CN115643034A - Digital work management method and digital work management system - Google Patents

Digital work management method and digital work management system Download PDF

Info

Publication number
CN115643034A
CN115643034A CN202211334204.XA CN202211334204A CN115643034A CN 115643034 A CN115643034 A CN 115643034A CN 202211334204 A CN202211334204 A CN 202211334204A CN 115643034 A CN115643034 A CN 115643034A
Authority
CN
China
Prior art keywords
identity
digital work
signature
certificate
data set
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211334204.XA
Other languages
Chinese (zh)
Inventor
张忠群
许刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Molian Information Technology Co ltd
Original Assignee
Shanghai Molian Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Molian Information Technology Co ltd filed Critical Shanghai Molian Information Technology Co ltd
Priority to CN202211334204.XA priority Critical patent/CN115643034A/en
Publication of CN115643034A publication Critical patent/CN115643034A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a digital work management method and a digital work management system. The method comprises the following steps: the author generates a digital work by using the authoring equipment; the identity authentication management platform responds to the identity authentication request to generate an identity certificate; the registration application program obtains an identity private key and an identity certificate, and signs a first signature data set by using the identity private key to obtain a first signature, wherein the first signature data set at least comprises source data of the digital work; the registered application program performs hash calculation on a hash data set to obtain a hash value serving as a unique identification code of the digital work, wherein the hash data set at least comprises an equipment serial number, source data of the digital work, an identity certificate and a first signature; the registration application uses a device private key of the authoring device to sign the second signature data set to obtain a second signature; the registration application program sends the unique identification code, the hash data set and the second signature to the digital work management platform; the registration application registers the unique identification code and URL onto the blockchain network.

Description

Digital work management method and digital work management system
Technical Field
The invention mainly relates to the technical field of block chains, in particular to a digital work management method and a digital work management system.
Background
With the gradual burning of the digital creative work market, more and more artists utilize blockchain technology to shelf the created works on the digital creative market for trading. When the digital currency transaction is carried out, the anonymity characteristic of the block chain can protect the privacy of the user, however, the buyer cannot know the real identity of the creator of the digital text creation. Moreover, even if the name of the creator is stated in the description file of the digital document creator, the creator of the digital document creator is not considered, and thus the value of the digital document creator cannot be judged, resulting in unsmooth transaction.
Disclosure of Invention
The invention aims to provide a digital work management method and a digital work management system for determining the originator source of a digital work.
In order to solve the above technical problem, the present invention provides a digital work management method, comprising: an author uses authoring equipment to generate a digital work, wherein a registration application program is deployed in the authoring equipment, the author has a corresponding identity key pair, and the identity key pair comprises an identity private key and an identity public key; the identity authentication management platform responds to the identity authentication request to generate an identity certificate; the registration application program obtains the identity private key and the identity certificate, and uses the identity private key to sign a first signature data set to obtain a first signature, wherein the first signature data set at least comprises source data of the digital work; the registration application program performs hash calculation on a hash dataset to obtain a hash value, and the hash value is used as a unique identification code of the digital work, wherein the hash dataset comprises equipment information of the authoring equipment and work information of the digital work, the equipment information at least comprises an equipment serial number, and the work information of the digital work at least comprises source data of the digital work, the identity certificate and the first signature; the enrollment application signing a second signature data set using a device private key of the authoring device to obtain a second signature, wherein the second signature data set includes at least the unique identification code; the registration application program sends the unique identification code, the hash data set and the second signature to a digital work management platform, and the digital work management platform returns a URL (uniform resource locator) pointing to a work information description file of the digital work to the creation equipment; and the authoring device registering the unique identification code and the URL onto a blockchain network through the registration application.
In an embodiment of the present application, the step of applying, by the author, to obtain the identity certificate from the identity authentication management platform includes: responding to the received identity authentication request, and authenticating the identity of the author by the identity authentication management platform; after the authentication is passed, the identity authentication management platform responds to a received identity certificate request to generate an identity certificate, wherein the identity certificate request comprises identity information of the author and the identity public key, the identity information at least comprises an identity identification of the author, the identity certificate comprises an information domain, and the information domain at least comprises the identity public key; and the identity authentication management platform signs the identity certificate by adopting an organization private key so that the information domain of the identity certificate comprises certificate signing information.
In an embodiment of the application, the identity authentication request includes identity authentication levels, different ones of the identity authentication levels correspond to different ones of the identity identifiers, and the identity authentication management platform authenticates the identity of the author according to the identity authentication levels.
In an embodiment of the application, the information field further includes any of a certificate version number, a certificate serial number, a certificate signing algorithm, certificate signing information, a certificate issuer unique number, and a certificate validity period.
In an embodiment of the present application, the information domain further includes any one of a certificate principal, a unique certificate principal number, a certificate principal authority name, a real certificate principal name, and the authentication level, the number of the information domain and the authentication level are positively correlated, and the higher the authentication level is, the more the number of the information domain is.
In an embodiment of the present application, the identity authentication management platform includes an authentication platform and a management platform, the authentication platform is configured to authenticate the identity of the author, generate the identity certificate, and issue the identity certificate to the management platform, and the management platform is configured to store the identity certificate.
In an embodiment of the present application, the method further includes: and recording the device public key and the device information in the authentication service platform.
In an embodiment of the application, the first signature data set further comprises the device information.
In an embodiment of the present application, the second signature data set further includes the device information and the work information.
In an embodiment of the present application, the method further includes: the verifier obtains the unique identification code of the digital work and sends the unique identification code to the digital work management platform; the digital work management platform inquires and obtains a corresponding hash data set to be verified, a second signature to be verified and a second signature data set to be verified according to the unique identification code and returns the hash data set, wherein the content of the second hash data set to be verified is in one-to-one correspondence with the content of the hash data set, the signature data set to be verified at least comprises the unique identification code, and the content of the second signature data set to be verified is in one-to-one correspondence with the content of the second signature data set; the verification service platform performs hash calculation on the hash data set to be verified to obtain a hash value to be verified, and if the hash value to be verified is consistent with the unique identification code, the verification service platform requests an authentication service platform to obtain an equipment public key of the creation equipment corresponding to the unique identification code; the authentication service platform inquires an equipment public key according to the equipment information in the hash data set and returns the inquired equipment public key to the verification service platform; the verification service platform uses the device public key to verify the second signature data set to be verified and the second signature to be verified, and a first signature verification result is obtained; when the first signature verification result is successful, the verification service platform requests the identity authentication management platform to obtain an organization public key; the verification service platform adopts the organization public key to verify the identity certificate to obtain a second verification result; and when the second signature verification result is successful, the verification service platform adopts the identity public key in the identity certificate to verify the first signature and the first signature data set to obtain a third signature verification result.
In an embodiment of the application, the signature data set to be verified further includes the device information and the work information.
In an embodiment of the present application, the authoring apparatus includes a musical instrument and the digital work includes a musical work.
The present application further provides a digital work management system for solving the above technical problems, including: the system comprises an identity authentication management platform, a digital work management platform, a verification service platform and a registration application program which is arranged in an authoring device, wherein the digital work management system is used for executing the digital work management method.
The digital work management method comprises the steps of generating an identity certificate for an author, signing a first signature data set by adopting an identity private key in a registration process of a digital work to obtain a first signature, obtaining a unique identification code of the digital work by adopting a hash data set comprising the identity certificate and the first signature, signing a second signature data set comprising the unique identification code by adopting an equipment private key to obtain a second signature, and then registering the digital work on a block chain network, so that the digital work is bound with the identity of the author and authoring equipment.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the principle of the invention. In the drawings:
FIG. 1 is an exemplary flow chart of a digital work management method of an embodiment of the present application;
FIG. 2 is a block diagram of a digital work management system for performing the digital work management method of the embodiment shown in FIG. 1;
FIG. 3 is a schematic diagram illustrating interaction of a process of generating an identity certificate by an identity authentication management platform in the digital work management method according to an embodiment of the present application;
FIG. 4 is an interaction diagram illustrating a process of registering a UL in a digital work management method according to an embodiment of the present application;
FIG. 5 is an exemplary flow diagram of a validation process in a digital work management method according to an embodiment of the present application;
FIG. 6 is a process interaction diagram of a verification flow in the digital work management method according to an embodiment of the present application.
Detailed Description
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings used in the description of the embodiments will be briefly introduced below. It is obvious that the drawings in the following description are only examples or embodiments of the application, from which the application can also be applied to other similar scenarios without inventive effort for a person skilled in the art. Unless otherwise apparent from the context, or otherwise indicated, like reference numbers in the figures refer to the same structure or operation.
As used in this application and the appended claims, the terms "a," "an," "the," and/or "the" are not intended to be inclusive in the singular, but rather are intended to be inclusive in the plural unless the context clearly dictates otherwise. In general, the terms "comprises" and "comprising" are intended to cover only the explicitly identified steps or elements as not constituting an exclusive list and that the method or apparatus may comprise further steps or elements.
