NL2028773B1 - Account management method of decentralized electronic contract deposit platform - Google Patents

Account management method of decentralized electronic contract deposit platform Download PDF

Info

Publication number
NL2028773B1
NL2028773B1 NL2028773A NL2028773A NL2028773B1 NL 2028773 B1 NL2028773 B1 NL 2028773B1 NL 2028773 A NL2028773 A NL 2028773A NL 2028773 A NL2028773 A NL 2028773A NL 2028773 B1 NL2028773 B1 NL 2028773B1
Authority
NL
Netherlands
Prior art keywords
information
account
platform
encrypted
user
Prior art date
Application number
NL2028773A
Other languages
Dutch (nl)
Other versions
NL2028773A (en
Inventor
Bai Jie
Original Assignee
Jiangsu Aowei Holdings Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Aowei Holdings Co Ltd filed Critical Jiangsu Aowei Holdings Co Ltd
Publication of NL2028773A publication Critical patent/NL2028773A/en
Application granted granted Critical
Publication of NL2028773B1 publication Critical patent/NL2028773B1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • G06F21/645Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Abstract

The present application provides an account management method of a decentralized electronic contract deposit platform, specifically including an account registration method, an account recovery method, and an account modification method. In the present application, by obtaining an account creation request sent from a user or a prior electronic contract platform, an account is created after user identity is successfully authenticated, identity information of the user is encrypted while the account is created, and the encrypted identity information of the user is uploaded and stored on a chain by a distributed storage. According to the present application, the account is managed through a decentralized electronic contract deposit platform, thereby avoiding a possibility that a prior platform may arbitrarily tamper with account information of the user, and improving security of the identity information of the user.

Description

ACCOUNT MANAGEMENT METHOD OF DECENTRALIZED ELECTRONIC CONTRACT DEPOSIT PLATFORM
[0001] The present application claims the priority to the Chinese Application No.
202010699197.8, filed with the Chinese Patent Office on July 20. 2020 and entitled "ACCOUNT MANAGEMENT METHOD OF DECENTRALIZED ELECTRONIC CONTRACT DEPOSIT PLATFORM", which is incorporated herein by reference in its entirety.
FIELD OF THE INVENTION
[0002] The present application relates to the technical field of digital asset deposit, and in particular, to an account management method of a decentralized electronic contract deposit platform.
BACKGROUND OF THE INVENTION
[0003] An electronic contract platform provides a user with a series of services such as identity authentication, certificate authentication, contract services, signing services, evidence preservation, and judicial proof. After registering a platform account and logging into the platform, the user may achieve signature, renewal, termination, inspection, and other follow-up related lifecycle processes of a standard electronic contract.
[0004] However, a prior electronic contract platform has a feature of centralization both in terms of architecture design and implementation, and the platform itself has a risk that data stored therein may be tampered with and forged. As a result, user information, a user certificate, or operation data entered by the user when the user registers an account is easily leaked or lost, resulting in not only heavy losses of interests of the user but also increase in difficulty in platform management.
SUMMARY OF THE INVENTION
[0005] The present application provides an account management method of a decentralized electronic contract deposit platform, to resolve a problem that account information of a conventional electronic contract deposit platform is easily leaked with low security.
[00086] According to a first aspect, the present application provides an account registration method of a decentralized electronic contract deposit platform, including:
[0007] obtaining an account creation request by a first deposit platform, where the account creation request includes identity information of a user that sends the account creation request; determining, by the platform based on the identity information, whether there is a platform account corresponding to the identity information in the first deposit platform; if there is no platform account corresponding to the identity information in the first deposit platform, creating a platform account corresponding to the identity information, and obtaining encrypted information based on the identity information and a private key of the user; and storing distributedly the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain. By obtaining the account creation request sent from the user or a prior electronic contract platform, an account is created after user identity is successfully authenticated, the identity information of the user is encrypted while the account is created, and the encrypted identity information of the user is uploaded and stored on a chain by a distributed storage. According to the present application, the account is managed through a decentralized electronic contract deposit platform, thereby avoiding a possibility that a prior platform may arbitrarily tamper with account information of the user, and improving security of the identity information of the user.
[0008] According to a second aspect, the present application provides an account recovery method of a decentralized electronic contract deposit platform, including:
[0009] obtaining an account recovery request by a first deposit platform, where the account recovery request includes identity information of a user that sends the account recovery request; retrieving, based on the identity information, information containing storage positions of encrypted sub-information that is stored in the first deposit platform according to the first aspect, obtaining the encrypted sub-information from respective deposit platforms based on the information containing the storage positions of the encrypted sub-information; decrypting all of the encrypted sub-information, to obtain decrypted identity information; determining whether the decrypted identity information is consistent with the identity information in the account recovery request, and if the two are consistent, encrypting the identity information by using a new private key to obtain encrypted information; and storing distributedly the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain.
[0010] According to a third aspect, the present application provides an account modification method of a decentralized electronic contract deposit platform, including:
[0011] obtaining an account modification request by a first deposit platform, where the account modification request includes original identity information and modified identity information of a user that sends the account modification request; retrieving, based on the original identity information, information containing storage positions of encrypted sub- information that is stored in the first deposit platform according to the first aspect; obtaining the encrypted sub-information from respective deposit platforms based on the information containing the storage positions of the encrypted sub-information; decrypting all of the encrypted sub-information, to obtain decrypted identity information; determining whether the decrypted identity information is consistent with the original identity information in the account modification request, and if the two are consistent, encrypting the modified identity information by using a new private key to obtain encrypted information; and storing distributedly the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain.
[0012] It may be learned from the foregoing technical solutions that the present application provides an account management method of a decentralized electronic contract deposit platform. Security of user information is ensured by managing the account information of the user through a decentralized platform. Moreover, distributed storage of the information is traceable, making it easy to modify and retrieve the account information. In this way, a possibility that the prior platform may arbitrarily tamper with the account information of the user is avoided.
BRIEF DESCRIPTION OF THE DRAWINGS
[0013] To describe the technical solutions of the present application to be more clear, the accompanying drawings for the embodiments are briefly described below. Obviously, persons of ordinary skills in the art can also derive other accompanying drawings from these accompanying drawings without an effective effort.
[0014] FIG. 1 is a schematic structural diagram of a decentralized electronic contract deposit platform according to the present application;
[0015] FIG. 2 is a view of an application scenario of a method according to the present application;
[0016] FIG. 3 is a flowchart of an account registration method of a decentralized electronic contract deposit platform according to the present application;
[0017] FIG. 4 is a flowchart of an account registration method of a decentralized electronic contract deposit platform according to another embodiment of the present application;
[0018] FIG. 5 is an exploded step diagram of step S400 in the method shown in FIG. 3;
[0019] FIG. 8 is a relationship diagram of uploading and storing encrypted information of different users on a chain according to the method shown in FIG. 5;
[0020] FIG. 7 is a relationship diagram of uploading and storing encrypted information of a user on a chain according to an embodiment;
[0021] FIG. 8 is a diagram about manners of obtaining encrypted information in a method according to a plurality of embodiments of the present application;
[0022] FIG. 9 is a flowchart of an account recovery method of a decentralized electronic contract deposit platform according to the present application; and
[0023] FIG. 10 is a flowchart of an account modification method of a decentralized electronic contract deposit platform according to the present application.
DETAILED DESCRIPTION OF THE EMBODIMENTS
[0024] Embodiments are described below in detail, and examples thereof are shown in the accompanying drawings. When the descriptions below relate to the accompanying drawings, unless otherwise stated, same reference numbers in different accompanying drawings indicate same or similar elements. Implementations described in the following embodiments do not represent all of implementations in accordance with the present application, and merely examples of a system and a method that are described in detail in the claims and in accordance with some aspects of the present application.
[0025] In the technical solutions provided in the present application, a decentralized electronic contract deposit platform means an application model having a decentralized application architecture. As shown in FIG. 1, in actual application, in addition to data storage, publicity, authentication, exchange, and smart contracts, the decentralized electronic contract deposit platform may achieve functions such as exchanging data with another prior electronic contract platform. Meanwhile, the decentralized electronic contract deposit platform in the present application may exchange data with a plurality of prior electronic contract platforms at the same time, to satisfy a plurality of actual requirements.
[0026] To reflect characteristics of decentralization, the decentralized electronic contract deposit platform in the present application is correspondingly disposed on a node of a blockchain, or is connected to a node of the blockchain. The decentralized electronic contract deposit platform performs operations such as uploading data on a chain, retrieving data, and transacting between nodes.
[0027] Correspondingly, to perform relevant operations on the decentralized electronic contract deposit platform, a user needs to log into a platform account. Therefore, the present application provides an account management method of a decentralized deposit platform. Management herein includes, but is not limited to operations such as account registration, account modification, and account recovery. Correspondingly, the present application provides three methods that are based on a same basic invention concept.
[9028] Referring to FIG. 2, which is a view of an application scenario of a method according to the present application. In an embodiment of the present application, a decentralized electronic contract deposit platform 100 is disposed on a node of a blockchain. To use the decentralized electronic contract deposit platform, or to achieve operations such as registration, modification, and recovery, a user may send a request directly to the decentralized electronic contract deposit platform, or may send a request through a prior electronic contract platform 200 connected to the decentralized electronic contract deposit platform. According to different received requests, the decentralized 5 electronic contract deposit platform correspondingly performs different operations such as data processing, data uploading on a chain, and obtaining data from the chain. Different from the prior electronic contract platform, the decentralized electronic contract deposit platform involves in all data of the user, which needs to be uploaded on a chain after being processed by the platform, to be synchronized on all nodes in the blockchain. Moreover, account information representing identity information of the user is also uploaded and stored on a chain in a plurality of encryption manners, so as to resolve a problem that a prior electronic contract deposit platform tampers with the account information of the user.
[0029] Meanwhile, each of nodes in the blockchain corresponds to a decentralized electronic contract deposit platform described above. In other words, the user may achieve account registration, account modification, account recovery, and other operations through the decentralized electronic contract deposit platform on any node. Data obtained through the operation may also be stored in the deposit platforms corresponding to other nodes through the blockchain.
[0030] Referring to FIG. 3, which is a flowchart of an account registration method of a decentralized electronic contract deposit platform according to the present application.
[0031] It may be learned from FIG. 3 that the account registration method of a decentralized electronic contract deposit platform according to the present application includes the following steps.
[0032] S100: A first deposit platform obtains an account creation request, where the account creation request includes identity information of a user that sends the account creation request, where the first deposit platform is a decentralized electronic contract deposit platform corresponding to any of the nodes in a blockchain.
[0033] An initiator of the account creation request may be a user. To be specific, when the user uses the platform for the first time, a request for creating an account needs tobe initiated first. At this time, identity information related to the user, such as a user name, ID number, a mobile number, an email address, social credit code, business license number, and various supporting documents, needs to be correspondingly filled in. In this case, the platform may verify legitimacy of the user. When it is determined that the user is legitimate, a subsequent registration step is performed. If the user is illegitimate, for example, the ID number is erroneous, the account creation request needs to be returned to the user for modification or is directly rejected.
[0034] In some other embodiments, the initiator of the account creation request may alternatively be a prior electronic contract platform. To be specific, an account has been created by the user on the prior electronic contract platform connected to the decentralized electronic contract deposit platform. In this case, the account creation request may be sent to the decentralized electronic contract deposit platform through the prior electronic contract platform when the user logs into the prior electronic contract platform. Correspondingly, in a feasible embodiment shown in FIG. 4, step S100 may be changed as:
[0035] S110: A second platform obtains a first creation request sent by the user, and authenticates user identify based on the first creation request, where the second platform is any prior electronic contract platform, and the first creation request is a request, entered by the user through the prior electronic contract platform, for creating an account in the decentralized platform. In this embodiment, the user identify may be first authenticated by the second platform, to determine whether the user that currently sends the request is qualified to create an account in the decentralized platform.
[0036] S120: If an authentication result is that the authentication is passed, generate an account creation request and send the same to the first deposit platform. In this embodiment, there may be a plurality of authentication manners, and there is not limit to the same herein. Authentication results include that the authentication is passed and the authentication is not passed. Proof data may be provided in a form of issue of an authentication certificate, and is added to the account creation request. The account creation request in this embodiment is the same as that in step S100. Details are not described herein again.
[0037] S130: The first deposit platform obtains the account creation request sent from the second platform. An account request is created by the second platform and then sent to the first deposit platform to perform subsequent account creation operations.
[0038] S200: Determine, based on the identity information, whether there is a platform account corresponding to the identity information in the first deposit platform.
[0039] In this embodiment, the process of step S200 is to detect whether the user has registered an account in the first deposit platform, so as to avoid a possibility that one user registers a plurality of accounts. In other words, a same user having the same identity information can have only one account in the first deposit platform.
[0040] If it is detected that there is already an account, a system terminates an account registration operation, feeds back, information about that there is already an account, to the user or the second platform, and meanwhile starts another process such as account login or account recovery.
[0041] S300: If there is no platform account corresponding to the identity information in the first deposit platform, create a platform account corresponding to the identity information, and obtain encrypted information based on the identity information and a private key of the user.
[0042] In this embodiment, the created platform account corresponds to unique identity information of the user. The platform account may be a combination similar to an account number and password, or may be an identity card, QR code, encrypted address data, or the like. All information corresponding to the user, may be retrieved based on the platform account, including user identity, user-related data, transaction information, and the like. To improve security, the identity information needs to be encrypted while the platform account is established. An encrypted private key is conserved by the user, and other users cannot obtain the identity information of the user even by logging in to the decentralized platform. Even if the information is obtained in other manners, plaintext of the identity information cannot be obtained without the private key. In this way, security of the identity information is ensured.
[0043] S400: Store the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain by a distributed storage.
[0044] In this embodiment, the decentralized electronic contract deposit platform is different from the prior electronic contract platform primarily by that. the decentralized electronic contract deposit platform is in a node of the blockchain, and all operation data needs to be uploaded to a chain; the decentralized electronic contract deposit platform per se does not store or stores merely a part of the identity information of the user, and the user identity cannot be retrieved by the platform itself. Correspondingly, after being encrypted, the identity information of the user for creating an account may be stored separately, by a distributed storage, in deposit platforms in a plurality of nodes in the blockchain. In other words, each deposit platform stores only a part of encrypted identity information from registered users of the respective platforms, so that the decentralized deposit platform is non-tamperable.
[0045] Further, it may be learned from FIG. 5 that in a feasible embodiment, step S400 may be divided into:
[0046] S410: Split the encrypted information into a plurality pieces of encrypted sub- information. There are a lot of types of rules for splitting the encrypted sub-information; this is not limited herein. The plurality pieces of encrypted sub-information may have same or different sizes and lengths, and a quantity of the pieces of encrypted sub-information may also be set according to requirements.
[0047] S420: Store the plurality pieces of encrypted sub-information respectively in the deposit platforms corresponding to a plurality of nodes in the blockchain, and store information containing storage positions of the plurality pieces of encrypted sub-information into the first deposit platform.
[0048] In the foregoing steps, relationships that users store respective encrypted information onto a chain may be described with reference to FIG. 6. It may be learned from FIG. 6 that three user A, B, and C respectively create platform accounts through the first deposit platform, and encrypt the identity information to respectively obtain encrypted information a, b, and c. By step S410, each piece of encrypted information is split into a plurality pieces (for example, three pieces in FIG. 8) of encrypted sub-information. By step S420, the encrypted sub-information is uploaded and stored in different deposit platforms. In view of the above, at this time, each deposit platform stores a part of the encrypted information from each of different users, and this part is randomly selected. Therefore, the deposit platform cannot obtain all information of a user, thereby reducing a possibility of tampering with the user information.
[0049] In this embodiment, to achieve subsequent processes such as retrieving the identity information of the user, and verifying the identity information of the user when recovering and modifying the account, the information containing the storage positions of the plurality pieces of encrypted sub-information needs to be recorded in the first deposit platform, so that the information is traceable, and risks of losing the identity information are reduced.
[0050] Further, in this embodiment, the encrypted information is uploaded and stored on a chin by a distributed storage. In this case, the user information may be lost when the first deposit platform cannot obtain the encrypted sub-information stored on the chain from all of nodes that store the encrypted sub-information due to occurrence of problems like that a certain node in which the encrypted sub-information is stored loses information, is attacked, or becomes invalid. To resolve the foregoing problems, in a feasible embodiment, the foregoing step S410 may be optimized as:
[0051] S411: Store each piece of encrypted sub-information in at least one deposit platform corresponding to a blockchain node. In this way, in step S420, after the plurality pieces of encrypted sub-information are respectively stored in the deposit platforms corresponding to a plurality of nodes in the blockchain, there may be several deposit platforms that store the same encrypted sub-information, and each deposit platform stores merely a part of the same encrypted sub-information.
[0052] The foregoing step may be described with reference to the relationship diagram shown in FIG. 7. For identity information of a user, after encrypted information is obtained by encrypting the identity information, the identity information may be first split into several pieces (for example, four pieces in FIG. 7) of encrypted sub-information according to the foregoing step S410, and then each of pieces of encrypted sub-information is respectively stored in at least one deposit platform according to step S411. It may be learned from FIG. 7 that when a plurality of deposit platforms together store encrypted information from one user, in addition to at least a part of the encrypted sub-information, each deposit platform may store the other part of the encrypted sub-information as backup. Alternatively, in addition to the deposit platforms that together store encrypted information from one user, there may be other deposit platforms that store backups of the encrypted sub-information. Such a configuration is provided so that when a certain deposit platform is unavailable, a backup corresponding to the encrypted sub-information in the unavailable deposit platform may also be obtained through other deposit platforms, thus ensuring that all encrypted sub-information can be finally obtained for decryption to obtain the identity information of the user.
[0053] On the basis of the solution shown in FIG. 7, if there are a plurality of deposit platforms that store the same encrypted sub-information, during retrieving, the encrypted sub-information may be retrieved from any one of the deposit platforms, or it may be designated that the encrypted sub-information is retrieved preferentially from a certain deposit platform. In this case, the encrypted sub-information that is preferentially retrieved may be regarded as what needs to be retrieved in a regular process. Moreover, the same encrypted sub-information stored in other deposit platforms may be regarded as standby or candidate encrypted sub-information. An invoking process generally is not started, unless there is a problem with a section of the regular process. Therefore, in a feasible embodiment, during a process of storing the encrypted sub-information, priorities may be set for the same encrypted sub-information according to a time sequence according to which the encrypted sub-information is stored to different nodes. For example, the encrypted sub-information that is first stored to a node has the highest priority, and is the encrypted sub-information that needs to be preferentially retrieved in the regular process. According to a subsequent storage process, the other same encrypted sub-information has priorities that are gradually lowered, and serves as standby encrypted sub-information. Only when none of nodes with a higher priority is available, the encrypted sub-information with a next level of priority needs to be retrieved. The foregoing priorities are formulated according to a time sequence, and may be formulated according to other rules in actual application. This is not limited herein.
[0054] Further, in the foregoing step S300, to improve security of the encrypted information, the encrypted information may be obtained in a plurality of ways. As shown in FIG. 8, the identity information may be performed with different processing to finally obtain the encrypted information.
[0055] A first way: The identity information is encrypted directly by using the private key of the user. This is the simplest encryption manner, can save system operating resources, and has a faster encryption speed.
[0056] A second way: The created platform account is first logged into to initiate a transaction, and both of the obtained transaction data and the identity information are encrypted by using the private key, to obtain the encrypted information. According to this way, it may be ensured that the data is true and valid, and the created platform account is available. Taking the transaction data and a transaction result obtained during a transaction process of the platform, together with the identity information, as data that is finally uploaded on a chain is more conducive to identification, verification, and other operations to the identity information of the user.
[0057] A third way: A smart contract is registered by executing the user identity, and the identity information of the user that uses the smart contract is encrypted by using the private key, to obtain the encrypted information. This way has the same function as the transaction execution process. After the account is created, authentication information of the user identity is submitted in the form of a smart contract. According to a consensus mechanism in the deposit platform, it may be ensured that the data on the chain is true and valid.
[0058] It may be learned from the foregoing technical solutions that the present application provides an account registration method of a decentralized electronic contract deposit platform. By obtaining the account creation request sent from the user or the prior electronic contract platform, an account is created after the user identity is authenticated to be passed, the identity information of the user is encrypted while the account is created, and the encrypted identity information of the user is uploaded and stored on a chain by a distributed storage. According to the present application, the account is managed through a decentralized electronic contract deposit platform, thereby avoiding a possibility that a prior platform may arbitrarily tamper with account information of the user, and improving security of the identity information of the user.
[0059] With reference to FIG. 9, corresponding to the foregoing method, the present application further provides an account recovery method of a decentralized electronic contract deposit platform based on the same application scenario, including the following steps.
[0060] S500: A first deposit platform obtains an account recovery request, where the account recovery request includes identity information of a user that sends the account recovery request. When the user forgets a password for logging in to the platform or loses other means for logging in to the platform, an account may be recovered by sending an account recovery request. In this case, it is required to submit the identity information entered when a platform account is registered. The entered identity information may correspond to all of the identity information in the foregoing registration method, or may be a preset number of parts of the identity information.
[0061] S600: Retrieve, based on the identity information, information containing storage positions of encrypted sub-information that is stored in the first deposit platform as described in the foregoing registration method.
[0082] S700: Obtain the encrypted sub-information from respective deposit platforms based on the information containing the storage positions of the encrypted sub- information.
[0063] S800: Decrypt all encrypted sub-information, to obtain decrypted identity information.
[0064] S900: Determine whether the decrypted identity information is consistent with the identity information in the account recovery request, and if the two are consistent, encrypt the identity information by using a new private key to obtain encrypted information.
[0065] If a quantity of items contained in the identity information in the account recovery request is completely the same as that in the decrypted identity information, comparison needs to be performed to determine whether all the items are respectively consistent. If the identity information in the account recovery request is merely a part of information, comparison needs to be performed to determine whether this part of information is completely consistent with a corresponding part of the decrypted identity information, and a result about whether the two are completely consistent is finally obtained.
[0066] In this embodiment, if it is determined that the decrypted identity information is completely consistent with the identity information in the account recovery request, it is represented that the user passes a verification, and the account may be recovered. In this case, the user may re-encrypt the identity information by using a new private key, and upload and store the identity information on a chain again.
[0067] S1000: Store distributedly the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain.
[0068] In this embodiment, a process of step S1000 is same as processes in S400, S410, S411, and S420. A difference is that the encryption and the distributed storage in step S1000 may use a node that is completely different from that in previous storage, and uses a completely different division rule. In this way, it is ensured that each account recovery operation is equivalent to re-establishing an account, thereby improving security of the identity information.
[0069] With reference to FIG. 10, corresponding to the foregoing method, the present application further provides an account modification method of a decentralized electronic contract deposit platform based on the same application scenario, including the following steps.
[0070] S1100: A first deposit platform obtains an account modification request, where the account modification request includes original identity information and modified identity information of a user that sends the account modification request, the original identity information is all or a part of identity information of a user that is entered when registering an account, and the modified identity information is information to be obtained by a user modifying a part of the identity information.
[0071] S1200: Retrieve, based on the original identity information, information containing storage positions of encrypted sub-information that is stored in the first deposit platform as described in the foregoing account registration method.
[0072] S1300: Obtain the encrypted sub-information from respective deposit platforms based on the information containing the storage positions of the encrypted sub- information.
[0073] S1400: Decrypt all encrypted sub-information, to obtain decrypted identity information.
[0074] S1500: Determine whether the decrypted identity information is consistent with the original identity information in the account modification request, and if the two are consistent, encrypt the modified identity information by using a new private key to obtain encrypted information, where determining of the decrypted identity information and the original identity information in the account modification request is similar to that in the foregoing S900, and details are not described herein again.
[0075] S1600: Store distributedly the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain.
[0076] For similar parts between the embodiments provided in the present application, reference may be made to each other. The specific implementations described above are merely some examples under a general concept of the present application, and do not constitute any limitation to the protection scope of the present application.
For a person skilled in the art, any other implementations derived according to the solutions of the present application without an effective effort all fall within the protection scope of the present application.

Claims (10)

CONCLUSIESCONCLUSIONS 1. Een werkwijze voor het registreren van een rekening van een gedecentraliseerd elektronisch contractdeposito platform, de werkwijze omvattende: het verkrijgen van een verzoek voor het aanmaken van een rekening door een eerste deposito platform, waarbij het verzoek voor het aanmaken van een rekening identiteitsinformatie omvat van een gebruiker, die het verzoek voor het aanmaken van een rekening verzendt; het bepalen, op basis van de identiteitsinformatie, of een platform rekening bestaat, welke overeenkomt met de identiteitsinformatie in het eerste deposito platform; het creëren van een platform rekening, die overeenkomt met de identiteitsinformatie, indien er geen platform rekening bestaat die overeenkomt met de identiteitsinformatie in het eerste deposito platform, en het verkrijgen van versleutelde informatie op basis van de identiteitsinformatie en een privésleutel van de gebruiker; en het gedistribueerd opslaan van de versleutelde informatie om deposito platforms, die overeenkomen met een aantal knooppunten in een blokketen.A method for registering an account of a decentralized electronic contract deposit platform, the method comprising: obtaining an account creation request from a first depository platform, the account creation request including identity information of a user, who sends the account creation request; determining, based on the identity information, whether a platform account exists that corresponds to the identity information in the first deposit platform; creating a platform account corresponding to the identity information if no platform account corresponding to the identity information exists in the first deposit platform, and obtaining encrypted information based on the identity information and a private key of the user; and distributing the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain. 2. De werkwijze voor het registreren van een rekening volgens conclusie 1, waarbij een stap van het verkrijgen van het verzoek voor het aanmaken van een rekening door het eerste deposito platform omvat: het verkrijgen, door een tweede platform, van een eerste aanmaakverzoek dat is verzonden door de gebruiker, en het authenticeren van een gebruikersidentiteit op basis van het eerste aanmaakverzoek; het genereren en het naar het eerste deposito platform verzenden van een verzoek om een rekening aan te maken, indien een authenticatieresultaat aanduidt dat de authenticatie is geslaagd; en het verkrijgen, door het eerste deposito platform, van het verzoek om een rekening aan te maken, dat is verzonden vanaf het tweede platform.The method of registering an account according to claim 1, wherein a step of obtaining the account creation request by the first deposit platform comprises: obtaining, by a second platform, a first creation request that is sent by the user, and authenticating a user's identity based on the first creation request; generating and sending to the first deposit platform a request to create an account, if an authentication result indicates that the authentication was successful; and obtaining, by the first deposit platform, the account creation request sent from the second platform. 3. De werkwijze voor het registreren van een rekening volgens conclusie 1, waarbij de versleutelde informatie op basis van de identiteitsinformatie en de privésleutel van de gebruiker wordt verkregen volgens de volgende stappen: het versleutelen van de identiteitsinformatie teneinde de versleutelde informatie te verkrijgen door gebruik te maken van de privésleutel van de gebruiker; of het aanmelden op de aangemaakte platform rekening teneinde een transactie te initiëren, en het versleutelen van zowel transactiegegevens als de identiteitsinformatie met behulp van de privésleutel van de gebruiker, teneinde de versleutelde informatie te verkrijgen.The account registration method according to claim 1, wherein the encrypted information based on the identity information and the user's private key is obtained by the following steps: encrypting the identity information to obtain the encrypted information by using creating the user's private key; or logging into the created platform account to initiate a transaction, and encrypting both transaction data and the identity information using the user's private key to obtain the encrypted information. 4. De werkwijze voor het registreren van een rekening volgens conclusie 1, waarbij de versleutelde informatie op basis van de identiteitsinformatie en de privésleutel van de gebruiker wordt verkregen volgens de volgende stap: het registreren van een slim contract door het toepassen van de gebruikersidentiteit, en het versleutelen van de identiteitsinformatie van de gebruiker met behulp van het slimme contract door gebruik te maken van de privésleutel van de gebruiker, teneinde de versleutelde informatie te verkrijgen.The method of registering an account according to claim 1, wherein the encrypted information based on the identity information and the user's private key is obtained according to the following step: registering a smart contract by applying the user's identity, and encrypting the user's identity information using the smart contract using the user's private key to obtain the encrypted information. 5. De werkwijze voor het registreren van een rekening volgens conclusie 1, waarbij de stap van het gedistribueerd opslaan van de versleutelde informatie in deposito platforms, die overeenkomen met een groot aantal knooppunten in een blokketen omvat: het opsplitsen van de versleutelde informatie in meerdere delen van versleutelde subinformatie; en het opslaan van de meerdere delen van versleutelde subinformatie in de respectievelijke deposito platforms, welke overeenkomen met het grote aantal knooppunten in de blokketen, en het in het eerste deposito platform opslaan van informatie die opslagposities van de meerdere delen van versleutelde subinformatie bevat.The method for registering an account according to claim 1, wherein the step of distributingly storing the encrypted information in depositing platforms corresponding to a plurality of nodes in a block chain comprises: dividing the encrypted information into multiple parts of encrypted sub-information; and storing the plurality of pieces of encrypted sub-information in the respective depositing platforms corresponding to the plurality of nodes in the block chain, and storing in the first depositing platform information containing storage locations of the plurality of pieces of encrypted sub-information. 6. De werkwijze voor het registreren van een rekening volgens conclusie 5, waarbij de stap van het respectievelijk opslaan van de meerdere delen van versleutelde subinformatie in de deposito platforms, die overeenkomen met een groot aantal van knooppunten in de blokketen, omvat: het opslaan van elk deel van versleutelde subinformatie in ten minste één deposito platform dat overeenkomt met een blokketen knooppunt.The method of registering an account according to claim 5, wherein the step of respectively storing the plural parts of encrypted sub-information in the deposit platforms corresponding to a plurality of nodes in the block chain comprises: storing any piece of encrypted sub-information in at least one deposit platform corresponding to a blockchain node. 7. De werkwijze voor het registreren van een rekening volgens conclusie 6, waarbij in de informatie die de opslagposities van de versleutelde subinformatie bevat, dezelfde versleutelde subinformatie die is opgeslagen in verschillende deposito platforms, is voorzien van opslag prioriteiten, die een tijdsvolgorde aanduiden waarin de versleutelde subinformatie is opgeslagen in de deposito platforms, die overeenkomen met verschillende knooppunten.The method for registering an account according to claim 6, wherein in the information including the storage positions of the encrypted sub-information, the same encrypted sub-information stored in different deposit platforms is provided with storage priorities indicating a time sequence in which the encrypted sub-information is stored in the deposit platforms, which correspond to different nodes. 8. Een werkwijze voor het herstellen van een rekening van een gedecentraliseerd elektronisch contractdeposito platform, waarbij de werkwijze omvat: het verkrijgen van een verzoek voor het herstellen van een rekening door een eerste stortingsplatform, waarbij het verzoek voor het herstellen van een rekening identiteitsinformatie omvat van een gebruiker, die het verzoek voor het herstellen van een rekening verzendt; het ophalen, op basis van de identiteitsinformatie, van de informatie die de opslagposities bevat van de versleutelde subinformatie, die is opgeslagen in het eerste deposito platform volgens een van de conclusies 5 tot en met 7; het verkrijgen van de versleutelde subinformatie van respectievelijke deposito platforms op basis van de informatie, die de opslagposities van de versleutelde subinformatie bevat; het ontsleutelen van alle versleutelde subinformatie, teneinde ontsleutelde identiteitsinformatie te verkrijgen; het vaststellen of de ontsleutelde identiteitsinformatie consistent is met de identiteitsinformatie in het verzoek voor het herstellen van een rekening, en indien de twee consistent zijn, het versleutelen van de identiteitsinformatie door gebruik te maken van een nieuwe privésleutel, teneinde versleutelde informatie te verkrijgen; en het gedistribueerd opslaan van de versleutelde informatie in deposito platforms, die overeenkomen met een groot aantal knooppunten in een blokketen.A method for restoring an account from a decentralized electronic contract deposit platform, the method comprising: obtaining an account restore request from a first deposit platform, the account restore request including identity information of a user who sends the request to reset an account; retrieving, based on the identity information, the information including the storage locations of the encrypted sub-information stored in the first deposit platform according to any one of claims 5 to 7; obtaining the encrypted sub-information from respective deposit platforms based on the information including the storage positions of the encrypted sub-information; decrypting all encrypted sub-information to obtain decrypted identity information; determining whether the decrypted identity information is consistent with the identity information in the account recovery request, and if the two are consistent, encrypting the identity information using a new private key to obtain encrypted information; and distributing the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain. 9. De werkwijze voor het herstellen van een rekening volgens conclusie 8, waarbij de stap van het gedistribueerd opslaan van de versleutelde informatie in deposito platforms, die overeenkomen met een groot aantal knooppunten in een blokketen, omvat: het opsplitsen van de versleutelde informatie in meerdere delen van versleutelde subinformatie; en het opslaan van de meerdere delen van versleutelde subinformatie in de respectievelijke deposito platforms, welke overeenkomen met het grote aantal knooppunten in de blokketen, en het in het eerste deposito platform opslaan van informatie die opslagposities van de meerdere delen van versleutelde subinformatie bevat.The method for restoring an account according to claim 8, wherein the step of distributing the encrypted information in depositing platforms corresponding to a plurality of nodes in a blockchain comprises: splitting the encrypted information into multiple sharing encrypted sub-information; and storing the plurality of pieces of encrypted sub-information in the respective depositing platforms corresponding to the plurality of nodes in the block chain, and storing in the first depositing platform information containing storage locations of the plurality of pieces of encrypted sub-information. 10. Een werkwijzen voor het wijzigen van een rekening van een gedecentraliseerd elektronisch contractdeposito platform, waarbij de werkwijze omvat: het verkrijgen van een verzoek tot het wijzigen van een rekening door een eerste deposito platform, waarbij het verzoek tot het wijzigen van een rekening originele identiteitsinformatie en gewijzigde identiteitsinformatie omvat van een gebruiker, die het verzoek tot het wijzigen van de rekening verzendt; het ophalen, op basis van de originele identiteitsinformatie, van de informatie die de opslagposities bevat van de versleutelde subinformatie, die is opgeslagen in het eerste deposito platform volgens een van de conclusies 5 tot en met 7; het verkrijgen van de versleutelde subinformatie van respectievelijke deposito platforms op basis van de informatie, die de opslagposities van de versleutelde subinformatie bevat;A method for changing an account of a decentralized electronic contract deposit platform, the method comprising: obtaining an account change request from a first depository platform, the request to change an account original identity information and includes changed identity information of a user who sends the request to change the account; retrieving, based on the original identity information, the information including the storage locations of the encrypted sub-information stored in the first deposit platform according to any one of claims 5 to 7; obtaining the encrypted sub-information from respective deposit platforms based on the information including the storage positions of the encrypted sub-information; het ontsleutelen van alle versleutelde subinformatie, teneinde ontsleutelde identiteitsinformatie te verkrijgen;decrypting all encrypted sub-information to obtain decrypted identity information; het vaststellen of de ontsleutelde identiteitsinformatie consistent is met de originele identiteitsinformatie in het verzoek voor het wijzigen van een rekening, en indien de twee consistent zijn, het versleutelen van de gewijzigde identiteitsinformatie door gebruik te maken van een nieuwe privésleutel, teneinde versleutelde informatie te verkrijgen; en het gedistribueerd opslaan van de versleutelde informatie in deposito platforms, die overeenkomen met een groot aantal knooppunten in een blokketen.determining whether the decrypted identity information is consistent with the original identity information in the account change request, and if the two are consistent, encrypting the changed identity information using a new private key to obtain encrypted information; and distributing the encrypted information to deposit platforms corresponding to a plurality of nodes in a blockchain.
NL2028773A 2020-07-20 2021-07-19 Account management method of decentralized electronic contract deposit platform NL2028773B1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010699197 2020-07-20
CN202010938092.3A CN112035892A (en) 2020-07-20 2020-09-09 Method for managing account number of decentralized electronic contract certificate storage platform

Publications (2)

Publication Number Publication Date
NL2028773A NL2028773A (en) 2022-03-15
NL2028773B1 true NL2028773B1 (en) 2022-06-03

Family

ID=73584092

Family Applications (1)

Application Number Title Priority Date Filing Date
NL2028773A NL2028773B1 (en) 2020-07-20 2021-07-19 Account management method of decentralized electronic contract deposit platform

Country Status (3)

Country Link
CN (1) CN112035892A (en)
FR (1) FR3112623A1 (en)
NL (1) NL2028773B1 (en)

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107066893B (en) * 2017-02-28 2018-11-09 腾讯科技(深圳)有限公司 The treating method and apparatus of account information in block chain
WO2019127530A1 (en) * 2017-12-29 2019-07-04 深圳前海达闼云端智能科技有限公司 Account unifying method and device and storage medium
CN108462696B (en) * 2018-02-05 2020-12-15 邓海南 Decentralized block chain intelligent identity authentication system
EP3785420A4 (en) * 2018-04-27 2022-01-19 Omnibek Ip Holding Llc Multi-decentralized private blockchains network
CN109359976A (en) * 2018-09-06 2019-02-19 深圳大学 Account number cipher management method, device, equipment and storage medium based on block chain
CN109829720A (en) * 2019-01-31 2019-05-31 中国—东盟信息港股份有限公司 A kind of identity real name authentication method based on block chain transaction data
CN110062034B (en) * 2019-04-01 2021-11-12 中科天御(苏州)科技有限公司 Block chain large file secure storage method and system
CN110457878A (en) * 2019-08-14 2019-11-15 北京中电普华信息技术有限公司 A kind of identity identifying method based on block chain, apparatus and system

Also Published As

Publication number Publication date
CN112035892A (en) 2020-12-04
NL2028773A (en) 2022-03-15
FR3112623A1 (en) 2022-01-21

Similar Documents

Publication Publication Date Title
US11777726B2 (en) Methods and systems for recovering data using dynamic passwords
US11818265B2 (en) Methods and systems for creating and recovering accounts using dynamic passwords
US11689366B2 (en) Cryptoasset custodial system with vault-specific rules governing different actions allowed for different vaults
US10484178B2 (en) Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features
US20220277302A1 (en) Cryptoasset custodial system with proof-of-stake blockchain support
US10749681B2 (en) Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features
US20180294957A1 (en) System for Recording Ownership of Digital Works and Providing Backup Copies
EP3997606B1 (en) Cryptoasset custodial system with custom logic
CA3211990A1 (en) Systems and methods for personal identification and verification
CN107770173A (en) Subscriber Management System, related identification information creation method and request method of calibration
CN103959302A (en) Systems and methods for secure distributed storage
EP3543891B1 (en) A computer implemented method and a system for tracking of certified documents lifecycle and computer programs thereof
KR20220113307A (en) System to provide genuinity verification and ownership change records of product esset by using a blockchain and a genuine authentiation tag technologies
US20220329446A1 (en) Enhanced asset management using an electronic ledger
AU2018100478A4 (en) Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features
US20230050280A1 (en) Computer-implemented user identity verification method
CN113836554A (en) Method for managing certificate information based on block chain, electronic equipment and storage medium
NL2028773B1 (en) Account management method of decentralized electronic contract deposit platform
WO2020076234A1 (en) Apparatus and method for controlling data access
CN115118434A (en) Key management method and device based on block chain
WO2019209286A1 (en) Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features
US20230107805A1 (en) Security System
WO2024026428A1 (en) Digital identity allocation, assignment, and management
EA036442B1 (en) Verification of stored data by determination of storage parameters using a distributed database with nonvolatile objects
Lamba et al. An Approach for Amplifying the Cloud Environment Security