NL2028773B1 - Account management method of decentralized electronic contract deposit platform - Google Patents
Account management method of decentralized electronic contract deposit platform Download PDFInfo
- Publication number
- NL2028773B1 NL2028773B1 NL2028773A NL2028773A NL2028773B1 NL 2028773 B1 NL2028773 B1 NL 2028773B1 NL 2028773 A NL2028773 A NL 2028773A NL 2028773 A NL2028773 A NL 2028773A NL 2028773 B1 NL2028773 B1 NL 2028773B1
- Authority
- NL
- Netherlands
- Prior art keywords
- information
- account
- platform
- encrypted
- user
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
- G06F21/645—Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Abstract
The present application provides an account management method of a decentralized electronic contract deposit platform, specifically including an account registration method, an account recovery method, and an account modification method. In the present application, by obtaining an account creation request sent from a user or a prior electronic contract platform, an account is created after user identity is successfully authenticated, identity information of the user is encrypted while the account is created, and the encrypted identity information of the user is uploaded and stored on a chain by a distributed storage. According to the present application, the account is managed through a decentralized electronic contract deposit platform, thereby avoiding a possibility that a prior platform may arbitrarily tamper with account information of the user, and improving security of the identity information of the user.
Description
[0001] The present application claims the priority to the Chinese Application No.
202010699197.8, filed with the Chinese Patent Office on July 20. 2020 and entitled "ACCOUNT MANAGEMENT METHOD OF DECENTRALIZED ELECTRONIC CONTRACT DEPOSIT PLATFORM", which is incorporated herein by reference in its entirety.
[0002] The present application relates to the technical field of digital asset deposit, and in particular, to an account management method of a decentralized electronic contract deposit platform.
[0003] An electronic contract platform provides a user with a series of services such as identity authentication, certificate authentication, contract services, signing services, evidence preservation, and judicial proof. After registering a platform account and logging into the platform, the user may achieve signature, renewal, termination, inspection, and other follow-up related lifecycle processes of a standard electronic contract.
[0004] However, a prior electronic contract platform has a feature of centralization both in terms of architecture design and implementation, and the platform itself has a risk that data stored therein may be tampered with and forged. As a result, user information, a user certificate, or operation data entered by the user when the user registers an account is easily leaked or lost, resulting in not only heavy losses of interests of the user but also increase in difficulty in platform management.
[0005] The present application provides an account management method of a decentralized electronic contract deposit platform, to resolve a problem that account information of a conventional electronic contract deposit platform is easily leaked with low security.
[00086] According to a first aspect, the present application provides an account registration method of a decentralized electronic contract deposit platform, including:
[0007] obtaining an account creation request by a first deposit platform, where the account creation request includes identity information of a user that sends the account creation request; determining, by the platform based on the identity information, whether there is a platform account corresponding to the identity information in the first deposit platform; if there is no platform account corresponding to the identity information in the first deposit platform, creating a platform account corresponding to the identity information, and obtaining encrypted information based on the identity information and a private key of the user; and storing distributedly the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain. By obtaining the account creation request sent from the user or a prior electronic contract platform, an account is created after user identity is successfully authenticated, the identity information of the user is encrypted while the account is created, and the encrypted identity information of the user is uploaded and stored on a chain by a distributed storage. According to the present application, the account is managed through a decentralized electronic contract deposit platform, thereby avoiding a possibility that a prior platform may arbitrarily tamper with account information of the user, and improving security of the identity information of the user.
[0008] According to a second aspect, the present application provides an account recovery method of a decentralized electronic contract deposit platform, including:
[0009] obtaining an account recovery request by a first deposit platform, where the account recovery request includes identity information of a user that sends the account recovery request; retrieving, based on the identity information, information containing storage positions of encrypted sub-information that is stored in the first deposit platform according to the first aspect, obtaining the encrypted sub-information from respective deposit platforms based on the information containing the storage positions of the encrypted sub-information; decrypting all of the encrypted sub-information, to obtain decrypted identity information; determining whether the decrypted identity information is consistent with the identity information in the account recovery request, and if the two are consistent, encrypting the identity information by using a new private key to obtain encrypted information; and storing distributedly the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain.
[0010] According to a third aspect, the present application provides an account modification method of a decentralized electronic contract deposit platform, including:
[0011] obtaining an account modification request by a first deposit platform, where the account modification request includes original identity information and modified identity information of a user that sends the account modification request; retrieving, based on the original identity information, information containing storage positions of encrypted sub- information that is stored in the first deposit platform according to the first aspect; obtaining the encrypted sub-information from respective deposit platforms based on the information containing the storage positions of the encrypted sub-information; decrypting all of the encrypted sub-information, to obtain decrypted identity information; determining whether the decrypted identity information is consistent with the original identity information in the account modification request, and if the two are consistent, encrypting the modified identity information by using a new private key to obtain encrypted information; and storing distributedly the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain.
[0012] It may be learned from the foregoing technical solutions that the present application provides an account management method of a decentralized electronic contract deposit platform. Security of user information is ensured by managing the account information of the user through a decentralized platform. Moreover, distributed storage of the information is traceable, making it easy to modify and retrieve the account information. In this way, a possibility that the prior platform may arbitrarily tamper with the account information of the user is avoided.
[0013] To describe the technical solutions of the present application to be more clear, the accompanying drawings for the embodiments are briefly described below. Obviously, persons of ordinary skills in the art can also derive other accompanying drawings from these accompanying drawings without an effective effort.
[0014] FIG. 1 is a schematic structural diagram of a decentralized electronic contract deposit platform according to the present application;
[0015] FIG. 2 is a view of an application scenario of a method according to the present application;
[0016] FIG. 3 is a flowchart of an account registration method of a decentralized electronic contract deposit platform according to the present application;
[0017] FIG. 4 is a flowchart of an account registration method of a decentralized electronic contract deposit platform according to another embodiment of the present application;
[0018] FIG. 5 is an exploded step diagram of step S400 in the method shown in FIG. 3;
[0019] FIG. 8 is a relationship diagram of uploading and storing encrypted information of different users on a chain according to the method shown in FIG. 5;
[0020] FIG. 7 is a relationship diagram of uploading and storing encrypted information of a user on a chain according to an embodiment;
[0021] FIG. 8 is a diagram about manners of obtaining encrypted information in a method according to a plurality of embodiments of the present application;
[0022] FIG. 9 is a flowchart of an account recovery method of a decentralized electronic contract deposit platform according to the present application; and
[0023] FIG. 10 is a flowchart of an account modification method of a decentralized electronic contract deposit platform according to the present application.
[0024] Embodiments are described below in detail, and examples thereof are shown in the accompanying drawings. When the descriptions below relate to the accompanying drawings, unless otherwise stated, same reference numbers in different accompanying drawings indicate same or similar elements. Implementations described in the following embodiments do not represent all of implementations in accordance with the present application, and merely examples of a system and a method that are described in detail in the claims and in accordance with some aspects of the present application.
[0025] In the technical solutions provided in the present application, a decentralized electronic contract deposit platform means an application model having a decentralized application architecture. As shown in FIG. 1, in actual application, in addition to data storage, publicity, authentication, exchange, and smart contracts, the decentralized electronic contract deposit platform may achieve functions such as exchanging data with another prior electronic contract platform. Meanwhile, the decentralized electronic contract deposit platform in the present application may exchange data with a plurality of prior electronic contract platforms at the same time, to satisfy a plurality of actual requirements.
[0026] To reflect characteristics of decentralization, the decentralized electronic contract deposit platform in the present application is correspondingly disposed on a node of a blockchain, or is connected to a node of the blockchain. The decentralized electronic contract deposit platform performs operations such as uploading data on a chain, retrieving data, and transacting between nodes.
[0027] Correspondingly, to perform relevant operations on the decentralized electronic contract deposit platform, a user needs to log into a platform account. Therefore, the present application provides an account management method of a decentralized deposit platform. Management herein includes, but is not limited to operations such as account registration, account modification, and account recovery. Correspondingly, the present application provides three methods that are based on a same basic invention concept.
[9028] Referring to FIG. 2, which is a view of an application scenario of a method according to the present application. In an embodiment of the present application, a decentralized electronic contract deposit platform 100 is disposed on a node of a blockchain. To use the decentralized electronic contract deposit platform, or to achieve operations such as registration, modification, and recovery, a user may send a request directly to the decentralized electronic contract deposit platform, or may send a request through a prior electronic contract platform 200 connected to the decentralized electronic contract deposit platform. According to different received requests, the decentralized 5 electronic contract deposit platform correspondingly performs different operations such as data processing, data uploading on a chain, and obtaining data from the chain. Different from the prior electronic contract platform, the decentralized electronic contract deposit platform involves in all data of the user, which needs to be uploaded on a chain after being processed by the platform, to be synchronized on all nodes in the blockchain. Moreover, account information representing identity information of the user is also uploaded and stored on a chain in a plurality of encryption manners, so as to resolve a problem that a prior electronic contract deposit platform tampers with the account information of the user.
[0029] Meanwhile, each of nodes in the blockchain corresponds to a decentralized electronic contract deposit platform described above. In other words, the user may achieve account registration, account modification, account recovery, and other operations through the decentralized electronic contract deposit platform on any node. Data obtained through the operation may also be stored in the deposit platforms corresponding to other nodes through the blockchain.
[0030] Referring to FIG. 3, which is a flowchart of an account registration method of a decentralized electronic contract deposit platform according to the present application.
[0031] It may be learned from FIG. 3 that the account registration method of a decentralized electronic contract deposit platform according to the present application includes the following steps.
[0032] S100: A first deposit platform obtains an account creation request, where the account creation request includes identity information of a user that sends the account creation request, where the first deposit platform is a decentralized electronic contract deposit platform corresponding to any of the nodes in a blockchain.
[0033] An initiator of the account creation request may be a user. To be specific, when the user uses the platform for the first time, a request for creating an account needs tobe initiated first. At this time, identity information related to the user, such as a user name, ID number, a mobile number, an email address, social credit code, business license number, and various supporting documents, needs to be correspondingly filled in. In this case, the platform may verify legitimacy of the user. When it is determined that the user is legitimate, a subsequent registration step is performed. If the user is illegitimate, for example, the ID number is erroneous, the account creation request needs to be returned to the user for modification or is directly rejected.
[0034] In some other embodiments, the initiator of the account creation request may alternatively be a prior electronic contract platform. To be specific, an account has been created by the user on the prior electronic contract platform connected to the decentralized electronic contract deposit platform. In this case, the account creation request may be sent to the decentralized electronic contract deposit platform through the prior electronic contract platform when the user logs into the prior electronic contract platform. Correspondingly, in a feasible embodiment shown in FIG. 4, step S100 may be changed as:
[0035] S110: A second platform obtains a first creation request sent by the user, and authenticates user identify based on the first creation request, where the second platform is any prior electronic contract platform, and the first creation request is a request, entered by the user through the prior electronic contract platform, for creating an account in the decentralized platform. In this embodiment, the user identify may be first authenticated by the second platform, to determine whether the user that currently sends the request is qualified to create an account in the decentralized platform.
[0036] S120: If an authentication result is that the authentication is passed, generate an account creation request and send the same to the first deposit platform. In this embodiment, there may be a plurality of authentication manners, and there is not limit to the same herein. Authentication results include that the authentication is passed and the authentication is not passed. Proof data may be provided in a form of issue of an authentication certificate, and is added to the account creation request. The account creation request in this embodiment is the same as that in step S100. Details are not described herein again.
[0037] S130: The first deposit platform obtains the account creation request sent from the second platform. An account request is created by the second platform and then sent to the first deposit platform to perform subsequent account creation operations.
[0038] S200: Determine, based on the identity information, whether there is a platform account corresponding to the identity information in the first deposit platform.
[0039] In this embodiment, the process of step S200 is to detect whether the user has registered an account in the first deposit platform, so as to avoid a possibility that one user registers a plurality of accounts. In other words, a same user having the same identity information can have only one account in the first deposit platform.
[0040] If it is detected that there is already an account, a system terminates an account registration operation, feeds back, information about that there is already an account, to the user or the second platform, and meanwhile starts another process such as account login or account recovery.
[0041] S300: If there is no platform account corresponding to the identity information in the first deposit platform, create a platform account corresponding to the identity information, and obtain encrypted information based on the identity information and a private key of the user.
[0042] In this embodiment, the created platform account corresponds to unique identity information of the user. The platform account may be a combination similar to an account number and password, or may be an identity card, QR code, encrypted address data, or the like. All information corresponding to the user, may be retrieved based on the platform account, including user identity, user-related data, transaction information, and the like. To improve security, the identity information needs to be encrypted while the platform account is established. An encrypted private key is conserved by the user, and other users cannot obtain the identity information of the user even by logging in to the decentralized platform. Even if the information is obtained in other manners, plaintext of the identity information cannot be obtained without the private key. In this way, security of the identity information is ensured.
[0043] S400: Store the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain by a distributed storage.
[0044] In this embodiment, the decentralized electronic contract deposit platform is different from the prior electronic contract platform primarily by that. the decentralized electronic contract deposit platform is in a node of the blockchain, and all operation data needs to be uploaded to a chain; the decentralized electronic contract deposit platform per se does not store or stores merely a part of the identity information of the user, and the user identity cannot be retrieved by the platform itself. Correspondingly, after being encrypted, the identity information of the user for creating an account may be stored separately, by a distributed storage, in deposit platforms in a plurality of nodes in the blockchain. In other words, each deposit platform stores only a part of encrypted identity information from registered users of the respective platforms, so that the decentralized deposit platform is non-tamperable.
[0045] Further, it may be learned from FIG. 5 that in a feasible embodiment, step S400 may be divided into:
[0046] S410: Split the encrypted information into a plurality pieces of encrypted sub- information. There are a lot of types of rules for splitting the encrypted sub-information; this is not limited herein. The plurality pieces of encrypted sub-information may have same or different sizes and lengths, and a quantity of the pieces of encrypted sub-information may also be set according to requirements.
[0047] S420: Store the plurality pieces of encrypted sub-information respectively in the deposit platforms corresponding to a plurality of nodes in the blockchain, and store information containing storage positions of the plurality pieces of encrypted sub-information into the first deposit platform.
[0048] In the foregoing steps, relationships that users store respective encrypted information onto a chain may be described with reference to FIG. 6. It may be learned from FIG. 6 that three user A, B, and C respectively create platform accounts through the first deposit platform, and encrypt the identity information to respectively obtain encrypted information a, b, and c. By step S410, each piece of encrypted information is split into a plurality pieces (for example, three pieces in FIG. 8) of encrypted sub-information. By step S420, the encrypted sub-information is uploaded and stored in different deposit platforms. In view of the above, at this time, each deposit platform stores a part of the encrypted information from each of different users, and this part is randomly selected. Therefore, the deposit platform cannot obtain all information of a user, thereby reducing a possibility of tampering with the user information.
[0049] In this embodiment, to achieve subsequent processes such as retrieving the identity information of the user, and verifying the identity information of the user when recovering and modifying the account, the information containing the storage positions of the plurality pieces of encrypted sub-information needs to be recorded in the first deposit platform, so that the information is traceable, and risks of losing the identity information are reduced.
[0050] Further, in this embodiment, the encrypted information is uploaded and stored on a chin by a distributed storage. In this case, the user information may be lost when the first deposit platform cannot obtain the encrypted sub-information stored on the chain from all of nodes that store the encrypted sub-information due to occurrence of problems like that a certain node in which the encrypted sub-information is stored loses information, is attacked, or becomes invalid. To resolve the foregoing problems, in a feasible embodiment, the foregoing step S410 may be optimized as:
[0051] S411: Store each piece of encrypted sub-information in at least one deposit platform corresponding to a blockchain node. In this way, in step S420, after the plurality pieces of encrypted sub-information are respectively stored in the deposit platforms corresponding to a plurality of nodes in the blockchain, there may be several deposit platforms that store the same encrypted sub-information, and each deposit platform stores merely a part of the same encrypted sub-information.
[0052] The foregoing step may be described with reference to the relationship diagram shown in FIG. 7. For identity information of a user, after encrypted information is obtained by encrypting the identity information, the identity information may be first split into several pieces (for example, four pieces in FIG. 7) of encrypted sub-information according to the foregoing step S410, and then each of pieces of encrypted sub-information is respectively stored in at least one deposit platform according to step S411. It may be learned from FIG. 7 that when a plurality of deposit platforms together store encrypted information from one user, in addition to at least a part of the encrypted sub-information, each deposit platform may store the other part of the encrypted sub-information as backup. Alternatively, in addition to the deposit platforms that together store encrypted information from one user, there may be other deposit platforms that store backups of the encrypted sub-information. Such a configuration is provided so that when a certain deposit platform is unavailable, a backup corresponding to the encrypted sub-information in the unavailable deposit platform may also be obtained through other deposit platforms, thus ensuring that all encrypted sub-information can be finally obtained for decryption to obtain the identity information of the user.
[0053] On the basis of the solution shown in FIG. 7, if there are a plurality of deposit platforms that store the same encrypted sub-information, during retrieving, the encrypted sub-information may be retrieved from any one of the deposit platforms, or it may be designated that the encrypted sub-information is retrieved preferentially from a certain deposit platform. In this case, the encrypted sub-information that is preferentially retrieved may be regarded as what needs to be retrieved in a regular process. Moreover, the same encrypted sub-information stored in other deposit platforms may be regarded as standby or candidate encrypted sub-information. An invoking process generally is not started, unless there is a problem with a section of the regular process. Therefore, in a feasible embodiment, during a process of storing the encrypted sub-information, priorities may be set for the same encrypted sub-information according to a time sequence according to which the encrypted sub-information is stored to different nodes. For example, the encrypted sub-information that is first stored to a node has the highest priority, and is the encrypted sub-information that needs to be preferentially retrieved in the regular process. According to a subsequent storage process, the other same encrypted sub-information has priorities that are gradually lowered, and serves as standby encrypted sub-information. Only when none of nodes with a higher priority is available, the encrypted sub-information with a next level of priority needs to be retrieved. The foregoing priorities are formulated according to a time sequence, and may be formulated according to other rules in actual application. This is not limited herein.
[0054] Further, in the foregoing step S300, to improve security of the encrypted information, the encrypted information may be obtained in a plurality of ways. As shown in FIG. 8, the identity information may be performed with different processing to finally obtain the encrypted information.
[0055] A first way: The identity information is encrypted directly by using the private key of the user. This is the simplest encryption manner, can save system operating resources, and has a faster encryption speed.
[0056] A second way: The created platform account is first logged into to initiate a transaction, and both of the obtained transaction data and the identity information are encrypted by using the private key, to obtain the encrypted information. According to this way, it may be ensured that the data is true and valid, and the created platform account is available. Taking the transaction data and a transaction result obtained during a transaction process of the platform, together with the identity information, as data that is finally uploaded on a chain is more conducive to identification, verification, and other operations to the identity information of the user.
[0057] A third way: A smart contract is registered by executing the user identity, and the identity information of the user that uses the smart contract is encrypted by using the private key, to obtain the encrypted information. This way has the same function as the transaction execution process. After the account is created, authentication information of the user identity is submitted in the form of a smart contract. According to a consensus mechanism in the deposit platform, it may be ensured that the data on the chain is true and valid.
[0058] It may be learned from the foregoing technical solutions that the present application provides an account registration method of a decentralized electronic contract deposit platform. By obtaining the account creation request sent from the user or the prior electronic contract platform, an account is created after the user identity is authenticated to be passed, the identity information of the user is encrypted while the account is created, and the encrypted identity information of the user is uploaded and stored on a chain by a distributed storage. According to the present application, the account is managed through a decentralized electronic contract deposit platform, thereby avoiding a possibility that a prior platform may arbitrarily tamper with account information of the user, and improving security of the identity information of the user.
[0059] With reference to FIG. 9, corresponding to the foregoing method, the present application further provides an account recovery method of a decentralized electronic contract deposit platform based on the same application scenario, including the following steps.
[0060] S500: A first deposit platform obtains an account recovery request, where the account recovery request includes identity information of a user that sends the account recovery request. When the user forgets a password for logging in to the platform or loses other means for logging in to the platform, an account may be recovered by sending an account recovery request. In this case, it is required to submit the identity information entered when a platform account is registered. The entered identity information may correspond to all of the identity information in the foregoing registration method, or may be a preset number of parts of the identity information.
[0061] S600: Retrieve, based on the identity information, information containing storage positions of encrypted sub-information that is stored in the first deposit platform as described in the foregoing registration method.
[0082] S700: Obtain the encrypted sub-information from respective deposit platforms based on the information containing the storage positions of the encrypted sub- information.
[0063] S800: Decrypt all encrypted sub-information, to obtain decrypted identity information.
[0064] S900: Determine whether the decrypted identity information is consistent with the identity information in the account recovery request, and if the two are consistent, encrypt the identity information by using a new private key to obtain encrypted information.
[0065] If a quantity of items contained in the identity information in the account recovery request is completely the same as that in the decrypted identity information, comparison needs to be performed to determine whether all the items are respectively consistent. If the identity information in the account recovery request is merely a part of information, comparison needs to be performed to determine whether this part of information is completely consistent with a corresponding part of the decrypted identity information, and a result about whether the two are completely consistent is finally obtained.
[0066] In this embodiment, if it is determined that the decrypted identity information is completely consistent with the identity information in the account recovery request, it is represented that the user passes a verification, and the account may be recovered. In this case, the user may re-encrypt the identity information by using a new private key, and upload and store the identity information on a chain again.
[0067] S1000: Store distributedly the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain.
[0068] In this embodiment, a process of step S1000 is same as processes in S400, S410, S411, and S420. A difference is that the encryption and the distributed storage in step S1000 may use a node that is completely different from that in previous storage, and uses a completely different division rule. In this way, it is ensured that each account recovery operation is equivalent to re-establishing an account, thereby improving security of the identity information.
[0069] With reference to FIG. 10, corresponding to the foregoing method, the present application further provides an account modification method of a decentralized electronic contract deposit platform based on the same application scenario, including the following steps.
[0070] S1100: A first deposit platform obtains an account modification request, where the account modification request includes original identity information and modified identity information of a user that sends the account modification request, the original identity information is all or a part of identity information of a user that is entered when registering an account, and the modified identity information is information to be obtained by a user modifying a part of the identity information.
[0071] S1200: Retrieve, based on the original identity information, information containing storage positions of encrypted sub-information that is stored in the first deposit platform as described in the foregoing account registration method.
[0072] S1300: Obtain the encrypted sub-information from respective deposit platforms based on the information containing the storage positions of the encrypted sub- information.
[0073] S1400: Decrypt all encrypted sub-information, to obtain decrypted identity information.
[0074] S1500: Determine whether the decrypted identity information is consistent with the original identity information in the account modification request, and if the two are consistent, encrypt the modified identity information by using a new private key to obtain encrypted information, where determining of the decrypted identity information and the original identity information in the account modification request is similar to that in the foregoing S900, and details are not described herein again.
[0075] S1600: Store distributedly the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain.
[0076] For similar parts between the embodiments provided in the present application, reference may be made to each other. The specific implementations described above are merely some examples under a general concept of the present application, and do not constitute any limitation to the protection scope of the present application.
For a person skilled in the art, any other implementations derived according to the solutions of the present application without an effective effort all fall within the protection scope of the present application.
Claims (10)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010699197 | 2020-07-20 | ||
CN202010938092.3A CN112035892A (en) | 2020-07-20 | 2020-09-09 | Method for managing account number of decentralized electronic contract certificate storage platform |
Publications (2)
Publication Number | Publication Date |
---|---|
NL2028773A NL2028773A (en) | 2022-03-15 |
NL2028773B1 true NL2028773B1 (en) | 2022-06-03 |
Family
ID=73584092
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
NL2028773A NL2028773B1 (en) | 2020-07-20 | 2021-07-19 | Account management method of decentralized electronic contract deposit platform |
Country Status (3)
Country | Link |
---|---|
CN (1) | CN112035892A (en) |
FR (1) | FR3112623A1 (en) |
NL (1) | NL2028773B1 (en) |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107066893B (en) * | 2017-02-28 | 2018-11-09 | 腾讯科技(深圳)有限公司 | The treating method and apparatus of account information in block chain |
WO2019127530A1 (en) * | 2017-12-29 | 2019-07-04 | 深圳前海达闼云端智能科技有限公司 | Account unifying method and device and storage medium |
CN108462696B (en) * | 2018-02-05 | 2020-12-15 | 邓海南 | Decentralized block chain intelligent identity authentication system |
EP3785420A4 (en) * | 2018-04-27 | 2022-01-19 | Omnibek Ip Holding Llc | Multi-decentralized private blockchains network |
CN109359976A (en) * | 2018-09-06 | 2019-02-19 | 深圳大学 | Account number cipher management method, device, equipment and storage medium based on block chain |
CN109829720A (en) * | 2019-01-31 | 2019-05-31 | 中国—东盟信息港股份有限公司 | A kind of identity real name authentication method based on block chain transaction data |
CN110062034B (en) * | 2019-04-01 | 2021-11-12 | 中科天御(苏州)科技有限公司 | Block chain large file secure storage method and system |
CN110457878A (en) * | 2019-08-14 | 2019-11-15 | 北京中电普华信息技术有限公司 | A kind of identity identifying method based on block chain, apparatus and system |
-
2020
- 2020-09-09 CN CN202010938092.3A patent/CN112035892A/en active Pending
-
2021
- 2021-07-19 NL NL2028773A patent/NL2028773B1/en active
- 2021-07-19 FR FR2107748A patent/FR3112623A1/en not_active Withdrawn
Also Published As
Publication number | Publication date |
---|---|
CN112035892A (en) | 2020-12-04 |
NL2028773A (en) | 2022-03-15 |
FR3112623A1 (en) | 2022-01-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11777726B2 (en) | Methods and systems for recovering data using dynamic passwords | |
US11818265B2 (en) | Methods and systems for creating and recovering accounts using dynamic passwords | |
US11689366B2 (en) | Cryptoasset custodial system with vault-specific rules governing different actions allowed for different vaults | |
US10484178B2 (en) | Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features | |
US20220277302A1 (en) | Cryptoasset custodial system with proof-of-stake blockchain support | |
US10749681B2 (en) | Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features | |
US20180294957A1 (en) | System for Recording Ownership of Digital Works and Providing Backup Copies | |
EP3997606B1 (en) | Cryptoasset custodial system with custom logic | |
CA3211990A1 (en) | Systems and methods for personal identification and verification | |
CN107770173A (en) | Subscriber Management System, related identification information creation method and request method of calibration | |
CN103959302A (en) | Systems and methods for secure distributed storage | |
EP3543891B1 (en) | A computer implemented method and a system for tracking of certified documents lifecycle and computer programs thereof | |
KR20220113307A (en) | System to provide genuinity verification and ownership change records of product esset by using a blockchain and a genuine authentiation tag technologies | |
US20220329446A1 (en) | Enhanced asset management using an electronic ledger | |
AU2018100478A4 (en) | Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features | |
US20230050280A1 (en) | Computer-implemented user identity verification method | |
CN113836554A (en) | Method for managing certificate information based on block chain, electronic equipment and storage medium | |
NL2028773B1 (en) | Account management method of decentralized electronic contract deposit platform | |
WO2020076234A1 (en) | Apparatus and method for controlling data access | |
CN115118434A (en) | Key management method and device based on block chain | |
WO2019209286A1 (en) | Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features | |
US20230107805A1 (en) | Security System | |
WO2024026428A1 (en) | Digital identity allocation, assignment, and management | |
EA036442B1 (en) | Verification of stored data by determination of storage parameters using a distributed database with nonvolatile objects | |
Lamba et al. | An Approach for Amplifying the Cloud Environment Security |