CN114297607A

CN114297607A - Identity authentication method and equipment

Info

Publication number: CN114297607A
Application number: CN202010999825.4A
Authority: CN
Inventors: 王东晖; 陈晶; 詹泽怡
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2020-09-22
Filing date: 2020-09-22
Publication date: 2022-04-08

Abstract

The application provides an identity authentication method and equipment, which realize cross-domain access of users with different security domains through the security domains, a storage system and a framework of a block chain. The method comprises the following steps: a user of a first security domain receives identity authentication information of a user of a second security domain sent by a user of the second security domain; a user of a first security domain acquires first data from a first storage system, wherein the first data is used for verifying identity authentication information; and the user of the first security domain authenticates the identity information according to the first data to obtain an authentication result, wherein the authentication result comprises passing authentication and not passing authentication.

Description

Identity authentication method and equipment

Technical Field

The present application relates to the field of identity authentication technology, and more particularly, to an identity authentication method and apparatus.

Background

Public Key Infrastructure (PKI) technology is an infrastructure for providing information security services, which is established using public key theory and technology, is an important component of an information security infrastructure, and is a generally applicable network security infrastructure. The core of the method is to solve the trust problem in the information network space, determine the uniqueness, authenticity and legality of the identity of a behavior subject (including organizations and individuals) in the information network space, and protect the security benefits of each subject in the information network space. However, there are a number of problems with existing PKI systems. First, the core enforcement Certificate Authority (CA) of the PKI system is a centralized node, which, once attacked, can cause single-point failure and make the damage immeasurable. Secondly, different entities can construct respective trust systems, so that different CAs form respective isolated security domains, the certificates are not smoothly authenticated, the same user often needs to hold a plurality of CA certificates at the same time to meet the authentication requirements of different scenes, and the cross-CA certificate authentication needs to be realized by means of additional means, such as third-party bridging, issuing of mutually trusted certificates and the like, so that the direct interconnection and intercommunication of different security domains is also a great problem in the development of the PKI technology.

Disclosure of Invention

The application provides an identity authentication method and equipment, which realize cross-domain access of users with different security domains through the security domains, a storage system and a framework of a block chain.

In a first aspect, a method for identity authentication is provided, where the method includes: the user of the first security domain receives identity certification information of the user of the second security domain, which is sent by the user of the second security domain; a user of a first security domain acquires first data from a first storage system, wherein the first data is used for verifying identity authentication information; and the user of the first security domain authenticates the identity certification information according to the first data to obtain an authentication result, wherein the authentication result comprises passing authentication and not passing authentication.

The identity authentication method provided by the embodiment of the application has a system architecture with a plurality of security domains, a storage system and a block chain, and the CA of different security domains shares data in the storage system and the block chain, so that the CA of the security domains is no longer a centralized node of a PKI system, and the decentralization of the CA is realized. When the user of one security domain authenticates the user of other security domains, the security domain does not need to hold the data of other security domains, and only needs to acquire the data of other security domains through the storage system and the block chain, thereby realizing interconnection and intercommunication between different security domains while ensuring data security.

With reference to the first aspect, in certain implementations of the first aspect, the identification information is a digital certificate.

With reference to the first aspect, in certain implementations of the first aspect, the first data includes a certificate and a certificate revocation list of a CA of the second security domain.

The user of the second security domain can send the identity authentication information disclosed by the user to the user of the first security domain, and the identity authentication information at the moment is a digital certificate of the second user;

with reference to the first aspect, in some implementations of the first aspect, the authenticating, by a user of the first security domain, the digital certificate according to the first data to obtain an authentication result, where the authentication result is authenticated, further includes: a user of a first security domain obtains a certificate freeze list; a user of the first security domain determines that the digital certificate is in a certificate freeze list; and the user of the first security domain judges that the authentication result is failed.

With reference to the first aspect, in certain implementations of the first aspect, the certificate freeze list is generated by a CA of the first security domain from a transparency log of the second security domain.

With reference to the first aspect, in certain implementations of the first aspect, the certificate freeze list is stored in the first storage system and/or the blockchain.

After the identity of the user of the second security domain is confirmed, the method of the embodiment of the application further includes further verifying the security of the identity of the user of the second security domain.

With reference to the first aspect, in some implementations of the first aspect, the identification information is an anonymous attestation, and the anonymous attestation is generated by the user of the second security domain according to the first information acquired from the first storage system, and the first information is generated by a CA of the first security domain.

In this embodiment of the application, the user of the second security domain may not send the public identity authentication information, and the identity authentication information at this time is an anonymous authentication.

With reference to the first aspect, in certain implementations of the first aspect, the first data includes first information and an authentication key.

With reference to the first aspect, in certain implementations of the first aspect, after a user of the first security domain obtains first data required to authenticate identity information from the first storage system, the method further includes: a user of the first security domain acquires a first hash value from the blockchain according to a first address of the first data, wherein the first address is used for indicating the first hash value of the first data stored in the blockchain; a user of the first security domain calculates a second hash value of the first data; a user of the first security domain determines that the first hash value is the same as the second hash value.

In this embodiment of the application, after the user of the first security domain acquires the first data from the first storage system, the first data is already verified by the first storage system and the block chain, but to ensure data validity, the user of the first security domain may verify the first data again before authenticating the identification information according to the first data

In a second aspect, a method for identity authentication is provided, the method comprising: the method comprises the steps that a first storage system receives a request for acquiring first data required by authentication identity authentication information sent by a user of a first security domain, wherein the identity authentication information is identity authentication information of the user of a second security domain; the first storage system sends first data to a user of the first security domain so that the user of the first security domain authenticates the identification information based on the first data.

With reference to the second aspect, in some implementations of the second aspect, the identification information is a digital certificate.

With reference to the second aspect, in certain implementations of the second aspect, the first data includes a certificate revocation list and a key of a CA of the second security domain.

With reference to the second aspect, in some implementations of the second aspect, before the first storage system receives a request sent by a user of the first security domain to obtain first data required to authenticate identity information, the method further includes: the method comprises the steps that a first storage system receives a request for obtaining a transparency log of a second security domain, wherein the request is sent by a CA of a first security domain; and the first storage system sends the transparency log of the second security domain to the CA of the first security domain, so that the CA of the first security domain generates a certificate freeze list according to the transparency log.

In some implementations of the second aspect in combination with the second aspect, the certificate freeze list is stored in the first storage system and/or the blockchain.

With reference to the second aspect, in some implementations of the second aspect, the identification information is an anonymous attestation, the anonymous attestation is generated by the user of the second security domain according to the first information acquired from the first storage system, and the first information is generated by a CA of the first security domain.

With reference to the second aspect, in some implementations of the second aspect, the first data includes the first information and the authentication key.

With reference to the second aspect, in some implementations of the second aspect, before the first storage system receives a request sent by a user of the first security domain to obtain first data required to authenticate identity information, the method further includes: the first storage system receives first data sent by a CA of a first security domain and a first address of the first data, the first address being used to indicate a first hash value of the first data stored in the blockchain.

In the embodiment of the application, each security domain stores the data of the domain in the storage system and the block chain in advance, so that the subsequent security domains can obtain the data of the CAs of other security domains through the storage system and the block chain.

With reference to the second aspect, in some implementations of the second aspect, the first data is data verified by a storage system and a blockchain, and includes: the first storage system acquires a first hash value from the block chain according to the first address; the first storage system calculates a second hash value of the first data; the first storage system determines that the first hash value is the same as the second hash value.

With reference to the second aspect, in certain implementations of the second aspect, the method further includes: the first storage system determines that the first hash value is different from the second hash value; the first storage system acquires second data from the second storage system; the first storage system determines that the hash value of the second data is the same as the first hash value; the first storage system replaces the first data with the second data.

With reference to the second aspect, in some implementations of the second aspect, after the first storage system determines that the first hash value is not the same as the second hash value, the method further includes: the first storage system acquires a first hash value from the block chain according to the first address; the first storage system calculates a second hash value of the first data; the first storage system determines that the first hash value is the same as the second hash value.

In a third aspect, an apparatus for identity authentication is provided, where the apparatus is disposed at a user end of a first security domain, and the apparatus includes: the receiving and sending unit is used for receiving the identity authentication information of the user of the second security domain, which is sent by the user of the second security domain; the receiving and sending unit is also used for acquiring first data from the first storage system, and the first data is used for verifying the identification information; and the authentication unit is used for authenticating the identity information according to the first data to obtain an authentication result, and the authentication result comprises passing authentication and failing authentication.

With reference to the third aspect, in certain implementations of the third aspect, the identification information is a digital certificate.

With reference to the third aspect, in certain implementations of the third aspect, the first data includes a certificate and a certificate revocation list of a CA of the second security domain.

With reference to the third aspect, in some implementations of the third aspect, the authentication unit authenticates the digital certificate according to the first data to obtain an authentication result, the authentication result being authenticated, and the apparatus is further configured to: a user of a first security domain obtains a certificate freeze list; a user of the first security domain determines that the digital certificate is in a certificate freeze list; the user of the first security domain determines that the authentication result is not passed.

With reference to the third aspect, in some implementations of the third aspect, the certificate freeze list is generated for a CA of the first security domain from a transparency log of the second security domain.

With reference to the third aspect, in certain implementations of the third aspect, the certificate freeze list is stored in the first storage system and/or the blockchain.

With reference to the third aspect, in some implementations of the third aspect, the identification information is an anonymous attestation, and the anonymous attestation is generated by the user of the second security domain according to the first information acquired from the first storage system, and the first information is generated by a CA of the first security domain.

With reference to the third aspect, in certain implementations of the third aspect, the first data includes the first information and an authentication key.

With reference to the third aspect, in certain implementations of the third aspect, after the transceiver unit obtains the first data required for authenticating the identity attestation information from the first storage system, the apparatus is further configured to: the receiving and sending unit acquires a first hash value from the block chain according to a first address of the first data, wherein the first address is used for indicating the first hash value of the first data stored in the block chain; the authentication unit calculates a second hash value of the first data; the authentication unit determines that the first hash value is the same as the second hash value.

In a fourth aspect, an apparatus for identity authentication is provided, where the apparatus is disposed at a first storage system side, and the apparatus includes: the receiving and sending unit is used for receiving a request for acquiring first data required by authentication identity authentication information sent by a user of a first security domain, and the identity authentication information is identity authentication information of the user of a second security domain; the transceiving unit is further configured to send first data to a user of the first security domain, so that the user of the first security domain authenticates the identification information according to the first data.

With reference to the fourth aspect, in some implementations of the fourth aspect, the identification information is a digital certificate.

With reference to the fourth aspect, in certain implementations of the fourth aspect, the first data includes a certificate revocation list and a key of a CA of the second security domain.

With reference to the fourth aspect, in some implementations of the fourth aspect, before the transceiving unit receives a request sent by a user of the first security domain to obtain first data required to authenticate the identity information, the apparatus is further configured to: the method comprises the steps that a transceiving unit receives a request for acquiring a transparency log of a second security domain, wherein the request is sent by a CA of a first security domain; the transceiving unit sends a transparency log of the second security domain to the CA of the first security domain, so that the CA of the first security domain generates a certificate freeze list according to the transparency log.

In some implementations of the fourth aspect in combination with the fourth aspect, the certificate freeze list is stored in the first storage system and/or the blockchain.

With reference to the fourth aspect, in some implementations of the fourth aspect, the identification information is an anonymous attestation, and the anonymous attestation is generated by the user of the second security domain according to the first information acquired from the first storage system, and the first information is generated by a CA of the first security domain.

With reference to the fourth aspect, in some implementations of the fourth aspect, the first data includes the first information and the authentication key.

With reference to the fourth aspect, in some implementations of the fourth aspect, before the transceiving unit receives a request sent by a user of the first security domain to obtain first data required to authenticate the identity information, the apparatus is further configured to: the transceiving unit receives first data sent by a CA of a first security domain and a first address of the first data, wherein the first address is used for indicating a first hash value of the first data stored in a block chain.

With reference to the fourth aspect, in some implementations of the fourth aspect, the first data is data verified by a storage system and a blockchain, and includes: the receiving and sending unit acquires a first hash value from the block chain according to the first address; the authentication unit calculates a second hash value of the first data; the authentication unit determines that the first hash value is the same as the second hash value.

With reference to the fourth aspect, in some implementations of the fourth aspect, the first data is data verified by the first storage system and the block chain, and the apparatus is further configured to: the authentication unit determines that the first hash value is different from the second hash value; the transceiving unit acquires second data from a second storage system; the authentication unit determines that the hash value of the second data is the same as the first hash value; the authentication unit replaces the first data with the second data.

With reference to the fourth aspect, in some implementations of the fourth aspect, before the transceiving unit sends the first data to the user of the first security domain, the apparatus is further configured to: the receiving and sending unit acquires a first hash value from the block chain according to the first address; the authentication unit calculates a second hash value of the first data; the authentication unit determines that the first hash value is the same as the second hash value.

In a fifth aspect, an electronic device is provided, which includes: a memory for storing a program; a processor configured to execute the memory-stored program, wherein when the memory-stored program is executed, the processor is configured to perform the identity authentication method in any one of the implementations of the first aspect and any one of the implementations of the second aspect and the second aspect.

A sixth aspect provides a computer readable storage medium storing program code comprising instructions for performing the steps of any one of the implementations of the first aspect and any one of the implementations of the second aspect and the second aspect.

In a seventh aspect, a computer program product comprising instructions is provided, which when run on a computer causes the computer to perform the method of any of the implementations of the first aspect and any of the implementations of the second aspect and the second aspect.

In an eighth aspect, a chip is provided, where the chip includes a processor and a data interface, and the processor reads instructions stored in a memory through the data interface, and performs the method in any one of the foregoing implementation manners of the first aspect and any one of the implementation manners of the second aspect and the second aspect.

Drawings

FIG. 1 is a system architecture diagram of the identity authentication method of the present application;

FIG. 2 is a schematic block diagram of the multiple Mercker hash tree storage schema of the present application;

FIG. 3 is a schematic flow chart diagram of an identity authentication method of the present application;

FIG. 4 is a schematic flow chart diagram of an identity authentication method of the present application;

FIG. 5 is a schematic flow diagram of a cross-domain identity data store of the present application;

FIG. 6 is a schematic flow chart of data verification and recovery of the present application;

FIG. 7 is a schematic flow diagram of cross-domain authentication of the present application;

FIG. 8 is a schematic flow diagram of cross-domain identity anonymity verification of the present application;

FIG. 9 is a schematic flow diagram of cross-domain certificate auditing and transparent validation of the present application;

FIG. 10 is a schematic flow chart of another cross-domain authentication of the present application;

FIG. 11 is a schematic flow chart diagram of yet another cross-domain authentication provided herein;

FIG. 12 is a schematic block diagram of an identity authentication device of the present application;

FIG. 13 is a schematic block diagram of another identity authentication device of the present application;

fig. 14 is a schematic block diagram of an electronic device of the present application.

Detailed Description

In order to facilitate understanding of the technical solutions of the present application, first, concepts related to the present application are briefly introduced.

Block chaining techniques: the block chain technology is a technical scheme which does not depend on a third party and carries out storage, verification, transmission and communication of network data through self distributed nodes. The block chain technology has the advantages of decentralization, openness, safety, independence, anonymity and the like.

Interplanetary file storage system (IPFS) technology: IPFS is a point-to-point distributed file system with connected computing devices all having a file management model, and is a content addressable peer-to-peer hypermedia distribution protocol. With IPFS, the user searches for content rather than file names.

Certificate Frozen List (CFL): the CFL, like the Certificate Revocation List (CRL), is a structured data file in the PKI system, which contains the serial number of the certificate that the CA has frozen and the time when it has frozen. The difference between the two is that CFL is mainly for certificates of cross-domain access, and the frozen list is scalable; while CRL is a certificate for the present domain, the certificate list can only be increased.

Storing in a control separation: the PKI architecture is not modified, and IPFS and a block chain are used as storage layers, wherein the IPFS is used as storage to realize data sharing, and the block chain is used as control to realize verification.

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, not all, embodiments of the present application.

This application is intended to present various aspects, embodiments or features around a system that may include a number of devices, components, modules, and the like. It is to be understood and appreciated that the various systems may include additional devices, components, modules, etc. and/or may not include all of the devices, components, modules etc. discussed in connection with the figures. Furthermore, a combination of these schemes may also be used.

In addition, in the embodiments of the present application, words such as "exemplary", "for example", etc. are used to mean serving as examples, illustrations or explanations. Any embodiment or design described herein as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, the term using examples is intended to present concepts in a concrete fashion.

The network architecture and the service scenario described in the embodiment of the present application are for more clearly illustrating the technical solution of the embodiment of the present application, and do not form a limitation on the technical solution provided in the embodiment of the present application, and as a person of ordinary skill in the art knows that along with the evolution of the network architecture and the appearance of a new service scenario, the technical solution provided in the embodiment of the present application is also applicable to similar technical problems.

Reference throughout this specification to "one embodiment" or "some embodiments," or the like, means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," or the like, in various places throughout this specification are not necessarily all referring to the same embodiment, but rather "one or more but not all embodiments" unless specifically stated otherwise. The terms "comprising," "including," "having," and variations thereof mean "including, but not limited to," unless expressly specified otherwise.

In the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone, wherein A and B can be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of the singular or plural items. For example, at least one (one) of a, b, or c, may represent: a, b, c, a-b, a-c, b-c, or a-b-c, wherein a, b, c may be single or multiple.

PKI is an infrastructure of certificate distribution, management and authentication based on public key cryptography. The CA signs and issues a certificate for a certificate applicant through a private key signature of the CA, and a trusted digital identity is provided, so that the identity authentication of a user in the communication process is guaranteed, and the confidentiality and the integrity of transmitted information are protected.

A public log based on a blockchain is used in an existing PKI system to authenticate, store and revoke certificates. The CA and the domain name owner are both system participants, one party records certificate operation to a public log so as to provide certificate transparency, and the other party monitors the certificate transparency through the public log and reports fraudulent certificates in time. The certificate validation process incorporates certificate transparency proofs provided by public logs in addition to conventional signature certifications and allows the browser to verify the legitimacy of the certificate directly from the blockchain acquisition data. In addition, the addition and deletion of all CA nodes in the system are managed by the central node, and the central node is taken by the alliance chain creator and has the highest authority of the system.

In this scheme, the central node links all certificates and their related operations, and the storage mechanism of the blockchain is difficult to satisfy the storage requirement of the mass certificates. Each time certificate verification is carried out, a user needs to read a certificate transparent log of a communication opposite end node from a block chain, and the block chain throughput is difficult to support the access requirements of massive users. In the scheme, only transparent verification of the certificate is realized, and the design of safe cross-domain authentication and safe audit of the certificate is lacked. In addition, the central node in the scheme is actually the center of the whole system, decentralization is not realized, and the problem of single-point failure still exists.

Another existing identity authentication method provides that a blockchain network is constructed on the basis of a federation chain, a root CA of each trust domain is set as a verification node of the blockchain, and hash values of digital certificates of all the root CAs are stored in the federation chain. Each user in the blockchain network wants to apply for, update, or deregister a blockchain certificate from the root CA within the trust domain. When the user carries out cross-trust domain authentication, the user hash value stored in the block chain is compared with the certificate hash value provided by the user during authentication, if the user hash value and the certificate hash value are the same, the certificate provided by the user is legal, and otherwise, the cross-domain request of the user is discarded.

In the scheme, each authentication of the user needs to perform block chain operation, and the existing block chain technology cannot meet the authentication access request of the mass certificates. After verifying the certificate, the CA issues the certificate hash value to the blockchain, and other CAs or users in the alliance cannot audit the cross-domain certificate. In addition, in the scheme, the CA still stores original certificate data and is still a management center of the certificate in essence, that is, decentralized processing is not realized, and the recovery of the certificate cannot be realized after the CA is attacked.

Therefore, the embodiment of the application provides an identity authentication method, provides a PKI framework based on a block chain, and solves the problem that a CA (public key infrastructure) is easy to fail in a single point; by using a block chain-based cross-domain authentication method, the problem of cross-CA intercommunication is solved, and meanwhile, the access privacy of a user is ensured not to be revealed; by controlling the architecture separated from the storage, the storage and access efficiency of the block chain is improved.

Fig. 1 shows a system architecture diagram of an identity authentication method according to an embodiment of the present application. As shown in fig. 1, in the identity authentication method according to the embodiment of the present application, one or more security domain entities having a cross-domain requirement are involved, where each security domain entity includes a CA and multiple intra-domain users. The security domain may be a private network, an intranet of a company or department, different service networks with isolation, different enterprise units, etc.

Because communication and data transmission between different security domains have certain conditional restrictions, the embodiments of the present application use a block chain technique to ensure consensus between different security domains and integrity and consistency of cross-domain data, and use a distributed file storage technique to provide technical support for sharing and transmitting cross-domain data. In the identity authentication method of the embodiment of the application, the system needs to store the cross-domain shared data in the blockchain and the storage system at the same time, and additionally stores data of the cross-domain shared data corresponding to the address of the blockchain in the storage system.

The storage system is a database for storing data, and may be, for example, an IPFS or the like.

The identity authentication method of the embodiment of the application asynchronously stores cross-domain shared data into a storage system and a block chain, except for storing the cross-domain shared data into the block chain in a hash (Hush) form of the data and storing the cross-domain shared data into the storage system in a real value of the data, wherein each piece of data stored in the storage system additionally comprises a piece of corresponding address data, and the address data is block address information after the data is stored into the block chain. The hash value of the actually stored data can be read from the block chain through the address information, and the hash value is used as a verification standard of the real value of the data stored in the storage system, so that whether the data in the storage system is finished or tampered is periodically verified. Through the mode of separating storage and control, the storage system is responsible for storing real data, and the block chain is responsible for checking the integrity of the data, so that the damage caused by the failure of nodes in the storage system due to attack is avoided. When other security domains need cross-domain identity authentication, a user in the security domain only needs to obtain information such as a public key, a revocation list and the like of the security domain where the identity to be authenticated is located through a local storage system, and after the verification is passed through a block chain, the validity of a cross-domain certificate is verified by using the data, so that the cross-domain identity authentication is converted into the same-domain identity authentication.

The identity authentication method of the embodiment of the application adopts a method of separating storage and control, the storage system completes the storage of data, and the block chain completes the verification of the data. Due to the fact that throughput of the block chain is limited, the identity authentication method of the embodiment of the application realizes high concurrency and mass data storage through the memory mode of the Mercker Hash tree, and therefore the problem that the block chain is difficult to store cross-domain identity data with huge data volume in an application process in a concurrent mode is solved. Since changing the storage structure of the blockchain may affect the security performance of the entire system, the identity authentication method in the embodiment of the present application does not modify the data structure of the blockchain itself, but modifies the type of data actually stored in the blockchain. Fig. 2 is a schematic structural diagram of a multiple-mercker hash tree storage mode according to an embodiment of the present application, and as shown in fig. 2, not a single operation or identity data but a root of the mercker hash tree is stored in each transaction of a blockchain. The merkel hash tree is maintained and managed by nodes of the storage system, and the nodes of the storage system operate data by collecting all identity data in the system for a period of time, and then packaging the data into a tree structure and storing the tree structure into a merkel operation file. Therefore, in the memory mode of the multi-Mercker Hash tree, each transaction corresponds to one Mercker operation file, and each Mercker operation file contains a large amount of identity operation data, so that high concurrency and mass data storage of a block chain are realized.

Fig. 3 shows a schematic flowchart of an identity authentication method according to an embodiment of the present application, and as shown in fig. 3, the method includes steps 301 to 303, where information interaction including a first security domain, a second security domain thereof, a storage system, and a block chain is included. These steps are described separately below.

S301, the user of the first security domain receives the identity authentication information of the user of the second security domain sent by the user of the second security domain.

When a user of the second security domain needs to establish a connection with a user of the first security domain, for example, a secure connection such as Internet protocol security (IPSec), security transport layer protocol (TLS), and the like, the user of the second security domain needs to send own identity authentication information to the user of the first security domain, and correspondingly, the user of the first security domain receives the identity authentication information sent by the user of the second security domain. Specifically, the user of the second security domain may send the identification information disclosed by the user to the user of the first security domain, and the identification information at this time is a digital certificate of the second user; optionally, the user of the second security domain may not send public identity authentication information, and the identity authentication information at this time is an anonymous attestation, and the method for generating the anonymous attestation includes: the CA of the first security domain generates first information, which may be a random number, for example, and then sends the first information to the first storage system, and the user of the second security domain obtains the first information from the first storage system and generates an anonymous attestation based on the first information.

S302, a user of the first security domain acquires first data from the first storage system, wherein the first data is used for verifying identification information.

After the user of the first security domain receives the identity information sent by the user of the second security domain, the user of the first security domain needs to verify the identity information, and before this, the user of the first security domain needs to acquire the first data from the first storage system. When the identity certification information is a digital certificate of the second user, corresponding first data are a certificate and a certificate revocation list of a CA (certificate authority) of the second security domain; when the identity certification information is an anonymous certification, the corresponding first data is first information and an authentication key generated by a CA of the first security domain.

It should be understood that the system architecture of the embodiment of the present application includes a plurality of security domains and a plurality of storage systems, the first storage system is one of the plurality of storage systems, and the first storage system may or may not correspond to the first security domain.

Optionally, after the user of the first security domain acquires the first data from the first storage system, the first data is verified by the first storage system and the block chain, but to ensure data validity, the method according to the embodiment of the present application further includes that before the user of the first security domain authenticates the identification information according to the first data, the first data may be verified again, and the verification process is: firstly, a user of a first security domain acquires a first hash value from a blockchain according to a first address, wherein the first hash value is a hash value of first data which is calculated in advance and stored in the blockchain, and the first address is used for indicating the first hash value of the first data stored in the blockchain; then, the user of the first security domain calculates a second hash value of the first data; finally, the user of the first security domain determines whether the first hash value and the second hash value are the same, and if so, the obtained first data is considered to be secure and not tampered.

S303, the user of the first security domain authenticates the identity authentication information according to the first data to obtain an authentication result, wherein the authentication result comprises passing authentication and not passing authentication.

When the identity authentication information is a digital certificate of the second user, the user of the first security domain verifies the digital certificate of the second user according to the certificate of the CA of the second security domain, wherein the method for verifying the digital certificate according to the certificate of the CA is an existing method, and the embodiment of the present application is not described herein again. When the identity certification information is an anonymous certification, the user of the first security domain verifies the digital certificate of the second user according to the first information and the verification key generated by the CA of the first security domain, and the verification method may refer to the description of fig. 8 below, which is not described herein again in this embodiment of the present application.

Optionally, when the user of the first security domain authenticates the digital certificate according to the first data, and the authentication result is that the authentication is passed, that is, the identity of the user of the second security domain is confirmed, the method of the embodiment of the present application further includes further verifying the security of the identity of the user of the second security domain, and the verification method includes: a user of a first security domain acquires a certificate freeze list, wherein the certificate freeze list is generated by a CA of the first security domain according to a transparency log of a second security domain, the certificate freeze list is stored in a first storage system and/or a block chain, the transparency log comprises certificates which do not accord with security rules in the second security domain, and the CA of the first security domain adds the certificates which do not accord with the security rules in the transparency log to the certificate freeze list; a user of a first security domain judges whether a digital certificate of a user of a second security domain is in a certificate freeze list; and if the digital certificate of the user of the second security domain is in the certificate freeze list, the user of the first security domain judges that the authentication result is not passed, otherwise, the authentication result is passed.

Fig. 4 shows a schematic flowchart of an identity authentication method according to an embodiment of the present application, and as shown in fig. 4, the method includes steps 401 and 402, where information interaction including a first security domain, a second security domain thereof, a storage system, and a block chain is included. These steps are described separately below.

S401, a first storage system receives a request, which is sent by a user of a first security domain and used for acquiring first data required by authentication identity authentication information, wherein the identity authentication information is identity authentication information of the user of a second security domain.

Specifically, similar to S301, the identification information may be a digital certificate of the second user, or may also be an anonymous certificate, and the anonymous certificate is generated by the method that: the CA of the first security domain generates first information, which may be a random number, for example, and then sends the first information to the first storage system, and the user of the second security domain obtains the first information from the first storage system and generates an anonymous attestation based on the first information. When the identity authentication information is a digital certificate of the second user, corresponding first data are a certificate and a certificate revocation list of a CA (certificate authority) of the second security domain; when the identity certification information is an anonymous certification, the corresponding first data is first information and an authentication key generated by a CA of the first security domain.

The first data is pre-stored in a first storage system, and the specific process is as follows: a CA of the first security domain generating a first hash value of the first data and storing the first hash value in a blockchain, the blockchain returning a first address at which the first hash value is stored; the CA of the first security domain sends first data and a first address to the first storage system, the first address indicating a first hash value of the first data stored in the blockchain. Therefore, the storage system and the block chain can conveniently verify the first data, the first data is prevented from being tampered in the storage process, and the verification process is as follows: the first storage system acquires a first hash value from the block chain according to the first address; the first storage system calculates a second hash value of the first data; the first storage system judges whether the first hash value is the same as the second hash value, and if so, the first data is considered not to be tampered. The storage system and the block chain may periodically check the first data, and generate a corresponding timestamp after each check is passed. If the first hash value is different from the second hash value, the first data is considered to be tampered, and the first data needs to be recovered, wherein the recovery process is as follows: the first storage system acquires second data from a second storage system, the second storage system is one of the plurality of storage systems in the system architecture of the embodiment of the present application, and the data of the first storage system and the second storage system are shared; the first storage system calculates the hash value of the second data and judges whether the hash value of the second data is the same as the first hash value; and if the hash value of the second data is the same as the first hash value, the second data is considered to be the same as the first data before being tampered, and the first data is replaced by the second data.

Optionally, before the first storage system receives the request for acquiring the first data required for authenticating the identity authentication information, sent by the user of the first security domain, the first storage system further receives a request for acquiring a transparency log of the second security domain, sent by a CA of the first security domain, in order to facilitate further verifying the security of the identity of the user of the second security domain after the user of the first security domain confirms the identity of the user of the second security domain; the first storage system sends a transparency log of the second security domain to a CA of the first security domain, so that the CA of the first security domain generates a certificate freeze list according to the transparency log, wherein the certificate freeze list is stored in the first storage system and/or the blockchain.

S402, the first storage system sends first data to a user of the first security domain, so that the user of the first security domain can authenticate identity information according to the first data.

Optionally, in order to ensure validity of the data, before the first storage system sends the first data to the user of the first security domain, the method of the embodiment of the present application further includes checking the first data again, where the checking process is: the first storage system acquires a first hash value from the block chain according to the first address; the first storage system calculates a second hash value of the first data; the first storage system judges whether the first hash value is the same as the second hash value, if so, the first data is judged to be valid, and the first storage system sends the first data to a first security domain user and can also send the verified timestamp to the user of the first security domain.

Fig. 5 shows a schematic flowchart of cross-domain identity data storage according to an embodiment of the present application, and as shown in fig. 5, the cross-domain identity data storage includes a security domain 1 in which the cross-domain identity data is located, a blockchain, and a storage system IPFS. Wherein, the cross-domain identity certificate is directly issued to the user by CA, and the process comprises:

(1) the CA of the security domain 1 first needs to store the hash value of the data of the domain into the blockchain, where the data includes the CA public key of the security domain 1, the current latest CRL, and the certificate operation, where the certificate operation includes issuance, update, revocation and the like of the certificate.

(2) The block chain returns the memory address of the data to the CA of the secure domain 1. Correspondingly, the CA receives the storage address returned by the block chain and binds the address with the corresponding data.

(3) The data and the corresponding memory address in the blockchain are stored into the IPFS.

In the embodiment of the application, each security domain stores the data of the domain in advance in the IPFS and the block chain, so that the subsequent security domains can obtain the data of the CAs of other security domains through the IPFS and the block chain.

Fig. 6 shows a schematic flowchart of data verification and recovery according to an embodiment of the present application, and as shown in fig. 6, the flowchart includes an IPFS node IPFS 1 in a secure domain 1, an IPFS node IPFS k in a secure domain k, and a block chain. The process comprises the following steps:

(1) and the IPFS 1 requests the hash value of the corresponding data from the block chain according to the storage address of the local data A in the block chain.

(2) The blockchain returns the hash value alpha of the corresponding data.

(3) IPFS 1 receives a hash value α of the corresponding data. A hash value β of the locally stored data is then calculated and the calculated hash value β is compared with the received hash value α. If the calculated hash value beta is consistent with the received hash value alpha, updating a local check timestamp, wherein the check timestamp represents the time for checking the locally stored data; and if not, executing the data recovery flow.

(4) The flow of data recovery first includes sending a data recovery request to the IPFS k.

(5) IPFS k returns the corresponding encrypted data B. The encryption method may be an encryption method by negotiating or presetting a symmetric key, an asymmetric key, and the like, and the embodiment of the present application is not specifically limited herein.

(6) The IPFS 1 receives the encrypted data B sent by the IPFS k, decrypts the encrypted data B, calculates a hash value gamma of the data B, and then compares the hash value gamma with a hash value alpha acquired in a block chain. If the data A and the data B are consistent, the data A stored in the IPFS 1 is replaced by the data B if the data A stored in the IPFS 1 is wrong.

(7) And if the two are not consistent, returning a verification result to the IPFS k, wherein the verification result comprises IPFS error information.

Because the data stored in the IPFS may be tampered, the embodiment of the present application further includes verifying the data, and in a case that it is determined that the data is changed, the embodiment of the present application further includes recovering the data, thereby ensuring the security and the validity of the data.

Fig. 7 shows a schematic flow chart of cross-domain authentication according to an embodiment of the present application, which assists a user in actively verifying the validity of a cross-domain certificate. As shown in fig. 7, the process includes a user 1 (visitor) in the security domain 1, a user k (visitor) in the security domain k, and an IPFS, and includes:

(1) the user 1 requests the user k to establish secure connections such as Internet protocol security (IPSec), Transport Layer Security (TLS), and sends the certificate of the user 1 to the user k.

(2) The user k requests the local IPFS node for verification data required for verifying the certificate, including the CA public key, CRL, CFL, transparency certificate, etc. of the security domain 1.

(3) The IPFS returns the authentication data requested by user k and the IPFS checks the latest timestamp of the authentication data with the blockchain.

(4) And the user k verifies the signature, the validity period, the transparentization, the safety and the like of the certificate according to the information returned by the IPFS, and judges whether the certificate is safe and valid.

(5) After the authentication is completed, user k establishes communication with user 1. Optionally, if the check fails, the connection is closed.

The identity authentication method of the embodiment of the application realizes cross-domain access of users in different security domains through the framework of the security domains, the IPFS and the block chains.

Optionally, the embodiment of the present application further includes another cross-domain identity anonymous authentication method, and fig. 8 shows a schematic flow chart of cross-domain identity anonymous verification according to the embodiment of the present application, where the method assists a user in actively verifying the legitimacy of a cross-domain certificate. As shown in fig. 8, the process includes a user 1 (visitor) in the security domain 1, a user k (visitor) in the security domain k, and an IPFS, and includes:

(1) the user 1 requests the user k to establish secure connections such as Internet protocol security (IPSec), Transport Layer Security (TLS), and sends the anonymous attestation of the user 1 to the user k. The method for generating the anonymous attestation of the user 1 comprises the following steps: firstly, the CA of the security domain k periodically generates a random number r and sends the random number r to the IPFS, optionally, the CA of the security domain k can generate a corresponding timestamp and sign the timestamp while generating the random number, so that other users can verify the validity of the random number when acquiring the random number, optionally, the IPFS can also send the random number r to the block chain for storage; user 1 then obtains the random number r from IPFS and generates an intermediate value Nym based on the random number r₁Finally Nym based on the intermediate value₁Calculating to obtain anonymous evidence (y, pi)_yThe formula is as follows:

u＝{Nym₁,r}

ω＝{Cert₁,aux,sk}

{y,π_y}＝Compute(EK_k,u,ω)

where u and ω represent parameter sets, aux represents auxiliary information required for authentication, sk represents a private key of user k, EK_kRepresenting the evaluation key, computer () representing the argument computation proof.

(2) User k requests from the local IPFS verification data required to verify the anonymous attestation sent by user 1, the verification data comprising a random number r and a verification key VK_k。

(4) User k verifies the anonymous attestation of user 1 based on the information returned by the IPFS.

In the cross-domain identity anonymous authentication method in the embodiment of the application, the anonymous authentication is helpful for protecting privacy of the authenticated person, the authenticated user 1 does not need to directly send the own certificate to the user k, and the user 1 can prove that the user owns the certificate.

Fig. 9 shows a schematic flowchart of cross-domain certificate auditing and transparentizing verification according to an embodiment of the present application, where cross-domain behavior of a user with a cross-domain identity is audited according to a certain security rule and a transparentizing scheme, and certificate transparentizing verification is provided in a cross-domain certificate verification stage. As shown in fig. 9, including CA1 in security domain 1, user 1 in security domain 1, including CA k in security domain k, user k in security domain k, blockchain, IPFS, the process includes:

(1) firstly, chain of certificate operations is performed, that is, cross-domain identity data storage in fig. 5 is performed, and the CA1 stores data in the IPFS and the blockchain, and the specific process may refer to the description of fig. 5, and is not described herein again for brevity.

(2) CA1 periodically obtains a transparency log of security domain k over IPFS.

(3) And (4) reviewing a transparency log, wherein the transparency log records malicious certificates existing in the security domain k or certificates which do not conform to the security rules in the local domain. For certificates that are malicious or do not comply with security rules in the domain, CA1 adds them to the certificate freeze list.

(4) The CA1 issues a certificate freeze list to the blockchain and IPFS.

(5) And the user k in the security domain k initiates a request for establishing a security connection to the user 1 in the security domain 1, and sends the certificate to the user 1.

(6) The user 1 completes the cross-domain certificate authentication according to the method shown in fig. 7.

(7) The user 1 acquires the certificate freeze list information issued by the CA1 of the local domain to the IPFS or the blockchain. Optionally, the user 1 may also obtain a transparency log of the user k to the IPFS.

(8) User 1 verifies that the certificate sent by user k is in the certificate freeze list issued by CA1 of the local domain, and if so, terminates the verification and closes the connection. Optionally, if the user 1 further obtains the transparency log of the user k from the IPFS, it is verified whether the certificate sent by the user k has transparency information, that is, whether the certificate is linked, and if not, the verification is terminated and the connection is closed.

In the embodiment of the application, after the user of one security domain confirms the identity certificate of the user of the other security domain, the user of the other security domain can further verify the identity certificate according to the certificate freeze list, so that the validity of the identity certificate is ensured, and the connection security is further ensured.

Fig. 5 to 9 show a complete process of system operation according to an embodiment of the present application, which implements complete technical functions including cross-domain identity data storage, data verification and recovery, cross-domain identity verification, cross-domain certificate audit and transparent verification. Particularly, in the cross-domain identity authentication method, the user authenticates the cross-domain certificate by obtaining information such as a public key CA, a public key CRL and the like for authenticating the certificate from the local IPFS node, and since the information passes the node consensus to complete the uplink process, the authentication of the cross-domain certificate can be completed only by providing the data and the latest timestamp for the block chain check by the IPFS.

According to the method, the information is acquired through the local IPFS node, and the method for directly inquiring the block chain is adopted instead of realizing the IPFS layer in the prior art, so that the method has higher inquiring efficiency. The verification method of the traditional PKI certificate is not modified in the embodiment of the application, the verification mode of the client side does not need to be adjusted, and the usability is high. Because the data stored in the distributed network is publicable and does not relate to the privacy of the user, compared with the mode of directly storing the certificate in the prior art, the embodiment of the application can more safely protect the privacy of the user.

Fig. 10 shows a schematic flow diagram of another cross-domain authentication according to an embodiment of the present application, and as shown in fig. 10, a principal includes a user 1 (visitor) in a security domain 1, a user k (visitor) in the security domain k, an IPFS, and a blockchain. The first three steps of the user 1 sending a certificate request to the user k to establish a secure connection, the user k requesting data required for certificate verification from the IPFS, the IPFS sending data required for certificate verification to the user k and a latest verified timestamp are the same as the steps of the method shown in fig. 7. In the method shown in fig. 10, after the user k receives the data returned by the IPFS, it may also be determined whether to perform secondary data integrity check on the data returned by the IPFS according to the security requirement and the check timestamp. If verification is required, user k requests data required for data integrity verification from the blockchain and then performs data integrity verification according to the method shown in fig. 6. If the data is verified to be complete, the user k continues to verify the certificate of the user 1 according to the method in the figure 7, and if the certificate passes the verification, the communication is established; if the verification is not passed, the connection is closed.

In the embodiment of the application, the user can perform secondary data integrity verification on the data returned by the IPFS according to the safety requirement of the user or the verification timeliness of the IPFS so as to ensure higher safety connection.

Fig. 11 shows a schematic flowchart of still another cross-domain authentication provided by an embodiment of the present application, and as shown in fig. 10, a principal includes a user 1 (visitor) in a security domain 1, a user k (visitor) in the security domain k, an IPFS, and a blockchain. Compared with fig. 10, the cross-domain authentication method in fig. 11 transfers the process of secondary data integrity verification to the IPFS layer to complete, and the IPFS can perform a request and verification of secondary data integrity verification according to the security requirements of the user by only providing the security requirements of the user, so that the performance requirements on the user equipment are reduced, and time is saved.

Fig. 12 is a schematic block diagram illustrating an identity authentication apparatus according to an embodiment of the present application, where the identity authentication apparatus is disposed at a user end of a first security domain, and can be used to implement the identity authentication method in fig. 3. The identity authentication apparatus includes a transceiver 1210 and an authentication unit 1220, which are described below.

The transceiving unit 1210 is configured to receive identity information of a user of the second security domain sent by the user of the second security domain.

The transceiver unit 1210 is further configured to obtain first data from the first storage system, where the first data is used to verify the identity card information.

The authentication unit 1220 is configured to authenticate the identification information according to the first data to obtain an authentication result, where the authentication result includes passing authentication and failing authentication.

Optionally, the identification information is a digital certificate.

Optionally, the first data comprises a certificate and a certificate revocation list of a CA of the second security domain.

Optionally, the authenticating unit 1220 authenticates the digital certificate according to the first data to obtain an authentication result, where the authentication result is that the digital certificate passes the authentication, and includes: the transceiving unit 1210 obtains a certificate freeze list; the authentication unit 1220 determines that the digital certificate is in the certificate freeze list; the authentication unit 1220 determines that the authentication result is not passed.

Optionally, the certificate freeze list is generated for the CA of the first security domain from a transparency log of the second security domain.

Optionally, the certificate freeze list is stored in the first storage system and/or the block chain.

Optionally, the identity certification information is an anonymous certification, the anonymous certification is generated by the user of the second security domain according to the first information acquired from the first storage system, and the first information is generated by a CA of the first security domain.

Optionally, the first data includes the first information and an authentication key.

Optionally, after the transceiver 1210 obtains the first data required for authenticating the identification information from the first storage system, the apparatus is further configured to: the transceiving unit 1210 obtains a first hash value from the blockchain according to a first address of the first data, where the first address is used to indicate a first hash value of the first data stored in the blockchain; the authentication unit 1220 calculates a second hash value of the first data; the authentication unit 1220 determines that the first hash value is identical to the second hash value.

For the above description of the method in fig. 3, reference may be made to specific functions and advantageous effects of the transceiver 1210 and the authentication unit 1220, and for brevity, no further description is given here in this embodiment of the present application.

Fig. 13 is a schematic block diagram of another identity authentication apparatus according to an embodiment of the present application, where the identity authentication apparatus is disposed at a first storage system side, and may be used to implement the identity authentication method in fig. 4. The identity authentication apparatus includes a transceiving unit 1310 and an authentication unit 1320, which are described below.

A sending unit 1310, configured to receive a request sent by a user of a first security domain to obtain first data required for authenticating identity authentication information, where the identity authentication information is identity authentication information of the user of a second security domain;

the sending unit 1310 is further configured to send the first data to a user of the first security domain, so that the user of the first security domain authenticates the identification information according to the first data.

Optionally, the identification information is a digital certificate.

Optionally, the first data comprises a public key of a CA of the second security domain and a certificate revocation list.

Optionally, before the sending unit 1310 receives a request sent by a user of the first security domain to obtain first data required for authenticating identity information, the apparatus is further configured to: a sending unit 1310 receives a request sent by a CA of the first security domain to obtain a transparency log of the second security domain; sending unit 1310 sends a transparency log of the second security domain to a CA of the first security domain, so that the CA of the first security domain generates a certificate freeze list from the transparency log.

Optionally, before the transceiving unit 1310 receives a request sent by a user of the first security domain to obtain first data required for authenticating the identity information, the apparatus is further configured to: the transceiving unit 1310 receives the first data and a first address of the first data sent by a CA of the first security domain, the first address indicating a first hash value of the first data stored in the blockchain.

Optionally, the apparatus is further configured to: the transceiving unit 1310 obtains the first hash value from the blockchain according to the first address; the authentication unit 1320 calculates a second hash value of the first data; the authentication unit 1320 determines that the first hash value is the same as the second hash value.

Optionally, the authentication unit 1320 determines that the first hash value is not the same as the second hash value, and the apparatus is further configured to: the transceiving unit 1310 determines that the first hash value is not the same as the second hash value; the transceiving unit 1310 obtains second data from the second storage system; the authentication unit 1320 determines that the hash value of the second data is the same as the first hash value; the authentication unit 1320 replaces the first data with the second data.

Optionally, before the first storage system sends the first data to the user of the first security domain, the method further includes: the transceiving unit 1310 obtains the first hash value from the blockchain according to the first address; the authentication unit 1320 calculates a second hash value of the first data; the authentication unit 1320 determines that the first hash value is the same as the second hash value.

For the above description of the method in fig. 4, reference may be made to the specific functions and advantages of the transceiving unit 1310 and the authentication unit 1320, and for brevity, the embodiments of the present application are not described in detail herein again.

Fig. 14 shows a schematic block diagram of an electronic device of an embodiment of the application, as shown in fig. 14, comprising a processor 1410, a memory 1420 and a transceiver 1430. The processor is used for executing the identity authentication method, controlling the communication equipment, executing the software program, processing data of the software program and the like. The memory 1420 is used primarily for storing software programs and data. The transceiver 1430 is used for receiving and transmitting data information.

For ease of illustration, only one memory and processor are shown in FIG. 14. In an actual communication device product, there may be one or more processors and one or more memories. The memory may also be referred to as a storage medium or a storage device, etc. The memory may be provided independently of the processor, or may be integrated with the processor, which is not limited in this embodiment.

A transceiver may also be referred to as a transceiver unit, transceiver, transceiving means, etc. A processing unit may also be referred to as a processor, a processing board, a processing module, a processing device, or the like. The means for implementing the receiving function in the transceiver 1430 may be regarded as a receiving unit and the means for implementing the transmitting function in the transceiver 1430 may be regarded as a transmitting unit, i.e. the transceiver 1430 includes a receiving unit and a transmitting unit. A receiving unit may also be referred to as a receiver, a receiving circuit, or the like. A transmitting unit may sometimes also be referred to as a transmitter, or a transmitting circuit, etc.

The processor 1410, memory 1420 and transceiver 1430 communicate with each other via internal connections to transfer control and/or data signals

The methods disclosed in the embodiments of the present application may be applied to the processor 1410, or implemented by the processor 1410. Processor 1410 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 1410.

The processor described in the embodiments of the present application may be a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, a discrete gate or transistor logic device, or a discrete hardware component. The methods, steps and logic blocks disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present application may be directly implemented by a hardware decoding processor, or may be implemented by a combination of hardware and software modules in the decoding processor. The software modules may be located in Random Access Memory (RAM), flash memory, read-only memory (ROM), programmable ROM or electrically erasable programmable memory, registers, or other computer-readable storage media as is well known in the art. The computer readable storage medium is located in a memory, and a processor reads instructions in the memory and performs the steps of the method in combination with hardware thereof.

The embodiment of the application also provides a chip, which comprises a transceiver unit and a processing unit. The transceiver unit can be an input/output circuit and a communication interface; the processing unit is a processor or a microprocessor or an integrated circuit integrated on the chip. The chip may perform the method of fig. 3 or fig. 4 described above.

Embodiments of the present application also provide a computer-readable storage medium, on which instructions are stored, and when executed, the instructions perform the method in fig. 3 or fig. 4.

Embodiments of the present application also provide a computer program product containing instructions, which when executed perform the method of fig. 3 or fig. 4.

Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.

In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.

The method in the embodiments of the present application, if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium, and based on such understanding, the technical solution or parts of the technical solution in the present application may be embodied in the form of a software product stored in a storage medium and including several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method in the embodiments of the present application. The storage medium includes at least: various media capable of storing program codes, such as a usb disk, a portable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.

The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and all the changes or substitutions should be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims

1. A method of identity authentication, comprising:

a user of a first security domain receives identity authentication information of a user of a second security domain sent by a user of the second security domain;

a user of the first security domain obtains first data from a first storage system, wherein the first data is used for verifying the identification information;

and the user of the first security domain authenticates the identity authentication information according to the first data to obtain an authentication result, wherein the authentication result comprises passing authentication and not passing authentication.

2. The method of claim 1, wherein the identification information is a digital certificate.

3. The method of claim 2, wherein the first data comprises certificates and certificate revocation lists of CAs of the second security domain.

4. A method as claimed in claim 2 or 3, wherein the user of the first security domain authenticates the digital certificate against the first data to obtain an authentication result, the authentication result being authenticated, further comprising:

a user of the first security domain obtains a certificate freeze list;

a user of the first security domain determining that the digital certificate is in the certificate freeze list;

and the user of the first security domain judges that the authentication result is not passed.

5. The method of claim 4, wherein the certificate freeze list is generated by a CA of the first security domain from a transparency log of the second security domain.

6. The method according to claim 4 or 5, characterized in that the certificate freeze list is stored in the first storage system and/or the block chain.

7. The method of claim 1, wherein the identification information is an anonymous attestation generated for a user of the second security domain based on first information obtained from the first storage system, the first information generated for a CA of the first security domain.

8. The method according to claim 1 or 7, wherein the first data comprises the first information and an authentication key.

9. The method of any of claims 1 to 8, wherein after the user of the first security domain obtains first data required to authenticate the identification information from the first storage system, the method further comprises:

a user of the first security domain obtains a first hash value from the blockchain according to a first address of the first data, wherein the first address is used for indicating the first hash value of the first data stored in the blockchain;

a user of the first security domain computing a second hash value of the first data;

a user of the first security domain determines that the first hash value is the same as the second hash value.

10. A method of identity authentication, comprising:

the method comprises the steps that a first storage system receives a request, sent by a user of a first security domain, for acquiring first data required by authentication identity authentication information, wherein the identity authentication information is identity authentication information of the user of a second security domain;

the first storage system sends the first data to a user of the first security domain, so that the user of the first security domain authenticates the identification information according to the first data.

11. The method of claim 10, wherein the identification information is a digital certificate.

12. The method of claim 11, wherein the first data comprises a public key of a CA of the second security domain and a certificate revocation list.

13. The method of claim 11 or 12, wherein before the first storage system receives a request sent by a user of the first security domain to obtain first data required to authenticate the identity information, the method further comprises:

the first storage system receives a request sent by a CA of the first security domain for acquiring a transparency log of the second security domain;

the first storage system sends a transparency log of the second security domain to a CA of the first security domain, so that the CA of the first security domain generates a certificate freeze list according to the transparency log.

14. The method according to claim 13, wherein the certificate freeze list is stored in the first storage system and/or the block chain.

15. The method of claim 10, wherein the identification information is an anonymous attestation generated for a user of the second security domain based on first information obtained from the first storage system, the first information generated for a CA of the first security domain.

16. The method according to claim 10 or 15, wherein the first data comprises the first information and an authentication key.

17. The method according to any of claims 10 to 16, wherein prior to the first storage system receiving a request sent by a user of the first security domain to obtain first data required to authenticate the identity information, the method further comprises:

the first storage system receives the first data and a first address of the first data sent by a CA of the first security domain, the first address indicating a first hash value of the first data stored in the blockchain.

18. The method of claim 17, further comprising:

the first storage system acquires the first hash value from the block chain according to the first address;

the first storage system calculating a second hash value of the first data;

the first storage system determines that the first hash value is the same as the second hash value.

19. The method of claim 18, wherein the first storage system determines that the first hash value is not the same as the second hash value, the method further comprising:

the first storage system acquires second data from a second storage system;

the first storage system determining that the hash value of the second data is the same as the first hash value;

the first storage system replaces the first data with the second data.

20. The method of any of claims 10 to 19, wherein prior to the first storage system sending the first data to a user of the first security domain, the method further comprises:

the first storage system calculating a second hash value of the first data;

21. An electronic device, comprising:

a memory for storing a program;

a processor for executing the memory-stored program, the processor being configured to perform the method of identity authentication of any of claims 1 to 9 or of any of claims 10 to 20 when the memory-stored program is executed by the processor.

22. A computer-readable storage medium, characterized in that the computer-readable medium stores program code for execution by a device, the program code comprising instructions for performing the method of identity authentication according to any one of claims 1 to 9 or any one of claims 10 to 20.

23. A chip comprising a processor and a data interface, the processor reading instructions stored on a memory through the data interface to perform a method of identity authentication as claimed in any one of claims 1 to 9 or any one of claims 10 to 20.