sharing property of blockchains is that: if party a wants to publish a product assigned to party B and party C, then the other parties in the blockchain are not entitled to any information about the product, and the blockchain as a distributed database is difficult to implement without modification.
A simpler solution in the prior art is to add authority control to data call on the smart contract, for example, when a participant D wants to read product information issued by the participant a through an API (Application Programming Interface), the smart contract finds that D has no specified authority and denies the Application, however, this solution has the following problems: if the participant D owns the relevant node, the information in the non-encrypted state in the node database can be directly read, so that the participant D can still read the product information issued by the participant A, and the information protection is difficult to be implemented in an authorized manner unless tamper-resistant hardware protection or central management (such as cloud management) is implemented on the node.
Therefore, how to implement effective authority control of transaction processing in a decentralized blockchain network has become a technical problem to be solved urgently.
Disclosure of Invention
The invention aims to provide a block chain authority multi-control method which can effectively perform multi-control on the authority of transaction processing in a block chain network.
Another objective of the present invention is to provide a system for multiple block chain authorities control, which is capable of operating a method for multiple block chain authorities control.
The embodiment of the invention is realized by the following steps:
in a first aspect, an embodiment of the present application provides a block chain authority multiple control method, which includes receiving a data control request for authority encryption data, where the data control request is initiated by a data authority; executing a data control request to verify the control authority of the data authority; issuing the authority control information to each node of the block chain network through an intelligent contract, and decrypting a secret key of the authority control information by using a decryption parameter corresponding to the secret parameter after an authorization node corresponding to an authorizer receives the authority control information through the intelligent contract; and decrypting the authority control information based on the decrypted secret key and the public encryption and decryption parameters so as to decrypt and authorize the authority control information to the authorization node.
In some embodiments of the present invention, the receiving of the data control request for rights encrypted data from the data authority party includes: and receiving a data uploading request about the authority encrypted data, which is initiated by the data authority party, wherein the data uploading request carries the identity information of the data authority party.
In some embodiments of the present invention, the above further includes: and executing a data uploading request to uplink and store the authority encryption data and the identity information of the data authority.
In some embodiments of the present invention, the executing the data control request to verify the control right of the data authority includes: and executing the data control request to determine whether the data authority is authorized or not based on the access authorization record of the encrypted data stored in the block chain network and the authority identity information carried in the data control request.
In some embodiments of the present invention, the above further includes: and if the data authority is authorized, acquiring an authorized public key of the data authority from the block chain network, and verifying the private key signature carried in the data control request by using the authorized public key.
In some embodiments of the present invention, the decrypting the authorization control information based on the decrypted key and the public encryption and decryption parameter to authorize the authorization node by decrypting the authorization node with the authorization control information includes: after the authorized node generates the feedback information corresponding to the decrypted authority control information, the feedback information is encrypted based on an encryption protocol and a secret key, and the encrypted feedback information is broadcasted by each node of the block chain network by using an intelligent contract.
In some embodiments of the present invention, the above further includes: and if the intelligent contract of the unauthorized node sends a decryption authorization request carrying identity authentication information to the issuing node aiming at the encrypted authority control information, the authority processing of the issuing node performs user identity authentication based on the identity authentication information.
In a second aspect, an embodiment of the present application provides a block chain authority multiple control system, which includes a receiving request module, configured to receive a data control request for authority encrypted data, where the data control request is initiated by a data authority; the execution module is used for executing the data control request so as to verify the control authority of the data authority party; the decryption module is used for issuing the authority control information to each node of the block chain network through the intelligent contract, and after receiving the authority control information through the intelligent contract, the authorization node corresponding to the authorizer decrypts the secret key of the authority control information by using the decryption parameter corresponding to the secret parameter; and the authorization module is used for decrypting the authority control information based on the decrypted secret key and the public encryption and decryption parameters so as to decrypt and authorize the authority control information to the authorization node.
In some embodiments of the invention, the above includes: at least one memory for storing computer instructions; at least one processor in communication with the memory, wherein the at least one processor, when executing the computer instructions, causes the system to: the device comprises a request receiving module, an execution module, a decryption module and an authorization module.
In a third aspect, embodiments of the present application provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements a method such as any one of the blockchain-authority multi-control methods.
Compared with the prior art, the embodiment of the invention has at least the following advantages or beneficial effects:
the authority processing system of each node is used for processing authority control and information sharing is carried out by the intelligent contract, if an issuer has encrypted authority control information to carry out decryption authorization on at least one authorizer, the issuer encrypts a secret key of the authority control information by using a secret parameter corresponding to the authorizer, then a public encryption and decryption parameter and a secret parameter are issued by the intelligent contract, the authorizing node decrypts the secret key of the authority control information by using the decryption parameter corresponding to the secret parameter, finally the authority control information can be decrypted by using the secret key and the public encryption and decryption parameter, the authority control information is decrypted and authorized from the issuer to the authorizing node, the authorizing node can obtain the read authority control information and can execute subsequent control authority, other nodes except the authorizing node have no related authority, the authority of transaction processing in the block chain network can be effectively controlled, and the reliability of the system is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
Fig. 1 is a schematic diagram illustrating a block chain authority multiple control method according to an embodiment of the present invention;
fig. 2 is a detailed step diagram of a block chain authority multiple control method according to an embodiment of the present invention;
fig. 3 is a block chain authority multiple control system module according to an embodiment of the present invention;
fig. 4 is an electronic device according to an embodiment of the present invention.
Icon: 10-a request receiving module; 20-an execution module; 30-a decryption module; 40-authorization module.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present application, presented in the accompanying drawings, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Some embodiments of the present application will be described in detail below with reference to the accompanying drawings. The embodiments described below and the individual features of the embodiments can be combined with one another without conflict.
Example 1
Referring to fig. 1, fig. 1 is a schematic diagram illustrating a block chain authority multiple control method according to an embodiment of the present invention, which includes the following steps:
step S100, receiving a data control request about authority encrypted data, which is initiated by a data authority party;
in some embodiments, in order to ensure that data stored in the blockchain network is not randomly accessed by any data authority, and improve the storage security of the data, each data authority can encrypt the data associated with the data authority, set the access authority of the data, and then perform uplink storage on the encrypted data and the corresponding access authority, if a data authority wants to access the encrypted data of the data authority, the encrypted data needs to be decrypted by the data authority of the encrypted data, and the data authority can access the encrypted data.
In the block chain network, the specific information of the stored data is not public, and other data authorities except the data authority can only see the basic information of all data in the block chain; the basic information comprises description information corresponding to the data and a decryption service access address corresponding to the data. The description information of the data may be attribute information of the data, such as the type of the data or the specific function of the data; the decryption service access address of the data is the storage address of the data in the blockchain network, and the data authority can check the encrypted data to be accessed by calling the decryption service address.
Step S110, executing a data control request to verify the control authority of the data authority party;
in some embodiments, in the current block chain network, as long as a data authority party joins the network, all data stored in the block chain network can be directly accessed, so that the storage security of the data is greatly reduced; in order to ensure the security of data access, the access right of a data authority is verified to ensure that the identity of the data authority is legal, and the data authority has the right to access encrypted data.
If the access right of the data authority passes the verification, the identity of the data authority is indicated to be legal, and the data authority can be accessed; and if the access right verification of the data authority party fails, the identity of the data authority party is illegal, and the data authority party does not have the right to access the encrypted data, the data authority party is refused to access the encrypted data.
Step S120, issuing the authority control information to each node of the block chain network through an intelligent contract, and decrypting a secret key of the authority control information by using a decryption parameter corresponding to the secret parameter after an authorization node corresponding to an authorizer receives the authority control information through the intelligent contract;
in some embodiments, after the authorization node decrypts the authorization control information, that is, after the authorization node obtains the related authority (e.g., read authority, etc.) of the authorization control information, and determines whether to perform control with respect to the related authority, the authorization node generates corresponding feedback information. In order to disclose the feedback information only to the publishing node and each authorized node so that the publishing node and each other authorized node can know which nodes have the related rights of the rights control information, the rights processing system of the authorized node encrypts the feedback information based on the encryption protocol and the secret key in the common encryption and decryption parameter, wherein the encryption protocol is, for example, the DES encryption protocol, the AES encryption protocol, the RSA encryption protocol, and the like corresponding to the DES decryption protocol, the AES decryption protocol, and the RSA decryption protocol. And then, broadcasting the encrypted feedback information to each node of the block chain network by using an intelligent contract so as to read and decrypt the feedback information by the publishing node and other authorized nodes.
In step S130, the authority control information is decrypted based on the decrypted key and the public encryption and decryption parameter, so as to decrypt and authorize the authority control information to the authorized node.
In some embodiments, if the feedback information is the confirmation control information corresponding to the authority control information, the publishing node executes the control transaction corresponding to the authority control information of the authorized node; and if the feedback information is refused control information corresponding to the authority control information, the issuing node refuses to execute the control transaction corresponding to the authority control information of the authorized node.
Example 2
Referring to fig. 2, fig. 2 is a detailed step diagram of a block chain authority multiple control method according to an embodiment of the present invention, which is shown as follows:
step S200, receiving a data uploading request about the authority encrypted data, which is initiated by the data authority party, wherein the data uploading request carries the identity information of the data authority party.
Step S210, a data upload request is executed to uplink the encrypted data of the authority and the identity information of the data authority.
Step S220, executing the data control request to determine whether the data authority is authorized based on the access authorization record of the encrypted data stored in the blockchain network and the authority identity information carried in the data control request.
Step S230, if the data authority authorizes, obtaining the authorized public key of the data authority from the blockchain network, and verifying the private key signature carried in the data control request by using the authorized public key.
In step S240, after the authorized node generates the feedback information corresponding to the decrypted authorization control information, the feedback information is encrypted based on the encryption protocol and the key, and the encrypted feedback information is broadcasted by each node of the block chain network using the smart contract.
Step S250, if the intelligent contract of the unauthorized node sends a decryption authorization request carrying identity authentication information to the issuing node aiming at the encrypted authority control information, the authority processing of the issuing node performs user identity authentication based on the identity authentication information.
In some embodiments, the intelligent contracts are media of interaction between a block chain network and a user, and are the basis for executing all transactions on the Taifang platform, and chain codes refer to written intelligent contract codes and can realize system level functions and application level functions. Therefore, the role-based access control method can be realized by designing chain code logic through an intelligent contract. Before designing an access control module, the following concepts are first defined: (1) c is an intelligent contract that can run on the Etherhouse platform; (2) the uCser is an authorized legal user in the Ethernet workshop network and is a deployer of the contract C; (3) uiser is the caller of contract C.
After the intelligent contract is successfully deployed, the uCser has control authority over contract data, and account addresses with the length of 20 bits of a transaction sender and a transaction receiver can be added to an access authority list of the contract C according to the transaction proposal content. When the intelligent contract is called by the uCser, the system firstly searches a preset access authority list, if the uCser is positioned in the list, contract logic can be executed according to a triggering condition and a response rule, and a distributed evidence storing function is operated; if uCser does not satisfy the set conditions of the list, the contract invocation fails. The method can realize the logical separation of roles and authorities.
However, this approach has the disadvantage that the contract deployer uCser can modify the preset access rights list. When a new transaction is created, the uCser is required to write account addresses of both transaction parties into a list in person, and the operation and maintenance of the system are inconvenient for a long time. Meanwhile, when the transaction amount reaches a certain peak value, the storage and query of the access authority list have the phenomena of low efficiency and low flexibility.
Example 3
Referring to fig. 3, fig. 3 is a block chain authority multiple control system module schematic diagram according to an embodiment of the present invention, which is shown as follows:
a receiving request module 10, configured to receive a data control request for permission-encrypted data, where the request is initiated by a data permission party;
an execution module 20, configured to execute a data control request to verify a control authority of a data authority;
the decryption module 30 is configured to issue the authority control information to each node of the block link network through an intelligent contract, and after receiving the authority control information through the intelligent contract, an authorization node corresponding to an authorizer decrypts a key of the authority control information by using a decryption parameter corresponding to the secret parameter;
and the authorization module 40 is configured to decrypt the authority control information based on the decrypted key and the public encryption and decryption parameter, so as to perform decryption authorization on the authorization node by using the authority control information.
As shown in fig. 4, an embodiment of the present application provides an electronic device, which includes a memory 101 for storing one or more programs; a processor 102. The one or more programs, when executed by the processor 102, implement the method of any of the first aspects as described above.
Also included is a communication interface 103, and the memory 101, processor 102 and communication interface 103 are electrically connected to each other, directly or indirectly, to enable transfer or interaction of data. For example, the components may be electrically connected to each other via one or more communication buses or signal lines. The memory 101 may be used to store software programs and modules, and the processor 102 executes the software programs and modules stored in the memory 101 to thereby execute various functional applications and data processing. The communication interface 103 may be used for communicating signaling or data with other node devices.
The Memory 101 may be, but is not limited to, a Random Access Memory 101 (RAM), a Read Only Memory 101 (ROM), a Programmable Read Only Memory 101 (PROM), an Erasable Read Only Memory 101 (EPROM), an electrically Erasable Read Only Memory 101 (EEPROM), and the like.
The processor 102 may be an integrated circuit chip having signal processing capabilities. The Processor 102 may be a general-purpose Processor 102, including a Central Processing Unit (CPU) 102, a Network Processor 102 (NP), and the like; but may also be a Digital Signal processor 102 (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware components.
In the embodiments provided in the present application, it should be understood that the disclosed method and system and method can be implemented in other ways. The method and system embodiments described above are merely illustrative, for example, the flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of methods and systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
In another aspect, embodiments of the present application provide a computer-readable storage medium, on which a computer program is stored, which, when executed by the processor 102, implements the method according to any one of the first aspect described above. The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory 101 (ROM), a Random Access Memory 101 (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In summary, the method and system for multiple control of block chain permissions provided by the embodiments of the present application construct a permission processing system and deploy an intelligent contract at each node of a block chain network, the permission processing system of each node processes permission control and performs information sharing by the intelligent contract, if an issuer has encrypted permission control information to perform decryption authorization on at least one authorizer, the issuer encrypts a key of the permission control information by using a secret parameter corresponding to the authorizer, then issues a public encryption/decryption parameter and a secret parameter by the intelligent contract, the authorizer decrypts the key of the permission control information by using a decryption parameter corresponding to the secret parameter, and finally decrypts the permission control information by using the key and the encryption/decryption parameter, thereby realizing decryption authorization of the permission control information from the issuer to the at least one authorizer, the authorization node can obtain the read authority control information and can execute subsequent control authority, other nodes except the authorization node have no related authority, the authority of the transaction processing in the block chain network can be effectively controlled, and the reliability of the system is improved.
The above is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes will occur to those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
It will be evident to those skilled in the art that the present application is not limited to the details of the foregoing illustrative embodiments, and that the present application may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the application being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Claims (10)
1. A method for multiple control of block chain permissions, comprising:
receiving a data control request about authority encryption data, which is initiated by a data authority party;
executing a data control request to verify the control authority of the data authority;
issuing the authority control information to each node of the block chain network through an intelligent contract, and decrypting a secret key of the authority control information by using a decryption parameter corresponding to the secret parameter after an authorization node corresponding to an authorizer receives the authority control information through the intelligent contract;
and decrypting the authority control information based on the decrypted secret key and the public encryption and decryption parameters so as to decrypt and authorize the authority control information to the authorization node.
2. The method as claimed in claim 1, wherein the receiving the data control request for rights encryption data from the data rights issuer comprises:
and receiving a data uploading request about the authority encrypted data, which is initiated by the data authority party, wherein the data uploading request carries the identity information of the data authority party.
3. The method as claimed in claim 2, further comprising:
and executing a data uploading request to uplink and store the authority encryption data and the identity information of the data authority.
4. The method as claimed in claim 1, wherein said executing the data control request to verify the control authority of the data authority comprises:
and executing the data control request to determine whether the data authority is authorized or not based on the access authorization record of the encrypted data stored in the block chain network and the authority identity information carried in the data control request.
5. The method as claimed in claim 4, further comprising:
and if the data authority is authorized, acquiring an authorized public key of the data authority from the block chain network, and verifying the private key signature carried in the data control request by using the authorized public key.
6. The method as claimed in claim 1, wherein the decrypting the entitlement control message based on the decrypted key and the public encryption/decryption parameter to authorize the authorization node to decrypt the entitlement control message comprises:
after the authorized node generates the feedback information corresponding to the decrypted authority control information, the feedback information is encrypted based on an encryption protocol and a secret key, and the encrypted feedback information is broadcasted by each node of the block chain network by using an intelligent contract.
7. The method as claimed in claim 6, further comprising:
and if the intelligent contract of the unauthorized node sends a decryption authorization request carrying identity authentication information to the issuing node aiming at the encrypted authority control information, the authority processing of the issuing node performs user identity authentication based on the identity authentication information.
8. A system for multiple control of block chain permissions, comprising:
the receiving request module is used for receiving a data control request which is initiated by a data authority party and is related to authority encrypted data;
the execution module is used for executing the data control request so as to verify the control authority of the data authority party;
the decryption module is used for issuing the authority control information to each node of the block chain network through the intelligent contract, and after receiving the authority control information through the intelligent contract, the authorization node corresponding to the authorizer decrypts the secret key of the authority control information by using the decryption parameter corresponding to the secret parameter;
and the authorization module is used for decrypting the authority control information based on the decrypted secret key and the public encryption and decryption parameters so as to decrypt and authorize the authority control information to the authorization node.
9. The system of claim 8, comprising:
at least one memory for storing computer instructions;
at least one processor in communication with the memory, wherein the at least one processor, when executing the computer instructions, causes the system to perform: the device comprises a request receiving module, an execution module, a decryption module and an authorization module.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110444528.8A CN113179311A (en) | 2021-04-23 | 2021-04-23 | Block chain authority multiple control method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110444528.8A CN113179311A (en) | 2021-04-23 | 2021-04-23 | Block chain authority multiple control method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113179311A true CN113179311A (en) | 2021-07-27 |
Family
ID=76924826
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110444528.8A Pending CN113179311A (en) | 2021-04-23 | 2021-04-23 | Block chain authority multiple control method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113179311A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106534097A (en) * | 2016-10-27 | 2017-03-22 | 上海亿账通区块链科技有限公司 | Block chain trading based authority control method and system |
| CN109889479A (en) * | 2018-12-21 | 2019-06-14 | 中链科技有限公司 | User identity based on block chain deposits card, verification method and device and verification system |
| CN111371543A (en) * | 2020-01-08 | 2020-07-03 | 中国科学院重庆绿色智能技术研究院 | Internet of things equipment access control method based on double-block chain structure |
| US20200259643A1 (en) * | 2019-02-08 | 2020-08-13 | Talenting Inc. | Systems and methods for biometric key generation in data access control, data verification, and path selection in block chain-linked workforce data management |
| CN112468504A (en) * | 2020-11-30 | 2021-03-09 | 四川易诚智讯科技有限公司 | Industrial control network access control method based on block chain |
-
2021
- 2021-04-23 CN CN202110444528.8A patent/CN113179311A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106534097A (en) * | 2016-10-27 | 2017-03-22 | 上海亿账通区块链科技有限公司 | Block chain trading based authority control method and system |
| CN109889479A (en) * | 2018-12-21 | 2019-06-14 | 中链科技有限公司 | User identity based on block chain deposits card, verification method and device and verification system |
| US20200259643A1 (en) * | 2019-02-08 | 2020-08-13 | Talenting Inc. | Systems and methods for biometric key generation in data access control, data verification, and path selection in block chain-linked workforce data management |
| CN111371543A (en) * | 2020-01-08 | 2020-07-03 | 中国科学院重庆绿色智能技术研究院 | Internet of things equipment access control method based on double-block chain structure |
| CN112468504A (en) * | 2020-11-30 | 2021-03-09 | 四川易诚智讯科技有限公司 | Industrial control network access control method based on block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7267294B2 (en) | Systems and methods for recording device lifecycle transactions as versioned blocks in a blockchain network using transaction connectors and broker services | |
| US10708070B2 (en) | System and method for utilizing connected devices to enable secure and anonymous electronic interaction in a decentralized manner | |
| KR102318637B1 (en) | Methods of data transmission, methods of controlling the use of data, and cryptographic devices | |
| CN100517297C (en) | Method and apparatus for digital rights management using certificate revocation list | |
| CN101361076B (en) | Mobile memory system for secure storage and delivery of media content | |
| KR20200098561A (en) | Device identification system and method for subscription and registration of connected endpoint devices, and blockchain service | |
| EP1636664B1 (en) | Proof of execution using random function | |
| CN111914293B (en) | Data access right verification method and device, computer equipment and storage medium | |
| CN110650139B (en) | Resource access control method and system for cloud platform | |
| CN111935187B (en) | Data access method and device | |
| CN115801276B (en) | Automobile network threat information secure sharing method, system and storage medium | |
| CN112967054B (en) | Data management method, device and equipment | |
| US20240064009A1 (en) | Distributed anonymized compliant encryption management system | |
| CN114091058A (en) | Method and system for secure sharing of data between a first area and a second area | |
| CN112423302A (en) | Wireless network access method, terminal and wireless access equipment | |
| CN115048672A (en) | Data auditing method and device based on block chain, processor and electronic equipment | |
| CN113179311A (en) | Block chain authority multiple control method and system | |
| CN112187777A (en) | Intelligent traffic sensing data encryption method and device, computer equipment and storage medium | |
| CN117077089B (en) | Algorithm authorization system and method | |
| CN112673591A (en) | System and method for providing authorized third parties with secure key escrow access to a secret public ledger | |
| CN115987988B (en) | Relay chain-based attribute proxy re-encryption method, model and storage medium | |
| CN116827653B (en) | Data encryption and authorization management method based on Hyperledger Fabric alliance chain | |
| CN117294465B (en) | Attribute encryption system and method based on cross-domain communication | |
| CN116743770A (en) | Cross-regional resource transfer information pushing method, system, device and computer equipment | |
| CN117473551A (en) | Data sharing method based on block chain and access control |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210727 |