CN115225428A - Robot authentication system and method - Google Patents
Robot authentication system and method Download PDFInfo
- Publication number
- CN115225428A CN115225428A CN202110729418.6A CN202110729418A CN115225428A CN 115225428 A CN115225428 A CN 115225428A CN 202110729418 A CN202110729418 A CN 202110729418A CN 115225428 A CN115225428 A CN 115225428A
- Authority
- CN
- China
- Prior art keywords
- robot
- authentication
- target
- block chain
- vpn
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
Abstract
The utility model relates to a robot authentication system and a method, the system comprises a plurality of VPN POPs, each VPN POP has the robot authentication authority granted by a robot authentication center and can acquire a block chain account book in a block chain network, and the block chain account book comprises the registered registration information of the registered robot; any VPN POP is used for receiving an authentication request of a target robot, wherein the authentication request comprises first verification information and verification parameters, a target identification code of the target robot is obtained from a block chain account book according to a target block chain address in the verification parameters, and second verification information is obtained through calculation according to the verification parameters and the target identification code; the target block chain address is the block chain address of the target robot, the first verification information is obtained by the target robot through calculation based on the verification parameters and the target identification code, and the target robot passes the authentication of the VPN POP under the condition that the first verification information is the same as the second verification information.
Description
Technical Field
The present disclosure relates to the field of robot technology, and in particular, to a robot authentication system and method.
Background
Currently, robots have been increasingly used in various industries. Moreover, with the development of artificial intelligence technology, the capability of the robot is stronger and stronger, and further, the destructiveness of the robot caused by illegal intrusion is stronger and stronger.
In order to improve safety, the management and control of the robot are performed after the robot passes authentication. For example, in the related art, a robot account and a password may be preset in the robot, so that the robot may authenticate with a robot authentication center through the robot account and the password. However, such an approach still faces safety risks while also increasing the burden on the robotic authentication center.
Disclosure of Invention
The present disclosure is directed to a robot authentication system and method for solving the above-mentioned related problems.
In order to achieve the above object, according to a first aspect Of the embodiments Of the present disclosure, a robot authentication system is provided, which includes a plurality Of Virtual Private Network service access points (VPN POPs), each Of the VPN POPs has a robot authentication authority granted by a robot authentication center and is capable Of acquiring a blockchain account book in a blockchain Network, where the blockchain account book includes registration information Of a registered robot, and the registration information includes a blockchain address Of the robot and an identification code corresponding to the blockchain address;
any VPN POP is used for receiving an authentication request of a target robot, wherein the authentication request comprises first verification information and verification parameters, a target identification code of the target robot is obtained from a block chain account book according to a target block chain address in the verification parameters, and second verification information is obtained through calculation according to the verification parameters and the target identification code;
the target block chain address is the block chain address of the target robot, the first verification information is obtained by calculation of the target robot based on the verification parameters and the target identification code, and the target robot passes authentication of the VPN POP under the condition that the first verification information is the same as the second verification information.
Optionally, the verification parameters include: a blockchain address of the target robot, a timestamp, and a random number generated by the target robot;
and the target robot is used for calculating the first verification information by using the HMAC-SHA256 algorithm by taking the target identification code as a secret key and the verification parameters as calculated data.
Optionally, the VPN POP is further configured to:
under the condition that the target robot passes the authentication of the robot authentication center, sending an access token to the target robot and the robot authentication center so that the robot authentication center sends the access token to an interaction end corresponding to the target robot;
wherein the access token is used for the interactive terminal to verify the interactive request of the target robot.
Optionally, the blockchain account book further includes registration information of a registered VPN POP, where the registration information includes a blockchain address of the VPN POP and a public key of the VPN POP, and the robot authentication system further includes:
the system comprises a robot authentication center, a target VPN POP and a server, wherein the robot authentication center can acquire a block chain account book in a block chain network and is used for determining whether the target VPN POP is registered or not based on registration information in the block chain account book when receiving an authentication request of the target VPN POP and performing bidirectional authentication with the target VPN POP under the condition that the target VPN POP is registered; under the condition that the bidirectional authentication is successful, the target VPN POP has the robot authentication authority;
the target VPN POP is also used for sending authentication abnormal information to the target robot if the fact that the target VPN POP is not successfully authenticated with the robot authentication center in a two-way mode is determined when the authentication request of the target robot is received;
and the target robot is further used for sending an authentication request to any VPN POP in the plurality of VPN POPs after receiving the authentication abnormal information.
Optionally, the method further comprises:
the first authentication management terminal is a blockchain node with a robot registration authority and is used for writing registration information in a registration request into the blockchain account book when the robot registration request is received; sending starting node information of the blockchain network to the robot, wherein the registration information comprises a blockchain address and an identification code of the robot;
and the robot is used for storing the starting node information and accessing to the block chain network based on the starting node information.
Optionally, the method further comprises:
the second authentication management terminal is a block chain node with a robot registration authority and is used for generating a private key, a public key, a block chain address, identification information and an identification code corresponding to the robot when a registration request of the robot is received; writing the public key, the block chain address and the identification code into a block chain account book as registration information of the robot; sending starting node information, the identification information and the private key of the block chain network to the robot;
the robot is used for storing the private key, the identification information and the starting node information, accessing the block chain network based on the starting node information, and acquiring a block chain address and an identification code of the robot from a block chain account book based on the identification information.
Optionally, the method further comprises:
and the third authentication management terminal is a block chain node with a robot logout authority and is used for determining a robot to be logout according to a robot identifier in a logout request and updating the registration information of the robot to be logout in the block chain book to be a logout state when the robot logout request is received.
Optionally, the method further comprises:
the fourth authentication management terminal is a block link point with a registration authority of the robot authentication center, and is used for writing registration information in a registration request into the block link book when the registration request of the robot authentication center is received, wherein the registration information comprises a block link address and a public key of the robot authentication center; and/or the presence of a gas in the gas,
and the fifth authentication management terminal is a block chain node with VPN POP registration authority and is used for writing registration information in the registration request into the block chain account book when receiving the registration request of the VPN POP, wherein the registration information comprises a block chain address and a public key of the VPN POP.
According to a second aspect of the embodiments of the present disclosure, there is provided a robot authentication method for a VPN POP that has a robot authentication authority granted by a robot authentication center and is capable of acquiring a blockchain ledger in a blockchain network, where the blockchain ledger includes registration information of a registered robot, and the registration information includes a blockchain address of the robot and an identification code corresponding to the blockchain address, the method including:
receiving an authentication request of a target robot, wherein the authentication request comprises first verification information and verification parameters;
acquiring a target identification code of the target robot from a block chain book according to a target block chain address in the verification parameters, wherein the target block chain address is the block chain address of the target robot;
calculating to obtain second verification information according to the verification parameters and the target identification code;
determining that the target robot is authenticated in the case that the first verification information is the same as the second verification information;
wherein the first verification information is calculated by the target robot based on the verification parameters and the target identification code.
Optionally, the verifying parameters include a blockchain address of the target robot, a timestamp, and a random number generated by the target robot, and the calculating to obtain second verifying information according to the verifying parameters and the target identification code includes:
and taking the target identification code as a key, taking the verification parameter as calculated data, and calculating by using an HMAC-SHA256 algorithm to obtain the second verification information.
Optionally, the VPN POP obtains the robot authentication authority by:
sending an identity authentication request to a robot authentication center; the block chain network comprises a robot authentication center, the robot authentication center can acquire a block chain account book in the block chain network, the block chain account book comprises registration information of a registered VPN POP, the network authentication request comprises registration verification information of the VPN POP, and the registration verification information is used for determining whether the VPN POP is registered or not by the robot authentication center and initiating a bidirectional authentication process with the VPN POP under the condition that the VPN POP is registered;
under the condition that the robot authentication center initiates a bidirectional authentication process, performing bidirectional authentication with the robot authentication center;
and under the condition that the VPN POP and the robot authentication center perform bidirectional authentication successfully, the VPN POP obtains the robot authentication authority.
According to a third aspect of embodiments of the present disclosure, there is provided a robot authentication method for a target robot, the method including:
acquiring verification parameters and a target identification code of the target robot, wherein the verification parameters comprise a block chain address of the target robot;
calculating to obtain first verification information according to the verification parameters and the target identification codes;
sending an authentication request comprising the first verification information and the verification parameters to any VPN POP in a block chain network;
any VPN POP has a robot authentication authority granted by a robot authentication center and can acquire a block chain account book in a block chain network, wherein the block chain account book comprises registered information of a registered robot, and the registered information comprises a block chain address of the robot and an identification code corresponding to the block chain address; and the VPN POP acquires a target identification code of the target robot from a block chain book based on a target block chain address in the verification parameters, calculates to obtain second verification information according to the verification parameters and the target identification code, and the target robot passes the authentication of the VPN POP under the condition that the first verification information is the same as the second verification information.
According to the technical scheme, a plurality of VPN POPs are arranged in a block chain network, and each VPN POP has a robot authentication authority granted by a robot authentication center. In this way, any VPN POP can perform network authentication on the registered robot, so that the performance bottleneck problem and the safety risk of a single robot authentication center during robot authentication are avoided.
Moreover, since the registration information of the robot is stored in the blockchain account book, the robot authentication center does not need to maintain the registration information of the robot again because the maintenance and management can be performed by the blockchain system. By adopting the mode, the complexity of the robot authentication center can be reduced, and the reliability of the robot authentication center is improved.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure and are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description serve to explain the disclosure without limiting the disclosure. In the drawings:
fig. 1 is a schematic view of a robot authentication scenario according to an exemplary embodiment of the present disclosure.
Fig. 2 is a schematic diagram of a robotic authentication system shown in an exemplary embodiment of the present disclosure.
Fig. 3 is a schematic diagram of a robotic authentication system shown in an exemplary embodiment of the present disclosure.
Fig. 4 is a flowchart illustrating a method of robot authentication according to an exemplary embodiment of the present disclosure.
Fig. 5 is a flowchart illustrating a method of robot authentication according to an exemplary embodiment of the present disclosure.
Detailed Description
The following detailed description of specific embodiments of the present disclosure is provided in connection with the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the present disclosure, are given by way of illustration and explanation only, not limitation.
Before introducing the robot authentication system and method of the present disclosure, an application scenario of the present disclosure is first introduced, and the embodiments provided by the present disclosure may be used in an authentication scenario of a robot, for example.
In order to improve the safety of the robot, the robot must be managed and controlled after the robot passes the authentication. In the related art, a robot account and a password may be preset in a robot, so that the robot may perform authentication in a robot authentication center through the robot account and the password.
In some implementation scenarios, it is also possible to preset a symmetric key in the robot (the symmetric key in each robot is different), and to save the preset symmetric key of the robot within its management range in the robot authentication center. In this way, the robot may be authenticated in a manner similar to mobile network access authentication.
However, in this way, the robot needs to locally save the robot account information or the symmetric key, and there is a risk of disclosure. In order to improve the security, the account information needs to be changed periodically. And, the robot authentication center is a centralized component that manages, stores, and maintains account and password information of all robots, and once the robot authentication center is out of control, the robot may be counterfeited. Meanwhile, when the robot authentication center stops service due to related reasons (natural disasters, power failure, etc.), the phenomenon that the robot cannot authenticate may occur, thereby affecting service availability. In addition, since all the robot authentications are performed in the robot authentication center, the complexity of the robot authentication center is high. Moreover, in the case of a large number of robots, the robot authentication center may also have a performance bottleneck.
To this end, the present disclosure provides a robot authentication system including a plurality of virtual private network service access points (VPN POPs), each of which has a robot authentication authority granted by a robot authentication center. The robot authentication center may be set as a node in a blockchain network, for example. Referring to a schematic diagram of a robot authentication scenario shown in fig. 1, the number of VPN POPs may be 3, and each VPN POP may serve as a node in a blockchain network, so as to interact with other blockchain nodes (illustrated as blockchain node 1 in the figure) in the blockchain network.
Through the arrangement, the VPN POP can acquire a block chain account book in the block chain network, wherein the block chain account book comprises the registered information of the registered robot. Here, the registration information may include, for example, a blockchain address of the robot and an identification code corresponding to the blockchain address. The Identification code may be a PIN (Personal Identification Number) code corresponding to each robot, and the Identification codes may be different between the robots.
For example, the robot may generate a public key, a private key, and an identification code, and generate a blockchain address based on the public key. In this way, the robot can register based on the blockchain address and the identification code. After registration is successful, the blockchain address and identification code of the robot are written into a blockchain ledger.
In some implementation scenarios, the registration information of the robot may further include relevant information of the robot, such as a robot type, a public key, a robot ID (Identity), and the like, which is not limited by this disclosure.
Referring to fig. 1, any VPN POP is configured to receive an authentication request of a target robot, where the authentication request includes first verification information and a verification parameter, obtain a target identification code of the target robot from a blockchain book according to a target blockchain address in the verification parameter, and calculate second verification information according to the verification parameter and the target identification code;
the target block chain address is the block chain address of the target robot, and the first verification information is calculated by the target robot based on the verification parameters and the target identification code. For example, in some implementation scenarios, the verification parameters may include: a target block chain address, a timestamp, and a random number generated by the target robot;
and the target robot is used for calculating the first verification information by using the HMAC-SHA256 algorithm by taking the target identification code as a secret key and the verification parameters as calculated data.
Specifically, the target robot can acquire its own target block chain address robot-did, identification code pin-code, and local timestamp (e.g., a timestamp that can be 0 min 0 s, 0 h 1 st 0 h 1970, 8 bytes in length, unit millisecond, GMT +00 time), and generate a random number random (e.g., 32 bytes).
After the information is obtained, the target robot may obtain, based on an HMAC-SHA256 algorithm, pin-code as a key of the HMAC, and random | | | time estimate | | | robot-did as calculated data, and calculate to obtain an HMAC result mac1 (32 bytes) as the first verification information. Where "|" represents a splice.
In this way, the target robot may send an authentication request including the first verification information mac1, the target blockchain address robot-did, the random number random, and the timestamp to the VPN POP. Of course, in some scenarios, the robot may also concatenate mac1, random, timestamp, and robot-id to obtain OTP (One Time Password). In this case, the authentication request includes the OTP.
After receiving the authentication request of the target robot, the VPN POP can analyze and obtain the target block chain address robot-did, the random number random and the timestamp. And acquiring a target identification code of the target robot from the block chain account book based on the target block chain address. In this way, the VPN POP may also use the obtained pin-code as a key of the HMAC and random | | | time | | | robot-did as the calculated data based on the HMAC-SHA256 algorithm, and calculate to obtain an HMAC result mac2 as the second verification information.
By comparing the first verification information with the second verification information, the VPN POP can authenticate the target robot. For example, in a case where the first verification information is the same as the second verification information, the target robot passes authentication of the VPN POP. And if the first verification information is different from the second verification information, the authentication is not passed.
It should be noted that the above embodiments exemplify the robot authentication process of the present disclosure by taking the verification parameters as the target blockchain address, the timestamp, and the random number generated by the target robot. Those skilled in the art will appreciate that, in implementations, the above parameters may also be adjusted accordingly (e.g., to add relevant robot information). Meanwhile, the one-way hash function used in the HMAC may not be limited to the above example, and a related high-strength one-way hash function (e.g., SHA-1) may also be used for the HMAC, which is not limited by the present disclosure.
According to the technical scheme, a plurality of VPN POPs are arranged in a block chain network, and each VPN POP has a robot authentication authority granted by a robot authentication center. In this way, any VPN POP can perform network authentication on the registered robot, so that the performance bottleneck problem and the security risk caused by centralization when a single robot authentication center performs robot authentication are avoided.
Moreover, since the registration information of the robot is stored in the blockchain account book, the robot authentication center does not need to maintain the registration information of the robot again because the maintenance and management can be performed by the blockchain system. By adopting the mode, the complexity of the robot authentication center can be reduced, and the reliability of the robot authentication center is improved.
In one possible implementation, the VPN POP is further configured to:
and under the condition that the target robot passes through the authentication of the robot authentication center, sending an access token (access-token) to the target robot and the robot authentication center so that the robot authentication center sends the access token to an interaction end corresponding to the target robot.
The robot authentication center can be a system component of a service side, and can send the access token to the robot authentication center, and then the robot authentication center can send the access token to the interaction end corresponding to the target robot. The interaction end can be, for example, a robot management system, a business system, etc. to which the target robot relates. The access token is used for the interactive terminal to verify the interactive request of the target robot.
In some implementation scenarios, the access token may also correspond to an identification (e.g., a number ID) of the robot. In this case, the VPN POP may also send the identity of the target robot and the corresponding access token to the robot authentication center if the target robot is authenticated. Correspondingly, the robot authentication center can send the identity of the target robot and the corresponding access token to the interaction end corresponding to the target robot.
In some implementation scenarios, the access token may also include a corresponding validity period, such as 1 hour, 1 day, and so on. The target robot may interact with the robot interaction end via the access token during the validity period of the access token. And after the validity of the access token expires, the target robot needs to authenticate with the VPN POP again according to the flow.
In this way, the robot that passes the authentication can be managed, which contributes to improving the safety of the robot.
Fig. 2 is a schematic diagram of a robot authentication system shown in the present disclosure, in some implementation scenarios, the blockchain ledger further includes registration information of a registered VPN POP, where the registration information includes a blockchain address of the VPN POP and a public key of the VPN POP, and the robot authentication system further includes:
the system comprises a robot authentication center, a target VPN POP and a server, wherein the robot authentication center can acquire a block chain account book in a block chain network and is used for determining whether the target VPN POP is registered or not based on registration information in the block chain account book when receiving an authentication request of the target VPN POP and performing bidirectional authentication with the target VPN POP under the condition that the target VPN POP is registered; and under the condition that the bidirectional authentication is successful, the target VPN POP has the robot authentication authority.
Illustratively, the target VPN POP may send a network authentication request to the robotic authentication center, which may include, for example, a second blockchain address and a second random number a of the target VPN POP. In this way, the robot authentication center may query the blockchain address in the blockchain ledger. In the case where the robot authentication center does not inquire the second blockchain address, it may be determined that the target VPN POP is not registered, and thus the authentication procedure may be terminated. And under the condition that the robot authentication center inquires the second block chain address, the target VPN POP can be determined to be registered, and then a bidirectional authentication process can be initiated.
The following is an exemplary description of the flow of mutual authentication. For example, the robotic authentication center may send a first random number B to a target VPN POP along with a first blockchain address of the robotic authentication center.
The target VPN POP can receive the first random number B and the first block chain address, SIGN the first random number B based on a private key of the target VPN POP to obtain a signature result SIGN (A), and send the SIGN (A) to the robot authentication center.
The robot authentication center can obtain a public key PK (A) of the target VPN POP by inquiring a block chain account book based on the second block chain address, and decrypt and verify SIGN (A) through the public key PK (A). And when the decryption fails and/or the decryption result is not the first random number B, the authentication fails and the authentication process is terminated. And when the decryption is successful and the decryption result is the first random number B, the authentication is successful. In this way, the robot authentication center may SIGN the second random number a based on its own private key to obtain SIGN (B), and send SIGN (B) to the target VPN POP, so that the target VPN POP authenticates the robot authentication center.
Correspondingly, the target VPN POP can obtain a public key PK (B) of the robot authentication center by querying a blockchain account book based on the first blockchain address, and decrypt and verify SIGN (B) through the public key PK (B). And when the decryption is successful and the decryption result is the second random number A, the authentication is successful. And when the decryption fails and/or the decryption result is not the second random number A, the authentication fails.
In the technical scheme, the robot can be authenticated only by the VPN POP authenticated by the robot authentication center, so that the safety of the robot authentication system can be improved.
The above embodiment exemplifies the bidirectional authentication flow between the target VPN POP and the robot authentication center of the present disclosure. However, those skilled in the art should understand that, in a specific implementation, there may be multiple ways of performing bidirectional authentication through an asymmetric cryptographic mechanism (for example, there may be corresponding variations in the bidirectional authentication ways under different communication standards), and for brevity of the description, the present disclosure is not described herein again.
Continuing with the above example, the target VPN POP is further configured to, upon receiving an authentication request from a target robot, send authentication anomaly information to the target robot if it is determined that the target VPN POP does not perform bidirectional authentication with the robot authentication center;
and the target robot is further used for sending an authentication request to any VPN POP in the plurality of VPN POPs after receiving the authentication abnormal information.
By the method, the problem that the robot cannot access the VPN network due to the fact that a certain VPN POP stops service can be solved, and the usability of the system is improved.
It should be noted that the robot information, the robot authentication center information, and the VPN POP information recorded in the blockchain account book are important data for access authentication. Therefore, in some implementation scenarios, the relevant authority control strategy can also be set for the robot and the addition modification process of the robot authentication center.
For example, in one possible implementation, the rights control may be based on a chain of permissions. In the license chain, it may be restricted whether different blockchain accounts have write and modify rights to certain data. For example, data write permission and data modification permission may be configured for a blockchain account in an OSS (Business Support System) and/or a BSS (Operation Support System), and data read permission may be set for a blockchain account related to a robot, a VPN POP, or a robot authentication center.
In some possible embodiments, the robot and the data related to the robot authentication center may also be managed based on established intelligent contracts. For example, a corresponding intelligent contract may be written, and the storage of information may be achieved through the intelligent contract. The intelligent contracts may provide interfaces for registration, modification, deregistration, querying, etc. The calling authorities of the interfaces of registration, modification, cancellation, query and the like are distributed to the block chain accounts corresponding to the OSS/BSS, and the block chain accounts corresponding to the robot, the VPN POP and the robot authentication center are set to have the calling authorities of the query interfaces.
As such, in some implementation scenarios, the system may further include a first authentication manager. Referring to a schematic view of a robot authentication scenario shown in fig. 3, the first authentication management end is a block link point having a robot registration authority, and may correspond to an account related to an OSS/BSS.
The first authentication management terminal is used for writing the registration information in the registration request into the block chain account book when receiving the robot registration request; sending starting node information of the blockchain network to the robot, wherein the registration information comprises a blockchain address and an identification code of the robot;
and the robot is used for storing the starting node information and accessing to the block chain network based on the starting node information.
For example, the robot may generate a public key, a private key, and an identification code, and generate a blockchain address from the public key. In this way, the robot may send a registration request including the block chain address and the identification code to the first authentication management side.
After receiving the registration request, the first authentication management terminal can write the blockchain address and the identification code of the robot into a blockchain account book in a mode of sending a transaction to a blockchain network, so that registration is completed.
Of course, in some embodiments, the registration information of the robot may also include the type, number, public key, etc. of the robot. After receiving the registration request, the first authentication management terminal may also verify the relevant information of the robot, which is not limited in this disclosure.
In addition, the first authentication management terminal can also send starting node information of the block chain network to the robot. Correspondingly, the robot may be configured to store the start node information, and access to the blockchain network based on the start node information.
For example, the robot may connect to the blockchain network through the blockchain connection protocol by using a light node protocol or an RPC according to the recorded start node information. In this way, after connecting to the blockchain network, the robot can send an authentication request to any VPN POP in the blockchain network for authentication.
By adopting the technical scheme, the registration process of the robot can be managed by setting the first authentication management terminal, and the writing authority of the robot information is controlled.
In some implementation scenarios, the system further includes a second authentication management terminal, where the second authentication management terminal is a block link point with robot registration authority, and may correspond to an account related to the OSS/BSS.
The second authentication management terminal is used for generating a private key, a public key, a block chain address, identification information and an identification code corresponding to the robot when receiving a registration request of the robot; writing the public key, the block chain address and the identification code into a block chain account book as registration information of the robot; sending starting node information of the block chain network, the identification information and the private key to the robot;
the robot is used for storing the private key, the identification information and the starting node information, accessing the block chain network based on the starting node information, and acquiring a block chain address and an identification code of the robot from a block chain account book based on the identification information.
In this way, the public key, the blockchain address, the identification information and the identification code of the robot are generated by the relevant nodes of the OSS/BSS and saved onto the chain. And the robot acquires the block chain address and the identification code of the robot from the chain during each authentication, and then performs authentication.
That is, the authentication process of the robot does not need an account password, and the related information (blockchain address, identification code, etc.) involved in the authentication process is not maintained locally in the robot. Therefore, the technical scheme avoids the risk of secret divulging of the account number of the robot and also reduces the risk of counterfeiting the robot.
In some implementations, the system can also include a third authentication manager. The third authentication management terminal is a block link point with a robot logout authority, and can correspond to an account related to the OSS/BSS.
And the third authentication management terminal is used for determining the robot to be logged out according to the robot identification in the logout request when receiving the robot logout request, and updating the registration information of the robot to be logged out in the block chain account book to be in a failure state.
Here, the robot logout request may be transmitted by the relevant robot management side or may be transmitted by the robot. In some embodiments, the robot logout request may also be automatically generated by the third authentication management terminal based on preset rules. For example, when the robots register, a corresponding valid time interval may be set for each robot, and when the valid time interval is exceeded, the robot logout request is automatically generated. The robot identifier in the robot logout request may be, for example, an identifier that can distinguish a robot, such as a robot number, and the disclosure does not limit this.
In this way, when the third authentication management terminal receives a robot logout request, the third authentication management terminal can determine the robot to be logout according to the robot identifier in the logout request. The third authentication management terminal can also update the registration information of the robot to be logged out in the blockchain account book to be in a failure state by sending a transaction mode to a blockchain network. Since the registration information is updated to the disabled state, the robot to be logged out can no longer pass authentication of the VPN POP.
In this way, the registered robot can be managed based on the third authentication management side, and the logout authority of the robot information can be controlled.
In a possible implementation manner, the system further includes a fourth authentication management terminal, where the fourth authentication management terminal is a block link point with a robot authentication center registration authority, and may correspond to an account related to the OSS/BSS.
The fourth authentication management terminal is configured to, when receiving a registration request of a robot authentication center, write registration information in the registration request into the blockchain ledger, where the registration information includes a blockchain address and a public key of the robot authentication center.
For example, the robot certificate authority may generate a public key and a private key, and generate a blockchain address from the public key. In this way, the robot authentication center may send a registration request including the block chain address and the public key to the fourth authentication management side.
After receiving the registration request, the fourth authentication management terminal may write the blockchain address and the public key of the robot authentication center into a blockchain ledger by sending a transaction to a blockchain network, thereby completing registration.
By adopting the technical scheme, the registration process of the robot authentication center can be managed by arranging the fourth authentication management terminal, and the writing authority of the information of the robot authentication center is controlled.
Similarly, the system may include a fifth authentication management end, where the fifth authentication management end is a blockchain node having a VPN POP registration authority, and is configured to, when receiving a registration request of a VPN POP, write registration information in the registration request into the blockchain book, where the registration information includes a blockchain address and a public key of the VPN POP.
It should be noted that, for convenience and brevity of description, the embodiments described in the specification are all preferred embodiments, and the reference portions thereof are not necessarily essential to the present invention. For example, the first authentication management side, the second authentication management side, and the like may be independent system components or may be the same system component in specific implementation. In addition, the first authentication management terminal, the second authentication management terminal, etc. may also correspond to related blockchain management accounts, and these blockchain management accounts may also not correspond to OSS/BSS, which is not limited by this disclosure.
Based on the same invention concept, the disclosure also provides a robot authentication method, which is used for VPN POP, wherein the VPN POP has the robot authentication authority granted by the robot authentication center and can acquire a block chain account book in a block chain network, and the block chain account book comprises registered information of registered robots.
Here, the registration information may include, for example, a blockchain address of the robot and an identification code corresponding to the blockchain address. The identification code may be a PIN code corresponding to each robot, and the identification code may be kept different between the robots.
For example, the robot may generate a public key, a private key, and an identification code, and generate a blockchain address based on the public key. In this way, the robot can register based on the blockchain address and the identification code. After registration is successful, the blockchain address and identification code of the robot are written into a blockchain ledger.
In some implementation scenarios, the registration information of the robot may further include relevant information of the robot, such as a robot type, a public key, a robot ID, and the like, which is not limited by this disclosure.
Fig. 4 is a flow chart of a method of robot authentication shown in the present disclosure, the method comprising:
s41, receiving an authentication request of the target robot, wherein the authentication request comprises first verification information and verification parameters;
s42, acquiring a target identification code of the target robot from a block chain book according to a target block chain address in the verification parameters, wherein the target block chain address is the block chain address of the target robot;
s43, calculating to obtain second verification information according to the verification parameters and the target identification code;
s44, determining that the target robot passes the authentication under the condition that the first verification information is the same as the second verification information;
wherein the first verification information is calculated by the target robot based on the verification parameters and the target identification code.
By way of example, the verification parameters may include: a target block chain address, a timestamp, and a random number generated by the target robot. And the target robot takes the target identification code as a secret key, takes the verification parameters as calculated data, and obtains the first verification information through calculation of an HMAC-SHA256 algorithm.
Specifically, the target robot can acquire its own target block chain address robot-did, identification code pin-code, and local timestamp (e.g., a timestamp that can be 0 min 0 s, 0 h 1 st 0 h 1970, 8 bytes in length, unit millisecond, GMT +00 time), and generate a random number random (e.g., 32 bytes).
After the information is obtained, the target robot may obtain, based on an HMAC-SHA256 algorithm, pin-code as a key of the HMAC, and random | | | time estimate | | | robot-did as calculated data, and calculate to obtain an HMAC result mac1 (32 bytes) as the first verification information. Where "|" represents a splice.
In this way, the target robot can send an authentication request including the first verification information mac1, the target block chain address robot-did, the random number random, and the timestamp to the VPN POP. Of course, in some scenarios, the robot may also concatenate mac1, random, timestamp, and robot-id to obtain OTP (One Time Password). In this case, the authentication request includes the OTP.
After receiving the authentication request of the target robot, the VPN POP can analyze and obtain the target block chain address robot-did, the random number random and the timestamp. And acquiring a target identification code of the target robot from the block chain account book based on the target block chain address. In this way, the VPN POP may also use the obtained pin-code as a key of the HMAC and random | | | time | | | robot-did as the calculated data based on the HMAC-SHA256 algorithm, and calculate to obtain an HMAC result mac2 as the second verification information.
By comparing the first verification information with the second verification information, the VPN POP can authenticate the target robot. For example, in a case where the first verification information is the same as the second verification information, the target robot passes authentication of the VPN POP. And if the first verification information is different from the second verification information, the authentication is not passed.
It should be noted that the above embodiments exemplify the robot authentication process of the present disclosure by taking the verification parameters as the target blockchain address, the timestamp, and the random number generated by the target robot. Those skilled in the art will appreciate that, in implementations, the above parameters may also be adjusted accordingly (e.g., to add relevant robot information). Meanwhile, the one-way hash function used in the HMAC may not be limited to the above example, and a related high-strength one-way hash function (e.g., SHA-1) may also be used for the HMAC, which is not limited by the present disclosure.
According to the technical scheme, a plurality of VPN POPs are arranged in a block chain network, and each VPN POP has a robot authentication authority granted by a robot authentication center. In this way, any VPN POP can perform network authentication on the registered robot, so that the performance bottleneck problem and the security risk caused by centralization when a single robot authentication center performs robot authentication are avoided.
Moreover, since the registration information of the robot is stored in the blockchain account book, the robot authentication center does not need to maintain the registration information of the robot again because the maintenance and management can be performed by the blockchain system. By adopting the mode, the complexity of the robot authentication center can be reduced, and the reliability of the robot authentication center is improved.
In one possible implementation, the VPN POP obtains the robot authentication authority by:
sending an identity authentication request to a robot authentication center; the block chain network comprises a robot authentication center, the robot authentication center can acquire a block chain account book in the block chain network, the block chain account book comprises registration information of a registered VPN POP, the network authentication request comprises registration verification information of the VPN POP, and the registration verification information is used for determining whether the VPN POP is registered or not by the robot authentication center and initiating a bidirectional authentication process with the VPN POP under the condition that the VPN POP is registered;
under the condition that the robot authentication center initiates a bidirectional authentication process, performing bidirectional authentication with the robot authentication center;
and under the condition that the VPN POP and the robot authentication center perform bidirectional authentication successfully, the VPN POP obtains the robot authentication authority.
Illustratively, the VPN POP may send a network authentication request to the robotic authentication center, which may include, for example, a second blockchain address of the VPN POP and a second random number a. In this way, the robot authentication center may query the blockchain address in the blockchain ledger. In a case where the robot authentication center does not inquire the second blockchain address, it may be determined that the VPN POP is not registered, so that the authentication procedure may be terminated. And under the condition that the robot authentication center inquires the second blockchain address, determining that the VPN POP is registered, and further initiating a bidirectional authentication process.
The following is an exemplary description of the flow of mutual authentication. For example, the robotic authentication center may send the first random number B and a first blockchain address of the robotic authentication center to a VPN POP.
The VPN POP may receive the first random number B and the first block chain address, SIGN the first random number B based on a private key of the VPN POP to obtain a signature result SIGN (a), and send the SIGN (a) to the robot authentication center.
The robot authentication center can obtain a public key PK (A) of the VPN POP by inquiring a block chain account book based on the second block chain address, and decrypt and verify the SIGN (A) through the public key PK (A). And when the decryption fails and/or the decryption result is not the first random number B, the authentication fails and the authentication process is terminated. And when the decryption is successful and the decryption result is the first random number B, the authentication is successful. In this way, the robot authentication center may SIGN the second random number a based on its own private key to obtain SIGN (B), and send SIGN (B) to a VPN POP, so that the VPN POP authenticates the robot authentication center.
Correspondingly, the VPN POP can obtain a public key PK (B) of the robot authentication center by querying a blockchain account book based on the first blockchain address, and decrypt and verify SIGN (B) through the public key PK (B). And when the decryption is successful and the decryption result is the second random number A, the authentication is successful. And when the decryption fails and/or the decryption result is not the second random number A, the authentication fails.
Therefore, the safety of the robot authentication system can be improved through the authentication between the VPN POP and the robot authentication center.
The present disclosure also provides a robot authentication method for a target robot, which may be the robot described in the above embodiments. The method comprises the following steps:
s51, acquiring verification parameters and a target identification code of the target robot, wherein the verification parameters comprise a block chain address of the target robot;
s52, calculating to obtain first verification information according to the verification parameters and the target identification code;
s53, an authentication request comprising the first verification information and the verification parameters is sent to any VPN POP in a block chain network;
any VPN POP has a robot authentication authority granted by a robot authentication center and can acquire a block chain account book in a block chain network, wherein the block chain account book comprises registered information of a registered robot, and the registered information comprises a block chain address of the robot and an identification code corresponding to the block chain address; and the VPN POP acquires a target identification code of the target robot from a block chain book based on a target block chain address in the verification parameters, calculates to obtain second verification information according to the verification parameters and the target identification code, and the target robot passes the authentication of the VPN POP under the condition that the first verification information is the same as the second verification information.
For the authentication process between the target robot and the VPN POP, please refer to the above embodiments, and for the simplicity of the description, the disclosure is not repeated herein.
According to the technical scheme, a plurality of VPN POPs are arranged in a block chain network, and each VPN POP has a robot authentication authority granted by a robot authentication center. In this way, any VPN POP can perform network authentication on the registered robot, so that the performance bottleneck problem and the safety risk of a single robot authentication center during robot authentication are avoided. For example, when a certain VPN POP fails, the target robot can also be authenticated by other VPN POPs.
Moreover, since the registration information of the robot is stored in the blockchain account book, the robot authentication center does not need to maintain the registration information of the robot again because the maintenance and management can be performed by the blockchain system. By adopting the mode, the complexity of the robot authentication center can be reduced, and the reliability of the robot authentication center is improved.
In another exemplary embodiment, a computer program product is also provided, which includes a computer program executable by a programmable device, the computer program having code portions for performing the above-described robot authentication method applied to a VPN POP when executed by the programmable device.
In another exemplary embodiment, a computer program product is also provided, which comprises a computer program executable by a programmable apparatus, the computer program having code portions for performing the above-described robot authentication method applied to a robot when executed by the programmable apparatus.
The preferred embodiments of the present disclosure are described in detail above with reference to the accompanying drawings, however, the present disclosure is not limited to the specific details in the above embodiments, and various simple modifications may be made to the technical solution of the present disclosure within the technical idea of the present disclosure, and these simple modifications all belong to the protection scope of the present disclosure.
It should be noted that, in the foregoing embodiments, various features described in the above embodiments may be combined in any suitable manner, and in order to avoid unnecessary repetition, various combinations that are possible in the present disclosure are not described again.
In addition, any combination of various embodiments of the present disclosure may be made, and the same should be considered as the disclosure of the present disclosure as long as it does not depart from the gist of the present disclosure.
Claims (12)
1. A robot authentication system is characterized by comprising a plurality of virtual private network service access points (VPN POPs), wherein each VPN POP has a robot authentication authority granted by a robot authentication center and can acquire a block chain account book in a block chain network, the block chain account book comprises registered information of a registered robot, and the registered information comprises a block chain address of the robot and an identification code corresponding to the block chain address;
any VPN POP is used for receiving an authentication request of a target robot, wherein the authentication request comprises first verification information and verification parameters, a target identification code of the target robot is obtained from a block chain account book according to a target block chain address in the verification parameters, and second verification information is obtained through calculation according to the verification parameters and the target identification code;
the target block chain address is the block chain address of the target robot, the first verification information is obtained by calculation of the target robot based on the verification parameters and the target identification code, and the target robot passes authentication of the VPN POP under the condition that the first verification information is the same as the second verification information.
2. The robotic authentication system of claim 1, wherein the verification parameters include: a blockchain address of the target robot, a timestamp, and a random number generated by the target robot;
and the target robot is used for calculating the first verification information by using the HMAC-SHA256 algorithm and using the target identification code as a key and the verification parameters as calculated data.
3. The robotic authentication system as claimed in claim 1, wherein the VPN POP is further configured to:
under the condition that the target robot passes the authentication of the robot authentication center, sending an access token to the target robot and the robot authentication center so that the robot authentication center sends the access token to an interaction end corresponding to the target robot;
wherein the access token is used for the interaction terminal to verify the interaction request of the target robot.
4. A robot authentication system according to claim 1, wherein the blockchain ledger further includes registration information of a registered VPN POP, the registration information including a blockchain address of the VPN POP and a public key of the VPN POP, the robot authentication system further comprising:
the system comprises a robot authentication center, a network management center and a network management center, wherein the robot authentication center can acquire a block chain account book in a block chain network, and is used for determining whether a target VPN POP is registered or not based on registration information in the block chain account book when receiving an authentication request of the target VPN POP and performing bidirectional authentication with the target VPN POP under the condition that the target VPN POP is registered; under the condition that the bidirectional authentication is successful, the target VPN POP has the robot authentication authority;
the target VPN POP is also used for sending authentication abnormal information to the target robot if the fact that the target VPN POP is not successfully authenticated with the robot authentication center in a two-way mode is determined when the authentication request of the target robot is received;
and the target robot is further used for sending an authentication request to any VPN POP in the plurality of VPN POPs after receiving the authentication abnormal information.
5. The robot authentication system according to claim 1, further comprising:
the first authentication management terminal is a blockchain node with a robot registration authority and is used for writing registration information in a registration request into the blockchain account book when the robot registration request is received; sending starting node information of the blockchain network to the robot, wherein the registration information comprises a blockchain address and an identification code of the robot;
and the robot is used for storing the starting node information and accessing to the block chain network based on the starting node information.
6. The robot authentication system according to claim 1, further comprising:
the second authentication management terminal is a blockchain node with a robot registration authority and is used for generating a private key, a public key, a blockchain address, identification information and an identification code corresponding to the robot when a registration request of the robot is received; writing the public key, the block chain address and the identification code into a block chain account book as registration information of the robot; sending starting node information, the identification information and the private key of the block chain network to the robot;
the robot is used for storing the private key, the identification information and the starting node information, accessing the block chain network based on the starting node information, and acquiring a block chain address and an identification code of the robot from a block chain account book based on the identification information.
7. The robot authentication system according to claim 1, further comprising:
and the third authentication management terminal is a block chain node with a robot logout authority and is used for determining a robot to be logout according to a robot identifier in a logout request and updating the registration information of the robot to be logout in the block chain book to be a logout state when the robot logout request is received.
8. The robot authentication system according to claim 1, further comprising:
the fourth authentication management terminal is a block link point with a registration authority of the robot authentication center, and is used for writing registration information in a registration request into the block link book when the registration request of the robot authentication center is received, wherein the registration information comprises a block link address and a public key of the robot authentication center; and/or the presence of a gas in the gas,
and the fifth authentication management terminal is a block chain node with VPN POP registration authority and is used for writing registration information in the registration request into the block chain account book when receiving the registration request of the VPN POP, wherein the registration information comprises a block chain address and a public key of the VPN POP.
9. A robot authentication method is used for a VPN POP (virtual private network) which has a robot authentication authority granted by a robot authentication center and can acquire a block chain ledger in a block chain network, wherein the block chain ledger comprises registered information of a registered robot, and the registered information comprises a block chain address of the robot and an identification code corresponding to the block chain address, and the method comprises the following steps:
receiving an authentication request of a target robot, wherein the authentication request comprises first verification information and verification parameters;
acquiring a target identification code of the target robot from a block chain book according to a target block chain address in the verification parameters, wherein the target block chain address is the block chain address of the target robot;
calculating to obtain second verification information according to the verification parameters and the target identification codes;
determining that the target robot is authenticated in the case that the first verification information is the same as the second verification information;
wherein the first verification information is calculated by the target robot based on the verification parameters and the target identification code.
10. The method of claim 9, wherein the verification parameters include a blockchain address of the target robot, a timestamp, and a random number generated by the target robot, and wherein calculating the second verification information based on the verification parameters and the target identification code comprises:
and taking the target identification code as a key, taking the verification parameter as calculated data, and calculating by using an HMAC-SHA256 algorithm to obtain the second verification information.
11. The method of claim 9, wherein the VPN POP obtains the robot authentication rights by:
sending an identity authentication request to a robot authentication center; the block chain network comprises a robot authentication center, the robot authentication center can acquire a block chain account book in the block chain network, the block chain account book comprises registration information of a registered VPN POP, the network authentication request comprises registration verification information of the VPN POP, and the registration verification information is used for determining whether the VPN POP is registered or not by the robot authentication center and initiating a bidirectional authentication process with the VPN POP under the condition that the VPN POP is registered;
under the condition that the robot authentication center initiates a bidirectional authentication process, performing bidirectional authentication with the robot authentication center;
and under the condition that the VPN POP and the robot authentication center perform bidirectional authentication successfully, the VPN POP obtains the robot authentication authority.
12. A robot authentication method for a target robot, the method comprising:
acquiring verification parameters and a target identification code of the target robot, wherein the verification parameters comprise a block chain address of the target robot;
calculating to obtain first verification information according to the verification parameters and the target identification codes;
sending an authentication request comprising the first verification information and the verification parameters to any VPN POP in a block chain network;
any VPN POP has a robot authentication authority granted by a robot authentication center and can acquire a block chain account book in a block chain network, wherein the block chain account book comprises registered information of a registered robot, and the registered information comprises a block chain address of the robot and an identification code corresponding to the block chain address; and the VPN POP acquires a target identification code of the target robot from a block chain book based on a target block chain address in the verification parameters, calculates to obtain second verification information according to the verification parameters and the target identification code, and the target robot passes the authentication of the VPN POP under the condition that the first verification information is the same as the second verification information.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110729418.6A CN115225428B (en) | 2021-06-29 | 2021-06-29 | Robot authentication system and method |
| PCT/CN2021/143775 WO2023273277A1 (en) | 2021-06-29 | 2021-12-31 | Robot authentication system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110729418.6A CN115225428B (en) | 2021-06-29 | 2021-06-29 | Robot authentication system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115225428A true CN115225428A (en) | 2022-10-21 |
| CN115225428B CN115225428B (en) | 2023-10-13 |
Family
ID=83606674
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110729418.6A Active CN115225428B (en) | 2021-06-29 | 2021-06-29 | Robot authentication system and method |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN115225428B (en) |
| WO (1) | WO2023273277A1 (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108702622A (en) * | 2017-11-30 | 2018-10-23 | 深圳前海达闼云端智能科技有限公司 | Mobile network's access authentication method, device, storage medium and block chain node |
| CN110519062A (en) * | 2019-09-19 | 2019-11-29 | 腾讯科技(深圳)有限公司 | Identity identifying method, Verification System and storage medium based on block chain |
| US20200259652A1 (en) * | 2019-02-08 | 2020-08-13 | Microsoft Technology Licensing, Llc | System and method for hardening security between web services using protected forwarded access tokens |
| CN111859348A (en) * | 2020-07-31 | 2020-10-30 | 上海微位网络科技有限公司 | Identity authentication method and device based on user identification module and block chain technology |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109450877B (en) * | 2018-10-25 | 2021-05-25 | 北京九州云腾科技有限公司 | Block chain-based distributed IDaaS identity unified authentication system |
| CN111835520B (en) * | 2019-04-19 | 2023-04-07 | 株式会社理光 | Method for device authentication, method for service access control, device and storage medium |
| KR102196478B1 (en) * | 2019-10-04 | 2020-12-30 | 주식회사 레인보우브레인 | Method and system for providing verification services of result of artificial intelligence robot automation software execution based on blockchain |
| CN112528270A (en) * | 2020-12-09 | 2021-03-19 | 苏州市星际云通区块链科技有限公司 | Block chain management method and device, electronic equipment and readable storage medium |
-
2021
- 2021-06-29 CN CN202110729418.6A patent/CN115225428B/en active Active
- 2021-12-31 WO PCT/CN2021/143775 patent/WO2023273277A1/en unknown
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108702622A (en) * | 2017-11-30 | 2018-10-23 | 深圳前海达闼云端智能科技有限公司 | Mobile network's access authentication method, device, storage medium and block chain node |
| US20200259652A1 (en) * | 2019-02-08 | 2020-08-13 | Microsoft Technology Licensing, Llc | System and method for hardening security between web services using protected forwarded access tokens |
| CN110519062A (en) * | 2019-09-19 | 2019-11-29 | 腾讯科技(深圳)有限公司 | Identity identifying method, Verification System and storage medium based on block chain |
| CN111859348A (en) * | 2020-07-31 | 2020-10-30 | 上海微位网络科技有限公司 | Identity authentication method and device based on user identification module and block chain technology |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2023273277A1 (en) | 2023-01-05 |
| CN115225428B (en) | 2023-10-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9686076B2 (en) | Apparatus and methods for storing electronic access clients | |
| EP2255507B1 (en) | A system and method for securely issuing subscription credentials to communication devices | |
| US8516133B2 (en) | Method and system for mobile device credentialing | |
| US7640430B2 (en) | System and method for achieving machine authentication without maintaining additional credentials | |
| EP3425842B1 (en) | Communication system and communication method for certificate generation | |
| US20200235921A1 (en) | Method and system for recovering cryptographic keys of a blockchain network | |
| WO2020071164A1 (en) | Information communication apparatus, authentication program for information communication apparatus, and authentication method | |
| KR102553145B1 (en) | A secure element for processing and authenticating a digital key and operation metho thereof | |
| CN105430649B (en) | WIFI cut-in method and equipment | |
| CN111431840A (en) | Security processing method and device | |
| CN108352982B (en) | Communication device, communication method, and recording medium | |
| CN112261103A (en) | Node access method and related equipment | |
| CN112188439A (en) | Access authentication system of V2X equipment in Internet of vehicles | |
| KR101996317B1 (en) | Block chain based user authentication system using authentication variable and method thereof | |
| CN115250192A (en) | Robot network authentication system and method | |
| CN115225428B (en) | Robot authentication system and method | |
| CN111092734B (en) | Product activation authentication method based on ad hoc network communication | |
| KR102145529B1 (en) | Payment method using mobile application and device for the same | |
| CN115242418A (en) | Robot authentication system and method | |
| CN113206817B (en) | Equipment connection confirmation method and block chain network | |
| US20220407843A1 (en) | Communication system and communication method | |
| JP2017108239A (en) | Communication system, terminal device, communication device, communication method, and program | |
| KR20190133652A (en) | Payment method using mobile application and device for the same | |
| JP6495157B2 (en) | Communication system and communication method | |
| JP2023171061A (en) | Authentication device, communication system, certificate issuance method, and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |