CN115225428B - Robot authentication system and method - Google Patents

Robot authentication system and method Download PDF

Info

Publication number
CN115225428B
CN115225428B CN202110729418.6A CN202110729418A CN115225428B CN 115225428 B CN115225428 B CN 115225428B CN 202110729418 A CN202110729418 A CN 202110729418A CN 115225428 B CN115225428 B CN 115225428B
Authority
CN
China
Prior art keywords
robot
authentication
target
vpn
pop
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110729418.6A
Other languages
Chinese (zh)
Other versions
CN115225428A (en
Inventor
请求不公布姓名
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cloudminds Shanghai Robotics Co Ltd
Original Assignee
Cloudminds Shanghai Robotics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cloudminds Shanghai Robotics Co Ltd filed Critical Cloudminds Shanghai Robotics Co Ltd
Priority to CN202110729418.6A priority Critical patent/CN115225428B/en
Priority to PCT/CN2021/143775 priority patent/WO2023273277A1/en
Publication of CN115225428A publication Critical patent/CN115225428A/en
Application granted granted Critical
Publication of CN115225428B publication Critical patent/CN115225428B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The system comprises a plurality of VPN POPs, wherein each VPN POP is provided with a robot authentication authority granted by a robot authentication center, and can acquire a blockchain account book in a blockchain network, and the blockchain account book comprises registration information of registered robots; any VPN POP is used for receiving an authentication request of a target robot, wherein the authentication request comprises first authentication information and authentication parameters, a target identification code of the target robot is obtained from a blockchain account book according to a target blockchain address in the authentication parameters, and second authentication information is obtained through calculation according to the authentication parameters and the target identification code; the target blockchain address is the blockchain address of the target robot, the first verification information is obtained by calculating the target robot based on the verification parameter and the target identification code, and the target robot passes the authentication of the VPN POP under the condition that the first verification information is the same as the second verification information.

Description

Robot authentication system and method
Technical Field
The disclosure relates to the technical field of robots, in particular to a robot authentication system and a method.
Background
Currently, robots have been increasingly used in various industries. Moreover, with the development of artificial intelligence technology, the capability of the robot is also stronger and stronger, and the damage caused by illegal invasion of the robot is also gradually stronger.
In order to improve the safety, the management and control of the robot can be performed after the robot passes the authentication. For example, in the related art, a robot account number and a password may be preset in the robot, so that the robot may be authenticated to a robot authentication center through the robot account number and the password. However, such an approach still faces security risks while also increasing the burden on the robot authentication center.
Disclosure of Invention
An object of the present disclosure is to provide a robot authentication system and method to solve the above-mentioned related technical problems.
To achieve the above object, according to a first aspect of embodiments of the present disclosure, there is provided a robot authentication system including a plurality of VPN POPs (Virtual Private Network Point Of Presence, virtual private network service access points), each of which has a robot authentication authority granted by a robot authentication center and is capable of acquiring a blockchain ledger in a blockchain network, the blockchain ledger including registration information of registered robots, the registration information including blockchain addresses of the robots and identification codes corresponding to the blockchain addresses;
Any VPN POP is used for receiving an authentication request of a target robot, wherein the authentication request comprises first authentication information and authentication parameters, a target identification code of the target robot is obtained from a blockchain account book according to a target blockchain address in the authentication parameters, and second authentication information is obtained through calculation according to the authentication parameters and the target identification code;
the target blockchain address is the blockchain address of the target robot, the first verification information is calculated by the target robot based on the verification parameter and the target identification code, and the target robot passes the authentication of the VPN POP under the condition that the first verification information is the same as the second verification information.
Optionally, the verification parameters include: the blockchain address of the target robot, the timestamp and the random number generated by the target robot;
the target robot is used for taking the target identification code as a secret key, taking the verification parameter as calculated data, and calculating to obtain the first verification information through an HMAC-SHA256 algorithm.
Optionally, the VPN POP is further configured to:
sending an access token to the target robot and the robot authentication center under the condition that the target robot passes the authentication of the robot authentication center, so that the robot authentication center sends the access token to an interaction end corresponding to the target robot;
The access token is used for verifying the interaction request of the target robot by the interaction end.
Optionally, the blockchain ledger further includes registration information of the registered VPN POP, where the registration information includes a blockchain address of the VPN POP and a public key of the VPN POP, and the robot authentication system further includes:
the system comprises a robot authentication center, a target VPN POP and a target VPN POP, wherein the robot authentication center can acquire a blockchain account book in a blockchain network, and is used for determining whether the target VPN POP is registered or not based on registration information in the blockchain account book when an authentication request of the target VPN POP is received, and performing bidirectional authentication with the target VPN POP under the condition that the target VPN POP is registered; under the condition that the bidirectional authentication is successful, the target VPN POP has the robot authentication authority;
the target VPN POP is also used for sending authentication abnormal information to the target robot if the target VPN POP is determined not to be successfully authenticated with the robot authentication center in a bidirectional manner when the authentication request of the target robot is received;
the target robot is further configured to send an authentication request to any VPN POP of the plurality of VPN POPs after receiving the authentication anomaly information.
Optionally, the method further comprises:
the first authentication management end is a blockchain node with the registration authority of the robot and is used for writing registration information in a registration request into the blockchain account book when the registration request of the robot is received; transmitting start node information of the blockchain network to the robot, wherein the registration information comprises a blockchain address and an identification code of the robot;
the robot is used for storing the starting node information and accessing to the blockchain network based on the starting node information.
Optionally, the method further comprises:
the second authentication management end is a blockchain node with the registration authority of the robot and is used for generating a private key, a public key, a blockchain address, identification information and an identification code corresponding to the robot when a registration request of the robot is received; writing the public key, the blockchain address and the identification code into a blockchain account book as registration information of the robot; transmitting starting node information of the blockchain network, the identification information and the private key to the robot;
The robot is used for storing the private key, the identification information and the starting node information, accessing to the blockchain network based on the starting node information, and acquiring the blockchain address and the identification code of the robot from a blockchain account book based on the identification information.
Optionally, the method further comprises:
the third authentication management end is a blockchain node with the robot cancellation authority and is used for determining the robot to be cancelled according to the robot identification in the cancellation request when the robot cancellation request is received, and updating the registration information of the robot to be cancelled in the blockchain ledger to be cancelled.
Optionally, the method further comprises:
the system comprises a fourth authentication management end, a first authentication management end and a second authentication management end, wherein the fourth authentication management end is a blockchain node with the registration authority of a robot authentication center and is used for writing registration information in a registration request into a blockchain account book when the registration request of the robot authentication center is received, and the registration information comprises a blockchain address and a public key of the robot authentication center; and/or the number of the groups of groups,
the fifth authentication management end is a blockchain node with VPN POP registration authority and is used for writing registration information in a registration request into the blockchain account book when the registration request of the VPN POP is received, wherein the registration information comprises a blockchain address and a public key of the VPN POP.
According to a second aspect of the embodiments of the present disclosure, there is provided a robot authentication method for a VPN POP that has a robot authentication authority granted by a robot authentication center and is capable of acquiring a blockchain ledger in a blockchain network, the blockchain ledger including registration information of a registered robot, the registration information including a blockchain address of the robot and an identification code corresponding to the blockchain address, the method comprising:
receiving an authentication request of a target robot, wherein the authentication request comprises first verification information and verification parameters;
acquiring a target identification code of the target robot from a blockchain ledger according to a target blockchain address in the verification parameter, wherein the target blockchain address is the blockchain address of the target robot;
calculating to obtain second verification information according to the verification parameters and the target identification code;
determining that the target robot passes authentication under the condition that the first authentication information is the same as the second authentication information;
the first verification information is calculated by the target robot based on the verification parameters and the target identification code.
Optionally, the verification parameter includes a blockchain address of the target robot, a timestamp, and a random number generated by the target robot, and the calculating according to the verification parameter and the target identification code obtains second verification information includes:
and taking the target identification code as a secret key, taking the verification parameter as calculated data, and calculating to obtain the second verification information through an HMAC-SHA256 algorithm.
Optionally, the VPN POP obtains the robot authentication authority by:
an identity authentication request is sent to a robot authentication center; the system comprises a block chain network, a network authentication request and a VPN POP, wherein the block chain network comprises a robot authentication center, the robot authentication center can acquire a block chain account book in the block chain network, the block chain account book comprises registration information of a registered VPN POP, the network authentication request comprises registration verification information of the VPN POP, the registration verification information is used for the robot authentication center to determine whether the VPN POP is registered or not, and a bidirectional authentication flow between the robot authentication center and the VPN POP is initiated under the condition that the VPN POP is registered;
under the condition that the robot authentication center initiates a bidirectional authentication flow, performing bidirectional authentication with the robot authentication center;