The relative arrangement of the components and steps, the numerical expressions, and numerical values set forth in these embodiments do not limit the scope of the present application unless specifically stated otherwise. Meanwhile, it should be understood that the sizes of the respective portions shown in the drawings are not drawn in an actual proportional relationship for the convenience of description. Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate. In all examples shown and discussed herein, any particular value should be construed as merely illustrative, and not limiting. Thus, other examples of the exemplary embodiments may have different values. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, further discussion thereof is not required in subsequent figures.
In the description of the present application, it is to be understood that the orientation or positional relationship indicated by the directional terms such as "front, rear, upper, lower, left, right", "lateral, vertical, horizontal" and "top, bottom", etc., are generally based on the orientation or positional relationship shown in the drawings, and are used for convenience of description and simplicity of description only, and in the case of not making a reverse description, these directional terms do not indicate and imply that the device or element being referred to must have a particular orientation or be constructed and operated in a particular orientation, and therefore, should not be considered as limiting the scope of the present application; the terms "inner and outer" refer to the inner and outer relative to the profile of the respective component itself.
For ease of description, spatially relative terms such as "over 8230 \ 8230;,"' over 8230;, \8230; upper surface "," above ", etc. may be used herein to describe the spatial relationship of one device or feature to another device or feature as shown in the figures. It will be understood that the spatially relative terms are intended to encompass different orientations of the device in use or operation in addition to the orientation depicted in the figures. For example, if a device in the figures is turned over, devices described as "above" or "on" other devices or configurations would then be oriented "below" or "under" the other devices or configurations. Thus, the exemplary terms "at 8230; \8230; 'above" may include both orientations "at 8230; \8230;' above 8230; 'at 8230;' below 8230;" above ". The device may be otherwise variously oriented (rotated 90 degrees or at other orientations) and the spatially relative descriptors used herein interpreted accordingly.
It should be noted that the terms "first", "second", and the like are used to define the components, and are only used for convenience of distinguishing the corresponding components, and the terms have no special meanings unless otherwise stated, so that the scope of the present application is not to be construed as being limited. Further, although the terms used in the present application are selected from publicly known and used terms, some of the terms mentioned in the specification of the present application may be selected by the applicant at his or her discretion, the detailed meanings of which are described in relevant parts of the description herein. Further, it is required that the present application is understood not only by the actual terms used but also by the meaning of each term lying within.
Flowcharts are used herein to illustrate the operations performed by systems according to embodiments of the present application. It should be understood that the preceding or following operations are not necessarily performed in the exact order in which they are performed. Rather, various steps may be processed in reverse order or simultaneously. Meanwhile, other operations are added to or removed from these processes.
The digital work management method and the digital work management system provide a digital work management mode for creators in the environment of digital text creature transaction, so that the digital works created by the creators by adopting certain creation equipment can be bound with the identities of the creators, the authenticity of the identities of the creators of the digital works is ensured, and the value of the digital works is favorably judged by buyers.
FIG. 1 is an exemplary flow chart of a digital work management method of an embodiment of the present application. As shown in fig. 1, the digital work management method of this embodiment includes the steps of:
step S110: the method comprises the following steps that an author uses creation equipment to generate digital works, a registration application program is deployed in the creation equipment, the author has a corresponding identity key pair, and the identity key pair comprises an identity private key and an identity public key;
step S120: the identity authentication management platform responds to the identity authentication request to generate an identity certificate;
step S130: registering an application program to obtain an identity private key and an identity certificate, and signing a first signature data set by using the identity private key to obtain a first signature, wherein the first signature data set at least comprises source data of the digital work;
step S140: the registered application program performs hash calculation on a hash dataset to obtain a hash value, and the hash value is used as a unique identification code of the digital work, wherein the hash dataset comprises equipment information of creation equipment and work information of the digital work, the equipment information at least comprises an equipment serial number, and the work information of the digital work at least comprises source data, an identity certificate and a first signature of the digital work;
step S150: the registration application uses a device private key of the authoring device to sign a second signature data set to obtain a second signature, wherein the second signature data set at least comprises a unique identification code;
step S160: the registration application program sends the unique identification code, the hash data set and the second signature to the digital work management platform, and the digital work management platform returns the URL of the work information description file pointing to the digital work to the creation equipment; and
step S170: the authoring device registers the unique identification code and URL onto the blockchain network through a registration application.
Fig. 2 is a block diagram of a digital work management system for performing the digital work management method of the embodiment shown in fig. 1. The digital work management method will be described below with reference to fig. 1 to 6.
In step S110, the author 201 generates a digital work using the authoring apparatus 220. The present application does not limit the number of digital works.
The present application is not limited as to the specific type of authoring device 220, which authoring device 220 may be a device for generating any type of digital work, such as, but not limited to, a conventional musical instrument, a digital device, which may be an electronic musical instrument, an electronic drawing device, and the like. Likewise, the present application is not limited to a particular storage form, presentation form, etc. of the digital work.
In some embodiments, the authoring device 220 is a musical instrument and the digital work is a musical work.
The author 201 itself has an identity key pair. The generation mode of the identity key pair is not limited by the application. For example, the author 201 generates the identity key pair using a key generation tool. The key generation tool is, for example, an application, a dedicated device, etc. The identity key pair is stored in a key storage device, such as a memory having a USB interface, a dedicated device, etc. It should be noted that the identity private key of the author has strong privacy, and should be owned by the author only, and cannot be freely obtained by others.
In step S120, the authentication management platform 210 generates a get identity certificate in response to the authentication request.
Fig. 3 is an interaction diagram illustrating a process of generating an identity certificate by an identity authentication management platform in the digital work management method according to an embodiment of the present application. The same reference numerals are used in fig. 3 as in fig. 2 to denote the same blocks. In conjunction with fig. 2 and 3, in some embodiments, the step of the author 201 applying for identity certificate acquisition to the identity authentication management platform 210 includes:
step S121: in response to the received authentication request, the authentication management platform 210 authenticates the identity of the originator.
In the example shown in fig. 3, the authentication request is initiated by the author 201. In other embodiments, the authentication request may be initiated by another requestor. The applicant of the identity authentication request is not limited, and may be the author 201 or others related to the author 201.
As shown in fig. 2 and 3, in some embodiments, identity authentication management platform 210 includes an authentication platform 211 and a management platform 212, authentication platform 211 being configured to authenticate the identity of the author, generate an identity certificate, and issue the identity certificate to management platform 212, and management platform 212 being configured to store the identity certificate. As shown in fig. 3, an identity authentication request from author 201 is received by authentication platform 211.
In some embodiments, the authentication platform 211 is an authoritative authentication Authority of a third party, such as a Certificate Authority (CA). The authentication platform 211 authenticates the identity of the requester after receiving the identity authentication request.
In some embodiments, the identity authentication request further includes an identity authentication level, where different identity authentication levels correspond to different identities, and the identity authentication management platform 210 authenticates the identity of the author according to the identity authentication levels. According to these embodiments, the requestor needs to select the corresponding authentication level when submitting an authentication request. For example, authentication platform 211 provides options regarding the level of authentication, the level required being selected by the requestor. The table is an example of one different authentication level and associated authentication means.
Table one:
Figure BDA0003914738110000081
Figure BDA0003914738110000091
the first column of the table i exemplarily shows 4 authentication levels, the second column "authentication item" indicates an item category for performing authentication, and the third column indicates an authentication manner. As can be seen from the table I, the authentication level gradually increases from Class0 to Class3, and the authentication requirement also gradually increases. For example, when the requester selects Class0, the content of the authentication item is not authenticated, that is, there is no item that needs to be authenticated, and the corresponding authentication mode "ignore identity authentication" is that identity authentication is not performed, and accordingly, there is no need to generate an identity certificate.
If the identity authentication level is Class1, the authentication item is a mailbox number, and the authentication mode is to confirm the identity by sending a mail to the mailbox, which belongs to the lowest level of identity authentication.
If the identity authentication level is Class2, the authentication item is authenticated by using a third-party database, for example, social software, and the authentication mode is to confirm the identity through information of the third-party database, for example, account authorization of the social software, and the like, for example, a mode of logging in and authenticating by using a WeChat or Paibao account which exists at present.
If the authentication level is Class3, the authentication item is the on-the-spot authentication or the identity proof, and the authentication mode is the face-to-face authentication or the identity proof, for example, a citizen identity card needs to be shown, or a photo of the identity card needs to be held by a requester.
For classes 0 to 2, the requestor may not be the author himself. For Class3, the requestor needs to be the originator himself, i.e. the owner of the identity private key.
As shown in fig. 3, after receiving the authentication request, the authentication platform 211 authenticates the identity of the requestor according to the authentication level.
Step S122: after passing the authentication, the identity authentication management platform 210 generates an identity certificate in response to the received identity certificate request, where the identity certificate request includes the identity information of the author and the identity public key, the identity information includes at least the identity identifier of the author, and the identity certificate includes an information field, and the information field includes at least the identity public key.
As shown in fig. 3, after receiving the result of passing the authentication, the author 201 issues an identity certificate request to the authentication management platform 210. As previously described, when the identity authentication level is low, the identity certificate request may also be initiated by another person at step S122. However, the identity certificate request includes the identity information and the identity public key of the originator. The identity of the author in the identity information is related to the identity authentication level, for example, the identity of Class0 is none, the identity of Class1 is a mailbox number, the identity of Class2 is a social software account number, and the identity of Class3 is an identity card number/real-time face image. When the requester is not the author, other requesters can obtain the identity public key of the author, but cannot obtain the identity private key of the author at will.
As in fig. 3, the authentication platform 211 generates an identity certificate. In some embodiments, the information field of the identity certificate includes, in addition to the identity public key, any of a certificate version number, a certificate serial number, a certificate signing algorithm, certificate signing information, a certificate issuer unique number, and a certificate validity period. The information domain contents are the basic contents to be included in the identity certificate, and are applicable to any identity authentication level needing to generate the identity certificate.
In some embodiments, the information domain further includes any one of a certificate principal, a unique certificate principal number, a certificate principal authority name, a real certificate principal name, and an identity authentication level, the number of the information domains is positively correlated with the identity authentication level, and the higher the identity authentication level is, the more the number of the information domains is.
The table is an example of the content contained in the information field of the identity certificate.
Table two:
Figure BDA0003914738110000101
Figure BDA0003914738110000111
Figure BDA0003914738110000121
the higher the authentication level, the more items contained in the information field, and the larger the amount of information. The certificate body in table one refers to the author. If the requestor selects a lower level of authentication, then the information about the principal of the certificate in the information field of the generated identity certificate is coarser; if the applicant selects a higher authentication level, the information about the certificate body in the information field of the generated identity certificate is more detailed, and the buyer can know the identity of the creator clearly, so that the value of the digital works can be judged better.
The second table also includes a certificate principal name, an art name/alias, etc. of the creator. The artist name/alias may be more widely known to some authors, and thus it is the author name/alias that is verified at the time of verification for the buyer.
Table two is listed as the fifth column whether the item is mandatory or optional. The identity certificate may be specifically selected by the requestor when the requestor makes a request for the identity certificate on authentication platform 211.
Step S123: the identity authentication management platform signs the identity certificate by adopting an organization private key, so that the information domain of the identity certificate comprises certificate signing information.
In this embodiment, the authentication management platform 210 has its own authority key pair, including an authority private key and an authority public key. As in fig. 3, the identity certificate is signed by the authentication platform 211 using the authority private key at step S123. The certificate signature information is shown in the information fields shown in table two. As shown in fig. 3, after signing, the authentication platform 211 issues the identity certificate to the management platform 212, the management platform 212 stores the identity certificate, and returns a message that the generation and storage of the identity certificate are successful to the author 201 or the requestor.
The identity certificate of the originator is obtained through the above-mentioned steps S110-S120, and thus this flow is also referred to as the originator identity certificate acquisition flow.
In step S130, referring to fig. 2, the registration application 221 may be any form of program, such as a software program, an APP, or the like. As shown in fig. 2, deployment inside the authoring apparatus 220 indicates that the authoring apparatus 220 has an environment in which the enrollment application 221 can run. When the authoring apparatus 220 is a conventional musical instrument, a digital module including a registration application 221 is provided for the conventional musical instrument, and the digital module is disposed in an undetachable manner inside the authoring apparatus 220, so that the authoring result of the authoring apparatus 220 can be obtained, for example, by recording a musical work by way of a recording, to be stored as a digital work in the digital module. Note that the authoring apparatus 220 is used only for authoring and generating digital works, and digital works authored by other apparatuses cannot be imported and stored in the authoring apparatus 220.
FIG. 4 is an interaction diagram illustrating a process of registering uplink in a digital work management method according to an embodiment of the present application. In conjunction with fig. 2 and 4, in step S130, the identity private key may be sent to the enrollment application 221 by the author 201. For example, the author 201 inserts a U-shield with the private identity key into the authoring device 220, which the registration application 221 reads and obtains. The first signature Data set Data1 is signed by the identity private key to obtain a first signature S1. The first signature Data set Data1 includes at least source Data of the digital work. In some embodiments, the first signature Data set Data1 also includes device information for the authoring device 220, the device information including at least a device serial number.
In the first embodiment, the first signature Data set Data1 includes only source Data of the digital work.
The device information of the authoring device 220 refers to all information related to the authoring device 220 itself. Such information may include all information relating to the authoring device 220 itself as it leaves the factory, before it is sold, during it is sold, and after it is sold. In some embodiments, the device information includes, in addition to the device serial number of the authoring device 220: any of a device production date, a device security status, a device provenance, a device model, a device manufacturer, a device owner, etc. The device production date, the device security status, the device departure, the device model, the device manufacturer, etc. may be generated when the authoring device 220 leaves the factory, the device owner may change at different stages before sale, during sale, after sale, etc., and the device information may further include similar maintenance information, transaction information, stage owner information, etc. It should be noted that the device information may be stored in the authoring device 220 or in other platforms with storage functions. In some embodiments, the digital work management system shown in fig. 2 further comprises an authentication service platform 250, and the digital work management method further comprises: the device public key and the device information are recorded in the authentication service platform 250. During the verification process of the digital work, the device public key and the device information can be obtained through the authentication service platform 250 to reflect the objectivity and credibility of the verification process. The authentication process will be described later.
In step S140, the hash dataset DataH includes device information of the authoring device and work information of the digital work, the work information including at least source data of the digital work, the identity certificate, and the first signature.
In some embodiments, the work information of a digital work refers to all information related to the digital work itself. Such as any of the name of the work, the author of the work, the description of the work, the time of creation, and the location of creation. In other embodiments, the work information may also include, for example, the work genre, lyrics, and the like.
In step S140, the hash value is recorded as H1, the hash dataset is recorded as DataH, and the DataH at least includes source data of the digital work, a device serial number of the authoring device, an identity certificate, and a first signature S1. It will be appreciated that the elements used to calculate the hash value H1 differ only slightly, and the unique identification code obtained will differ.
In the first embodiment, the DatatH only includes source data of the digital work, an equipment serial number of an authoring device, an identity certificate, and a first signature S1, and hashes the DataH to obtain a hash value, where the hash value is used as a unique identification code of the digital work. In some embodiments, the unique identification code is a Token ID of the digital work on a digital work transaction platform.
At step S150, the registration application 221 signs the second signature Data set Data2 using the device private key of the authoring device to obtain a second signature S2, the second signature Data set Data2 including at least the unique identification encoding.
In some embodiments, the second signature data set S2 further includes device information and work information.
In the first embodiment, the second signature Data set Data2 only includes the unique identification code. Thus, the data in example one is the simplest data in all examples.
In some embodiments, the device private key is stored in the authoring device 220, the registration application 221 may issue a request directly to the authoring device 220 to obtain the device private key. In other embodiments, the device private key may be stored in a third party platform and the registration application 221 issues a request to the third party platform to obtain the device private key.
At step S160, the registration application 221 transmits the unique identification code, the hash dataset DataH, and the second signature S2 to the digital work management platform 230, and the digital work management platform 230 returns a URL pointing to the work information description file of the digital work to the authoring device 220.
The present application is not limited to a particular implementation of the digital work management platform 230. The digital work management platform 230 is any service platform capable of providing the functions required in the digital work management method of the present application. As shown in FIG. 2, the digital work management platform 230 is a service platform independent of the authoring device 220. The digital work management platform 230 may be an independent third-party service, or may be a sub-service or the like that incorporates other services having the functions required by the present application.
In some embodiments, the digital work management platform 230 has storage functionality. In the digital work management method of the present application, the method further includes: at least the unique identification code, the hash dataset DataH, and the second signature S2 are maintained at the digital work management platform 230. In other embodiments, the digital work management platform 230 may maintain some or all of the hash Data set DataH and the first and second signature Data sets Data1 and Data 2.
As shown in FIGS. 2 and 4, in some embodiments, the digital work management system of the present application further includes a storage service platform 260. After step S160, the digital work management platform 210 may further send any one of the hash Data set DataH, the first signature Data set Data1, and the second signature Data set Data2 in steps S130 to S150 to the storage service platform 260 for storage, and only the unique identification code, the device serial number, the identity certificate, and the second signature S2 are saved in the digital work management platform 230, so as to reduce the storage load of the digital work management platform 230 and improve the operating efficiency of the digital work management platform 230 through distributed management.
In step S160, the URL pointing to the work information description file of the digital work is a unique address on the world wide web. The application does not limit how the URL is generated. In some embodiments, the URL is generated by the digital work management platform 230. The work information description file may be a piece of text or an attribute for describing work information of the digital work, including a storage address of source data of the digital work, through which the source data can be accessed. The storage address may be an address of the cloud.
In other embodiments, the URL is generated by the storage services platform 260. The source file of the digital work is actually stored on the storage service platform 260, and the storage service platform 260 can obtain the specific storage address, and then the URL is generated by the storage service platform 260, and the storage address can be recorded in the work information description file.
Step S170: the authoring apparatus 220 registers the unique identification code and URL onto the blockchain network 240 through the registration application 221.
In some embodiments, the registration application 221 includes an intelligent contract interface through which unique identification codes and URLs may be registered on the blockchain network 240, i.e., to implement a registration link as shown in fig. 4.
In some embodiments, after step S170, the method further includes: the blockchain network 240 returns a registration result, which may be a registration success or a registration failure, to the authoring device 220.
Since the registration of the digital work is performed through the above steps S130 to S170, this step flow is also referred to as a digital work registration flow. In some embodiments, if the registration result is a registration failure, the authoring apparatus 220 may initiate the above-described registration flow again through the registration application 221.
The identity certificate of the creator, the creation equipment and the digital works can be bound through the steps S110 to S170, so that the tracing and the anti-counterfeiting of the equipment source for generating the digital works and the identity source of the creator are realized. After being registered for winding, the digital work can be put on the market of the digital document creator.
In some embodiments, the digital work is also submitted for storage in a distributed file system while being checked in. The distributed File System is, for example, an InterPlanetary File System (IPFS). The attribute information of the digital work should follow the standard noble released by the corresponding block chain, such as ERC721/ERC1155 of ethertories, etc.
Table three is an example of attribute information for a digital work.
A third table:
Figure BDA0003914738110000161
Figure BDA0003914738110000171
as shown in table three, for the case that the author needs to deploy his identity information on the digital work, the name of the work in the attribute information of the digital work is necessary, and others are optional and can be selected according to needs.
FIG. 5 is an exemplary flow chart of the validation process in the digital work management method of an embodiment of the present application. FIG. 6 is a process interaction diagram of a verification flow in the digital work management method according to an embodiment of the present application. With reference to fig. 2, fig. 5, and fig. 6, the verification process of this embodiment includes:
step S510: verifier 202 obtains the unique identification code for the digital work and sends the unique identification code to digital work management platform 230.
Verifier 202 may be a user that holds a unique identification code for a digital work that is obtained through blockchain network 240. For example, the verifier 240 browses the digital work transaction platform and obtains public information of the digital work, the public information including at least a unique identification code. To verify this public information, verifier 202 may initiate a verification process. It should be noted that, based on the characteristics of the blockchain network, the unique identification code is authentic and reliable and is not tampered.
In some embodiments, where digital work management platform 230 may provide a verification service interface through which verifier 202 initiates a verification process, digital work management platform 230 may itself function as a verification service platform.
As shown in FIGS. 2 and 6, in some embodiments, verifier 202 may perform step S510 via a separate verification service platform 270, and send the unique identification code Token ID to digital work management platform 230 via verification service platform 270, thereby improving the objectivity and trustworthiness of the verification process. FIG. 6 illustrates an embodiment employing a separate verification service platform 270, with a verification request initiated from the verification service platform 270 to the digital work management platform 230. The illustration in fig. 6 is merely an example and is not intended to limit the authentication request to having to be initiated by a separate authentication service platform 270.
Step S520: the digital work management platform 230 obtains a corresponding hash data set to be verified, a second signature to be verified, and a second signature data set to be verified according to the unique identification code Token ID query, and returns the hash data set, the second signature to be verified, and the second signature data set to be verified to the verification service platform 270, where the content of the second hash data set to be verified and the content of the hash data set are in one-to-one correspondence, the signature data set to be verified at least includes the unique identification code, and the content of the second signature data set to be verified and the content of the second signature data set are in one-to-one correspondence. The returned hash Data set to be verified, the second signature to be verified and the second signature Data set to be verified are represented by Data3 in fig. 6.
On the basis of the first embodiment, the hash data set to be verified only includes the source data of the digital work, the equipment serial number of the authoring equipment, the identity certificate and the first signature S1; the second signature data set to be verified also comprises only the unique identification code.
In the registration process described above, if the hash dataset, the second signature, and the second signature dataset are stored in the digital work management platform 230, the querying step is performed by the digital work management platform 230. If these Data are stored in the storage service platform 260 in the registration process, the digital work management platform 230 may send a query request to the storage service platform 260, perform a query on the storage service platform 260, return the query result Data3 to the digital work management platform 230, and return Data3 to the verification service platform 270 by the digital work management platform 230, as shown in fig. 6.
Step S530: the verification service platform 270 performs hash calculation on the hash data set to be verified to obtain a hash value H3 to be verified, and if the hash value H3 to be verified is consistent with the unique identification code Token ID of the buyer, the verification service platform 270 requests the authentication service platform 250 to obtain the device public key of the authoring device corresponding to the unique identification code.
The present application does not limit the hash calculation method used in step S530. For example, if the hash value H1 is obtained by performing the hash calculation using the algorithm a in step S140, and the hash value H1 is used as the unique identifier code, the same algorithm a is used to calculate the hash value H3 to be verified in step S530. If the content in the hash data set to be verified is identical to the content in the hash data set corresponding to the unique identification code, the hash value H3 to be verified should be equal to the hash value H1, which indicates that both the device information and the work information corresponding to the unique identification code provided by the verifier 202 have not been tampered, that is, both the device information and the work information in the hash data set to be verified are real, and at this time, the hash data to be verified is integrated into the verified hash data set, so that the data in the verified hash data set is directly used in the subsequent steps. Step S530 also verifies the authenticity of the digital work management platform 230 or the storage service platform 260.
Step S540: the authentication service platform 250 queries the device public key according to the device information in the verified hash dataset, and returns the queried device public key to the verification service platform 270.
Continuing with the previous embodiment as an example, the device information is the device serial number, in step S540, the authentication service platform 250 queries the device public key according to the device serial number, and if the device public key is queried, returns the device public key.
In some embodiments, after the comparison in step S530, when the hash value H3 to be verified is consistent with the unique identifier code, the verification service platform 270 directly requests the authentication service platform 250 for the device public key of the authoring device 220; the authentication service platform 250 also returns the device public key directly to the verification service platform 270 in step S540, as shown in fig. 6. In other embodiments, in step S530, the verification service platform 270 may request the device public key of the authoring device 220 from the authentication service platform 250 through the digital work management platform 230; accordingly, in step S540, the authentication service platform 250 returns the device public key to the digital work management platform 230, and then the digital work management platform 230 returns the device public key to the verification service platform 270.
Step S550: the verification service platform 270 uses the device public key to check the second signature data set to be verified and the second signature to be verified, and obtains a first signature checking result.
Step S550 defines the step of verifying the signature to be performed at the verification service platform 270. The application does not limit the specific signature verification method. For embodiments where the digital work management platform 230 functions as both a verification service platform 270, the verification step is performed by the digital work management platform 230.
Taking the foregoing embodiment one as an example, the second signature data set to be verified only includes the unique identification code. In step S550, the device public key is used to verify the unique identification code and the second signature to be verified provided by the verifier 202, and it is verified whether the device private key forming the second signature to be verified matches the device public key, if so, the first verification result is successful, and the second signature to be verified is consistent with the second signature in step S150; otherwise, the first signature verification result is failure.
If the device public key cannot be queried in step S540, a result of a failure in querying is returned, the verification service platform 270 cannot perform the next verification of the signature, and finally, the verification service platform 270 also provides a result of a failure in signature verification.
Step S550 verifies the authenticity and legitimacy of the authoring device that generated the digital work and verifies the device origin of the digital work.
Step S560: when the first signature verification result is successful, the verification service platform 270 requests the identity authentication management platform 210 to obtain the public key of the institution.
Step S570: the verification service platform 270 verifies the identity certificate by using the public key of the organization to obtain a second verification result.
Taking the first embodiment as an example, the hash dataset includes an identity certificate, and in step S570, the identity certificate is verified by using the authority public key, and if the authority public key matches with the authority private key in the certificate signature information in the identity certificate, the authenticity and validity of the identity certificate are verified.
Step S580: when the second signature verification result is successful, the verification service platform 270 verifies the first signature and the first signature data set by using the identity public key in the identity certificate, and obtains a third signature verification result. The first signature is from a verified hash dataset.
Taking the first embodiment above as an example, only the source data of the digital work is included in the first signature data set. In step S580, the identity public key is used to check the first signature S1 and the source data of the digital work, and the third result is successful, which indicates that the creator of the digital work is true and legal; otherwise, the third signature verification result is failure.
Step S580 verifies the authenticity and legitimacy of the creator of the digital work, and verifies the creator source of the digital work. When the verification results are both authentic, the verifier 202 can obtain the authentic identity of the originator by parsing the certificate body information in the information field of the identity certificate.
With reference to the embodiments shown in fig. 2 and fig. 5, the digital work management method of the present application simultaneously includes an originator identity certificate acquisition process, a digital work registration process, and a digital work verification process, and the method binds the originator identity, the creation equipment, and the digital work together, and provides a service of verifying the creation equipment and the originator identity for the verifier while ensuring the authenticity and integrity of the digital work, and can ensure the accuracy of the verification result, which is beneficial for the verifier to make an accurate evaluation on the value of the digital work, especially on the value related to the creation equipment and the originator identity.
The digital work management system of the present application is shown in fig. 2, and the system at least comprises an identity authentication management platform 210, a digital work management platform 230, a verification service platform 270 and a registration application 221 deployed inside an authoring device 220, for implementing the digital work management method described earlier in the present application. The digital work management system can be adopted to bind the digital work with the identity of the creative equipment and the creator thereof and then register the uplink, realize the verification of the digital work and ensure the equipment source and the creator source for generating the digital work.
Having thus described the basic concept, it will be apparent to those skilled in the art that the foregoing disclosure is by way of example only, and is not intended to limit the present application. Various modifications, improvements and adaptations to the present application may occur to those skilled in the art, though not expressly described herein. Such modifications, improvements and adaptations are proposed in the present application and thus fall within the spirit and scope of the exemplary embodiments of the present application.
Also, this application uses specific language to describe embodiments of the application. Reference throughout this specification to "one embodiment," "an embodiment," and/or "some embodiments" means that a particular feature, structure, or characteristic described in connection with at least one embodiment of the present application is included in at least one embodiment of the present application. Therefore, it is emphasized and should be appreciated that two or more references to "an embodiment" or "one embodiment" or "an alternative embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, some features, structures, or characteristics of one or more embodiments of the present application may be combined as appropriate.
Aspects of the present application may be embodied entirely in hardware, entirely in software (including firmware, resident software, micro-code, etc.) or in a combination of hardware and software. The above hardware or software may be referred to as "data block," module, "" engine, "" unit, "" component, "or" system. The processor may be one or more Application Specific Integrated Circuits (ASICs), digital Signal Processors (DSPs), digital signal processing devices (DAPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), processors, controllers, microcontrollers, microprocessors, or a combination thereof. Furthermore, aspects of the present application may be represented as a computer product, including computer readable program code, embodied in one or more computer readable media. For example, computer-readable media can include, but are not limited to, magnetic storage devices (e.g., hard disk, floppy disk, magnetic tape \8230;), optical disks (e.g., compact disk CD, digital versatile disk DVD \8230;), smart cards, and flash memory devices (e.g., card, stick, key drive \8230;).
The computer readable medium may comprise a propagated data signal with the computer program code embodied therein, for example, on a baseband or as part of a carrier wave. The propagated signal may take any of a variety of forms, including electromagnetic, optical, and the like, or any suitable combination. The computer readable medium can be any computer readable medium that can communicate, propagate, or transport the program for use by or in connection with an instruction execution system, apparatus, or device. Program code on a computer readable medium may be propagated over any suitable medium, including radio, electrical cable, fiber optic cable, radio frequency signals, or the like, or any combination of the preceding.
Similarly, it should be noted that in the foregoing description of embodiments of the application, various features are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure aiding in the understanding of one or more of the embodiments. This method of disclosure, however, is not intended to require more features than are expressly recited in the claims. Indeed, the embodiments may be characterized as having less than all of the features of a single disclosed embodiment.
Numerals describing the number of components, attributes, etc. are used in some embodiments, it being understood that such numerals used in the description of the embodiments are modified in some instances by the use of the modifier "about", "approximately" or "substantially". Unless otherwise indicated, "about", "approximately" or "substantially" indicates that the number allows a variation of ± 20%. Accordingly, in some embodiments, the numerical parameters used in the specification and claims are approximations that may vary depending upon the desired properties of the individual embodiments. In some embodiments, the numerical parameter should take into account the specified significant digits and employ a general digit preserving approach. Notwithstanding that the numerical ranges and parameters setting forth the broad scope of the range are approximations, in the specific examples, such numerical values are set forth as precisely as possible within the scope of the application.
Although the present application has been described with reference to the present specific embodiments, it will be appreciated by those skilled in the art that the above embodiments are merely illustrative of the present application and that various equivalent changes or substitutions may be made without departing from the spirit of the application, and therefore, it is intended that all changes and modifications to the above embodiments within the spirit of the application fall within the scope of the claims of the application.

Claims (13)

1. A method for managing digital works, comprising:
an author uses authoring equipment to generate a digital work, wherein a registration application program is deployed in the authoring equipment, the author has a corresponding identity key pair, and the identity key pair comprises an identity private key and an identity public key;
the identity authentication management platform responds to the identity authentication request to generate an identity certificate;
the registration application program obtains the identity private key and the identity certificate, and uses the identity private key to sign a first signature data set to obtain a first signature, wherein the first signature data set at least comprises source data of the digital work;
the registration application program performs hash calculation on a hash dataset to obtain a hash value, and the hash value is used as a unique identification code of the digital work, wherein the hash dataset comprises equipment information of the creation equipment and work information of the digital work, the equipment information at least comprises an equipment serial number, and the work information of the digital work at least comprises source data of the digital work, the identity certificate and the first signature;
the enrollment application signing a second signature data set using a device private key of the authoring device to obtain a second signature, wherein the second signature data set includes at least the unique identification code;
the registration application sends the unique identification code, the hash dataset and the second signature to a digital work management platform, and the digital work management platform returns a URL of a work information description file pointing to the digital work to the creation device; and
the authoring device registers the unique identification code and the URL onto a blockchain network through the registration application.
2. The method of managing digital works according to claim 1, wherein the step of the author applying for identity credentials from an identity certification management platform comprises:
responding to the received identity authentication request, and authenticating the identity of the author by the identity authentication management platform;
after the authentication is passed, the identity authentication management platform responds to a received identity certificate request to generate an identity certificate, wherein the identity certificate request comprises identity information of the author and the identity public key, the identity information at least comprises an identity identifier of the author, the identity certificate comprises an information domain, and the information domain at least comprises the identity public key; and
the identity authentication management platform signs the identity certificate by adopting an organization private key, so that the information domain of the identity certificate comprises certificate signature information.
3. The digital work management method of claim 2, wherein the request for identity authentication includes a level of identity authentication, different levels of identity authentication corresponding to different identities, the identity authentication management platform authenticating the identity of the author based on the level of identity authentication.
4. The method of digital work management of claim 3, wherein the information field further comprises any of a certificate version number, a certificate serial number, a certificate signing algorithm, certificate signing information, a certificate issuer unique number, and a certificate validity period.
5. The digital work management method of claim 4, wherein the information fields further comprise any of a certificate body, a unique certificate body number, a certificate body authority name, a real certificate body name, and the authentication level, wherein the number of the information fields is positively correlated with the authentication level, and the higher the authentication level is, the greater the number of the information fields is.
6. The digital work management method of claim 2, wherein the identity authentication management platform comprises an authentication platform and a management platform, the authentication platform is configured to authenticate the identity of the author, generate the identity certificate, and issue the identity certificate to the management platform, and the management platform is configured to store the identity certificate.
7. The digital work management method of claim 1, further comprising: and recording the device public key and the device information in the authentication service platform.
8. The digital work management method of claim 1, wherein the first signature data set further comprises the device information.
9. The digital work management method of claim 1, wherein the second signature data set further includes the device information and the work information.
10. The digital work management method of claim 1, further comprising:
the verifier obtains the unique identification code of the digital work and sends the unique identification code to the digital work management platform;
the digital work management platform inquires and obtains a corresponding hash data set to be verified, a second signature to be verified and a second signature data set to be verified according to the unique identification code and returns the hash data set, wherein the content of the second hash data set to be verified is in one-to-one correspondence with the content of the hash data set, the signature data set to be verified at least comprises the unique identification code, and the content of the second signature data set to be verified is in one-to-one correspondence with the content of the second signature data set;
the verification service platform performs hash calculation on the hash data set to be verified to obtain a hash value to be verified, and if the hash value to be verified is consistent with the unique identification code, the verification service platform requests an authentication service platform to obtain an equipment public key of the creation equipment corresponding to the unique identification code;
the authentication service platform inquires an equipment public key according to the equipment information in the hash data set and returns the inquired equipment public key to the verification service platform;
the verification service platform uses the device public key to verify the second signature data set to be verified and the second signature to be verified, and a first signature verification result is obtained;
when the first signature verification result is successful, the verification service platform requests the identity authentication management platform to obtain an organization public key;
the verification service platform adopts the organization public key to verify the identity certificate to obtain a second verification result; and
and when the second signature verification result is successful, the verification service platform adopts the identity public key in the identity certificate to verify the signature of the first signature and the first signature data set, and a third signature verification result is obtained.
11. The digital work management method of claim 10, wherein the signature data set to be verified further includes the device information and the work information.
12. The digital work management method of claim 1, wherein the authoring device comprises an instrument and the digital work comprises a musical work.
13. A digital work management system, comprising: an identity authentication management platform, a digital work management platform, a verification service platform, and a registration application deployed within an authoring device, the digital work management system operable to perform the digital work management method of any of claims 1-12.
CN202211334204.XA 2022-10-28 2022-10-28 Digital work management method and digital work management system Pending CN115643034A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211334204.XA CN115643034A (en) 2022-10-28 2022-10-28 Digital work management method and digital work management system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211334204.XA CN115643034A (en) 2022-10-28 2022-10-28 Digital work management method and digital work management system

Publications (1)

Publication Number Publication Date
CN115643034A true CN115643034A (en) 2023-01-24

Family

ID=84946833

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211334204.XA Pending CN115643034A (en) 2022-10-28 2022-10-28 Digital work management method and digital work management system

Country Status (1)

Country Link
CN (1) CN115643034A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116684201A (en) * 2023-08-02 2023-09-01 深圳市豪斯莱科技有限公司 Digital collection encryption method, system and readable storage medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116684201A (en) * 2023-08-02 2023-09-01 深圳市豪斯莱科技有限公司 Digital collection encryption method, system and readable storage medium

Similar Documents

Publication Publication Date Title
JP7393083B2 (en) Issuance of short-term digital certificates based on validation of long-term digital certificates
US11645632B2 (en) System and method for a decentralized portable information container supporting privacy protected digital information credentialing, remote administration, local validation, access control and remote instruction signaling utilizing blockchain distributed ledger and container wallet technologies
CN105376220B (en) A kind of service implementation method, system and server
US20160125416A1 (en) Authentication system
CN114008971A (en) Binding a decentralized identifier to a verified assertion
JP2016521932A (en) Terminal identification method, and method, system, and apparatus for registering machine identification code
KR20120089232A (en) On-line membership verification
CN113743921A (en) Digital asset processing method, device, equipment and storage medium
CN115485682A (en) Derived child verifiable certificates with selective claims
US20240250830A1 (en) Trusted custody chain for verifiable claims
CN113392411A (en) Blockchain evidence for identification
CN115211072A (en) Presenting verifiable credentials with usage data
CN107483190B (en) Electronic qualification certificate generation method, verification method, generation device and verification device
CN115643034A (en) Digital work management method and digital work management system
CN111901106A (en) Method and computer readable medium for hiding true public key of user in decentralized identity system
Schaffner Analysis and evaluation of blockchain-based self-sovereign identity systems
US20230403154A1 (en) Verifier credential determination by a registrant
JP2019036781A (en) Authentication system and authentication method
Shakila et al. Design and analysis of digital certificate verification and validation using blockchain-based technology
CN114189341B (en) Digital certificate hierarchical processing method and device based on blockchain identification
US20240248969A1 (en) System for delegation based on decentralized identity and method thereof
CN104753673B (en) A kind of more Service Ticket correlating methods of user based on random associated code
CN116980136A (en) Interface processing method, device, equipment, storage medium and product of intelligent contract
Contributors Discovery of Trust Translation Authorities
AU2012101460A4 (en) Verified anonymous code signing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination