WO2019127530A1 - Procédé d'unification de compte et dispositif et support de stockage - Google Patents

Procédé d'unification de compte et dispositif et support de stockage Download PDF

Info

Publication number
WO2019127530A1
WO2019127530A1 PCT/CN2017/120263 CN2017120263W WO2019127530A1 WO 2019127530 A1 WO2019127530 A1 WO 2019127530A1 CN 2017120263 W CN2017120263 W CN 2017120263W WO 2019127530 A1 WO2019127530 A1 WO 2019127530A1
Authority
WO
WIPO (PCT)
Prior art keywords
identity contract
address
account
user entity
identity
Prior art date
Application number
PCT/CN2017/120263
Other languages
English (en)
Chinese (zh)
Inventor
谢辉
王健
陈敏
Original Assignee
深圳前海达闼云端智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳前海达闼云端智能科技有限公司 filed Critical 深圳前海达闼云端智能科技有限公司
Priority to PCT/CN2017/120263 priority Critical patent/WO2019127530A1/fr
Priority to CN201780002514.2A priority patent/CN108235805B/zh
Publication of WO2019127530A1 publication Critical patent/WO2019127530A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • the present disclosure relates to the field of information technology, and in particular, to an account unified method, apparatus, and storage medium.
  • the main purpose of the present disclosure is to provide an account unified method, apparatus, and storage medium for solving the technical problem of inconvenience to users caused by using different accounts in different application servers in the prior art.
  • a first aspect of the present disclosure provides an account unification method, applied to a client, the method comprising: creating an identity contract and associating the identity contract with a user entity account; deploying the same on a blockchain An identity contract, obtaining an identity contract address of the identity contract; transmitting, to the application server, a registration request including the identity contract address, the identity contract address being used to instruct the application server to use the identity contract address as the user entity
  • the account ID of the account on the application server the method comprising: creating an identity contract and associating the identity contract with a user entity account; deploying the same on a blockchain An identity contract, obtaining an identity contract address of the identity contract; transmitting, to the application server, a registration request including the identity contract address, the identity contract address being used to instruct the application server to use the identity contract address as the user entity
  • the account ID of the account on the application server the method comprising: creating an identity contract and associating the identity contract with a user entity account; deploying the same on a blockchain An identity contract, obtaining an identity
  • a second aspect of the present disclosure provides a method for unifying an account, which is applied to a client, the method comprising: sending a registration request to an application server, where the registration request includes a blockchain address of a user entity account, and the blockchain address is used by the blockchain address And the application server deploys an identity contract associated with the user entity account according to the blockchain address; receiving a registration success response sent by the application server, where the registration request includes an identity contract associated with the user entity account address.
  • a third aspect of the present disclosure provides a method for unifying an account, which is applied to an application server, the method comprising: receiving a registration request sent by a client, where the registration request includes an identity contract address associated with a user entity account to be registered; The identity contract address is used as an account identifier of the user entity account on the application server.
  • a fourth aspect of the present disclosure provides a method for unifying an account, which is applied to an application server, the method comprising: receiving a registration request sent by a client, where the registration request includes a blockchain address of a user entity account to be registered; The blockchain address of the user entity account creates an identity contract and associates with the user entity account; deploying the identity contract on the blockchain to obtain an identity contract address of the identity contract; using the identity contract address as the The account identity of the user entity account on the application server and a registration success response including the identity contract address is sent to the client.
  • a fifth aspect of the present disclosure provides an account unification device, which is applied to a client, the device comprising: a first identity contract creation module, configured to create an identity contract and associate the identity contract with a user entity account; a deployment module, configured to deploy the identity contract on a blockchain, to obtain an identity contract address of the identity contract, and a first registration request sending module, configured to send, to the application server, a registration request including the identity contract address, where The identity contract address is used to instruct the application server to use the identity contract address as an account identifier of the user entity account on the application server.
  • a sixth aspect of the present disclosure provides an account unified apparatus, which is applied to a client, where the apparatus includes: a second registration request sending module, configured to send a registration request to an application server, where the registration request includes a blockchain of a user entity account.
  • An address the blockchain address is used by the application server to deploy an identity contract associated with the user entity account according to the blockchain address;
  • the registration success response receiving module is configured to receive the registration success sent by the application server
  • the registration request includes an identity contract address associated with the user entity account.
  • a seventh aspect of the present disclosure provides an account unified device, which is applied to an application server, where the device includes: a first registration request receiving module, configured to receive a registration request sent by a client, where the registration request includes an identity contract address; An account identifier determining module is configured to use the identity contract address as an account identifier of the user entity account on the application server.
  • An eighth aspect of the present disclosure provides an account unified device, which is applied to an application server, where the device includes: a second registration request receiving module, configured to receive a registration request sent by a client, where the registration request includes a user entity account to be registered a blockchain address; a second identity contract creation module, configured to create an identity contract according to a blockchain address of the user entity account and associated with the user entity account; and a second identity contract deployment module for use in the block Deploying the identity contract on the chain to obtain an identity contract address of the identity contract; a second account identifier determining module, configured to use the identity contract address as an account identifier of the user entity account on the application server and A registration success response including the identity contract address is sent to the client.
  • a second registration request receiving module configured to receive a registration request sent by a client, where the registration request includes a user entity account to be registered a blockchain address
  • a second identity contract creation module configured to create an identity contract according to a blockchain address of the user entity account and associated with the user entity account
  • a ninth aspect of the present disclosure provides a computer readable storage medium comprising one or more programs for performing the method of the first aspect.
  • a tenth aspect of the present disclosure provides an account unified device, which is applied to a client, comprising: the computer readable storage medium of the ninth aspect; and one or more processors for executing the computer readable storage medium program of.
  • An eleventh aspect of the present disclosure provides a computer readable storage medium comprising one or more programs for performing the method of the second aspect.
  • a twelfth aspect of the present disclosure provides an account unified device, which is applied to a client, comprising: the computer readable storage medium of the eleventh aspect; and one or more processors for executing the computer readable storage The program in the media.
  • a thirteenth aspect of the present disclosure provides a computer readable storage medium comprising one or more programs for performing the method of the third aspect.
  • a fourteenth aspect of the present disclosure provides an account unified apparatus, which is applied to an application server, comprising: the computer readable storage medium of the thirteenth aspect; and one or more processors for executing the computer readable storage The program in the media.
  • a fifteenth aspect of the present disclosure provides a computer readable storage medium, comprising one or more programs, the one or more programs for performing the method of the fourth aspect.
  • a sixteenth aspect of the present disclosure provides an account unified apparatus, applicable to an application server, comprising: the computer readable storage medium of the fifteenth aspect; and one or more processors for executing the computer readable storage The program in the media.
  • the client deploys an identity contract associated with the user entity account on the blockchain, and sends a registration request including the identity contract address to the application server to instruct the application server to use the identity contract address as
  • the account identifier of the user entity account can facilitate the user to uniformly use the identity contract address to participate in various application services, thereby fundamentally solving the problem that a large number of accounts bring inconvenience to the user.
  • the decentralization of the blockchain makes the relationship between the identity contract and the user entity account cannot be falsified and forged, which can ensure the security of using the identity contract as the account identifier on each application server, compared to the application server. Using the same account and password reduces the loss of lost or stolen accounts.
  • FIG. 1 is a flowchart of an account unification method according to an exemplary embodiment of the present disclosure, where the method is applied to a client;
  • FIG. 2 is a flowchart of an account unification method according to an exemplary embodiment of the present disclosure, where the method is applied to an application server;
  • FIG. 3 is a schematic diagram showing a relationship between a user entity account and an identity contract according to an exemplary embodiment of the present disclosure
  • FIG. 4 is a schematic diagram of signaling interaction of an account unification method according to an exemplary embodiment of the present disclosure
  • FIG. 5 is a schematic diagram of signaling interaction of an account unification method according to another exemplary embodiment of the present disclosure.
  • FIG. 6 is a schematic diagram showing an implementation environment according to an exemplary embodiment of the present disclosure.
  • FIG. 7 is a flowchart of a method for replacing a user entity account according to an exemplary embodiment of the present disclosure
  • FIG. 8 is a schematic diagram of signaling interaction of a single sign-on and logout method according to an exemplary embodiment of the present disclosure
  • FIG. 9 is a block diagram of an account unification apparatus according to an exemplary embodiment of the present disclosure, wherein the apparatus is applied to an application server;
  • FIG. 10 is a block diagram showing an account unification apparatus according to another exemplary embodiment of the present disclosure, wherein the apparatus is applied to an application server;
  • FIG. 11 is a block diagram of an account unification apparatus according to an exemplary embodiment of the present disclosure, where the apparatus is applied to a client;
  • FIG. 12 is a block diagram of an account unification apparatus according to another exemplary embodiment of the present disclosure, wherein the apparatus is applied to a client.
  • a blockchain is a decentralized distributed database system in which all nodes in a blockchain network participate in maintenance. It is composed of a series of data blocks generated by cryptography, and each block is a blockchain. One block. According to the order of the generation time, the blocks are linked together in an orderly manner to form a data chain, which is aptly called a blockchain.
  • the blockchain is generated and validated by its special blocks and transactions, with unchangeable, unforgeable and fully traceable security features.
  • Blockchain node The blockchain network is based on a P2P (Peer to Peer) network.
  • P2P Peer to Peer
  • Each P2P network node participating in transaction and block storage, verification, and forwarding is a node in a blockchain network.
  • the user identity in the blockchain is represented by a public key, and the public key and the private key appear in pairs, wherein the private key is mastered by the user and not posted to the above-mentioned blockchain network, and the public key passes through the specific The hash and encoding become the "address", the "address” represents the user, and the public key and "address” can be freely published in the blockchain network. It is worth mentioning that there is no one-to-one correspondence between user identity and blockchain nodes. Users can use their own private key on any blockchain node.
  • Blockchain data write The blockchain node writes data to the blockchain by issuing a "transaction" to the blockchain network.
  • the transaction contains the signature of the user using his or her private key to prove the identity of the user.
  • the transaction is recorded by the “miner” (block chain node that implements the blockchain consensus competition mechanism) into the generated new block, and then released to the blockchain network, and verified and passed by other blockchain nodes, the transaction data is Is written to the blockchain.
  • FIG. 1 is a flowchart of an account unification method according to an exemplary embodiment of the present disclosure. The method is applied to a client. As shown in FIG. 1, the method includes:
  • step S101 an identity contract is created and the identity contract is associated with the user entity account.
  • step S102 an identity contract is deployed on the blockchain to obtain an identity contract address of the identity contract.
  • the blockchain may be an Ethereum blockchain.
  • There are two kinds of physical accounts on the Ethereum blockchain one is a user entity account (corresponding to a person or a smart device), and the corresponding one has a pair of public and private keys, and the hash code of the public key (for example, The first 20 bytes of the hash value is the blockchain address of the user entity account; the other is the program entity, that is, the smart contract, which only has the address value of the preset number of bytes (for example, 20 bytes) Address value), does not have an associated private key.
  • the client can generate its own user entity account by running a blockchain program.
  • the client can also create an identity contract (ie a type of smart contract) and associate the identity contract with the user entity account (eg, write the blockchain address of the user entity account into the identity contract) and pass the block The identity contract is deployed on the chain to obtain the address of the identity contract.
  • an identity contract ie a type of smart contract
  • associate the identity contract with the user entity account eg, write the blockchain address of the user entity account into the identity contract
  • the identity contract is deployed on the chain to obtain the address of the identity contract.
  • step S103 a registration request including an identity contract address is transmitted to the application server.
  • the identity contract address is used to instruct the application server to use the identity contract address as the account identifier of the user entity account on the application server.
  • FIG. 2 is a flowchart of an account unification method according to an exemplary embodiment of the present disclosure, where the method is applied to an application server, as described in FIG. 2, the method includes:
  • step S201 a registration request sent by the client is received, and the registration request includes an identity contract address associated with the user entity account to be registered.
  • step S202 the identity contract address is used as the account identifier of the user entity account on the application server.
  • the application server may record the identity contract address into an account information contract in its account database or blockchain, wherein the account information contract may be pre-deployed on the blockchain and each registered identity contract is recorded.
  • the contract of the address may be recorded.
  • the application server can use the identity contract address as the account identifier of the user entity account on the application server. Therefore, after the user completes the registration on each application server through the client, the user can uniformly use the identity contract address to log in on each application server.
  • the client may create an identity contract and associate the user entity account with the identity contract, thereby using the identity contract address as the user.
  • the unique account identifier of the physical account so that the user can conveniently use the identity contract address on each application server.
  • the client may also create multiple identity contracts and associate the user entity accounts with multiple identity contracts, thereby allowing users to participate in different application services with different identity contract addresses (ie different account identifiers). And it is convenient to use only a single entity account.
  • the client deploys an identity contract associated with the user entity account on the blockchain and registers with the application server using the identity contract address, so that the application server uses the identity contract address as the user entity.
  • the account identifier of the account on the application server so that the user can conveniently use the identity contract address to participate in various application services, thereby fundamentally solving the problem that the complicated account brings inconvenience to the user.
  • the decentralization of the blockchain makes the relationship between the identity contract and the user entity account cannot be falsified and forged, which can ensure the security of using the identity contract as the account identifier on each application server, compared to the application server. Using the same account and password reduces the loss of lost or stolen accounts.
  • the client may send the application server to include other The account information and the identity contract address login request, the application server authenticates the other account information, and returns the login success response to the client after the identity authentication is passed.
  • the application server can also replace or associate the registered account information with other account information, so that the application server can migrate the identity contract address as the account identifier of the user entity account.
  • FIG. 4 is a schematic diagram of signaling interaction of an account unification method according to an exemplary embodiment of the present disclosure. As shown in FIG. 4, the method includes:
  • step S401 the client creates an identity contract and associates the identity contract with the user entity account.
  • step S402 the client deploys an identity contract on the blockchain to obtain the identity contract address of the identity contract.
  • step S403 the client sends a registration request including an identity contract address to the application server.
  • step S404 when receiving the registration request sent by the client, the application server uses the identity contract address as the account identifier of the user entity account on the application server.
  • step S405 the application server sends a registration success response to the client.
  • the client can generate a user entity account and deploy an identity contract on the blockchain, associate the user entity account with the identity contract, and can use the identity contract address.
  • the application server registers, and the application server can use the identity contract address as the account identifier of the user entity account when receiving the registration request sent by the client, thereby facilitating the user to uniformly use the identity contract address to participate in various application services, fundamentally Resolving a large number of accounts brings problems to users.
  • the decentralization of the blockchain makes the relationship between the identity contract and the user entity account cannot be falsified and forged, which can ensure the security of using the identity contract as the account identifier on each application server, compared to the application server. Using the same account and password reduces the loss of lost or stolen accounts.
  • the identity contract may also be created and deployed by the application server, in which case the client only needs to provide the blockchain address of the user entity account when registering with the application server.
  • the application server may create an identity contract according to the blockchain address of each user entity account and establish an association relationship between the identity contract and the user entity account.
  • the account unified method may include:
  • step S501 the client sends a registration request to the application server, the registration request including the blockchain address of the user entity account.
  • step S502 when receiving the registration request sent by the client, the application server creates an identity contract according to the blockchain address of the user entity account and associates the identity contract with the user entity account.
  • step S503 the application server deploys an identity contract on the blockchain to obtain an identity contract address of the identity contract.
  • step S504 the application server uses the identity contract address as the account identifier of the user entity account on the application server.
  • step S505 the application server sends a registration success response to the client, and the registration success response includes the identity contract address.
  • the application server may associate each user entity account to be registered with an identity contract to identify the identity contract address as a unique account of the user entity account, so that the user can conveniently use each application.
  • the identity contract address is used uniformly on the server.
  • the application server may also associate each user entity account with multiple identity contracts, thereby supporting the user to use different application servers with different identity contract addresses (ie different account identifiers), and internally It is convenient to use only a single physical account.
  • the application server may also associate multiple user entity accounts with the same identity contract.
  • the setting may be applicable to related business scenarios, such as a mobile device in which the user has multiple different preset or assigned user entity accounts.
  • the configuration allows the user entity accounts of these mobile devices to be associated with a same identity contract, in which case the user can participate in various application services with the identity of the same identity contract regardless of which mobile device is used. It can solve the problem that users cannot easily identify the same identity with different private keys.
  • the application server can also set a many-to-many relationship between the user entity account and the identity contract to support more complex or special business needs.
  • process of creating and deploying an identity contract by the application server may refer to the process of creating and deploying an identity contract by the client in the unified account method provided in FIG. 1 , and details are not described herein again.
  • the client may add a user entity account association management function in the identity contract.
  • the current user entity account associated with the identity contract has the right to specify, add a new user entity account to associate with the identity contract.
  • the client does not need to update the participating identity contract, only need to replace the user entity account associated with the identity contract, so as not to affect the application server data and logic.
  • the client may also add a user entity account association arbitration function in the identity contract, that is, the client may set multiple arbitration clients in the identity contract (such as the user's trusted friend client). End or third-party trusted authority, etc., through the program logic to give the arbitration client the function of managing the association relationship between the user entity account and the identity contract, and setting the arbitration rules.
  • a user entity account association arbitration function in the identity contract, that is, the client may set multiple arbitration clients in the identity contract (such as the user's trusted friend client). End or third-party trusted authority, etc., through the program logic to give the arbitration client the function of managing the association relationship between the user entity account and the identity contract, and setting the arbitration rules.
  • FIG. 6 is a schematic diagram showing an implementation environment according to an exemplary embodiment of the present disclosure.
  • the implementation environment includes a client 61, an identity contract created by the client 61, and a user entity associated with the identity contract.
  • FIG. 6 a method for replacing a user entity account provided by an embodiment of the present disclosure is as shown in FIG. 7, and includes:
  • step S701 the client 61 deploys an identity contract on the blockchain and sets account information and arbitration rules of the plurality of arbitration clients in the identity contract.
  • step S702 the client 61 creates a new user entity account.
  • step S703 the client 61 sends a physical account replacement request to a plurality of arbitration clients, respectively.
  • the physical account replacement request may include an identity contract address and a blockchain address of the new user entity account.
  • the client may separately send an entity account replacement request to each arbitration client by means of an unidentified identity outside the chain.
  • the client may send the entity account replacement to each arbitration client by using an email or the like.
  • the request and the physical account replacement request carry identification information indicating that it is associated with the identity contract.
  • each arbitration client 62 sends an arbitration result to the identity contract by calling the interface of the identity contract.
  • step S705 the identity contract associates the new user entity account with the identity contract according to the arbitration result sent by each arbitration client, the account information of each arbitration client, and the arbitration rule.
  • the arbitration rule may modify the user entity account associated with the identity contract for more than half of the arbitration client's consent.
  • the identity contract receives more than half of the arbitration clients confirming the arbitration result of associating the new user entity account with the identity contract, the new user entity account is associated with the new user entity account according to the blockchain address of the new user entity account. .
  • the technical solution provided by the foregoing embodiment can not only solve the problem that the user cannot easily replace the physical account, but at the same time, the identity contract and the new user can be managed through arbitration after the private key of the original user entity account is lost or stolen.
  • the entity account is associated, which solves the problem that the identity contract cannot be used after the private key is lost and the private key is stolen.
  • the private key is a vital information for the user entity account, and in addition to the case where the security hardware is not exportable, the private key is usually backed up for security purposes if possible. Users can choose to encrypt or clear offline backup, but considering this method still needs to consider the security of backup files and the problems of forgetting and losing backup files or encrypted passwords, users can also choose online encryption backup methods, such as through password technology.
  • the private key (or seed) of the user entity account is encrypted and saved to the blockchain and restored by appropriate decryption when appropriate. Loss of private keys can be avoided by using appropriate backup and recovery techniques.
  • the client may block the private key of the user entity account by using a preset algorithm (for example, Shamir's Secret Sharing algorithm) to obtain n (n).
  • a preset algorithm for example, Shamir's Secret Sharing algorithm
  • n (n) Data block
  • any k data blocks (n ⁇ k ⁇ 1) can recover the entire private key.
  • the client may separately hash the n data blocks, for example, use a hash algorithm to calculate the hash values of the n data blocks, and again use the hash algorithm to calculate the hash value of each data block hash value.
  • the fingerprint of each data block these fingerprints can be used as verification when restoring the private key.
  • the client can share s(k ⁇ s ⁇ n) data blocks to c (c ⁇ 1) buddy clients, and encrypt the s data blocks using the public keys of the c buddy clients (such as each buddy).
  • the client's public key encrypts one or more of the s data blocks to ensure that s data blocks are encrypted, and all the encrypted data blocks, the hash values corresponding to the encrypted data blocks, and the c friend clients.
  • the blockchain address is logged to the identity contract associated with the user entity account.
  • the k value, the s value, and the c value determine the strength of the key sharing backup, wherein the smaller the k value, the larger the s value and the c value, the less likely the private key is lost.
  • the client in order to indicate the association relationship between the user entity account and the identity contract to the friend account when the key is restored, the client can inform the friend client of the associated identity contract when sharing the encrypted data to the friend client, so as to make the friend client
  • the end records the association.
  • the client may also record challenge information (eg, questions and answers encrypted with the buddy client's public key) or record the identity of the user entity account (eg, the identity ID hash of the user entity account) in the identity contract associated with the user entity account. .
  • the client may query, from the identity contract, the blockchain address of the target friend account corresponding to the at least k encrypted data blocks, and send the private key to the at least k target friends according to the blockchain address. Restore the request.
  • Each target friend account verifies the identity of the client when receiving the private key recovery request, and after the verification is passed, accesses the identity contract according to the identity contract address and obtains the encrypted encrypted data block from the identity contract, and encrypts the data block. After decryption, it is stored in the identity contract by the public key specified by the user entity account.
  • the decrypted k data can be obtained by decrypting with the relevant private key, and verified by the hash value recorded in the identity contract.
  • Validity of k data, applying a preset algorithm after verification eg Shamir's The Secret Sharing algorithm can restore the original private key of the user entity account.
  • the user entity account association relationship management function, the user entity account association relationship arbitration function, the private key backup and recovery function, and the like provided by the foregoing embodiments are not limited to the program logic of joining the identity contract, and may also be extracted to other In the program entity, the disclosure does not limit this.
  • the user may log in to each application platform by using the associated identity contract address as the account identifier, and the specific login process may be
  • the user sends a login request to the server through the client, and queries and selects the identity contract address associated with the blockchain address of the entity account on the client.
  • the client responds to the login challenge of the application server, wherein the login challenge response may include challenge signature information and an identity contract address of the user entity account.
  • the application platform After receiving the login challenge response sent by the client, the application platform verifies whether the identity contract address is registered and verifies whether the user entity account is an associated account of the identity contract based on the challenge signature mechanism, if the identity contract address is registered and the user entity account is The associated account of the identity contract sends a login success response to the client; otherwise, the login request of the user entity account is rejected.
  • the above embodiment of the present disclosure logs in based on the challenge signature mechanism, and the application server needs the signature information of the user entity account sent by the client to verify the identity of the user entity account.
  • the client can also integrate technologies such as biometric authentication, such as iris unlocking, fingerprint unlocking, and face unlocking, to prevent users from entering passwords. After the biometric authentication succeeds, the client can use the private key of the user entity account to sign the relevant information of the application server and send it to the application server to provide the server with the challenge signature authentication.
  • FIG. 8 is a schematic diagram of signaling interaction of a single sign-on and logout method according to an exemplary embodiment of the present disclosure, the method includes:
  • step S801 the client sends a first login request to the first application server, where the first login request includes first signature information of the user entity account and an identity contract address associated with the user entity account.
  • the first signature information of the user entity account may be obtained by signing the domain name of the first application server and the current time of the private key of the user entity account.
  • step S802 when receiving the login request sent by the client, the first application server verifies whether the identity contract address has been logged in.
  • step S803 when the first application server verifies that the identity contract address is not logged in, the first application server queries the login information contract on the blockchain according to the identity contract address to determine the login status of the identity contract address on other trusted application servers.
  • the login information contract is a contract pre-deployed on the blockchain that records the login status of each identity contract address on each trusted application server.
  • step S804 if it is determined that the login status of the identity contract address on the other trusted application server is not logged in, the first application server verifies whether the user entity account is associated with the identity contract address according to the identity contract address and the first signature information.
  • step S805 the first application server sends a login challenge page to the client when determining that the user entity account is associated with the identity contract address.
  • step S806 the client responds to the challenge of the first application server using the identity contract address.
  • step S807 the first application server authenticates the challenge response of the client and marks the login status of the identity contract information on the login status as logged in after the authentication succeeds.
  • the identity contract has at least one specific interface that can be used to determine whether the user entity account is associated with the identity contract.
  • the first application server may use the public key of the user entity account to perform signature verification on the first signature information, and after the signature verification succeeds, query the corresponding identity contract according to the identity contract address and view through the interface of the identity contract.
  • step S808 the first application server records the logged-in status of the identity contract address thereon into the login information contract.
  • step S809 the first application server returns a first login success response to the client.
  • the first login success response may include a session ID of the first application server.
  • step S810 the client sends a second login request to the second application server, where the second login request includes the second signature information of the user entity account and the identity contract address associated with the user entity account.
  • the second signature information of the user entity account may be obtained by using the domain name of the second application server and the current time of the private key of the user entity account.
  • step S811 when receiving the login request sent by the client, the second application server verifies whether the identity contract address has been logged in.
  • step S812 the second application server, when verifying that the identity contract address is not logged in, queries the login information contract on the blockchain according to the identity contract address to determine the login status of the identity contract address on other trusted application servers.
  • step S813 the second application server queries whether the login status of the identity contract address on the first application server is logged in, and then verifies whether the user entity account is associated with the identity contract address according to the identity contract address and the second signature information.
  • the process of verifying, by the second application server, whether the user entity account is associated with the identity contract address according to the identity contract address and the second signature information may refer to the process of verifying, by the first application server, whether the user entity account is associated with the identity contract address in step S805. I won't go into details here.
  • step S814 when it is determined that the user entity account is associated with the identity contract address, the second application server marks the login status of the identity contract information as having been logged in.
  • step S815 the second application server returns a second login success response to the client.
  • the second login success response may include a session ID of the second application server.
  • step S816 the client sends a logout request to the second application server, the logout request including an identity contract address associated with the user entity account.
  • step S817 the second application server marks the login status of the identity contract information as not logged in.
  • step S818 the second application server records the unlogged-in status of the identity contract address thereon into the login information contract.
  • step S819 the second application server sends a login challenge interface to the client.
  • step S820 the first application server monitors or rotates the query login information contract.
  • step S821 when the first application server knows that the login status of the identity information contract on the second application server is not logged in, the login status of the identity contract is marked as not logged in.
  • the application server may be an application server on a blockchain or an application server outside the blockchain.
  • it can verify the association between the identity contract and the user entity account through the interface of the identity contract.
  • the application server outside the blockchain it can access, read, write or call the identity contract on the blockchain through the API interface of the blockchain to verify the association between the identity contract and the user entity account.
  • each application server can have its own login control, and the user does not need to perform the voucher delivery with other application platforms to be logged in after using the identity contract address to log in on any application server, and realize the decentralized login and logout.
  • the robustness of the single sign-on and log-out system consisting of client, multiple application platforms and blockchain is added.
  • any one of the mutually trusted application servers may become the certification authority in the related single sign-on and log-out system, and the mutually trusted application server may not be limited to the same enterprise.
  • FIG. 9 is a block diagram of an account unification device 900, which is applied to an application server, and the device 900 includes:
  • the first registration request receiving module 901 is configured to receive a registration request sent by the client, where the registration request includes an identity contract address;
  • the first account identifier determining module 902 is configured to use the identity contract address as an account identifier of the user entity account on the application server.
  • the device 900 further includes:
  • the first login request receiving module 903 is configured to receive a login request sent by the client, where the login request includes the identity contract address and challenge signature information of the user entity account;
  • the first association verification module 904 is configured to verify, according to the identity contract address and the challenge signature information, whether the user entity account is associated with the identity contract address;
  • the first login success response module 905 is configured to return a login success response to the client when it is determined that the user entity account is associated with the identity contract address and the challenge signature information is verified.
  • the device 900 further includes:
  • the second login request receiving module 906 is configured to receive a login request sent by the client, where the login request includes the identity contract address and signature information of the user entity account;
  • the login status determining module 907 is configured to query a login information contract on the blockchain according to the identity contract address, and determine a login status of the identity contract address on another trusted application server, where the login information contract Is a contract pre-deployed on the blockchain that records the login status of each identity contract address on each trusted application server;
  • the second association verification module 908 is configured to verify the user entity according to the identity contract address and the signature information when determining that the login status of the identity contract address on the other trusted application server is logged in. Whether the account is associated with the identity contract address;
  • the second login success response module 909 is configured to return a login success response to the client when determining that the user entity account is associated with the identity contract address.
  • the device 900 further includes:
  • the third association verification module 910 is configured to verify the user entity according to the identity contract address and the signature information when determining that the login status of the identity contract address on the other trusted application server is not logged in. Whether the account is associated with the identity contract address and signature verification of the signature information;
  • a first login status marking module 911 configured to perform challenge authentication on the user entity account when determining that the user entity account is associated with the identity contract address, and after the authentication is passed, the identity contract address is in the The login status on the application server is marked as logged in and recorded in the login information contract.
  • the device 900 further includes:
  • the logout request receiving module 912 is configured to receive a logout request sent by the client, where the logout request includes the identity contract address;
  • the second login status marking module 913 is configured to mark the login status of the identity contract address on the application server as not logged in and recorded in the login information contract.
  • an embodiment of the present disclosure further provides a computer readable storage medium, where the computer readable storage medium includes one or more programs, and the one or more programs are used to execute the foregoing.
  • the account uniform method shown in the example is applied to the application server.
  • an embodiment of the present disclosure further provides an account unified device, which is applied to an application server, including the above computer readable storage medium, and one or more processors for executing a program in the computer readable storage medium.
  • FIG. 10 is a block diagram of an account unification device 1000, which is applied to an application server, according to another exemplary embodiment of the present disclosure, the device 1000 includes:
  • the second registration request receiving module 1001 is configured to receive a registration request sent by the client, where the registration request includes a blockchain address of the user entity account to be registered;
  • a second identity contract creation module 1002 configured to create an identity contract according to the blockchain address of the user entity account and associate with the user entity account;
  • a second identity contract deployment module 1003, configured to deploy the identity contract on a blockchain to obtain an identity contract address of the identity contract
  • the second account identifier determining module 1004 is configured to send the identity contract address as an account identifier of the user entity account on the application server and send a registration success response including the identity contract address to the client.
  • an embodiment of the present disclosure further provides a computer readable storage medium, where the computer readable storage medium includes one or more programs, and the one or more programs are used to execute the foregoing.
  • an embodiment of the present disclosure further provides an account unified device, which is applied to an application server, including the above computer readable storage medium, and one or more processors for executing a program in the computer readable storage medium.
  • FIG. 11 is a block diagram of an account unification device 1100, which is applied to a client, and the device 1100 includes:
  • a first identity contract creation module 1101, configured to create an identity contract and associate the identity contract with a user entity account
  • a first identity contract deployment module 1102 configured to deploy the identity contract on a blockchain to obtain an identity contract address of the identity contract
  • a first registration request sending module 1103, configured to send, to the application server, a registration request including the identity contract address, where the identity contract address is used to instruct the application server to use the identity contract address as the user entity account The account ID on the application server.
  • the device 1100 further includes:
  • a login request sending module 1104 configured to send a login request to the application server, where the login request includes the identity contract address and signature information, wherein the identity contract address and the signature information are used by the application server to determine Whether the user entity account is associated with the identity contract address and signature verification of the signature information.
  • the identity contract further includes account information of multiple arbitration clients and an arbitration rule
  • the device 1100 further includes:
  • An entity account creation module 1105 configured to create a new user entity account
  • the replacement request sending module 1106 is configured to separately send an entity account replacement request to the plurality of arbitration clients according to the account information of the plurality of arbitration clients, where the entity account replacement request includes the identity contract address and the new user a blockchain address of the physical account, wherein the identity contract address is used to instruct the plurality of arbitration clients to send an arbitration result to the identity contract, and the blockchain address of the new user entity account is used to indicate the
  • the identity contract associates the new user entity account with the identity contract based on the arbitration results of the plurality of arbitration clients and the arbitration rules.
  • the device 1100 further includes:
  • the private key blocking module 1107 is configured to block the private key of the user entity account according to a preset algorithm to obtain n data blocks, where n ⁇ 2;
  • a hash processing module 1108, configured to perform hash processing on the n data blocks, respectively, to obtain a hash value of the n data blocks;
  • the data block encryption module 1109 is configured to encrypt s data blocks in the n data blocks according to the public key of the c buddy clients, to obtain s encrypted data blocks, where c ⁇ 1, n ⁇ s ⁇ k ;
  • the information writing module 1110 is configured to write the s encrypted data blocks, the blockchain addresses of the c buddy clients, and the hash values of the n data blocks into the identity contract.
  • the device 1100 further includes:
  • a target buddy client address obtaining module 1111 configured to access the identity contract according to the identity contract address, and obtain a blockchain address of a target buddy client corresponding to at least k encrypted data blocks in the s encrypted data blocks, where , n ⁇ k ⁇ 1;
  • the private key recovery request sending module 1112 is configured to send a private key recovery request to the at least k target buddy clients according to the blockchain address of the at least k target buddy clients, where the private key recovery request is used to indicate Obtaining, by the at least k target buddy clients, the at least k encrypted data blocks from the identity contract, and decrypting and re-encrypting to store the identity contract;
  • the private key recovery module 1113 is configured to query the at least k re-encrypted encrypted data blocks and the corresponding hash value from the identity contract and decrypt the private key of the user entity account.
  • an embodiment of the present disclosure further provides a computer readable storage medium, where the computer readable storage medium includes one or more programs, and the one or more programs are used to execute the foregoing.
  • the unified method of the account applied to the client provided in the example.
  • an embodiment of the present disclosure further provides an account unified device, which is applied to a client, including the above computer readable storage medium, and one or more processors for executing a program in the computer readable storage medium.
  • FIG. 12 is a block diagram of an account unification device 1200, which is applied to a client, and the device 1200 includes:
  • a second registration request sending module 1201 configured to send a registration request to the application server, where the registration request includes a blockchain address of the user entity account, where the blockchain address is used by the application server according to the blockchain address Deploying an identity contract associated with the user entity account;
  • the registration success response receiving module 1202 is configured to receive a registration success response sent by the application server, where the registration request includes an identity contract address associated with the user entity account.
  • an embodiment of the present disclosure further provides a computer readable storage medium, where the computer readable storage medium includes one or more programs, and the one or more programs are used to execute the foregoing.
  • the unified method of the account applied to the client provided in the example.
  • an embodiment of the present disclosure further provides an account unified device, which is applied to a client, including the above computer readable storage medium, and one or more processors for executing a program in the computer readable storage medium.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

L'invention concerne un procédé d'unification de compte et un dispositif et un support de stockage utilisés pour résoudre le problème technique de l'inconvénient occasionné aux utilisateurs par l'utilisation de différents comptes dans différents serveurs d'application dans l'état de la technique. Le procédé est appliqué à un client d'application, et le procédé consiste à : créer un contrat d'identité et associer le contrat d'identité à un compte d'entité d'utilisateur ; déployer le contrat d'identité sur une chaîne de blocs afin d'obtenir une adresse de contrat d'identité du contrat d'identité ; et envoyer une demande d'enregistrement comprenant l'adresse de contrat d'identité à un serveur d'application, l'adresse de contrat d'identité étant utilisée pour indiquer au serveur d'application d'utiliser l'adresse de contrat d'identité en tant qu'identification de compte du compte d'entité d'utilisateur dans le serveur d'application.
PCT/CN2017/120263 2017-12-29 2017-12-29 Procédé d'unification de compte et dispositif et support de stockage WO2019127530A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2017/120263 WO2019127530A1 (fr) 2017-12-29 2017-12-29 Procédé d'unification de compte et dispositif et support de stockage
CN201780002514.2A CN108235805B (zh) 2017-12-29 2017-12-29 账户统一方法、装置及存储介质

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/120263 WO2019127530A1 (fr) 2017-12-29 2017-12-29 Procédé d'unification de compte et dispositif et support de stockage

Publications (1)

Publication Number Publication Date
WO2019127530A1 true WO2019127530A1 (fr) 2019-07-04

Family

ID=62645410

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/120263 WO2019127530A1 (fr) 2017-12-29 2017-12-29 Procédé d'unification de compte et dispositif et support de stockage

Country Status (2)

Country Link
CN (1) CN108235805B (fr)
WO (1) WO2019127530A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113343204A (zh) * 2021-08-06 2021-09-03 北京微芯感知科技有限公司 基于区块链的数字身份管理系统及方法
FR3112623A1 (fr) * 2020-07-20 2022-01-21 Jiangsu Aowei Holdings Co., Ltd. Procédé de gestion de comptes de la plateforme décentralisée d'enregistrement de preuves de contrats électroniques

Families Citing this family (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019127530A1 (fr) * 2017-12-29 2019-07-04 深圳前海达闼云端智能科技有限公司 Procédé d'unification de compte et dispositif et support de stockage
CN109087079B (zh) * 2018-07-09 2021-03-30 北京知帆科技有限公司 数字货币交易信息分析方法
CN109344625A (zh) * 2018-07-24 2019-02-15 东方银谷(北京)投资管理有限公司 用于区块链的用户账户管理方法及装置
CN109145201B (zh) * 2018-07-26 2020-11-10 百度在线网络技术(北京)有限公司 一种基于区块链的信息管理方法、装置、设备及存储介质
CN109146477B (zh) * 2018-08-02 2022-02-18 夸克链科技(深圳)有限公司 一种以太坊发布智能合约时指定地址的方法
CN110807203B (zh) * 2018-08-06 2022-03-01 中国电信股份有限公司 数据处理方法、业务运营中心平台、系统以及存储介质
CN109191132B (zh) * 2018-08-20 2022-02-11 众安信息技术服务有限公司 部署智能合约的方法、系统和装置
CN109005186B (zh) * 2018-08-20 2020-12-11 杭州复杂美科技有限公司 一种隔离用户身份信息的方法、系统、设备和存储介质
CN109257454A (zh) * 2018-08-23 2019-01-22 深圳市元征科技股份有限公司 一种基于区块链的合约地址解析方法、装置、设备及介质
CN109040341B (zh) * 2018-08-27 2021-05-04 深圳前海益链网络科技有限公司 智能合约地址的生成方法、装置、计算机设备及可读存储介质
CN109359976A (zh) * 2018-09-06 2019-02-19 深圳大学 基于区块链的账号密码管理方法、装置、设备及存储介质
TWI708199B (zh) * 2018-09-14 2020-10-21 宏達國際電子股份有限公司 基於智能合約分享隱私資料的方法及系統
CN109272317A (zh) * 2018-09-27 2019-01-25 北京金山安全软件有限公司 一种区块链私钥的获取方法、装置及电子设备
CN108900562B (zh) * 2018-10-11 2021-07-20 北京京东尚科信息技术有限公司 登录状态的共享方法、装置、电子设备及介质
EP3644549A1 (fr) 2018-10-23 2020-04-29 Siemens Aktiengesellschaft Dispositif et procédé d'émission et dispositif et procédé de demande d'un certificat numérique
CN109492433A (zh) * 2018-11-08 2019-03-19 中链科技有限公司 存证信息查询端口的构建、存证信息的查询方法及系统
US20200213100A1 (en) * 2018-11-27 2020-07-02 Shenzhen Lianbao Technology Co., Ltd. Multi-chain information management method, storage medium and blockchain identity parser
CN109819443B (zh) * 2018-12-29 2021-09-21 东莞见达信息技术有限公司 基于区块链的注册认证方法、装置及系统
CN109889503B (zh) * 2019-01-22 2022-02-22 平安科技(深圳)有限公司 基于区块链的身份管理方法、电子装置及存储介质
CN109936569B (zh) * 2019-02-21 2021-05-28 领信智链(北京)科技有限公司 一种基于以太坊区块链的去中心化数字身份登录管理系统
JP6873270B2 (ja) * 2019-03-01 2021-05-19 アドバンスド ニュー テクノロジーズ カンパニー リミテッド ブロックチェーンにおけるスマートコントラクトに基づくトランザクション活動の取扱注意データを保護するための方法及びデバイス
CN110009352B (zh) * 2019-03-29 2021-02-05 创新先进技术有限公司 基于生物特征重置区块链账户密钥的方法和装置
CN110035002B (zh) * 2019-04-01 2021-09-10 达闼机器人有限公司 即时通信的实现方法,终端设备及存储介质
CN110071937B (zh) * 2019-04-30 2022-01-25 中国联合网络通信集团有限公司 基于区块链的登录方法、系统及存储介质
CN110166254B (zh) * 2019-05-27 2020-09-29 国家电网有限公司 利用智能合约实现基于身份的密钥管理方法及装置
CN110245955A (zh) * 2019-05-27 2019-09-17 众安信息技术服务有限公司 一种基于智能合约的区块链账户属性管理方法及系统
CN110177119A (zh) * 2019-06-13 2019-08-27 朱子腾 一种绑定ip地址的账号及使用方法
CN110231965B (zh) * 2019-06-19 2022-05-10 京东方科技集团股份有限公司 一种云端设备、应用程序处理方法及电子设备
WO2019170178A2 (fr) * 2019-06-28 2019-09-12 Alibaba Group Holding Limited Système et procédé de mappage d'adresses de chaînes de blocs
CN111355723B (zh) * 2020-02-26 2023-04-18 腾讯科技(深圳)有限公司 单点登录方法、装置、设备及可读存储介质
CN112132585A (zh) * 2020-09-16 2020-12-25 北京好扑信息科技有限公司 一种基于区块链技术的去中心化的身份认证识别方法
CN112330449A (zh) * 2020-11-03 2021-02-05 平安科技(深圳)有限公司 基于区块链的联合账户创建方法、系统、设备及存储介质
CN112364311B (zh) * 2020-11-10 2024-01-26 上海保险交易所股份有限公司 区块链上身份管理方法和装置
CN114614998B (zh) * 2020-11-24 2024-01-02 富泰华工业(深圳)有限公司 账号身份验证方法、装置、计算机装置及存储介质
CN112488685B (zh) * 2020-12-23 2023-12-12 杨宁波 一种用于区块链的用户私钥保护方法
CN114401100A (zh) * 2021-10-02 2022-04-26 杭州荔藤网络科技有限公司 一种区块链账号的跨应用平台登录方法和系统
CN114268472B (zh) * 2021-12-10 2023-12-15 杭州溪塔科技有限公司 基于区块链的应用系统的用户认证方法及系统

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1866822A (zh) * 2005-05-16 2006-11-22 联想(北京)有限公司 一种统一认证的实现方法
CN106779708A (zh) * 2016-12-23 2017-05-31 中钞信用卡产业发展有限公司北京智能卡技术研究院 基于智能合约的区块链上参与方身份管理方法及系统
CN107196966A (zh) * 2017-07-05 2017-09-22 北京信任度科技有限公司 基于区块链的多方信任的身份认证方法和系统
US20170344988A1 (en) * 2016-05-24 2017-11-30 Ubs Ag System and method for facilitating blockchain-based validation
CN108235805A (zh) * 2017-12-29 2018-06-29 深圳前海达闼云端智能科技有限公司 账户统一方法、装置及存储介质

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170048235A1 (en) * 2015-07-14 2017-02-16 Fmr Llc Crypto Captcha and Social Aggregating, Fractionally Efficient Transfer Guidance, Conditional Triggered Transaction, Datastructures, Apparatuses, Methods and Systems
CN105847247B (zh) * 2016-03-21 2020-04-10 飞天诚信科技股份有限公司 一种认证系统及其工作方法
CN106453271B (zh) * 2016-09-21 2019-05-03 江苏通付盾科技有限公司 身份注册方法及系统、身份认证方法及系统
CN106533696B (zh) * 2016-11-18 2019-10-01 江苏通付盾科技有限公司 基于区块链的身份认证方法、认证服务器及用户终端
CN106453407B (zh) * 2016-11-23 2019-10-15 江苏通付盾科技有限公司 基于区块链的身份认证方法、认证服务器及用户终端
CN106919419A (zh) * 2017-02-03 2017-07-04 中钞信用卡产业发展有限公司北京智能卡技术研究院 区块链上的智能合约程序的更新方法及装置
CN107248074A (zh) * 2017-03-29 2017-10-13 阿里巴巴集团控股有限公司 一种基于区块链的业务处理方法及设备
CN107274186A (zh) * 2017-05-11 2017-10-20 上海点融信息科技有限责任公司 在区块链中获得智能合约接口的方法和设备

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1866822A (zh) * 2005-05-16 2006-11-22 联想(北京)有限公司 一种统一认证的实现方法
US20170344988A1 (en) * 2016-05-24 2017-11-30 Ubs Ag System and method for facilitating blockchain-based validation
CN106779708A (zh) * 2016-12-23 2017-05-31 中钞信用卡产业发展有限公司北京智能卡技术研究院 基于智能合约的区块链上参与方身份管理方法及系统
CN107196966A (zh) * 2017-07-05 2017-09-22 北京信任度科技有限公司 基于区块链的多方信任的身份认证方法和系统
CN108235805A (zh) * 2017-12-29 2018-06-29 深圳前海达闼云端智能科技有限公司 账户统一方法、装置及存储介质

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3112623A1 (fr) * 2020-07-20 2022-01-21 Jiangsu Aowei Holdings Co., Ltd. Procédé de gestion de comptes de la plateforme décentralisée d'enregistrement de preuves de contrats électroniques
NL2028773A (en) * 2020-07-20 2022-03-15 Jiangsu Aowei Holdings Co Ltd Account management method of decentralized electronic contract deposit platform
CN113343204A (zh) * 2021-08-06 2021-09-03 北京微芯感知科技有限公司 基于区块链的数字身份管理系统及方法
CN113343204B (zh) * 2021-08-06 2021-11-30 北京微芯感知科技有限公司 基于区块链的数字身份管理系统及方法

Also Published As

Publication number Publication date
CN108235805B (zh) 2021-07-30
CN108235805A (zh) 2018-06-29

Similar Documents

Publication Publication Date Title
WO2019127530A1 (fr) Procédé d'unification de compte et dispositif et support de stockage
Almadhoun et al. A user authentication scheme of IoT devices using blockchain-enabled fog nodes
US11606352B2 (en) Time-based one time password (TOTP) for network authentication
JP7121459B2 (ja) ハード/ソフトトークン検証を介したブロックチェーン認証
Lesavre et al. A taxonomic approach to understanding emerging blockchain identity management systems
Lim et al. Blockchain technology the identity management and authentication service disruptor: a survey
US11196573B2 (en) Secure de-centralized domain name system
US11159307B2 (en) Ad-hoc trusted groups on a blockchain
WO2018112946A1 (fr) Procédé, dispositif et système d'enregistrement et d'autorisation
JP2021505098A (ja) トランザクションコネクタ及びブローカサービスを使用してブロックチェーンネットワークのバージョン化されたブロックとしてデバイスライフサイクルトランザクションを記録するためのシステム及び方法
Zhou et al. EverSSDI: blockchain-based framework for verification, authorisation and recovery of self-sovereign identity using smart contracts
Faísca et al. Decentralized semantic identity
KR20230073236A (ko) 인증 시스템 및 방법
Abraham et al. SSI Strong Authentication using a Mobile-phone based Identity Wallet Reaching a High Level of Assurance.
Sharma et al. A blockchain based secure communication framework for community interaction
US20230362019A1 (en) Physically unclonable functions storing response values on a data store
Kokoris-Kogias et al. Verifiable management of private data under byzantine failures
Fathalla et al. PT-SSIM: A Proactive, Trustworthy Self-Sovereign Identity Management System.
Dumas et al. LocalPKI: An interoperable and IoT friendly PKI
US20230379175A1 (en) Challenge-response protocol based on physically unclonable functions
JP2023543474A (ja) 物理複製困難関数
EP4183103A1 (fr) Fonctions physiquement non clonables stockant des valeurs de réponse sur une chaîne de blocs
Shehu et al. SPIDVerify: A Secure and Privacy-Preserving Decentralised Identity Verification Framework
Nguyen et al. Protecting biometrics using fuzzy extractor and non-invertible transformation methods in kerberos authentication protocol
Wu et al. A blockchain-based hierarchical authentication scheme for multiserver architecture

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17936871

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 17/11/2020)

122 Ep: pct application non-entry in european phase

Ref document number: 17936871

Country of ref document: EP

Kind code of ref document: A1