Under the condition that the VPN POP and the robot authentication center are successfully authenticated in a two-way mode, the VPN POP obtains the robot authentication authority.
According to a third aspect of embodiments of the present disclosure, there is provided a robot authentication method for a target robot, the method including:
acquiring verification parameters and a target identification code of the target robot, wherein the verification parameters comprise a blockchain address of the target robot;
calculating to obtain first verification information according to the verification parameters and the target identification code;
transmitting an authentication request including the first authentication information and the authentication parameter to any VPN POP in a blockchain network;
any VPN POP has a robot authentication authority granted by a robot authentication center and can acquire a blockchain account book in a blockchain network, wherein the blockchain account book comprises registered information of a registered robot, and the registered information comprises a blockchain address of the robot and an identification code corresponding to the blockchain address; the VPN POP acquires a target identification code of the target robot from a blockchain account book based on a target blockchain address in the verification parameters, calculates second verification information according to the verification parameters and the target identification code, and the target robot passes the authentication of the VPN POP under the condition that the first verification information is identical to the second verification information.
According to the technical scheme, the plurality of VPN POPs are arranged in the blockchain network, and each VPN POP has the robot authentication authority granted by the robot authentication center. Thus, any VPN POP can perform network authentication on registered robots, so that performance bottleneck problems and safety risks faced by a single robot authentication center when performing robot authentication are avoided.
Further, since the registration information of the robot is stored in the blockchain ledger, maintenance and management can be performed by the blockchain system, and therefore the robot authentication center does not need to maintain the registration information of the robot any more. By adopting the mode, the complexity of the robot authentication center can be reduced, and the reliability of the robot authentication center can be improved.
Additional features and advantages of the present disclosure will be set forth in the detailed description which follows.
Drawings
The accompanying drawings are included to provide a further understanding of the disclosure, and are incorporated in and constitute a part of this specification, illustrate the disclosure and together with the description serve to explain, but do not limit the disclosure. In the drawings:
fig. 1 is a schematic diagram of a scenario of robot authentication according to an exemplary embodiment of the present disclosure.
Fig. 2 is a schematic diagram of a robotic authentication system according to an exemplary embodiment of the present disclosure.
Fig. 3 is a schematic diagram of a robotic authentication system according to an exemplary embodiment of the present disclosure.
Fig. 4 is a flowchart of a robot authentication method according to an exemplary embodiment of the present disclosure.
Fig. 5 is a flowchart of a robot authentication method according to an exemplary embodiment of the present disclosure.
Detailed Description
Specific embodiments of the present disclosure are described in detail below with reference to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating and illustrating the disclosure, are not intended to limit the disclosure.
Before describing the system and method for authenticating a robot of the present disclosure, an application scenario of the present disclosure is first described, and embodiments provided by the present disclosure may be used in an authentication scenario of a robot, for example.
In order to improve the safety of the robot, the management and control of the robot must be performed after the robot passes the authentication. In the related art, a robot account number and a password may be preset in the robot, so that the robot may be authenticated through the robot account number and the password to a robot authentication center.
In some implementations, it is also possible to preset symmetric keys in the robots (the symmetric keys in each robot are different) and save the preset symmetric keys of the robots within their management range in the robot authentication center. In this way, the robot can be authenticated in a manner similar to mobile network access authentication.
However, in this way, the robot needs to locally store the robot account information or the symmetric key, and there is a risk of disclosure. To improve security, account information needs to be changed periodically. Also, the robot authentication center is a centralized component that manages, stores, and maintains account and password information of all robots, which may be counterfeited once the robot authentication center is out of control. Meanwhile, when the robot authentication center stops serving for related reasons (natural disasters, power failure and the like), the phenomenon that the robot cannot be authenticated may occur, and service availability is further affected. In addition, since all robot authentications are performed in the robot authentication center, the complexity of the robot authentication center is high. In addition, in the case of a large number of robots, performance bottlenecks may also occur in the robot authentication center.
To this end, the present disclosure provides a robot authentication system including a plurality of virtual private network service access points VPN POPs, each of which has a robot authentication authority granted by a robot authentication center. Wherein the robot authentication center may be set as a node in a blockchain network, for example. Referring to a schematic diagram of a scenario of robot authentication shown in fig. 1, the number of VPN POPs may be 3, and each VPN POP may be used as a node in a blockchain network, so as to interact with other blockchain nodes in the blockchain network (illustrated by blockchain node 1 in the figure).
With such a setting, the VPN POP can acquire the blockchain ledger in the blockchain network including the registered information of the registered robot. Here, the registration information may include, for example, a blockchain address of the robot and an identification code corresponding to the blockchain address. The identification code may be a PIN (Personal Identification Number, personal identification code) code corresponding to each robot, and keeps the identification code different from robot to robot.
For example, the robot may generate a public key, a private key, and an identification code, and generate a blockchain address based on the public key. In this way, the robot can register based on the blockchain address and the identification code. After registration is successful, the blockchain address and identification code of the robot are written into a blockchain ledger.
In some implementations, the registration information of the robot may also include information about the robot, such as a robot type, a public key, a robot ID (Identity document, identity), etc., which is not limited by the present disclosure.
Referring to fig. 1, any VPN POP is configured to receive an authentication request of a target robot, where the authentication request includes first verification information and verification parameters, obtain, according to a target blockchain address in the verification parameters, a target identification code of the target robot from a blockchain ledger, and calculate, according to the verification parameters and the target identification code, second verification information;
the target blockchain address is the blockchain address of the target robot, and the first verification information is calculated by the target robot based on the verification parameter and the target identification code. For example, in some implementations, the verification parameters may include: a target blockchain address, a timestamp, and a random number generated by the target robot;
the target robot is used for taking the target identification code as a secret key, taking the verification parameter as calculated data, and calculating to obtain the first verification information through an HMAC-SHA256 algorithm.
Specifically, the target robot may obtain its own target blockchain address robot-did, identification code pin-code, and local timestamp (e.g., a timestamp that may be 0 minutes 0 seconds relative to 1 month 1 day 0 in 1970, 8 bytes long, in milliseconds, gmt+00:00 time), and generate a random number random (e.g., 32 bytes).
After obtaining the above information, the target robot may calculate, based on the HMAC-SHA256 algorithm, a HMAC result mac1 (32 bytes) as the first authentication information with pin-code as a key of HMAC and random time robot-did as calculated data. Wherein "|" represents stitching.
In this way, the target robot can send an authentication request to the VPN POP, the authentication request including the first verification information mac1, the target blockchain address robot-fid, the random number random, and the timestamp. Of course, in some scenarios, the robot may splice mac1, random, timestamp, robot-id to get OTP (One Time Password, one-time password). In this case, the authentication request includes the OTP.
After receiving the authentication request of the target robot, the VPN POP can parse and obtain the target blockchain address robot-did, the random number random and the timestamp. And acquiring the target identification code of the target robot from the blockchain ledger based on the target blockchain address. Thus, the VPN POP may also calculate, based on the HMAC-SHA256 algorithm, an HMAC result mac2 as the second verification information with the obtained pin-code as the key of HMAC and random time robot-did as the calculated data.
By comparing the first verification information with the second verification information, the VPN POP can authenticate the target robot. For example, in the case where the first authentication information is the same as the second authentication information, the target robot passes authentication of the VPN POP. In the case where the first authentication information is different from the second authentication information, authentication is not passed.
It should be noted that, the above embodiment exemplifies the robot authentication process of the present disclosure taking the verification parameter as the target blockchain address, the timestamp, and the random number generated by the target robot as an example. Those skilled in the art will appreciate that the parameters described above may be adapted accordingly (e.g., to add relevant robotic information) when implemented. Meanwhile, the one-way hash function used in HMAC may not be limited to the above example, and a related high-intensity one-way hash function (e.g., SHA-1) may also be used for HMAC, which is not limited by the present disclosure.
According to the technical scheme, the plurality of VPN POPs are arranged in the blockchain network, and each VPN POP has the robot authentication authority granted by the robot authentication center. Thus, any VPN POP can perform network authentication on registered robots, so that performance bottleneck problems and security risks caused by centralization of a single robot authentication center during robot authentication are avoided.
Further, since the registration information of the robot is stored in the blockchain ledger, maintenance and management can be performed by the blockchain system, and therefore the robot authentication center does not need to maintain the registration information of the robot any more. By adopting the mode, the complexity of the robot authentication center can be reduced, and the reliability of the robot authentication center can be improved.
In one possible implementation, the VPN POP is further configured to:
and under the condition that the target robot passes the authentication of the robot authentication center, sending an access token (access-token) to the target robot and the robot authentication center so that the robot authentication center sends the access token to an interaction end corresponding to the target robot.
The robot authentication center can be a system component of a service side, and can further send the access token to the interaction end corresponding to the target robot by sending the access token to the robot authentication center. The interactive end may be, for example, a robot management system, a business system, etc. involved in the target robot. The access token is used for verifying the interaction request of the target robot by the interaction end.
In some implementations, the access token may also correspond to an identity (e.g., a serial number ID) of the robot. In this case, the VPN POP may also send the identity of the target robot and the corresponding access token to the robot authentication center if the target robot passes the authentication. Correspondingly, the robot authentication center can send the identity of the target robot and the corresponding access token to the interaction end corresponding to the target robot.
In some implementations, the access token may also include a corresponding expiration date, such as 1 hour, 1 day, etc. And in the validity period of the access token, the target robot can interact with the robot interaction end through the access token. After the access token is effectively expired, the target robot needs to authenticate with the VPN POP again according to the flow.
In this way, the authenticated robot can be managed, which contributes to the improvement of the safety of the robot.
Fig. 2 is a schematic diagram of a robot authentication system shown in the present disclosure, in some implementations, the blockchain ledger further includes registration information of a registered VPN POP, where the registration information includes a blockchain address of the VPN POP and a public key of the VPN POP, and the robot authentication system further includes:
The system comprises a robot authentication center, a target VPN POP and a target VPN POP, wherein the robot authentication center can acquire a blockchain account book in a blockchain network, and is used for determining whether the target VPN POP is registered or not based on registration information in the blockchain account book when an authentication request of the target VPN POP is received, and performing bidirectional authentication with the target VPN POP under the condition that the target VPN POP is registered; under the condition that the bidirectional authentication is successful, the target VPN POP has the robot authentication authority.
For example, the target VPN POP may send a network authentication request to the robot authentication center, which may include, for example, the second blockchain address of the target VPN POP and the second random number a. In this way, the robot authentication center may query the blockchain ledger for the second blockchain address. In the case that the robot authentication center does not query the second blockchain address, it may be determined that the target VPN POP is unregistered, so that the authentication flow may be terminated. Under the condition that the robot authentication center inquires the second blockchain address, the target VPN POP can be determined to be registered, and then a bidirectional authentication flow can be initiated.
The flow of the mutual authentication is exemplarily described below. For example, the robot authentication center may send the first random number B and the first blockchain address of the robot authentication center to the target VPN POP.
The target VPN POP can receive the first random number B and the first blockchain address, SIGN the first random number B based on a private key of the target VPN POP to obtain a signature result SIGN (A), and send the SIGN (A) to the robot authentication center.
The robot authentication center may obtain the public key PK (a) of the target VPN POP by querying a blockchain ledger based on the second blockchain address, and perform decryption verification on the SIGN (a) by using the public key PK (a). When the decryption fails and/or the decryption result is not the first random number B, authentication fails and the authentication flow is terminated. And when the decryption is successful and the decryption result is the first random number B, the authentication is successful. In this way, the robot authentication center may SIGN the second random number a based on its own private key to obtain SIGN (B), and send the SIGN (B) to the target VPN POP, so that the target VPN POP authenticates the robot authentication center.
Accordingly, the target VPN POP may obtain the public key PK (B) of the robot authentication center by querying a blockchain ledger based on the first blockchain address, and perform decryption verification on SIGN (B) by using the public key PK (B). And when the decryption is successful and the decryption result is the second random number A, the authentication is successful. When the decryption fails and/or the decryption result is not the second random number a, the authentication fails.
In the technical scheme, the robot can be authenticated through the VPN POP authenticated by the robot authentication center, so that the safety of the robot authentication system can be improved.
The above embodiments exemplarily illustrate a bidirectional authentication flow between the target VPN POP and the robot authentication center of the present disclosure. However, those skilled in the art should understand that, in the specific implementation, there may be multiple ways of performing the mutual authentication through the asymmetric cryptographic mechanism (for example, the mutual authentication manner may have corresponding variations under different communication standards), and this disclosure is not repeated herein for brevity of description.
In the above example, the target VPN POP is further configured to, when receiving an authentication request of a target robot, send authentication anomaly information to the target robot if it is determined that the target VPN POP is not successfully authenticated with the robot authentication center in a bidirectional manner;
the target robot is further configured to send an authentication request to any VPN POP of the plurality of VPN POPs after receiving the authentication anomaly information.
By the method, the problem that the robot cannot access the VPN network due to the fact that a certain VPN POP stops service can be solved, and usability of the system is improved.
In addition, it should be noted that the robot information, the robot authentication center information, and the VPN POP information recorded in the blockchain ledger are important data for access authentication. Thus, in some implementations, the addition modification process for the robot, the robot authentication center, may also be provided with the associated rights control policies.
For example, in one possible implementation, the rights control may be based on a chain of permissions. In the license chain, it may be restricted whether different blockchain accounts have write and modify rights for certain data. For example, data write permissions and data modification permissions may be configured for blockchain accounts in OSS (Business Support System ) and/or BSS (Operation Support System, operational support system), and data read permissions may be set for blockchain accounts involved in robots, VPN POP, robot authentication centers.
In some possible embodiments, the related data of the robot and the robot authentication center may also be managed based on the formulated smart contracts. For example, a corresponding smart contract may be written, through which storage of information is achieved. The smart contracts may provide interfaces for registration, modification, deregistration, querying, and the like. The method comprises the steps of distributing calling authorities of interfaces such as registration, modification, cancellation, inquiry and the like to blockchain accounts corresponding to an OSS/BSS, and setting calling authorities of inquiry interfaces of the blockchain accounts corresponding to a robot, a VPN POP and a robot authentication center.
Thus, in some implementations, the system may further include a first authentication manager. Referring to the schematic diagram of a scenario of robot authentication shown in fig. 3, the first authentication management end is a blockchain node with a robot registration authority, which may correspond to a related account of OSS/BSS.
The first authentication management end is used for writing registration information in a registration request into the blockchain ledger when the registration request of the robot is received; transmitting start node information of the blockchain network to the robot, wherein the registration information comprises a blockchain address and an identification code of the robot;
the robot is used for storing the starting node information and accessing to the blockchain network based on the starting node information.
For example, the robot may generate a public key, a private key, and an identification code, and generate a blockchain address with the public key. In this way, the robot may send a registration request including the blockchain address and the identification code to the first authentication manager.
After receiving the registration request, the first authentication management end can write the blockchain address and the identification code of the robot into a blockchain account book in a manner of sending a transaction to the blockchain network, so that registration is completed.
Of course, in some embodiments, the registration information of the robot may also include the type, number, public key, etc. of the robot. After receiving the registration request, the first authentication management end may also verify the relevant information of the robot, which is not limited in this disclosure.
In addition, the first authentication management end can also send the starting node information of the blockchain network to the robot. Correspondingly, the robot can be used for storing the starting node information and accessing to the blockchain network based on the starting node information.
For example, the robot may connect to the blockchain network by way of a blockchain connection protocol, a light node protocol, or an RPC, based on the recorded startup node information. In this way, after connecting to the blockchain network, the robot can send an authentication request to any VPN POP in the blockchain network to perform authentication.
By adopting the technical scheme, the registration process of the robot can be managed by setting the first authentication management end, and the writing authority of the robot information is controlled.
In some implementations, the system further includes a second authentication manager, which is a blockchain node with robot registration authority that may correspond to an associated account of the OSS/BSS.
The second authentication management end is used for generating a private key, a public key, a blockchain address, identification information and an identification code corresponding to the robot when receiving a registration request of the robot; writing the public key, the blockchain address and the identification code into a blockchain account book as registration information of the robot; transmitting starting node information of the blockchain network, the identification information and the private key to the robot;
the robot is used for storing the private key, the identification information and the starting node information, accessing to the blockchain network based on the starting node information, and acquiring the blockchain address and the identification code of the robot from a blockchain account book based on the identification information.
In this way, the public key, blockchain address, identification information, and identification code of the robot are generated by the relevant nodes of the OSS/BSS and saved onto the chain. And the robot acquires the block chain address and the identification code of the robot from the chain during each authentication, so as to perform authentication.
That is, the authentication process of the robot does not require account passwords, and related information (blockchain address, identification code, etc.) involved in the authentication process is not maintained locally at the robot. Therefore, the technical scheme avoids the risk of disclosure of the account number of the robot and also reduces the risk of counterfeit robots.
In some implementations, the system can further include a third authentication manager. The third authentication management end is a blockchain node with the robot cancellation authority, and the blockchain node can correspond to a related account of the OSS/BSS.
The third authentication management end is used for determining the robot to be logged off according to the robot identifier in the logging off request when the robot logging off request is received, and updating the registration information of the robot to be logged off in the blockchain ledger to be in a failure state.
Here, the robot logoff request may be sent by the relevant robot manager or may be sent by the robot. In some embodiments, the robot logoff request may also be automatically generated by the third authentication manager based on a preset rule. For example, at the time of robot registration, a corresponding valid time interval may be set for each robot, and a robot logout request is automatically generated after the valid time interval is exceeded. The robot identifier in the robot cancellation request may be, for example, a robot number or the like that can distinguish between robots, which is not limited by the present disclosure.
Thus, when the third authentication management end receives the robot logout request, the robot to be logged out can be determined according to the robot identification in the logout request. The third authentication management end can update the registration information of the robot to be logged off in the blockchain ledger to be in a failure state by sending a transaction to a blocknetwork. Since the registration information is updated to the failure state, the robot to be logged off can no longer pass the authentication of the VPN POP.
In this way, the registered robot can be managed based on the third authentication management terminal, and the logout authority of the robot information can be controlled.
In one possible implementation, the system further includes a fourth authentication manager, which is a blockchain node with registration authority of the robot authentication center, and may correspond to an account related to the OSS/BSS.
The fourth authentication management end is used for writing registration information in a registration request into the blockchain account book when the registration request of the robot authentication center is received, wherein the registration information comprises a blockchain address and a public key of the robot authentication center.
For example, the robot authentication center may generate a public key and a private key and generate a blockchain address with the public key. In this way, the robot authentication center may send a registration request including the blockchain address and the public key to the fourth authentication manager.
After receiving the registration request, the fourth authentication management end can write the blockchain address and the public key of the robot authentication center into a blockchain account book in a manner of sending a transaction to the blockchain network, so that registration is completed.
By adopting the technical scheme, the registration process of the robot authentication center can be managed by setting the fourth authentication management end, and the writing authority of the information of the robot authentication center is controlled.
Similarly, the system may include a fifth authentication manager, where the fifth authentication manager is a blockchain node with VPN POP registration authority, and is configured to, when receiving a registration request of a VPN POP, write registration information in the registration request into the blockchain ledger, where the registration information includes a blockchain address and a public key of the VPN POP.
It should be noted that, for convenience and brevity of description, the embodiments described in the specification belong to the preferred embodiments, and the parts related to the embodiments are not necessarily essential to the present invention. For example, the first authentication management end, the second authentication management end, etc. may be independent system components or the same system component when implemented. In addition, the first authentication manager, the second authentication manager, etc. may also correspond to related blockchain management accounts, which may not correspond to OSS/BSS, which is not limited by the present disclosure.
Based on the same inventive concept, the disclosure further provides a robot authentication method for a VPN POP, where the VPN POP has a robot authentication authority granted by a robot authentication center, and is capable of acquiring a blockchain ledger in a blockchain network, where the blockchain ledger includes registration information of a registered robot.
Here, the registration information may include, for example, a blockchain address of the robot and an identification code corresponding to the blockchain address. The identification code may be a PIN code corresponding to each robot, and keeps the identification code different from robot to robot.
For example, the robot may generate a public key, a private key, and an identification code, and generate a blockchain address based on the public key. In this way, the robot can register based on the blockchain address and the identification code. After registration is successful, the blockchain address and identification code of the robot are written into a blockchain ledger.
In some implementations, the registration information of the robot may also include information about the robot, such as a robot type, a public key, a robot ID, etc., which is not limited by the present disclosure.
Fig. 4 is a flowchart of a robot authentication method shown in the present disclosure, the method comprising:
S41, receiving an authentication request of a target robot, wherein the authentication request comprises first verification information and verification parameters;
s42, acquiring a target identification code of the target robot from a blockchain account book according to a target blockchain address in the verification parameter, wherein the target blockchain address is the blockchain address of the target robot;
s43, calculating to obtain second verification information according to the verification parameters and the target identification code;
s44, determining that the target robot passes authentication under the condition that the first verification information is identical to the second verification information;
the first verification information is calculated by the target robot based on the verification parameters and the target identification code.
Illustratively, the verification parameters may include: a target blockchain address, a timestamp, and a random number generated by the target robot. The target robot uses the target identification code as a secret key, uses the verification parameter as calculated data, and calculates the first verification information through an HMAC-SHA256 algorithm.
Specifically, the target robot may obtain its own target blockchain address robot-did, identification code pin-code, and local timestamp (e.g., a timestamp that may be 0 minutes 0 seconds relative to 1 month 1 day 0 in 1970, 8 bytes long, in milliseconds, gmt+00:00 time), and generate a random number random (e.g., 32 bytes).
After obtaining the above information, the target robot may calculate, based on the HMAC-SHA256 algorithm, a HMAC result mac1 (32 bytes) as the first authentication information with pin-code as a key of HMAC and random time robot-did as calculated data. Wherein "|" represents stitching.
In this way, the target robot can send an authentication request to the VPN POP, the authentication request including the first verification information mac1, the target blockchain address robot-fid, the random number random, and the timestamp. Of course, in some scenarios, the robot may splice mac1, random, timestamp, robot-id to get OTP (One Time Password, one-time password). In this case, the authentication request includes the OTP.
After receiving the authentication request of the target robot, the VPN POP can parse and obtain the target blockchain address robot-did, the random number random and the timestamp. And acquiring the target identification code of the target robot from the blockchain ledger based on the target blockchain address. Thus, the VPN POP may also calculate, based on the HMAC-SHA256 algorithm, an HMAC result mac2 as the second verification information with the obtained pin-code as the key of HMAC and random time robot-did as the calculated data.
By comparing the first verification information with the second verification information, the VPN POP can authenticate the target robot. For example, in the case where the first authentication information is the same as the second authentication information, the target robot passes authentication of the VPN POP. In the case where the first authentication information is different from the second authentication information, authentication is not passed.
It should be noted that, the above embodiment exemplifies the robot authentication process of the present disclosure taking the verification parameter as the target blockchain address, the timestamp, and the random number generated by the target robot as an example. Those skilled in the art will appreciate that the parameters described above may be adapted accordingly (e.g., to add relevant robotic information) when implemented. Meanwhile, the one-way hash function used in HMAC may not be limited to the above example, and a related high-intensity one-way hash function (e.g., SHA-1) may also be used for HMAC, which is not limited by the present disclosure.
According to the technical scheme, the plurality of VPN POPs are arranged in the blockchain network, and each VPN POP has the robot authentication authority granted by the robot authentication center. Thus, any VPN POP can perform network authentication on registered robots, so that performance bottleneck problems and security risks caused by centralization of a single robot authentication center during robot authentication are avoided.
Further, since the registration information of the robot is stored in the blockchain ledger, maintenance and management can be performed by the blockchain system, and therefore the robot authentication center does not need to maintain the registration information of the robot any more. By adopting the mode, the complexity of the robot authentication center can be reduced, and the reliability of the robot authentication center can be improved.
In one possible implementation, the VPN POP obtains the robot authentication rights by:
an identity authentication request is sent to a robot authentication center; the system comprises a block chain network, a network authentication request and a VPN POP, wherein the block chain network comprises a robot authentication center, the robot authentication center can acquire a block chain account book in the block chain network, the block chain account book comprises registration information of a registered VPN POP, the network authentication request comprises registration verification information of the VPN POP, the registration verification information is used for the robot authentication center to determine whether the VPN POP is registered or not, and a bidirectional authentication flow between the robot authentication center and the VPN POP is initiated under the condition that the VPN POP is registered;
under the condition that the robot authentication center initiates a bidirectional authentication flow, performing bidirectional authentication with the robot authentication center;
Under the condition that the VPN POP and the robot authentication center are successfully authenticated in a two-way mode, the VPN POP obtains the robot authentication authority.
For example, the VPN POP may send a network authentication request to the robot authentication center, which may include, for example, a second blockchain address of the VPN POP and a second random number a. In this way, the robot authentication center may query the blockchain ledger for the second blockchain address. In the case that the robot authentication center does not query the second blockchain address, it may be determined that the VPN POP is unregistered, so that the authentication flow may be terminated. Under the condition that the robot authentication center inquires the second blockchain address, the VPN POP can be determined to be registered, and then a bidirectional authentication flow can be initiated.
The flow of the mutual authentication is exemplarily described below. For example, the robot authentication center may send the first random number B and the first blockchain address of the robot authentication center to the VPN POP.
The VPN POP can receive the first random number B and the first blockchain address, SIGNs the first random number B based on a private key of the VPN POP to obtain a signature result SIGN (A), and sends the SIGN (A) to the robot authentication center.
The robot authentication center can obtain a public key PK (A) of the VPN POP by inquiring a blockchain account book based on the second blockchain address, and decrypt and verify the SIGN (A) through the public key PK (A). When the decryption fails and/or the decryption result is not the first random number B, authentication fails and the authentication flow is terminated. And when the decryption is successful and the decryption result is the first random number B, the authentication is successful. In this way, the robot authentication center can SIGN the second random number a based on its own private key to obtain SIGN (B), and send SIGN (B) to the VPN POP, so that the VPN POP authenticates the robot authentication center.
Accordingly, the VPN POP may obtain the public key PK (B) of the robot authentication center by querying a blockchain ledger based on the first blockchain address, and perform decryption verification on SIGN (B) by using the public key PK (B). And when the decryption is successful and the decryption result is the second random number A, the authentication is successful. When the decryption fails and/or the decryption result is not the second random number a, the authentication fails.
Thus, the safety of the robot authentication system can be improved through authentication between the VPN POP and the robot authentication center.
The present disclosure also provides a robot authentication method for a target robot, which may be the robot described in the above embodiments. The method comprises the following steps:
s51, acquiring verification parameters and a target identification code of the target robot, wherein the verification parameters comprise a blockchain address of the target robot;
s52, calculating to obtain first verification information according to the verification parameters and the target identification code;
s53, sending an authentication request comprising the first authentication information and the authentication parameters to any VPN POP in the blockchain network;
any VPN POP has a robot authentication authority granted by a robot authentication center and can acquire a blockchain account book in a blockchain network, wherein the blockchain account book comprises registered information of a registered robot, and the registered information comprises a blockchain address of the robot and an identification code corresponding to the blockchain address; the VPN POP acquires a target identification code of the target robot from a blockchain account book based on a target blockchain address in the verification parameters, calculates second verification information according to the verification parameters and the target identification code, and the target robot passes the authentication of the VPN POP under the condition that the first verification information is identical to the second verification information.
The authentication process between the target robot and the VPN POP is described with reference to the foregoing embodiments, and for brevity of description, the disclosure is not repeated herein.
According to the technical scheme, the plurality of VPN POPs are arranged in the blockchain network, and each VPN POP has the robot authentication authority granted by the robot authentication center. Thus, any VPN POP can perform network authentication on registered robots, so that performance bottleneck problems and safety risks faced by a single robot authentication center when performing robot authentication are avoided. For example, when a certain VPN POP fails, the target robot may also authenticate through another VPN POP.
Further, since the registration information of the robot is stored in the blockchain ledger, maintenance and management can be performed by the blockchain system, and therefore the robot authentication center does not need to maintain the registration information of the robot any more. By adopting the mode, the complexity of the robot authentication center can be reduced, and the reliability of the robot authentication center can be improved.
In another exemplary embodiment, a computer program product is also provided, the computer program product comprising a computer program executable by a programmable apparatus, the computer program having code portions for performing the above-described robot authentication method applied to a VPN POP when executed by the programmable apparatus.
In another exemplary embodiment, a computer program product is also provided, comprising a computer program executable by a programmable apparatus, the computer program having code portions for performing the above-described robot authentication method applied to a robot when executed by the programmable apparatus.
The preferred embodiments of the present disclosure have been described in detail above with reference to the accompanying drawings, but the present disclosure is not limited to the specific details of the above embodiments, and various simple modifications may be made to the technical solutions of the present disclosure within the scope of the technical concept of the present disclosure, and all the simple modifications belong to the protection scope of the present disclosure.
In addition, the specific features described in the foregoing embodiments may be combined in any suitable manner, and in order to avoid unnecessary repetition, the present disclosure does not further describe various possible combinations.
Moreover, any combination between the various embodiments of the present disclosure is possible as long as it does not depart from the spirit of the present disclosure, which should also be construed as the disclosure of the present disclosure.

Claims (8)

1. The robot authentication system is characterized by comprising a plurality of VPN POPs, wherein each VPN POP is provided with a robot authentication authority granted by a robot authentication center and can acquire a blockchain account book in a blockchain network, the blockchain account book comprises registered information of a registered robot, and the registered information comprises a blockchain address of the robot and an identification code corresponding to the blockchain address;
any VPN POP is used for receiving an authentication request of a target robot, wherein the authentication request comprises first authentication information and authentication parameters, a target identification code of the target robot is obtained from a blockchain account book according to a target blockchain address in the authentication parameters, and second authentication information is obtained through calculation according to the authentication parameters and the target identification code;
wherein the target blockchain address is a blockchain address of the target robot, and the verification parameters include: the blockchain address of the target robot, the timestamp and the random number generated by the target robot; the target robot is used for taking the target identification code as a secret key, taking the verification parameter as calculated data, and calculating to obtain the first verification information through an HMAC-SHA256 algorithm; the target robot passes the authentication of the VPN POP under the condition that the first authentication information is the same as the second authentication information;
The blockchain account book also comprises registered VPN POP registration information, wherein the VPN POP registration information comprises a blockchain address of the VPN POP and a public key of the VPN POP, and the robot authentication system further comprises:
the system comprises a robot authentication center, a target VPN POP and a target VPN POP, wherein the robot authentication center can acquire a blockchain account book in a blockchain network, and is used for determining whether the target VPN POP is registered or not based on registration information in the blockchain account book when an authentication request of the target VPN POP is received, and performing bidirectional authentication with the target VPN POP under the condition that the target VPN POP is registered; under the condition that the bidirectional authentication is successful, the target VPN POP has the robot authentication authority;
the target VPN POP is also used for sending authentication abnormal information to the target robot if the target VPN POP is determined not to be successfully authenticated with the robot authentication center in a bidirectional manner when the authentication request of the target robot is received;
the target robot is further configured to send an authentication request to any VPN POP of the plurality of VPN POPs after receiving the authentication anomaly information.
2. The robotic authentication system of claim 1, wherein the VPN POP is further configured to:
Sending an access token to the target robot and the robot authentication center under the condition that the target robot passes the authentication of the robot authentication center, so that the robot authentication center sends the access token to an interaction end corresponding to the target robot;
the access token is used for verifying the interaction request of the target robot by the interaction end.
3. The robotic authentication system of claim 1, further comprising:
the first authentication management end is a blockchain node with the registration authority of the robot and is used for writing registration information in a registration request into the blockchain account book when the registration request of the robot is received; transmitting start node information of the blockchain network to the robot, wherein the registration information comprises a blockchain address and an identification code of the robot;
the robot is used for storing the starting node information and accessing to the blockchain network based on the starting node information.
4. The robotic authentication system of claim 1, further comprising:
The second authentication management end is a blockchain node with the registration authority of the robot and is used for generating a private key, a public key, a blockchain address, identification information and an identification code corresponding to the robot when a registration request of the robot is received; writing the public key, the blockchain address and the identification code into a blockchain account book as registration information of the robot; transmitting starting node information of the blockchain network, the identification information and the private key to the robot;
the robot is used for storing the private key, the identification information and the starting node information, accessing to the blockchain network based on the starting node information, and acquiring the blockchain address and the identification code of the robot from a blockchain account book based on the identification information.
5. The robotic authentication system of claim 1, further comprising:
the third authentication management end is a blockchain node with the robot cancellation authority and is used for determining the robot to be cancelled according to the robot identification in the cancellation request when the robot cancellation request is received, and updating the registration information of the robot to be cancelled in the blockchain ledger to be cancelled.
6. The robotic authentication system of claim 1, further comprising:
the system comprises a fourth authentication management end, a first authentication management end and a second authentication management end, wherein the fourth authentication management end is a blockchain node with the registration authority of a robot authentication center and is used for writing registration information in a registration request into a blockchain account book when the registration request of the robot authentication center is received, and the registration information comprises a blockchain address and a public key of the robot authentication center; and/or the number of the groups of groups,
the fifth authentication management end is a blockchain node with VPN POP registration authority and is used for writing registration information in a registration request into the blockchain account book when the registration request of the VPN POP is received, wherein the registration information comprises a blockchain address and a public key of the VPN POP.
7. A robot authentication method for a VPN POP having a robot authentication authority granted by a robot authentication center, the VPN POP being capable of acquiring a blockchain ledger in a blockchain network, the blockchain ledger including registered information of a registered robot, the registered information including a blockchain address of the robot and an identification code corresponding to the blockchain address, the method comprising:
Receiving an authentication request of a target robot, wherein the authentication request comprises first verification information and verification parameters;
acquiring a target identification code of the target robot from a blockchain ledger according to a target blockchain address in the verification parameter, wherein the target blockchain address is the blockchain address of the target robot;
calculating to obtain second verification information according to the verification parameters and the target identification code;
determining that the target robot passes authentication under the condition that the first authentication information is the same as the second authentication information;
the verification parameters include a blockchain address of the target robot, a time stamp and a random number generated by the target robot, the first verification information is calculated by the target robot based on the verification parameters and a target identification code, the second verification information is calculated according to the verification parameters and the target identification code, and the method comprises the following steps:
taking the target identification code as a secret key, taking the verification parameter as calculated data, and calculating to obtain the second verification information through an HMAC-SHA256 algorithm;
the VPN POP obtains the robot authentication authority by the following method:
An identity authentication request is sent to a robot authentication center; the system comprises a block chain network, a network authentication request and a VPN POP, wherein the block chain network comprises a robot authentication center, the robot authentication center can acquire a block chain account book in the block chain network, the block chain account book comprises registration information of a registered VPN POP, the network authentication request comprises registration verification information of the VPN POP, the registration verification information is used for the robot authentication center to determine whether the VPN POP is registered or not, and a bidirectional authentication flow between the robot authentication center and the VPN POP is initiated under the condition that the VPN POP is registered;
under the condition that the robot authentication center initiates a bidirectional authentication flow, performing bidirectional authentication with the robot authentication center;
under the condition that the VPN POP and the robot authentication center are successfully authenticated in a two-way mode, the VPN POP obtains the robot authentication authority.
8. A robot authentication method for a target robot, the method comprising:
acquiring verification parameters and a target identification code of the target robot, wherein the verification parameters comprise a blockchain address of the target robot, a time stamp and a random number generated by the target robot;
Taking the target identification code as a secret key, taking the verification parameter as calculated data, and calculating to obtain the first verification information through an HMAC-SHA256 algorithm;
transmitting an authentication request including the first authentication information and the authentication parameter to any VPN POP in a blockchain network;
any VPN POP has a robot authentication authority granted by a robot authentication center and can acquire a blockchain account book in a blockchain network, wherein the blockchain account book comprises registered information of a registered robot, and the registered information comprises a blockchain address of the robot and an identification code corresponding to the blockchain address; the VPN POP acquires a target identification code of the target robot from a blockchain account book based on a target blockchain address in the verification parameters, calculates second verification information according to the verification parameters and the target identification code, and authenticates the target robot through the VPN POP under the condition that the first verification information is identical to the second verification information;
any VPN POP obtains the robot authentication rights by:
an identity authentication request is sent to a robot authentication center; the system comprises a block chain network, a network authentication request and a VPN POP, wherein the block chain network comprises a robot authentication center, the robot authentication center can acquire a block chain account book in the block chain network, the block chain account book comprises registration information of a registered VPN POP, the network authentication request comprises registration verification information of the VPN POP, the registration verification information is used for the robot authentication center to determine whether the VPN POP is registered or not, and a bidirectional authentication flow between the robot authentication center and the VPN POP is initiated under the condition that the VPN POP is registered;
And under the condition that the robot authentication center initiates a bidirectional authentication flow, performing bidirectional authentication with the robot authentication center, and under the condition that the VPN POP and the robot authentication center perform bidirectional authentication successfully, the VPN POP obtains the robot authentication authority.
CN202110729418.6A 2021-06-29 2021-06-29 Robot authentication system and method Active CN115225428B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202110729418.6A CN115225428B (en) 2021-06-29 2021-06-29 Robot authentication system and method
PCT/CN2021/143775 WO2023273277A1 (en) 2021-06-29 2021-12-31 Robot authentication system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110729418.6A CN115225428B (en) 2021-06-29 2021-06-29 Robot authentication system and method

Publications (2)

Publication Number Publication Date
CN115225428A CN115225428A (en) 2022-10-21
CN115225428B true CN115225428B (en) 2023-10-13

Family

ID=83606674

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110729418.6A Active CN115225428B (en) 2021-06-29 2021-06-29 Robot authentication system and method

Country Status (2)

Country Link
CN (1) CN115225428B (en)
WO (1) WO2023273277A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108702622A (en) * 2017-11-30 2018-10-23 深圳前海达闼云端智能科技有限公司 Mobile network's access authentication method, device, storage medium and block chain node
CN110519062A (en) * 2019-09-19 2019-11-29 腾讯科技(深圳)有限公司 Identity identifying method, Verification System and storage medium based on block chain
CN111859348A (en) * 2020-07-31 2020-10-30 上海微位网络科技有限公司 Identity authentication method and device based on user identification module and block chain technology

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109450877B (en) * 2018-10-25 2021-05-25 北京九州云腾科技有限公司 Block chain-based distributed IDaaS identity unified authentication system
US11121873B2 (en) * 2019-02-08 2021-09-14 Microsoft Technology Licensing, Llc System and method for hardening security between web services using protected forwarded access tokens
CN111835520B (en) * 2019-04-19 2023-04-07 株式会社理光 Method for device authentication, method for service access control, device and storage medium
KR102196478B1 (en) * 2019-10-04 2020-12-30 주식회사 레인보우브레인 Method and system for providing verification services of result of artificial intelligence robot automation software execution based on blockchain
CN112528270A (en) * 2020-12-09 2021-03-19 苏州市星际云通区块链科技有限公司 Block chain management method and device, electronic equipment and readable storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108702622A (en) * 2017-11-30 2018-10-23 深圳前海达闼云端智能科技有限公司 Mobile network's access authentication method, device, storage medium and block chain node
CN110519062A (en) * 2019-09-19 2019-11-29 腾讯科技(深圳)有限公司 Identity identifying method, Verification System and storage medium based on block chain
CN111859348A (en) * 2020-07-31 2020-10-30 上海微位网络科技有限公司 Identity authentication method and device based on user identification module and block chain technology

Also Published As

Publication number Publication date
WO2023273277A1 (en) 2023-01-05
CN115225428A (en) 2022-10-21

Similar Documents

Publication Publication Date Title
JP6533203B2 (en) Mobile device supporting multiple access control clients and corresponding method
US9686076B2 (en) Apparatus and methods for storing electronic access clients
US11882442B2 (en) Handset identifier verification
EP2243311B1 (en) Method and system for mobile device credentialing
CN104813634B (en) The method and system based on strategy for managing access control
US8971537B2 (en) Access control protocol for embedded devices
US10271213B2 (en) Methods and apparatus for providing management capabilities for access control clients
US8392702B2 (en) Token-based management system for PKI personalization process
CN103154966A (en) System and methods for remote maintenance in an electronic network with multiple clients
US20200235921A1 (en) Method and system for recovering cryptographic keys of a blockchain network
US20210249145A1 (en) Information communication device, authentication program for information communication device, and authentication method
KR102553145B1 (en) A secure element for processing and authenticating a digital key and operation metho thereof
TWI469655B (en) Methods and apparatus for large scale distribution of electronic access clients
KR101996317B1 (en) Block chain based user authentication system using authentication variable and method thereof
CN115225428B (en) Robot authentication system and method
WO2023273279A1 (en) Network authentication system and method for robot
KR102145529B1 (en) Payment method using mobile application and device for the same
WO2023273269A1 (en) Robot authentication system and method
KR20210071417A (en) System for non-replicable authentication and location estimation and operation method thereof
US20220407843A1 (en) Communication system and communication method
KR20190133652A (en) Payment method using mobile application and device for the same
WO2022026965A1 (en) Device fingerprint encoding component attributes
CN116796305A (en) Data center access method, device, equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant